az vm extension set --force-update ignored or doesn't work
See original GitHub issueDescribe the bug
Command Name
az vm extension set
To Reproduce:
Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.
az vm extension set --force-update -n "KeyVaultForLinux" --publisher Microsoft.Azure.KeyVault --resource-group "RG" --vm-name "vm" --version 2.0 --settings keyvault_ext.json
Expected Behavior
extension configuration should be updated
Environment Summary
macOS-12.0.1-x86_64-i386-64bit, Darwin 21.1.0
Python 3.10.1
Installer: HOMEBREW
azure-cli 2.32.0
Additional Context
KeyVault extension was installed on vm. After, I wanted to update extension settings. I updated my json file and ran command mentioned above - new settings were applied few times, but then for some reason extension stopped applying new settings. I can see in extension logs (on vm side) that old configuration is used.
Initial settings:
{
"secretsManagementSettings": {
"pollingIntervalInS": "3600",
"requireInitialSync": true,
"observedCertificates": ["link to my cert"],
"certificateStoreName": "",
"linkOnRenewal": false,
"certificateStoreLocation": "/tmp"
}
}
First update (which was applied correctly)
{
"secretsManagementSettings": {
"pollingIntervalInS": "30",
"requireInitialSync": true,
"observedCertificates": ["link to my cert"],
"certificateStoreName": "",
"linkOnRenewal": false,
"certificateStoreLocation": "/tmp"
}
}
Second update (which was applied correctly)
{
"secretsManagementSettings": {
"pollingIntervalInS": "30",
"requireInitialSync": true,
"observedCertificates": ["link to my cert"],
"certificateStoreName": "",
"linkOnRenewal": false,
"certificateStoreLocation": "/tmp"
}
}
Next update (which was ignored)
{
"secretsManagementSettings": {
"pollingIntervalInS": "35",
"requireInitialSync": true,
"observedCertificates": [],
"certificateStoreName": "",
"linkOnRenewal": false,
"certificateStoreLocation": "/tmp"
}
}
What I see on vm side: There is a dir “/var/lib/waagent/Microsoft.Azure.KeyVault.KeyVaultForLinux-2.1.1774.23/config/” which seems store configuration for extension
ls /var/lib/waagent/Microsoft.Azure.KeyVault.KeyVaultForLinux-2.1.1774.23/config/ -1
0.settings
1.settings
2.settings
3.settings
4.settings
HandlerState
HandlerStatus
Files from 0 to 4 contain settings from my keyvault_ext.json file. But no new versions appear after near 4-5 updates
Issue Analytics
- State:
- Created 2 years ago
- Comments:11 (4 by maintainers)
Top GitHub Comments
Unfortunately I cant reproduce the problem… I reinstalled extension and after that I can update configuration without any problems or just get an error if something is wrong.
OK, maybe the service side has fixed this bug, let me close this issue first. When you can reproduce this issue, please feel free to contact me to reopen it