search

Azure / pcs-cli

A CLI for deploying Azure IoT PCS
MIT License
33 stars 37 forks source link

Blacklist walinuxagent in VM Extensions CustomScript #487

Closed jillcary closed 5 years ago

jillcary commented 5 years ago

Description and Motivation

Fix for: https://github.com/Azure/pcs-cli/issues/482

The CustomScript for the VMExtension currently calls:

apt-get update -o Acquire::CompressionTypes::Order::=gz \
        && apt-get upgrade -y \
        && apt-get update \

This unknowlingly triggers an upgrade for WALinuxAgent and waits for the completion of this operation. Since WALinuxAgent is waiting for the extensions to finish running before terminating, this becomes a circular dependency. The dependency causes the CustomScript to time out after 90 minutes and the deployment fails.

This issue came to light only since Ubuntu 1604 updated the walinuxagent package in their repo: http://changelogs.ubuntu.com/changelogs/pool/main/w/walinuxagent/walinuxagent_2.2.32-0ubuntu1~16.04.2/changelog

To prevent the script from trying to upgrade WALinuxAgent, this PR blacklists the WALinuxAgent before the call by running "apt-mark hold walinuxagent" and "apt-mark unhold walinuxagent" after.

Change type

Checklist:

Notes

One open question is around whether or not is information is available in the documentation. The example on docs.microsoft.com does include the upgrade command: https://docs.microsoft.com/en-us/azure/virtual-machines/extensions/custom-script-linux#property-script

This issue on GitHub also references a similar problem: https://github.com/Azure/WALinuxAgent/issues/178#issuecomment-281552852

Right now there is no supportable way to update the Azure agent package via customscript. The agent will be restarted as part of the upgrade process, and since > extensions are child processes to the agent process this restart will cause the extension to fail. One option is to update the agent using a different mechanism such as via SSH after provisioning."

This change is Reviewable