1. Field of the Invention
The present invention relates in general to the field of information handling system virtual machines, and more particularly to virtual machine asynchronous patch management.
2. Description of the Related Art
As the value and use of information continues to increase, individuals and businesses seek additional ways to process and store information. One option available to users is information handling systems. An information handling system generally processes, compiles, stores, and/or communicates information or data for business, personal, or other purposes thereby allowing users to take advantage of the value of the information. Because technology and information handling needs and requirements vary between different users or applications, information handling systems may also vary regarding what information is handled, how the information is handled, how much information is processed, stored, or communicated, and how quickly and efficiently the information may be processed, stored, or communicated. The variations in information handling systems allow for information handling systems to be general or configured for a specific user or specific use such as financial transaction processing, airline reservations, enterprise data storage, or global communications. In addition, information handling systems may include a variety of hardware and software components that may be configured to process, store, and communicate information and may include one or more computer systems, data storage systems, and networking systems.
As information handling systems have grown in processing capabilities, enterprises have sought to leverage improved processing capabilities through virtualization. Virtual machines are separately defined operating systems that operate within a virtual environment supported by physical processing components running over one or more host operating systems. For example, multiple host server information handling systems communicating through a network share support of multiple virtual machines by migrating virtual machines between physical resources as workload dictates. End users are presented with a virtual machine interface that performs as if the virtual machine operating system is running on specified physical resources, however, the actual physical resources that support a particular virtual machine can change transparent to the virtual machine end user. As a result, processing resource utilization increases with the distribution of workload across multiple physical resources and data security increases by limiting the impact of a failure of any particular physical resource on virtual machines using the resource.
One difficulty with the use of virtual machines is that a large number of different types of operating systems may run on a given set of physical resources. Operating systems need maintenance over time to ensure proper operation, such as compatibility with software and data security. When an operating system actively manages a set of processing resources, such as a host operating system running on a physical server information handling system, the operating system typically includes automated maintenance functions that download and install update patches. As an example, WINDOWS includes an update function that automatically downloads update patches from a MICROSOFT server location and installs the update patches to perform desired maintenance. One common maintenance function performed by patches is the correction of vulnerabilities in the operating system that make the operating system vulnerable to attacks by hackers. When multiple virtual machine operating systems run on a given set of physical processing components and host operating system, each of the virtual machine operating systems should have maintenance performed as needed, such as downloading and executing patch updates, to prevent a security breach of the physical resources. Since a wide variety of operating systems can support virtual machines with various levels of activity at a physical resource, performing patch maintenance through either manual or automated patch updates can present a significant difficulty.
Generally, virtual machine operating systems perform patch maintenance in the same manner as host operating systems. The virtual machine operating system retrieves a patch and executes the patch upgrade as if running on dedicated hardware processing components. To provide some structure in patch maintenance at physical resources that support virtual machines, patching services are available that help to administer patch updates to virtual machines, such as Shavlik's patching services. However, even after patches are applied across virtual machines, difficulties remain validating the success of updates and ensuring that deployed virtual machine images are not out of date or missing patches. In some instances, patches fail silently so that out-of-date virtual machines proceed to deployment without notice of the failure.