search

Azure / azure-linux-extensions

Linux Virtual Machine Extensions for Azure
Apache License 2.0
308 stars 254 forks source link

Vm Encryption failing when only Data disks and EncryptionFormat is used. #742

Open mariobede opened 5 years ago

mariobede commented 5 years ago

We are deploying with a ARM template and process gets to failed status.

Any idea what is going on there? missing something?

We are getting this error:

2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] Executing: /usr/bin/mount /dev/sdc1 /mnt/azure_bek_disk -t vfat
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] Executing: mountpoint /oldroot
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] Command mountpoint /oldroot failed with return code 1
2019/02/13 17:00:01 stdout:
2019/02/13 17:00:01
2019/02/13 17:00:01 stderr:
2019/02/13 17:00:01 mountpoint: /oldroot: No such file or directory
2019/02/13 17:00:01
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] Executing: /usr/bin/mount -a
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] OngoingItemConfig does not exist
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] value of prop_name:DiskFormatQuery not found.
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Error] Failed to encrypt data volumes with error: expected string or buffer, stack trace: Traceback (most recent call last):
2019/02/13 17:00:01   File "/var/lib/waagent/Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.1.0.22/main/handle.py", line 1550, in daemon_encrypt
2019/02/13 17:00:01     os_items_to_stamp=os_items_to_stamp):
2019/02/13 17:00:01   File "/var/lib/waagent/Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.1.0.22/main/handle.py", line 1743, in daemon_encrypt_data_volumes
2019/02/13 17:00:01     json_parsed = json.loads(disk_format_query)
2019/02/13 17:00:01   File "/usr/lib64/python2.7/json/__init__.py", line 338, in loads
2019/02/13 17:00:01     return _default_decoder.decode(s)
2019/02/13 17:00:01   File "/usr/lib64/python2.7/json/decoder.py", line 366, in decode
2019/02/13 17:00:01     obj, end = self.raw_decode(s, idx=_w(s, 0).end())
2019/02/13 17:00:01 TypeError: expected string or buffer
2019/02/13 17:00:01
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] op: EnableEncryptionDataVolumes
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] status: error
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] code: 19
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] msg: Failed to encrypt data volumes with error: expected string or buffer, stack trace: Traceback (most recent call last):
2019/02/13 17:00:01   File "/var/lib/waagent/Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.1.0.22/main/handle.py", line 1550, in daemon_encrypt
2019/02/13 17:00:01     os_items_to_stamp=os_items_to_stamp):
2019/02/13 17:00:01   File "/var/lib/waagent/Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.1.0.22/main/handle.py", line 1743, in daemon_encrypt_data_volumes
2019/02/13 17:00:01     json_parsed = json.loads(disk_format_query)
2019/02/13 17:00:01   File "/usr/lib64/python2.7/json/__init__.py", line 338, in loads
2019/02/13 17:00:01     return _default_decoder.decode(s)
2019/02/13 17:00:01   File "/usr/lib64/python2.7/json/decoder.py", line 366, in decode
2019/02/13 17:00:01     obj, end = self.raw_decode(s, idx=_w(s, 0).end())
2019/02/13 17:00:01 TypeError: expected string or buffer
2019/02/13 17:00:01
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] Executing: lvs --noheadings --nameprefixes --unquoted -o lv_name,vg_name,lv_kernel_major,lv_kernel_minor
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] Data volume /test/dev/sde is mounted from /dev/sde
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] Data volume /test/dev/sdd is mounted from /dev/sdg
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] Data volume /test/dev/sdf is mounted from /dev/sdf
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] substatus: {"os": "NotEncrypted", "data": "NotEncrypted"}
2019/02/13 17:00:01 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 1601: [Info] exiting daemon
lsb_release -a
LSB Version:    :core-4.1-amd64:core-4.1-noarch:cxx-4.1-amd64:cxx-4.1-noarch:desktop-4.1-amd64:desktop-4.1-noarch:languages-4.1-amd64:languages-4.1-noarch:printing-4.1-amd64:printing-4.1-noarch
Distributor ID: CentOS
Description:    CentOS Linux release 7.4.1708 (Core)
Release:    7.4.1708
Codename:   Core
pete-leese commented 4 years ago

Him Did you ever find a solution to this?

pete-leese commented 4 years ago

found the issue, you need this'

    "DiskFormatQuery": "{\"scsi\": \"6:0:0:0\", \"name\": \"/opt/mount_point\", \"file_system\": \"ext4\"}",
Joseluismantilla commented 4 years ago

Why the filesystem xfs is not supported on linux for encrypting disks? the speed between both is remarkable.