Publication
CNSM 2014
Conference paper

Shadow patching: Minimizing maintenance windows in a virtualized enterprise environment

View publication

Abstract

Software is growing bigger and more complex, which results in bugs and defects being no longer dealt as exceptions, but rather as normal artifacts in a software's lifecycle. In fact, many patches are released by vendors on a preset schedule. This implies that managing patches in a correct and timely manner has become an important factor in smoothly running an IT environment. However, when a patch is applied, the affected software is often required to stop temporarily, which can cause a disruption of service. The down time is commonly called a maintenance window. Although sophisticated live patching techniques have been previously proposed, their applicability in practice is very limited. In this paper, we propose a novel patch management technique based on commonly available virtualization capabilities. It allows system administrators to perform a majority of the patch work outside of the maintenance window, such as downloading patches, installing them, and performing post-installation testing and fixes. By capturing the disk activities and replaying them during the actual maintenance window, we can transform a complex software patching operation to a series of more deterministic file I/O operations, and thus, reducing maintenance window from hours to minutes.

Date

Publication

CNSM 2014

Authors

Share