packer-plugin-azure
packer-plugin-azure copied to clipboard
hashicorp
Error publishing an encrypted (SSE+CMK) image into an Azure Compute Gallery (fka. SIG) with TrustedLaunch enabled
Overview of the Issue
Seemingly, this isn't the first time the error/bug has been reported. Almost a year ago, in issue #304, @oliverlabs shared an image that encapsulates and illustrates it perfectly, as follows:
Specifically, my Temp Packer VM represents the 2nd scenario. i.e. CMK using a Disk Encryption Set with Trusted Launch Security Type.
Reproduction Steps
Use of disk_encryption_set_id and security_type = "TrustedLaunch" together, as demonstrated in the below build file:
Plugin and Packer version
Packer version: 1.10.3
Plugin version: 2.1.4
Simplified Packer Buildfile
source "azure-arm" "windows-vm" {
client_id = var.client_id
client_secret = var.client_secret
subscription_id = var.subscription_id
tenant_id = var.tenant_id
build_resource_group_name = "packerbuildenvironment"
disk_encryption_set_id = var.des_resource_id
boot_diag_storage_account = var.boot_diag_sa
os_type = "Windows"
vm_size = var.vm_size
communicator = "winrm"
winrm_username = "packer"
winrm_timeout = "10m"
winrm_use_ssl = true
winrm_insecure = true
winrm_no_proxy = true
winrm_use_ntlm = true
# Security Type: Trusted Launch
secure_boot_enabled = true
vtpm_enabled = true
security_type = "TrustedLaunch"
virtual_network_resource_group_name = var.vnet_resource_group
virtual_network_name = var.vnet_name
virtual_network_subnet_name = var.vnet_subnet_name
managed_image_storage_account_type = "Premium_LRS"
shared_image_gallery {
subscription = var.subscription_id
resource_group = var.sig_resource_group
gallery_name = var.sig_gallery_name
image_name = var.sig_base_image_definition
}
shared_image_gallery_destination {
subscription = var.subscription_id
resource_group = var.sig_resource_group
gallery_name = var.sig_gallery_name
image_name = var.sig_image_definition
image_version = var.sig_image_version
specialized = true
}
user_assigned_managed_identities = [var.uami_resource_id]
}
Operating system and Environment details
RHEL X64 ADOP SHA
Log Fragments and crash.log files
==> azure-arm.windows-apps-vm: Publishing to Shared Image Gallery ...
==> azure-arm.windows-apps-vm: -> Source ID used for SIG publish : '/subscriptions/{subscriptionId}/resourceGroups/packerbuildenvironment/providers/Microsoft.Compute/virtualMachines/pkrvm78tjysw78q'
==> azure-arm.windows-apps-vm: -> SIG publish resource group : '{resourceGroup}'
==> azure-arm.windows-apps-vm: -> SIG gallery name : '{sigGalleryName}'
==> azure-arm.windows-apps-vm: -> SIG image name : '{sigImageName}'
==> azure-arm.windows-apps-vm: -> SIG image version : '1.0.0'
==> azure-arm.windows-apps-vm: -> SIG target regions : '[{location}]'
==> azure-arm.windows-apps-vm: -> Region 1 DES Id : '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/diskEncryptionSets/{diskEncryptionSet}'
==> azure-arm.windows-apps-vm: -> SIG storage account type : ''
==> azure-arm.windows-apps-vm: -> SIG image version endoflife date : ''
==> azure-arm.windows-apps-vm: -> SIG image version exclude from latest : 'false'
==> azure-arm.windows-apps-vm: Call stack:
==> azure-arm.windows-apps-vm: at Microsoft.Windows.Azure.GCM.Contract.Assert(Boolean condition, String userMessage) in X:\bt\1257000\repo\src\Shared\Lib\Common\Contracts.cs:line 82
==> azure-arm.windows-apps-vm: at Microsoft.WindowsAzure.PlatformImageRepository.ArtifactService.GoalSeeking.ReplicationBlockBase`3.ValidateDiskRPEncryptionResult(Encryption dmEncryption, Encryption resultEncryption) in X:\bt\1253263\repo\src\CRP-PIR\ArtifactService\GoalSeeking\Blocks\ReplicationBlockBase.cs:line 357
==> azure-arm.windows-apps-vm: at Microsoft.WindowsAzure.PlatformImageRepository.ArtifactService.GoalSeeking.AllocateSnapshotsBlock.ProcessSingleAllocateSnapshotResult(ReplicatedArtifact replicatedArtifact, VMImageSnapshotResult snapshotResult, Int32 maximumSourceDiskSizeInGb) in X:\bt\1253263\repo\src\CRP-PIR\ArtifactService\GoalSeeking\Blocks\AllocateSnapshotsBlock.cs:line 722
==> azure-arm.windows-apps-vm: at Microsoft.WindowsAzure.PlatformImageRepository.ArtifactService.GoalSeeking.AllocateSnapshotsBlock.ProcessAllocateSnapshotResults(ReplicatedArtifact replicatedArtifact, VMImageAllocateSnapshotResults allocateSnapshotsResult, Int32 maximumSourceDiskSizeInGb) in X:\bt\1253263\repo\src\CRP-PIR\ArtifactService\GoalSeeking\Blocks\AllocateSnapshotsBlock.cs:line 639
