Scenario: BigFix loses connection to database

Eric1 2018-07-11 16:43:38 UTC #1

Here is the scenario:

BigFix 9.5.4 is installed on its own server.
The BigFix databases are running on a remote MS SQL server and this server is a member of a database server group.

What happens and is the expected behavior if I execute a patching baseline to the database server group and then that server reboots?
Will the BigFix application roll with it and reconnect on it’s own?
Will the other servers in the database server group continue to work through the tasks in the baseline or will they stall?

Trying to figure out how I need to modify our patching procedures or if I need to make a business case for a standalone MS SQL server. At the moment we are running a SQL Express instance on the BigFix application server itself but we need our BigFix version and we’re about to hit the limitations of SQL Express.

JasonWalker 2018-07-11 17:50:42 UTC #2

I’m interested in an authoritative response on this as well.

In my experience, when the BES server loses connection to the database, the Console is unusable, downloads may not process, and client reports are not imported. When the database comes back online, the root server reconnects after a minute or so and everything catches up.

If I had to venture a best practice guess, I’d patch the root server and database server on a separate schedule from your other systems; and try to precache as many of your downloads as possible so the database server doesn’t have to request more downloads while the BES server is offline or disconnected from DB. (Downloads will eventually process later if not precached, but might make your patch window larger).

Precaching is as simple as making sure your download cache client settings are large enough, and issueing your actions with a “start time” set in the future and “begin downloads before constraints are satisfied” checked on the Take Action dialog.

strawgate 2018-07-11 21:04:35 UTC #3

This depends on whether your database group connects to a Relay or directly to the root server.

If they connect to a relay, all the instructions/downloads the rest of the database servers need to process the action are still available even if the root is offline (as they are cached on the Relay) and thus the clients will process/install the updates from the baseline while the root is offline.

if they connect to the root then it will depend on whether or not they have the downloads precached as the moment the root goes offline any pending download actions will not be able to proceed but any running sub-actions will continue and will hit pending download" on the next component of the baseline (as the download is not available).