ARM Linux VM加密失败 | VM加密失败

本文介绍了ARM Linux VM加密失败的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

你好，

我们正在尝试使用ARM模板加密新创建的Linux vm，但加密过程失败并出现错误。

您能告诉我们原因吗？

Azure门户部署状态日志： ;
$

{

"code"："DeploymentFailed"，"
" message"："至少一个资源部署操作失败。请列出部署操作以获取详细信息有关使用详情，请参阅https://aka.ms/arm-debug。"，

"详情"：[

&NBSP; {

&NBSP; &NBSP; "code"："Conflict"，"
&NBSP; &NBSP; " message"：" {\\\\ n \" status \"：\" Failed \"，\\\\\\\\\\\\\\\\\\\ {\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\已完成
，终端配置状态为'Failed'。\"，"\\\ n \ n \"详细信息\&"：[\\\\ n {\\\ " code\"：\" VMExtensionProvisioningError \"，\\\\ n \" message \"：\&»VM处理扩展程序'AzureDiskEncryptionForLinux'时报告失败。
错误消息：\\\"启用失败。\\\\\ quot;。\" \\\\ n}} \\ n] \\\ n} \r\\\
}"

&NBSP; }¥b $ b ]¥b $ b}

b

$ b Linux VM日志：

2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：解析序列号的上下文：0

2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：设置文件路径为/ var / lib / waagent /Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1。 0.999336 / config / 0.settings

2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：配置正确解码。

2019 / 05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：加密操作：EnableEncryption

2019/05/28 11:01:39 [Microsoft.Azure.Security。 AzureDiskEncryptionForLinux-1.0]：[StatusReport（0）] op：Install

2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：[StatusReport（0）]状态：成功

2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptio nForLinux-1.0]：[StatusReport（0）]代码：0

2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：[StatusReport（0）] msg：Install Succeeded

2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7643：[Info]执行：lvs --noheadings --nameprefixes - unquoted -o lv_name，vg_name，lv_kernel_major，lv_kernel_minor

2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：[StatusReport（0）] substatus：{" ; os"：" NotEncrypted"，" data"：" NotMounted"}

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：解析序列号的上下文：0

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：设置文件路径为/ var / lib / waagent / Microsoft.Azure .Security.AzureDiskEncryptionForLinux-0.1.0.999336 / config / 0.settings

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncrypt ionForLinux-1.0]：正确解码配置。

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：加密操作：EnableEncryption

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[信息]启用分机

2019/05/28 11:01:41 [微软.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[信息]公开设置：
$
2019/05/28 11:01:41 {

2019/05/28 11：01：41&NBSP; &NBSP; ""AADClientID"："< my add client id>"

2019/05/28 11：01：41 &NBSP; " DiskFormatQuery"：""，

2019/05/28 11：01：41 &NBSP; ""EncryptionOperation"：" EnableEncryption"，

2019/05/28 11：01：41 &NBSP; ""KeyEncryptionAlgorithm"：""RSA-OAEP"，

2019/05/28 11：01：41 &NBSP; " KeyEncryptionKeyURL"：" https：//keyvaultencrypted.vault.azure.net/" ;,

2019/05/28 11：01：41 &NBSP; " KeyVaultURL" ;:\"https：//keyvaultencrypted.vault.azure.net/" ;,

2019/05/28 11：01：41 &NBSP; " SequenceVersion"：" 1"

2019/05/28 11：01：41 &NBSP; " VolumeType"：" OS"

2019/05/28 11:01:41}
$
2019/05/28 11:01:41 [微软.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]配置文件/var/lib/azure_disk_encryption_config/azure_crypt_config.ini不存在。

2019/05/28 11:01:41 [ Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]确保路径存在，执行：/ bin / mkdir -p / mnt / azure_bek_disk

2019/05/28 11:01： 41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]执行：/ bin / mkdir -p / mnt / azure_bek_disk

2019/05/28 11:01:41 [微软] .Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]确保路径存在，执行：/ bin / mkdir -p / mnt / azure_bek_disk

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]执行：/ bin / mkdir -p / mnt / azure_bek_disk

2019/05/28 11:01:41 [Microsoft。 Azure.Security.AzureDiskEncryptionForLinux-1.0]：770 9：[Info]执行：/ bin / mount -L" BEK VOLUME" / mnt / azure_bek_disk -o fmask = 077

