Enterprise Service Cloud - Docs

Patch management

A "Patch" for a Swisscom RHEL VM contains a set of Operating System updates, collected over a defined period of time (patch cycle) to be executed and installed at a specific point in time (patching window).

A patch cycle occurs every month. At the 28th day of each month, the list of patches will be refreshed (snapshot of patches).

During one patch cycle, the list of patches remains consistent, even if the Operating System vendor may release new patches. This allows you to keep all your servers in an identical release mode, even if they are updated on separate dates (patching window).

A patching window defines the definite point in time when the patch will be installed. The patching window is defined by its starting point and lasts exactly 2 hours. All times are stored in Coordinated Universal Time (UTC). Within this timeframe, the patches will be applied, and the server will be rebooted automatically.

This is an information message

Patching suspension

Patching Windows are valid in all OS States. VMs will continue to patch regularly even in Temp admin mode as well as in customermaintenance mode. If you want your machine to temporally not patch you need to set a patching suspension with the day 2 action.

You can navigate to all patching functionality by clicking on Manage Patching Extension

Webportal

Patching Extension

vRA

Patching Extension

Patching windows

Each Swisscom RHEL VM is required to have defined patching window. The patching window can be changed at any time in the Day 2 action Manage Patching Extension. The current patching window can either be found as a property PatchingWindow or if you go to the Day 2 action Manage Patching Extension.

Change patching window

The patching window for a Swisscom RHEL VM can be changed as follows:

  1. Select the VM for which you want to change the patching window in the portal
  2. Under Actions choose Manage Patching Extension
  3. Look for Patching Window select the desired patching window in the drop-down menu and click Submit

Activate patching suspension

With the Day-2 action "Manage Patching Extension" you can suspend the automated patching for a set amount of days, measured from the last time the Operating System was patched. Adding a "suspend reason" is optional.

Disable patching suspension

An active patching suspension can be disabled at any time. To do so select the "disable patch suspension" in the drop down and confirm the dialog.

On demand patching

In case you want to patch your VM outside of the defined patching window you can do so by using the on demand patching functionality. To execute a on demand patching chose the option "Yes" in the drop down for "Execute on demand patching".

This will lead to a reboot of the Swisscom RHEL VM!

Please note that to prevent accidental patching, it is not allowed to run on demand patching while a patching suspension is active for the Swisscom RHEL VM.

Last Updated: