AzureWireGuard
AzureWireGuard copied to clipboard
vijayshinva
Deployment fails with an error
Hi,
I am trying to deploy the ARM template using Azure Portal but it fails with the following error:
{ "id": "/subscriptions/a390e64c-c7b4-48cf-b212-bb829007dcda/resourceGroups/WG/providers/Microsoft.Resources/deployments/Microsoft.Template/operations/89B5E4B3CA528EDE", "operationId": "89B5E4B3CA528EDE", "properties": { "provisioningOperation": "Create", "provisioningState": "Failed", "timestamp": "2019-06-23T20:12:38.5572002Z", "duration": "PT1M30.6497129S", "trackingId": "c7576546-2506-4a0e-975b-94b607ae2fef", "statusCode": "Conflict", "statusMessage": { "status": "Failed", "error": { "code": "ResourceDeploymentFailure", "message": "The resource operation completed with terminal provisioning state 'Failed'.", "details": [ { "code": "VMExtensionProvisioningError", "message": "VM has reported a failure when processing extension 'AzureWireGuard'. Error message: "Enable failed: failed to get configuration: json validation error: invalid public settings JSON: fileUris.0: Does not match format 'uri'"." } ] } }, "targetResource": { "id": "/subscriptions/a390e64c-c7b4-48cf-b212-bb829007dcda/resourceGroups/WG/providers/Microsoft.Compute/virtualMachines/p3dkydywgikla/extensions/AzureWireGuard", "resourceType": "Microsoft.Compute/virtualMachines/extensions", "resourceName": "p3dkydywgikla/AzureWireGuard" } }}
Has anyone seen this? The VM itself seems to be running. It's the Extension that has a Conflict status:
p3dkydywgikla/AzureWireGuard Microsoft.Compute/virtualMachines/extensions
Thanks!
@vijayshinva Hello. Any suggestions on this one? Have you seen it before? Thank you.
Based on the error I think it is line 237 in LinuxVirtualMachine.json that is blowing up. So I am guessing something is wrong with _artifactsLocation or_artifactsLocationSasToken in your setup.
Thanks for the reply @vijayshinva I figured it would be something in line 237 but I haven't done anything out of the ordinary. Just created a new storage account and generated a SAS token. Not sure if there were any Azure platform changes that results in this error? Have you tried deploying it recently by any chance?
Something has changed with the "Deploy to Azure" option. It is no longer uploading the files required to the artifacts location. This causes the template to fail as the required script is not found. I think Microsoft has made some changes or is doing maintenance work. Need to figure that out.
You can use the Deploy-AzureResourceGroup.ps1 script or Visual Studio to deploy this template.
Thanks for reporting this.
Thanks. Let me know if you figure it out. I tried to map the raw path of the script (on Github) in the template, thinking that it cannot find the script file but that didn't work either.
I will try to use Deploy-AzureResourceGroup.ps1 .. any instructions available for this?
Nevermind, I found this: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-template-deploy
Will play around a bit.. Thanks!
Also struggling with the PS.. it started to run fine and I provided the location and SAS token and then failed..