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info] Command / bin / mount - L> BEK VOLUME" / mnt / azure_bek_disk -o fmask = 077失败，返回码为1

2019/05/28 11:01:41 stdout：
$
2019/05/28 11:01 ：41

2019/05/28 11:01:41 stderr：

2019/05/28 11:01:41 mount：/ mnt / azure_bek_disk：can'找到LABEL ="BEK VOLUME"。

2019/05/28 11：01：41

2019/05/28 11:01:41 [微软。 Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]无法从BEK VOLUME获取BEK并出现错误：'NoneType'对象没有属性'startswith'
$
2019/05/28 11:01 ：41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]执行：lvs --noheadings --nameprefixes --unquoted -o lv_name，vg_name，lv_kernel_major，lv_kernel_minor

2019 / 05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]执行：modprobe vfat
2019/05/28 11:01:41 [微软。 Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]执行：lsblk -o NAME，TYPE，FSTYPE，LABEL，SIZE， RO，MOUNTPOINT

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]

2019 / 05/28 11:01:41 NAME &NBSP; TYPE FSTYPE LABEL &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; SIZE RO MOUNTPOINT

2019/05/28 11:01:41 sda &NBSP; &NBSP;磁盘&NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; 30G&NBSP; 0

2019/05/28 11:01:41 sda1 部分ext4 cloudimg-rootfs 29.9G 0 /
$
2019/05/28 11:01:41 sda14 part &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; 4M&NBSP; 0

2019/05/28 11:01:41 sda15 part vfat &NBSP; UEFI&NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; 106M&NBSP; 0 / boot / efi

2019/05/28 11:01:41 sdb &NBSP; &NBSP;磁盘&NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; 16G&NBSP; 0

2019/05/28 11:01:41 sdb1 部分ext4 &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; 16G&NBSP; 0 / mnt

2019/05/28 11:01:41 sr0 &NBSP; &NBSP; ROM&NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; &NBSP; 628K&NBSP; 0

2019/05/28 11：01：41

2019/05/28 11：01：41

2019年/ 05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info] PRECHECK：Prechecks成功

2019/05/28 11:01:41 [微软。 Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info] handle.py找到启用加密操作

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0] ：7709：[Info] Config没有更改或第一次调用，启用加密

2019/05/28 11:01:41 [AzureDiskEncryptionForLinux-0.0]：cwd是/ var / lib / waagent / Microsoft .Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999336

2019/05/28 11:01:41 [AzureDiskEncryptionForLinux-0.0]：解析上下文，find_last_nonquery_operation = False

2019 / 05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：将日志文件更改为/var/log/azure/Microsoft.Azure.Security.AzureDiskEncryptionForLinux/extension.log

2019/0 5/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：解析序列号的上下文：0

2019/05/28 11:01:41 [Microsoft.Azure。 Security.AzureDiskEncryptionForLinux-1.0]：设置文件路径为/ var / lib / waagent /Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999336 / config / 0.settings

2019/05/28 11： 01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：正确解码配置。

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：加密操作：EnableEncryption

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[信息]启用加密

2019 / 05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]确保路径存在，执行：/ bin / mkdir -p / var / lib / azure_disk_encryption_config /

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]执行：/ bin / mkdir -p / var / lib / azure_disk_encryption_config /

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：将最近的序列号设置为0

2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]开始创建kek秘密

2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]获取访问令牌。

2019/05/28 11:01:42 [Microsoft.Azure。 Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]试图获取授权uri：Bearer authorization =" https：//login.windows.net/017bd9ae-a0e1-4125-ae2c-c0dec1cb6602"，resource =" https://vault.azure.net"

2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info] 200 [（'content -length'，'1324'），（'expires'，' - 1'），（'x-content-type-options'，'nosniff'），（'set-cookie'，'fpc = AoAhYFXTmHJDoZyK2o6TWIaiC47ZAQAAABUMf9Q OAAAA; expires =周四，
27-Jun-2019 11:01:42 GMT;路径= /;安全; HttpOnly，x-ms-gateway-slice = prod;路径= /;安全; HttpOnly，stsservicecookie = ests;路径= /;安全; HttpOnly'），（'x-ms-request-id'，'da15cbcc-67f6-4ddc-9367-fb614acd6f00'），（'strict-transport-security'，'max-age = 31536000;
includeSubDomains' ），（'pragma'，'no-cache'），（'cache-control'，'no-cache，no-store'），（'date'，'星期二，2019年5月28日11:01:42 GMT' ），（'p3p'，'CP =" DSP CUR OTPi IND OTRi ONL FIN''），（'content-type'，'application / json; charset = utf-8'）]¥b $ b 2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]使用密钥加密密码：https：//keyvaultencrypted.vault.azure.net/

