Windows Patches for Cloud Servers with a Managed Operations Service Level
All Windows patches for cloud servers within the Rackspace Managed Operations service level are released by Microsoft to the public on the second Tuesday of every month (known as Patch Tuesday). Rackspace tests these patches against our server builds before including them for updates to our customers' production servers. The patches are deployed to customers’ servers three weeks after Microsoft releases them. Our Windows server images are configured to check our Windows Server Update Services (WSUS) server daily for updates by default, but we release approved patches via our WSUS servers only once a month.
If you opted in to the Rackspace Managed Windows Patching service, you can manually install any software or updates released by Microsoft but not yet available on our WSUS servers. Use the Windows Update command located in the Start menu on your server to check for these patches directly from Microsoft. You can download most of these patches manually by visiting the page for the specific KB article related to the patch. You can also contact Rackspace support to assist you with the manual installation of any non-Rackspace approved patches onto your server. However, we cannot be held responsible for any issues that might arise from the manual installation of these patches before they are approved and released for update from our WSUS servers.
WSUS servers are located in each region where you can connect Windows Servers to pull approved Windows updates. We recommend that you get updates from the closest WSUS server.
The WSUS endpoints are as follows:
|Region||Data center||WSUS endpoint|
|Windows Server 2008 R2||WSUS||microsoftupdate.[dc].rackspace.com||Nightly between 1 a.m. and 5 a.m. in your server region's time zone: * IAD – EST * DFW – CST * SYD – AET * HKG – HKT * ORD – CST||Windows Patching Portal|
|Windows Server 2012 WSUS||microsoftupdate.[dc].rackspace.com||Nightly between 1 a.m. and 5 a.m. in your server region's time zone: * IAD – EST * DFW – CST * SYD – AET * HKG – HKT * ORD – CST||Windows Patching Portal|
|Windows Server 2012 R2||WSUS||microsoftupdate.[dc].rackspace.com||Nightly between 1 a.m. and 5 a.m. in your server region's time zone: • IAD – EST • DFW – CST • SYD – AET • HKG – HKT • ORD – CST||Windows Patching Portal|
While you are opted in to the Rackspace Managed Windows Patching service, the following registry setting are configured on the Managed Windows Server:
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate] "AcceptTrustedPublisherCerts"=dword:00000001 "WUServer"="http://microsoftupdate.dfw1.rackspace.com" "WUStatusServer"="http://microsoftupdate.dfw1.rackspace.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\WindowsUpdate\AU] "AUOptions"=dword:00000004 "AutoInstallMinorUpdates"=dword:00000000 "DetectionFrequency"=dword:00000016 "DetectionFrequencyEnabled"=dword:00000001 "NoAutoRebootWithLoggedOnUsers"=dword:00000000 "NoAutoUpdate"=dword:00000000 "RackSpaceDefaults"=dword:00000001 "ScheduledInstallDay"=dword:00000000 "ScheduledInstallTime"=dword:00000002 "UseWUServer"=dword:00000001
You must set the Windows Updates service to automatically start. To do so, perform the following steps:
Open a PowerShell command prompt and run the following commands:
Setting wuauserv Service to Auto Set-Service -Name wuauserv -StartupType Automatic
Ensure that the wuauserv service is running:
Restart-Service -Name wuauserv
Apply all the changes:
You can find additional information on the Rackspace Support site and the Windows Patching Portal. The following links provide complete information about how to configure your server registry settings for Windows updates.
Opt out of Rackspace Managed Windows Patching
If you have valid reasons to take full control of and be responsible for managing your patching, you can opt out of Rackspace Managed Patching by following the instructions at https://community.rackspace.com/general/f/34/t/689.
© 2015 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License
See license specifics and DISCLAIMER