The Author Online Book Forums are Moving

The Author Online Book Forums will soon redirect to Manning's liveBook and liveVideo. All book forum content will migrate to liveBook's discussion forum and all video forum content will migrate to liveVideo. Log in to liveBook or liveVideo with your Manning credentials to join the discussion!

Thank you for your engagement in the AoF over the years! We look forward to offering you a more enhanced forum experience.

JackalHack (2) [Avatar] Offline
#1
VM encryption keeps failing - tried with multiple vms and increased size of memory.
az vm create --resource-group azuremolchapter14 --name molvm --image UbuntuLTS --admin-username azuremol --generate-ssh-keys
=> Standard DS1 v2 (1 vcpus, 3.5 GB memory) in eastus region.

Ran lab command:
az vm encryption enable --resource-group azuremolchapter14 --name molvm --disk-encryption-keyvault azuremolkeyvault --key-encryption-key azuremolencryptionkey --aad-client-id <string> --aad-client-secret <string>
Output:
VM has reported a failure when processing extension 'AzureDiskEncryptionForLinux'. Error message: "Enable failed.".

Per MS docs
Standard tier VMs: A, D, DS, G, GS, F, and so forth series IaaS VMs
Linux VMs within these tiers must meet the minimum memory requirement of 7 GB

Tried with another system config'd similarly:
Standard D2s v3 (2 vcpus, 8 GB memory)
az vm encryption show --resource-group azuremolchapter14 --name molvm2
{
"dataDisk": "NotMounted",
"osDisk": "NotEncrypted",
"osDiskEncryptionSettings": null,
"osType": "Linux",
"progressMessage": "Enable failed."
}
Iain Foulds (18) [Avatar] Offline
#2
Sorry you ran into problems. I can't replicate this behavior - the VM encryption completes successfully. I created the VM in the eastus region as it looks you did here, so I wonder if there was just an intermittent problem there? This issue didn't come up through all the testing and pre-release reviews of the labs, so I don't think there's anything wider going on.

The minimum compute resources are more recommendations for a production VM where there is a little overhead in needing to encrypt + decrypt the data on disks and in memory. The default VM size created in the CLI is sufficient for this and shouldn't be the cause of the error, as the larger VM you create also has a problem.

Can you re-create the VM and try again, or create a new service principal and confirm you pass the correct client ID and password to the VM encrypt operation?
JackalHack (2) [Avatar] Offline
#3
Created everything new since I delete all the resource groups at the end of every day. This time it worked as expected - thanks for the reply and the assistance.