2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info] result_content is：<！DOCTYPE html PUBLIC" - // W3C // DTD XHTML 1.0 Strict // EN" " http：//www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

2019/05/28 11:01:42< html xmlns =" ; http：//www.w3.org/1999/xhtml">
$
2019/05/28 11:01:42< head>

2019/05 / 28 11:01:42< meta http-equiv =" Content-Type"含量=" text / html的; charset = iso-8859-1" />

2019/05/28 11:01:42< title> 404 - 找不到档案或目录。< / title>

2019/05/28 11:01:42< style type =" text / css">
$
2019/05/28 11:01:42< ;! -

2019/05/28 11:01:42 body {margin：0; font-size：.7em; font-family：Verdana，Arial，Helvetica，sans-serif; background：#EEEEEE; }
2019/05/28 11:01:42 fieldset {padding：0 15px 10px 15px;}

2019/05/28 11:01:42 h1 {font-size：2.4em; margin：0; color：#FFF;}

2019/05/28 11:01:42 h2 {font-size：1.7em; margin：0; color ：＃CC0000;}
$
2019/05/28 11:01:42 h3 {font-size：1.2em; margin：10px 0 0 0; color：＃000000;}

2019/05/28 11:01:42 #header {width：96％; margin：0 0 0 0; padding：6px 2％6px 2％; font-family：" trebuchet MS" ，Verdana，sans-serif;颜色：#FFF;

2019/05/28 11:01:42 background-color：＃555555;}

2019/05 / 28 11:01:42 #content {margin：0 0 0 2％;;}

2019/05/28 11:01:42 .content-container {backgroun d：#FFF;宽度：96％; margin-top：8px; padding：10px ;;}

2019/05/28 11:01:42 - >

2019/05/28 11:01:42< / style>

2019/05/28 11:01:42< / head>

2019 / 05/28 11:01:42< body>

2019/05/28 11:01:42< div id =" header">< h1> Server Error< / h1> ;< / div>

2019/05/28 11:01:42< div id =" content">

2019/05/28 11： 01：42&NBSP; < div class =" content-container">< fieldset>

2019/05/28 11：01：42 < h2> 404 - 找不到档案或目录。< / h2>

2019/05/28 11：01：42 < h3>您要查找的资源可能已被删除，名称已更改或暂时不可用。< / h3>

2019/05/28 11：01：42 ; < / fieldset>< / div>

2019/05/28 11:01:42< / div>

2019/05/28 11:01： 42< / body>

2019/05/28 11:01:42< / html>

2019/05/28 11：01：42

2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info] 404 [（'content-length'，'1245'），（'x -content-type-options'，'nosniff'），（'x-powered-by'，'ASP.NET'），（'strict-transport-security'，'max-age = 31536000; includeSubDomains'），
（'服务器'，'Microsoft-IIS / 10.0'），（'日期'，'星期二，2019年5月28日11:01:41 GMT'），（'content-type'，'text / html'） ] $
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[信息]秘密值为无

2019 / 05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：7709：[Info]归档加密配置文件：/var/lib/azure_disk_encryption_config/azure_crypt_config.ini

2019 / 05/28 11:01:42 [Mic rosoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：[StatusReport（0）] op：EnableEncryption

2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]： [StatusReport（0）]状态：错误

2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：[StatusReport（0）]代码：13

2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：[StatusReport（0）] msg：启用失败。

2019/05 / 28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]：[StatusReport（0）] substatus：{" os"："NotEncrypted"，"data"："NotMounted"} />

解决方案

Hello,

We are trying to encrypt newly created Linux vm using ARM template but the encryption process fails with the error.
Could you please let us know the cause of it ?

