Update Rollup 4 für Windows Azure Pack

Update Rollup 4 für Windows Azure Pack

Keine Kommentare zu Update Rollup 4 für Windows Azure Pack

Das Update Rollup 4 für Windows Azure Pack, behebt eine Vielzahl von Fehlern und bringt neue Funktionen mit sich.

Hier ein Asuzug des original KBs

Issues that are fixed in this update rollup

Windows Azure Pack

  • If tenant has a database that uses Windows Authentication, the administrator cannot suspend its subscription.

    Symptom
    This issue lets tenants continue to sue all SQL database resources. Also. the subscription state is changed. At this point, if the administrator tries to suspend the subscription, its state changes from “Active” to “Suspended (Out of Sync).” The Suspend subscription operation always fails with following error message:

    One or more errors occurred while contacting the underlying resource providers. The operation may be partially completed. Details: Cannot alter the login ‘userlogin‘, because it does not exist or you do not have permission.

    Resolution
    With this update, the administrator can suspend a subscription that contains a database that uses Windows Authentication.

  • The tenant cannot connect to a database if the hosting server is set up for AlwaysOn but the SQL Server Contained Database feature is turned off.

    Symptom
    The tenant always receives an error when it tries to connect to the database when these conditions are present.

    Resolution
    The tenant will receive an error message when it creates a database in which this misconfiguration exists. The error message tells the user that the particular misconfiguration exists.

    An instance of SQL Server does not have Contained Database Support enabled. Contained Database Support needs to be enabled when creating High Availability – AlwaysOn Database ‘DatabaseName

    Also, when administrators try to add a hosting server that uses the wrong configuration, they will receive the following message:

    The AlwaysOn listener ‘AlwaysOnListener‘ does not have Contained Authentication enabled, please enable Contained Authentication, before adding this listener.
  • For virtual machine (VM) templates that contains multiple NICs and are not all connected to a network, the VM creation UI will not let the user select any of the available networks. Instead, each network adapter seems to be associated with a specific network.

    Symptom
    The UI dropdown lists will behave so that each network adapter is exclusively associated with a specific network.

    Resolution
    The user can freely select any available network for the specified NICs in the VM template.

  • Administrators cannot control the naming convention for “Computer Names” of VMs that are provisioned through their VM templates.

    Symptom
    When a tenant creates a VM, the name that is passed for the VM is used to derive the “Computer Name” of the VM, and the administrator-provided name in the VM template is ignored.

    Resolution
    Administrators can control whether the tenant-supplied name should overwrite the name that is provided in a VM template. They can do this through a plan configuration flag for the Service Provider Foundation (SPF) resource provider.

  • In Azure Pack Web Sites, tenants cannot use virtual directories because this is not supported by the Azure Pack UI.

    Symptom
    Tenants do not have access to a feature that lets them implement virtual directories for their Windows Azure Pack (WAP) Web Sites.

    Resolution
    Support for this feature is available with this update. The tenant can use the Web Sites Settings page to add directories as needed.

  • Virtual machines that are provisioned through WAP do not have Disaster Recovery (DR) protection or cannot enable DR.

    Symptom
    Administrators cannot specify whether the VMS that are provisioned through their plans can be protected from disastrous events. Tenants do not have an option to subscribe to a provider plan that supports DR.

    Resolution
    Support for this feature is available with this update. Administrators can enable DR that is supported through Azure Site Recovery for any plans as long as the Azure Site Recovery (ASR) infrastructure is deployed. Specific instructions are linked to the check box label that is used to enable the feature.

  • Security: This update addresses several security fixes. Among these is the issue of Microsoft ASP.NET MVC Security Update MS14-059 (KB2990942) breaking Azure Pack PowerShell modules.

    Symptom
    After the administrator installs MVC Security Update 2990942, all Azure Pack PowerShell commands return the following exemption:

    Method not found: ‘Void Newtonsoft.Json.Serialization.DefaultContractResolver.set_IgnoreSerializableAttribute(Boolean)

    Resolution
    After Azure Pack Update Rollup 4 (KB2992027) is installed, the administrator can install MVC Security Update 2990942 without problems.

