I have several Windows ec2 instances that are controlled by an ELB (Elastic Load Balancer). These instances are scheduled to install any new windows updates once per day during non-peak hours.
Automatically installing Windows updates often causes all of my Windows ec2 instances to be unavailable at the same time. Service availability is one of the primary reasons that I am using an ELB.
How can I install Windows updates automatically and prevent service disruption due to installing those updates?
Edit: I want to do this without the overhead of running an additional service (e.g. WSUS or a domain controller).
Best Answer
If your Windows machines are not part of a domain, the following link may help you configure things the way you want.
http://technet.microsoft.com/en-us/library/cc720464(v=ws.10).aspx
The registry keys and values described in the atricle will not exist by default. These can either be created manually, or by editing the local group policy, using gpedit.msc. This will allow you to add the keys via a GUI, just like with domain Group policy. You can then export the resulting registry keys, and alter/import them for to other machines as needs be.
If they are in a domain, doing this via group policy is the best way. You can group the computer objects in organizational units, or by groups, then apply a GPO, using slightly different timing settings.
The Configure Automatic updates setting is the one you would want to change between groups of machines, this can be found in the Group Policy Management Console.
Updates can also be set to install automatically using this option, plus additional options available in adjacent settings.