Azure Portal Deployment Status Log :

{
"code": "DeploymentFailed",
"message": "At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.",
"details": [
{
"code": "Conflict",
"message": "{\r\n \"status\": \"Failed\",\r\n \"error\": {\r\n \"code\": \"ResourceDeploymentFailure\",\r\n \"message\": \"The resource operation completed with terminal provisioning state 'Failed'.\",\r\n \"details\": [\r\n {\r\n \"code\": \"VMExtensionProvisioningError\",\r\n \"message\": \"VM has reported a failure when processing extension 'AzureDiskEncryptionForLinux'. Error message: \\\"Enable failed.\\\".\"\r\n }\r\n ]\r\n }\r\n}"
}
]
}

Linux VM Logs :

2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: Parsing context for sequence number: 0
2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: setting file path is/var/lib/waagent/Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999336/config/0.settings
2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: Config decoded correctly.
2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: Encryption operation: EnableEncryption
2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] op: Install
2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] status: success
2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] code: 0
2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] msg: Install Succeeded
2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7643: [Info] Executing: lvs --noheadings --nameprefixes --unquoted -o lv_name,vg_name,lv_kernel_major,lv_kernel_minor
2019/05/28 11:01:39 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] substatus: {"os": "NotEncrypted", "data": "NotMounted"}
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: Parsing context for sequence number: 0
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: setting file path is/var/lib/waagent/Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999336/config/0.settings
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: Config decoded correctly.
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: Encryption operation: EnableEncryption
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Enabling extension
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Public settings:
2019/05/28 11:01:41 {
2019/05/28 11:01:41 "AADClientID": "<my add client id>",
2019/05/28 11:01:41 "DiskFormatQuery": "",
2019/05/28 11:01:41 "EncryptionOperation": "EnableEncryption",
2019/05/28 11:01:41 "KeyEncryptionAlgorithm": "RSA-OAEP",
2019/05/28 11:01:41 "KeyEncryptionKeyURL": "https://keyvaultencrypted.vault.azure.net/",
2019/05/28 11:01:41 "KeyVaultURL": "https://keyvaultencrypted.vault.azure.net/",
2019/05/28 11:01:41 "SequenceVersion": "1",
2019/05/28 11:01:41 "VolumeType": "OS"
2019/05/28 11:01:41 }
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] the config file /var/lib/azure_disk_encryption_config/azure_crypt_config.ini not exists.
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] make sure path exists, executing: /bin/mkdir -p /mnt/azure_bek_disk
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Executing: /bin/mkdir -p /mnt/azure_bek_disk
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] make sure path exists, executing: /bin/mkdir -p /mnt/azure_bek_disk
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Executing: /bin/mkdir -p /mnt/azure_bek_disk
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Executing: /bin/mount -L "BEK VOLUME" /mnt/azure_bek_disk -o fmask=077
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Command /bin/mount -L "BEK VOLUME" /mnt/azure_bek_disk -o fmask=077 failed with return code 1
2019/05/28 11:01:41 stdout:
2019/05/28 11:01:41
2019/05/28 11:01:41 stderr:
2019/05/28 11:01:41 mount: /mnt/azure_bek_disk: can't find LABEL="BEK VOLUME".
2019/05/28 11:01:41
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Failed to get BEK from BEK VOLUME with error: 'NoneType' object has no attribute 'startswith'
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Executing: lvs --noheadings --nameprefixes --unquoted -o lv_name,vg_name,lv_kernel_major,lv_kernel_minor
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Executing: modprobe vfat
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Executing: lsblk -o NAME,TYPE,FSTYPE,LABEL,SIZE,RO,MOUNTPOINT
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info]
2019/05/28 11:01:41 NAME TYPE FSTYPE LABEL SIZE RO MOUNTPOINT
2019/05/28 11:01:41 sda disk 30G 0
2019/05/28 11:01:41 sda1 part ext4 cloudimg-rootfs 29.9G 0 /
2019/05/28 11:01:41 sda14 part 4M 0
2019/05/28 11:01:41 sda15 part vfat UEFI 106M 0 /boot/efi
2019/05/28 11:01:41 sdb disk 16G 0
2019/05/28 11:01:41 sdb1 part ext4 16G 0 /mnt
2019/05/28 11:01:41 sr0 rom 628K 0
2019/05/28 11:01:41
2019/05/28 11:01:41
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] PRECHECK: Prechecks successful