    Important The resolution of the security fixes requires running a script to change the database. See step 5 of the installation instructions.

How to obtain and install Update Rollup 4 for Windows Azure Pack

Download information

Update packages for Windows Azure Pack are available from Microsoft Update or by manual download.

Microsoft Update

To obtain and install an update package from Microsoft Update, follow these steps on a computer that has an applicable Windows Azure Pack component installed:

  1. Click Start, and then click Control Panel.
  2. In Control Panel, double-click Windows Update.
  3. In the Windows Update window, click Check Online for updates from Microsoft Update.
  4. Click Important updates are available.
  5. Select the Update Rollup package, and then click OK.
  6. Click Install updates to install the update package.

Manual download of the update packages

The following file is available for manual download from the Microsoft Update Catalog:

Installation instructions

These installation instructions are for the following Windows Azure Pack components:

  • Tenant site
  • Tenant API
  • Tenant Public API
  • Administration site
  • Administration API
  • Tenant Authentication
  • Administration Authentication
  • Usage Extension
  • Monitoring Extension
  • SQL Server Extension
  • MySQL Extension
  • Web App Gallery Extension
  • Configuration site
  • Best Practices Analyzer
  • PowerShell API

To install the update .msi files for each Windows Azure Pack component, follow these steps:

  1. If the system is currently operational (handling customer traffic), schedule downtime for the Azure servers. The Windows Azure Pack does currently not support rolling upgrades.
  2. Stop or redirect customer traffic to sites that you consider satisfactory.
  3. Create backups of the computers and databases. To do this, follow these steps:
    1. This update does contain database changes (see step 5). We strongly recommend that you keep backups of your databases current before you install.
    2. If you use virtual machines, you should take snapshots of their current state. Otherwise, go to the next step.
    3. If you do not use VMs, make a backup of the computer to be used for restoring if you have to roll back your update installation.

    If you use your own theme for the Windows Azure Pack Tenant site, follow these instructions to preserve your theme changes before you perform the update.

  4. Perform the update by using Microsoft Update either directly on each node or through the Windows Server Update Services (WSUS) server.

    For each node under Load Balancing, run the updates for components in the following order:

    1. If you use the original self-signed certificates installed by WAP, the update operation will replace them. You have to export the new certificate and import it to the other nodes under Load Balancing. These certificates have the CN=MgmtSvc-* (Self-Signed) naming pattern.
    2. Update Resource Provider (RP) services (SQL Server, My SQL, SPF/VMM, websites) as needed. And make sure that the RP sites are running.
    3. Update the Tenant API site, and also the Public Tenant API site , Administrator API nodes, and Administrator and Tenant Authentication sites.
    4. Update the Administrator and Tenant sites.
  5. To resolve the issues about security updates, follow these steps:
    1. Download this script from the Microsoft Download Center. The script makes changes to the Windows Azure Pack databases.
    2. Open the script in a text editor such as Windows PowerShell ISE.
    3. Change the following connection string line to match the instance of Microsoft SQL Server that you use for Windows Azure Pack:
      $wapConnectionString = “server=your_server_name;uid=sa;pwd=your_password;database=master;”
    4. Run this script as an administrator on the servers that contain the Mgmt-Svc-PowerShellAPI module. These servers are those that run the following:
      • Usage Extension
      • Web App Gallery Extension
      • SQL Server Extension
      • MySQL Extension
  6. If all components are updated and are functioning as expected, you can start to open the traffic to your updated nodes. Otherwise, see the “Rollback instructions” section.

About the author:

Ich bin Eric Berg und bin Senior IT-Consultant für Microsoft Solutions und hauptsächlich im Bereich Virtualisierung, Client-Lifecycle Management, Private und Public Cloud aktiv. Seit 2015 bin ich System Center Cloud und Datacenter MVP. Seit 2014 bin ich Microsoft Partner Technical Solutions Professional (P-TSP) und agiere im Auftrag von Microsoft mit Kunden rund um die oben beschriebenen Themen. Alle Gedanken, Meinungen und Ideen auf dieser Website sind von mir und spiegeln nicht die Haltung meines Arbeitgebers oder von Microsoft wieder.

Leave a comment

Back to Top