==> azure-arm.windows-apps-vm: at Microsoft.WindowsAzure.PlatformImageRepository.ArtifactService.GoalSeeking.AllocateSnapshotsBlock.<AllocateSnapshots>d__18.MoveNext() in X:\bt\1253263\repo\src\CRP-PIR\ArtifactService\GoalSeeking\Blocks\AllocateSnapshotsBlock.cs:line 618
==> azure-arm.windows-apps-vm: at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
==> azure-arm.windows-apps-vm: at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
==> azure-arm.windows-apps-vm: at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
==> azure-arm.windows-apps-vm: at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
==> azure-arm.windows-apps-vm: at System.Threading.Tasks.Task.FinishContinuations()
==> azure-arm.windows-apps-vm: ERROR: -> InternalOperationError : Replication failed in this region due to 'Contract.Assert failed: Data model DiskEncryptionSetId '' does not match DiskRP returned DiskEncryptionSetId '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/diskEncryptionSets/{diskEncryptionSet}'
==> azure-arm.windows-apps-vm: Status: "InternalOperationError"
==> azure-arm.windows-apps-vm: Code: ""
==> azure-arm.windows-apps-vm: Message: "Replication failed in this region due to 'Contract.Assert failed: Data model DiskEncryptionSetId '' does not match DiskRP returned DiskEncryptionSetId '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/diskEncryptionSets/{diskEncryptionSet}' … "
==> azure-arm.windows-apps-vm: Activity Id: ""
So today I was able to reproduce this error without using Packer or the Azure plugin.
I created a Windows Virtual Machine using trusted launch with a DES key using SSE+CMK. Then using the Azure CLI i ran tried to create an ACG image version and I see the same failure.
When I try to re-create this through the Azure Portal the portal does not give me an option to set a disk encryption key, and so when I try to capture my encrypted VM through the portal, it just fails due to lack of encryption.
Since we're calling the same API that the Azure CLI is calling I'm not sure if there is a good way to bypass this, I can not find clear Azure documentation that communicates if trusted launch SSE+CMK is supported on ACG at all, and the API tells me that there is a long running bug that breaks it. I know @oliverlabs had been talking to some internal contacts at Microsoft, but I feel like an OS Snapshot is an elaborate way to get around something the API seems like it should support based on the exposed fields. The error we get is an Internal error with a stack trace referring to internal Microsoft error, this makes me believe that either.
A.) Azure does not support SSE+CMK Trusted Launch VMs being saved to ACG (I can find no documentation either way)
B.) There is a long standing bug in the Azure API preventing the creation of Azure ACG images from Trusted Launch SSE+CMK
Our next steps I think will be to try again to reach out to Azure support and get a clear answer on this error, whether it is expected, or even known about, I will follow up if I hear more from them on this
Full error stack below for future context.
$ az sig image-version create --resource-group jennatest \
--gallery-name test --gallery-image-definition testt \
--gallery-image-version 1.0.5 \
--virtual-machine {secret} \
--target-regions westus \
--target-region-encryption {double-encrypted-key} --location westus
Code: InternalOperationError
Message: Replication failed in this region due to 'Contract.Assert failed: Data model DiskEncryptionSetId '' does not match DiskRP returned DiskEncryptionSetId '/subscriptions/secret/resourceGroups/SHARED/providers/Microsoft.Compute/diskEncryptionSets/blah'
Call stack:
at Microsoft.Windows.Azure.GCM.Contract.Assert(Boolean condition, String userMessage) in X:\bt\1257000\repo\src\Shared\Lib\Common\Contracts.cs:line 82
at Microsoft.WindowsAzure.PlatformImageRepository.ArtifactService.GoalSeeking.ReplicationBlockBase`3.ValidateDiskRPEncryptionResult(Encryption dmEncryption, Encryption resultEncryption) in X:\bt\1253263\repo\src\CRP-PIR\ArtifactService\GoalSeeking\Blocks\ReplicationBlockBase.cs:line 357
at Microsoft.WindowsAzure.PlatformImageRepository.ArtifactService.GoalSeeking.AllocateSnapshotsBlock.ProcessSingleAllocateSnapshotResult(ReplicatedArtifact replicatedArtifact, VMImageSnapshotResult snapshotResult, Int32 maximumSourceDiskSizeInGb) in X:\bt\1253263\repo\src\CRP-PIR\ArtifactService\GoalSeeking\Blocks\AllocateSnapshotsBlock.cs:line 722
at Microsoft.WindowsAzure.PlatformImageRepository.ArtifactService.GoalSeeking.AllocateSnapshotsBlock.ProcessAllocateSnapshotResults(ReplicatedArtifact replicatedArtifact, VMImageAllocateSnapshotResults allocateSnapshotsResult, Int32 maximumSourceDiskSizeInGb) in X:\bt\1253263\repo\src\CRP-PIR\ArtifactService\GoalSeeking\Blocks\AllocateSnapshotsBlock.cs:line 639