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] handle.py found enable encryption operation
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Config did not change or first call, enabling encryption
2019/05/28 11:01:41 [AzureDiskEncryptionForLinux-0.0]: cwd is /var/lib/waagent/Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999336
2019/05/28 11:01:41 [AzureDiskEncryptionForLinux-0.0]: Parsing context, find_last_nonquery_operation=False
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: Change log file to /var/log/azure/Microsoft.Azure.Security.AzureDiskEncryptionForLinux/extension.log
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: Parsing context for sequence number: 0
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: setting file path is/var/lib/waagent/Microsoft.Azure.Security.AzureDiskEncryptionForLinux-0.1.0.999336/config/0.settings
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: Config decoded correctly.
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: Encryption operation: EnableEncryption
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Enabling encryption
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] make sure path exists, executing: /bin/mkdir -p /var/lib/azure_disk_encryption_config/
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] Executing: /bin/mkdir -p /var/lib/azure_disk_encryption_config/
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: set most recent sequence number to 0
2019/05/28 11:01:41 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] start creating kek secret
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] getting the access token.
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] trying to get the authorize uri from: Bearer authorization="https://login.windows.net/017bd9ae-a0e1-4125-ae2c-c0dec1cb6602", resource="https://vault.azure.net"
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] 200 [('content-length', '1324'), ('expires', '-1'), ('x-content-type-options', 'nosniff'), ('set-cookie', 'fpc=AoAhYFXTmHJDoZyK2o6TWIaiC47ZAQAAABUMf9QOAAAA; expires=Thu, 27-Jun-2019 11:01:42 GMT; path=/; secure; HttpOnly, x-ms-gateway-slice=prod; path=/; secure; HttpOnly, stsservicecookie=ests; path=/; secure; HttpOnly'), ('x-ms-request-id', 'da15cbcc-67f6-4ddc-9367-fb614acd6f00'), ('strict-transport-security', 'max-age=31536000; includeSubDomains'), ('pragma', 'no-cache'), ('cache-control', 'no-cache, no-store'), ('date', 'Tue, 28 May 2019 11:01:42 GMT'), ('p3p', 'CP="DSP CUR OTPi IND OTRi ONL FIN"'), ('content-type', 'application/json; charset=utf-8')]
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] encrypting the secret using key: https://keyvaultencrypted.vault.azure.net/
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] result_content is: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
2019/05/28 11:01:42 <html xmlns="http://www.w3.org/1999/xhtml">
2019/05/28 11:01:42 <head>
2019/05/28 11:01:42 <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
2019/05/28 11:01:42 <title>404 - File or directory not found.</title>
2019/05/28 11:01:42 <style type="text/css">
2019/05/28 11:01:42 
2019/05/28 11:01:42 </style>
2019/05/28 11:01:42 </head>
2019/05/28 11:01:42 <body>
2019/05/28 11:01:42 <div id="header"><h1>Server Error</h1></div>
2019/05/28 11:01:42 <div id="content">
2019/05/28 11:01:42 <div class="content-container"><fieldset>
2019/05/28 11:01:42 <h2>404 - File or directory not found.</h2>
2019/05/28 11:01:42 <h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3>
2019/05/28 11:01:42 </fieldset></div>
2019/05/28 11:01:42 </div>
2019/05/28 11:01:42 </body>
2019/05/28 11:01:42 </html>
2019/05/28 11:01:42
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] 404 [('content-length', '1245'), ('x-content-type-options', 'nosniff'), ('x-powered-by', 'ASP.NET'), ('strict-transport-security', 'max-age=31536000;includeSubDomains'), ('server', 'Microsoft-IIS/10.0'), ('date', 'Tue, 28 May 2019 11:01:41 GMT'), ('content-type', 'text/html')]
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] secret value is None
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: 7709: [Info] archiving the encryption config file: /var/lib/azure_disk_encryption_config/azure_crypt_config.ini
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] op: EnableEncryption
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] status: error
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] code: 13
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] msg: Enable failed.
2019/05/28 11:01:42 [Microsoft.Azure.Security.AzureDiskEncryptionForLinux-1.0]: [StatusReport (0)] substatus: {"os": "NotEncrypted", "data": "NotMounted"}

解决方案

这篇关于ARM Linux VM加密失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！