search

Azure / azure-linux-extensions

Linux Virtual Machine Extensions for Azure
Apache License 2.0
310 stars 255 forks source link

ADE: VolumeType "" is not supported #663

Open johanburati opened 6 years ago

johanburati commented 6 years ago

I tried to encrypt a markeplace Ubuntu VM (Image:Canonical:UbuntuServer:16.04-LTS:latest,Size:Standard_DS3_v2) OS disk using Powershell. AzureDiskEncryptionForLinux version is 1.1.0.17

The encryption process work when I used azure cli instead of Powershell, same image and same size.

Cloudshell]:

PS Azure:\> Set-AzureRmVMDiskEncryptionExtension -ResourceGroupName $resourceGroupName -VMName $VMName -DiskEncryptionKeyVaultUrl $DiskEncryptionKeyVaultUrl -DiskEncryptionKeyVaultId $KeyVaultResourceId –SkipVmBackup

Enable AzureDiskEncryption on the VM
This cmdlet prepares the VM and enables encryption which may reboot the machine and takes 10-15 minutes to finish. Please save your work on the VM before confirming. Do you want to continue?
[Y] Yes  [N] No  [S] Suspend  [?] Help (default is "Y"):
Set-AzureRmVMDiskEncryptionExtension : Long running operation failed with status 'Failed'. Additional Info:'VM has reported a failure when processing extension 'AzureDiskEncryptionForLinux'. Error message: "VolumeType "" is not supported".'
ErrorCode: VMExtensionProvisioningError
ErrorMessage: VM has reported a failure when processing extension 'AzureDiskEncryptionForLinux'. Error message: "VolumeType "" is not supported".
ErrorTarget:
StartTime: 10/12/18 12:57:52 AM
EndTime: 10/12/18 12:59:37 AM
OperationID: 39f46ffc-ceed-47c5-b3d4-cfa7b2bcf37a
Status: Failed
At line:1 char:1
+ Set-AzureRmVMDiskEncryptionExtension -ResourceGroupName $resourceGrou ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : CloseError: (:) [Set-AzVMDiskEncryptionExtension], ComputeCloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Compute.Extension.AzureDiskEncryption.SetAzureDiskEncryptionExtensionCommand
Azure:/
PS Azure:\> Get-AzureRmVMDiskEncryptionStatus  -ResourceGroupName $resourceGroupName -VMName $VMName

OsVolumeEncrypted          : NotEncrypted
DataVolumesEncrypted       : NotMounted
OsVolumeEncryptionSettings :
ProgressMessage            : VolumeType "" is not supported

extension.log:

2018/10/12 00:59:30 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 9066: [Info] Unsupported volume type specified and BEK volume does not exist, clearing encryption config
2018/10/12 00:59:30 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 9066: [Info] archiving the encryption config file: /var/lib/azure_disk_encryption_config/azure_crypt_config.ini
2018/10/12 00:59:30 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] op: EnableEncryption
2018/10/12 00:59:30 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] status: error
2018/10/12 00:59:30 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] code: 17
2018/10/12 00:59:30 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] msg: VolumeType "" is not supported
2018/10/12 00:59:30 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 9066: [Info] Executing: lvs --noheadings --nameprefixes --unquoted -o lv_name,vg_name,lv_kernel_major,lv_kernel_minor
2018/10/12 00:59:30 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] substatus: {"os": "NotEncrypted", "data": "NotMounted"}

There is only the following file in /var/lib/azure_disk_encryption_config/:


# cat /var/lib/azure_disk_encryption_config/azure_crypt_config.ini_2018-10-12\ 00\:59\:30.101709
[azure_crypt_config]
volumetype =

#
``
ejarvi commented 6 years ago

When using the Set-AzureRmVmDiskEncryptionExtension cmdlet in Powershell to enable ADE on Linux, please specify a VolumeType parameter of "All", "Data", or "OS".

johanburati commented 6 years ago

Thanks @ejarvi. Should make this a required parameter.