at Microsoft.WindowsAzure.PlatformImageRepository.ArtifactService.GoalSeeking.AllocateSnapshotsBlock.<AllocateSnapshots>d__18.MoveNext() in X:\bt\1253263\repo\src\CRP-PIR\ArtifactService\GoalSeeking\Blocks\AllocateSnapshotsBlock.cs:line 618
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.WindowsAzure.ResourceProvider.Common.RetryUtilities.<DoLinearRetry>d__2.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\ResourceProvider.PreCommon\RetryUtilities.cs:line 99
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.WindowsAzure.ResourceProvider.Common.RetryUtilities.<Retry>d__1.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\ResourceProvider.PreCommon\RetryUtilities.cs:line 89
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.WindowsAzure.PlatformImageRepository.ArtifactService.GoalSeeking.AllocateSnapshotsBlock.<>c__DisplayClass18_0.<<AllocateSnapshots>b__0>d.MoveNext() in X:\bt\1253263\repo\src\CRP-PIR\ArtifactService\GoalSeeking\Blocks\AllocateSnapshotsBlock.cs:line 612
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.WindowsAzure.PlatformImageRepository.ArtifactService.GoalSeeking.AllocateSnapshotsBlock.<CallDiskRPAllocateSnapshots>d__27.MoveNext() in X:\bt\1253263\repo\src\CRP-PIR\ArtifactService\GoalSeeking\Blocks\AllocateSnapshotsBlock.cs:line 951
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.Azure.AzureRT.DiskManagement.Shared.DiskRPClient.DiskRPClient.<AllocateSnapshots>d__50.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\AzureRT.DiskManagement.Shared\DiskRPClient\DiskRPClient.cs:line 1037
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.WindowsAzure.ResourceProvider.Common.ReliableHttpClient.<CallWithRetries>d__24`2.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\ResourceProvider.PreCommon\HTTP\ReliableHttpClient.cs:line 747
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.WindowsAzure.ResourceProvider.Common.ReliableHttpClient.<CallWithRetriesFullResponse>d__26`2.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\ResourceProvider.PreCommon\HTTP\ReliableHttpClient.cs:line 973
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.WindowsAzure.CallLogging.PartnerQosCallLogger.<InstrumentCallAsync>d__9`1.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\Common\CallLogging\PartnerQosCallLogger.cs:line 213
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.WindowsAzure.ResourceProvider.Common.ReliableHttpClient.<Poll>d__28`1.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\ResourceProvider.PreCommon\HTTP\ReliableHttpClient.cs:line 1222
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.WindowsAzure.ResourceProvider.Common.ReliableHttpClient.<MakeHttpCallWithExceptionHandling>d__29.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\ResourceProvider.PreCommon\HTTP\ReliableHttpClient.cs:line 1274
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.WindowsAzure.ResourceProvider.Common.ReliableHttpClient.<Call>d__34.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\ResourceProvider.PreCommon\HTTP\ReliableHttpClient.cs:line 1430
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Threading.Tasks.TaskCompletionSource`1.TrySetResult(TResult result)
at System.Net.Http.HttpClient.SetTaskCompleted(HttpRequestMessage request, CancellationTokenSource cancellationTokenSource, TaskCompletionSource`1 tcs, HttpResponseMessage response)
at System.Net.Http.HttpClient.<>c__DisplayClass59_0.<StartContentBuffering>b__0(Task contentTask)
at System.Threading.Tasks.Task.Execute()
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot)
at System.Threading.Tasks.Task.ExecuteEntry(Boolean bPreventDoubleExecution)
at System.Threading.Tasks.ThreadPoolTaskScheduler.TryExecuteTaskInline(Task task, Boolean taskWasPreviouslyQueued)
at System.Threading.Tasks.TaskScheduler.TryRunInline(Task task, Boolean taskWasPreviouslyQueued)
at System.Threading.Tasks.TaskContinuation.InlineIfPossibleOrElseQueue(Task task, Boolean needsProtection)
at System.Threading.Tasks.Task.ContinueWithCore(Task continuationTask, TaskScheduler scheduler, CancellationToken cancellationToken, TaskContinuationOptions options)
at System.Threading.Tasks.Task.ContinueWith(Action`1 continuationAction, TaskScheduler scheduler, CancellationToken cancellationToken, TaskContinuationOptions continuationOptions, StackCrawlMark& stackMark)
