The company I'm at hasn't patched their production servers for a while, neither SQL 2012 or Windows 2012. When I say "for a while" I mean, well, actually "never" – no patches or updates since the installation in late 2012. They are using synchronized AGs with auto-failover for redundancy so we can upgrade one node at a time.
The plan is to disable auto-failover, update the second node, failover the databases then update the first node.
Question: How do you recommend approaching this? Apply 3 years of DB and OS patches all at once to the second node, then failover to that node?
How much out of sync can the nodes be and still expect a trouble-free failover of AG databases? Is it better to do the Windows update first, or the SQL CU?
The goal is to minimize downtime and the number of failover/failbacks.
Best Answer
IMHO I'd recommend breaking up the updates into major SPs and OS vs SQL. That way if anything breaks you can rollback more easily and pinpoint issues. For example, roll out Server 2012 SP1 let it mature for a week or two, then do a SQL SP wait a week or two, etc...
Your methodology sounds good for patching the secondary node, failover, patch primary node, and then balance the cluster.