search

Azure / azure-quickstart-templates

Azure Quickstart Templates
https://aka.ms/azqst
MIT License
14.07k stars 16.13k forks source link

VM has reported a failure when processing extension 'AzureDiskEncryptionForLinux'. Error message: \"Enable failed.\"." #2808

Open koadr opened 7 years ago

koadr commented 7 years ago

101-vm-full-disk-encrypted-rhel

Issue Details

I am trying to install the AzureDiskEncryptionForLinux extension on my vm. I have tried on both Ubuntu 16.04 and CentOs 7.2, both of which the docs say are compatible for encryption. While I am able to run all the steps successfully leading up to encryption, the encrypted step consistently fails with 


  "status": "Failed",
  "error": {
    "code": "ResourceDeploymentFailure",
    "message": "The resource operation completed with terminal provisioning state 'Failed'.",
    "details": [
      {
        "code": "VMExtensionProvisioningError",
        "message": "VM has reported a failure when processing extension 'AzureDiskEncryptionForLinux'. Error message: \"Enable failed.\"."
      }
    ]
  }
}

A few things of note:

  1. I am using the Standard_DS2 vm size
  2. I am using a key
  3. I am testing on a Free trial subscription.

Can someone help/point me in the right direction? Even getting a more sensible error would help immensely.

jagodevreede commented 7 years ago

Try and login to the machine itself and check the logs for a better explaination on whats wrong. The relevant log is probably in /var/log/azure/Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux/0.1.0.999105/extension.log

se7enack commented 7 years ago

docker@myvmbasic:~$ vi /var/log/azure/Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux/0.1.0.999105/extension.log

2017/03/07 15:35:07 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]sequence number is 0 2017/03/07 15:35:07 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]setting file path is/var/lib/waagent/Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-0.1.0.999105/config/0.settings 2017/03/07 15:35:07 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]Config decoded correctly. 2017/03/07 15:35:07 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]Install,success,0,Install Succeeded 2017/03/07 15:35:11 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]sequence number is 0 2017/03/07 15:35:11 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]setting file path is/var/lib/waagent/Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-0.1.0.999105/config/0.settings 2017/03/07 15:35:11 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]current seq no is 0 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]Config decoded correctly. 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info enabling... 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info make sure path exists, execute:/bin/mkdir -p /var/lib/azure_disk_encryption_config/ 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]set most recent sequence number to 0 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info the extension_parameter.passphrase is none 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info start creating kek secret 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info Failed to construct ConfigurationProvider, which may due to the old wala code. 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info getting the access token. 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info trying to get the authorize uri from: Bearer authorization="https://login.windows.net/6d5b34f4-96f0-41d1-8c19-b9ca8eb66018", resource="https://vault.azure.net" 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info Failed to construct ConfigurationProvider, which may due to the old wala code. 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info 200 [('content-length', '1239'), ('expires', '-1'), ('x-content-type-options', 'nosniff'), ('x-powered-by', 'ASP.NET'), ('set-cookie', 'esctx=AQABAAAAAADRNYRQ3dhRSrm-4K-adpCJRXPlr1uUMC-E4WXy7-3kNmkTTB8VX--zZqar8WS9epMWKmlxLNb7eklx8PTonYF5t_ghjHy-e67woBQscyrADVcd4H7zCDAPDnBUh7LL5xlyBxIGaRe5CUYBMDV_DC8ATaCfbpkKjxhvMPK-BdlCJQCMd-53T1JJNcXmyPEtc5kgAA; domain=.login.windows.net; path=/; secure; HttpOnly, x-ms-gateway-slice=006; path=/; secure; HttpOnly, stsservicecookie=ests; path=/; secure; HttpOnly'), ('x-ms-request-id', 'd9645787-6e49-417d-96ca-6700a3d901a0'), ('strict-transport-security', 'max-age=31536000; includeSubDomains'), ('server', 'Microsoft-IIS/8.5'), ('pragma', 'no-cache'), ('cache-control', 'no-cache, no-store'), ('date', 'Tue, 07 Mar 2017 15:35:14 GMT'), ('p3p', 'CP="DSP CUR OTPi IND OTRi ONL FIN"'), ('content-type', 'application/json; charset=utf-8')] 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info getting the info of the key. 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info Failed to construct ConfigurationProvider, which may due to the old wala code. 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info 403 [('content-length', '56'), ('strict-transport-security', 'max-age=31536000;includeSubDomains'), ('x-content-type-options', 'nosniff'), ('x-aspnet-version', '4.0.30319'), ('x-ms-keyvault-region', 'East US 2'), ('expires', '-1'), ('server', 'Microsoft-IIS/8.5'), ('x-ms-keyvault-service-version', '1.0.0.802'), ('pragma', 'no-cache'), ('cache-control', 'no-cache'), ('date', 'Tue, 07 Mar 2017 15:35:13 GMT'), ('x-powered-by', 'ASP.NET'), ('content-type', 'application/json; charset=utf-8'), ('x-ms-request-id', 'cf053f11-14be-4c38-a05c-0ed073c7e0c2')] 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]1818: Info secret value is None 2017/03/07 15:35:12 [Microsoft.OSTCExtensions.AzureDiskEncryptionForLinux-1.0]Enable,error,13,Enable failed. ~

arpitjn commented 7 years ago

@se7enack Did you find a solution to this? I'm seeing the same error.

rajaprad commented 7 years ago

Am seeing the same error as well. Please share if there is a solution

m00ki3 commented 7 years ago

Yeah, same failure here. My logs are even less helpful.

017/09/12 20:55:53.073750 INFO [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999297] Target handler state: enabled 2017/09/12 20:55:53.076852 INFO [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999297] [Enable] current handler state is: notinstalled 2017/09/12 20:55:53.123675 INFO [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999297] Initialize extension directory 2017/09/12 20:55:53.126644 INFO [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999297] Update settings file: 0.settings 2017/09/12 20:55:53.129427 INFO [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999297] Install extension [main/handle.py -install] 2017/09/12 20:56:12.154695 INFO [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999297] Enable extension [main/handle.py -enable]