at System.Threading.Tasks.Task.ContinueWith(Action`1 continuationAction, CancellationToken cancellationToken, TaskContinuationOptions continuationOptions, TaskScheduler scheduler)
at System.Net.Http.HttpUtilities.ContinueWithStandard(Task task, Action`1 continuation)
at System.Net.Http.HttpClient.<>c__DisplayClass55_0.<SendAsync>b__0(Task`1 task)
at System.Threading.Tasks.Task.Execute()
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot)
at System.Threading.Tasks.Task.ExecuteEntry(Boolean bPreventDoubleExecution)
at System.Threading.Tasks.ThreadPoolTaskScheduler.TryExecuteTaskInline(Task task, Boolean taskWasPreviouslyQueued)
at System.Threading.Tasks.TaskScheduler.TryRunInline(Task task, Boolean taskWasPreviouslyQueued)
at System.Threading.Tasks.TaskContinuation.InlineIfPossibleOrElseQueue(Task task, Boolean needsProtection)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.Azure.ResourceProvider.Common.DstsAuthenticationDelegatingHandler.<SendAsync>d__15.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\ResourceProvider.PreCommon\dSTS\DstsAuthenticationDelegatingHandler.cs:line 198
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.Azure.ResourceProvider.Common.DstsAuthenticationDelegatingHandler.<SendRequest>d__19.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\ResourceProvider.PreCommon\dSTS\DstsAuthenticationDelegatingHandler.cs:line 266
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetResult(TResult result)
at Microsoft.Azure.ResourceProvider.Common.W3CClientTraceContextHandler.<SendAsync>d__3.MoveNext() in X:\bt\1257000\repo\src\Shared\Lib\ResourceProvider.PreCommon\HTTP\W3CClientTraceContextHandler.cs:line 73
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Runtime.CompilerServices.AsyncMethodBuilderCore.MoveNextRunner.Run()
at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(Action action, Boolean allowInlining, Task& currentTask)
at System.Threading.Tasks.Task.FinishContinuations()
at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
at System.Threading.Tasks.TaskCompletionSource`1.TrySetResult(TResult result)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
at System.Net.LazyAsyncResult.Complete(IntPtr userToken)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.ContextAwareResult.Complete(IntPtr userToken)
at System.Net.LazyAsyncResult.ProtectedInvokeCallback(Object result, IntPtr userToken)
at System.Net.HttpWebRequest.ProcessResponse()
at System.Net.HttpWebRequest.SetResponse(CoreResponseData coreResponseData)
at System.Net.ConnectionReturnResult.SetResponses(ConnectionReturnResult returnResult)
at System.Net.Connection.ReadComplete(Int32 bytesRead, WebExceptionStatus errorStatus)
at System.Net.LazyAsyncResult.Complete(IntPtr userToken)
at System.Net.LazyAsyncResult.ProtectedInvokeCallback(Object result, IntPtr userToken)
at System.Net.Security._SslStream.ProcessFrameBody(Int32 readBytes, Byte[] buffer, Int32 offset, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security._SslStream.ReadFrameCallback(AsyncProtocolRequest asyncRequest)
at System.Net.AsyncProtocolRequest.CompleteRequest(Int32 result)
at System.Net.FixedSizeReader.CheckCompletionBeforeNextRead(Int32 bytes)
at System.Net.FixedSizeReader.ReadCallback(IAsyncResult transportResult)
at System.Net.LazyAsyncResult.Complete(IntPtr userToken)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.ContextAwareResult.Complete(IntPtr userToken)
at System.Net.LazyAsyncResult.ProtectedInvokeCallback(Object result, IntPtr userToken)
at System.Net.Sockets.BaseOverlappedAsyncResult.CompletionPortCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* nativeOverlapped)
at System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32 errorCode, UInt32 numBytes, NativeOverlapped* pOVERLAP)
Hi @JenGoldstrich,
I haven't looked into this since the time I reported the original issue. Last time I looked into it, SSE+CMK Trusted Launch VMs were not supported in ACG. The product group said there was not enough interest from Customers to implement this. It might have changed since (although I doubt it).
Hey @oliverlabs I hope you're well and I appreciate your response, I see, not ideal but good to know that its not officially supported, I will see if I can poke around to get this officially documented because its rather confusing for Azure users. At the very least they could add an error to the API to make this more clear its not supported
So for now this is not able to be solved sadly, lets leave this issue open since the context for this is concise and useful for future maintainers/community members, thanks for opening the issue @j7lloyd