Thursday, November 27, 2008

Patching Offline VM's. Not Just Yet.

Sheesh.  I saw this recent post about the 2.0 version of the "Microsoft Offline Virtual Machine Servicing Tool" and thought: "Wow!  Patch offline VM's?  Cool!"

Not so fast.

After reading the docs (one short doc actually) it turns out that it simply works with SCVMM to iteratively launch each offline VM, initiate a wuauclt scan, then fire off the update process and then shuts down the VM.  Smoke and mirrors.  I was really expecting something uber cooler than that.  Not that this isn't useful, it is.  But being able to inspect dormant VM's to generate a list of needed updates and then (drum roll please) be able to somehow slipstream the patches into the VM's while still being dormant.  

The patch process could simply stuff in a "run-once" registry entry to kick off a standard client bootstrap to download and install patches upon the next start-up.  That doesn't seem too impossible.  The VHD's are simply file-based encapsulations of the disk image.  It should be possible to mount the VHD like you would "slave" a physical disk, and comb through it to do what you need and then unmount it.  Why is it necessary to boot the whole VM to do this?  Doesn't make sense to me.

No comments: