Azure VM extension update failure

Question

I tried to add a custom script to VM through extensions. I have observed that when vm is created, Microsoft.Azure.Extensions.CustomScript type is created with name "cse-agent" by default. So I try to update extension by encoding the file with script property

  az vm extension set \
  --resource-group test_RG \
  --vm-name aks-agentpool \
  --name CustomScript \
  --subscription ${SUBSCRIPTION_ID} \
  --publisher Microsoft.Azure.Extensions \
  --settings '{"script": "'"$value"'"}'

$value represents the script file encoded in base 64.

Doing that gives me an error:

Deployment failed. Correlation ID: xxxx-xxxx-xxx-xxxxx. 
VM has reported a failure when processing extension 'cse-agent'. 
Error message: "Enable failed: failed to get configuration: invalid configuration:
'commandToExecute' and 'script' were both specified, but only one is validate at a time"

From the documentation, it is mentioned that when script attribute is present, there is no need for commandToExecute. As you can see above I haven't mentioned commandToExecute, it's somehow taking it from previous extension. Is there a way to update it without deleting it? Also it will be interesting to know what impact will cse-agent extension will create when deleted.

FYI: I have tried deleting 'cse-agent' extension from VM and added my extension. It worked.

djsly · Answer 1 · 2020-04-23T05:05:40.777

0

the CSE-AGENT vm extension is crucial and manages all of the post install needed to configure the nodes to be considered a valid Kubernetes nodes. Removing this CSE will break the VMs and will render your cluster inoperable.

IF you are interested in applying changes to nodes in an existing cluster, while not officially supported, you could leverage the following project.

https://github.com/juan-lee/knode

This allows you to configure the nodes using a DaemonSet, which helps when you node pools have the auto-scaling feature enabled.

for simple Node alteration of the filesystem, a privilege pod with host path will also work

https://dev.to/dannypsnl/privileged-pod-debug-kubernetes-node-5129

edited Apr 23 '20 at 05:05

answered Apr 22 '20 at 19:38

djsly

1,522
11
13

I have checked knode and I observed that /etc/docker/daemon.json is configurable from readme. Suppose if I want to create a file at /etc/ in VM, is it possible with knode? – Chandu Apr 22 '20 at 20:31
this should be easily doable with any deamonset, you just need to create a privilege container and mount a hostpath volume. – djsly Apr 23 '20 at 05:03
https://dev.to/dannypsnl/privileged-pod-debug-kubernetes-node-5129 this is a good example on how to achieve this. – djsly Apr 23 '20 at 05:05

Azure VM extension update failure

1 Answers1