New-AzureRmResourceGroupDeployment : 5:15:59 PM - Error: Code=InvalidTemplateDeployment; Message=The template deployment 'LinuxVirtualMachine-0624-1311' is not valid according to the validation procedure. The tracking id is '755e32a1-53e1-46e9-8f5a-631758ef4464'. See inner errors for details. Please see https://aka.ms/arm-deploy for usage details. At C:\Users\mvajid\Desktop\Deploy-AzureResourceGroup.ps1:108 char:5
-
New-AzureRmResourceGroupDeployment -Name ((Get-ChildItem $Templat ... -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
- FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
New-AzureRmResourceGroupDeployment : 5:15:59 PM - Error: Code=InvalidDomainNameLabel; Message=The domain name label 2iy3q74ghc36c is invalid. It must conform to the following regular expression: ^[a-z][a-z0-9-]{1,61}[a-z0-9]$. At C:\Users\mvajid\Desktop\Deploy-AzureResourceGroup.ps1:108 char:5
-
New-AzureRmResourceGroupDeployment -Name ((Get-ChildItem $Templat ... -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
- FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
New-AzureRmResourceGroupDeployment : The deployment validation failed At C:\Users\mvajid\Desktop\Deploy-AzureResourceGroup.ps1:108 char:5
-
New-AzureRmResourceGroupDeployment -Name ((Get-ChildItem $Templat ... -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : CloseError: (:) [New-AzureRmResourceGroupDeployment], InvalidOperationException
- FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
Template deployment returned the following errors: 5:15:59 PM - Error: Code=InvalidTemplateDeployment; Message=The template deployment 'LinuxVirtualMachine-0624-1311' is not valid according to the validation procedure. The tracking id is '755e32a1-53e1-46e9-8f5a-631758ef4464'. See inner errors for details. Please see https://aka.ms/arm-deploy for usage details. 5:15:59 PM - Error: Code=InvalidDomainNameLabel; Message=The domain name label 2iy3q74ghc36c is invalid. It must conform to the following regular expression: ^[a-z][a-z0-9-]{1,61}[a-z0-9]$. The deployment validation failed
Will keep trying..
Try changing the name of the resource group you are using. In your case the hash generated from the resource group name is 2iy3q74ghc36c and that is used as the name of the virtual machine. As Azure Virtual Machine names need to start with a character it is failing.
Try changing the name of the resource group you are using. In your case the hash generated from the resource group name is 2iy3q74ghc36c and that is used as the name of the virtual machine. As Azure Virtual Machine names need to start with a character it is failing.
That seems to have worked and it's progressing nicely now. Will let you know. Thanks again.
It seems to have failed with the same error as "Deploy to Azure" option. Pasting full log:
ResourceGroupName : AzureWireGuardRG Location : centralus ProvisioningState : Succeeded Tags : ResourceId : /subscriptions/a390e64c-c7b4-48cf-b212-bb829007dcda/resourceGroups/AzureWireGuardRG
cmdlet New-AzureRmResourceGroupDeployment at command pipeline position 1 Supply values for the following parameters: (Type !? for Help.) _artifactsLocation: azurewireguardstorage VERBOSE: Performing the operation "Creating Deployment" on target "AzureWireGuardRG". VERBOSE: 5:53:04 PM - Template is valid. VERBOSE: 5:53:11 PM - Create template deployment 'LinuxVirtualMachine-0624-1343' VERBOSE: 5:53:11 PM - Checking deployment status in 5 seconds VERBOSE: 5:53:17 PM - Checking deployment status in 5 seconds VERBOSE: 5:53:23 PM - Checking deployment status in 5 seconds VERBOSE: 5:53:29 PM - Checking deployment status in 5 seconds VERBOSE: 5:53:36 PM - Checking deployment status in 5 seconds VERBOSE: 5:53:42 PM - Checking deployment status in 5 seconds VERBOSE: 5:53:48 PM - Checking deployment status in 5 seconds VERBOSE: 5:53:54 PM - Resource Microsoft.Network/networkSecurityGroups 'e3wxurb5pslm2' provisioning status is succeeded VERBOSE: 5:53:54 PM - Resource Microsoft.Storage/storageAccounts 'e3wxurb5pslm2' provisioning status is running VERBOSE: 5:53:54 PM - Checking deployment status in 5 seconds VERBOSE: 5:54:01 PM - Checking deployment status in 5 seconds VERBOSE: 5:54:07 PM - Resource Microsoft.Network/publicIPAddresses 'e3wxurb5pslm2' provisioning status is succeeded VERBOSE: 5:54:07 PM - Checking deployment status in 5 seconds VERBOSE: 5:54:14 PM - Checking deployment status in 5 seconds VERBOSE: 5:54:20 PM - Checking deployment status in 5 seconds VERBOSE: 5:54:26 PM - Resource Microsoft.Storage/storageAccounts 'e3wxurb5pslm2' provisioning status is succeeded VERBOSE: 5:54:26 PM - Resource Microsoft.Storage/storageAccounts 'e3wxurb5pslm2' provisioning status is succeeded VERBOSE: 5:54:27 PM - Checking deployment status in 5 seconds VERBOSE: 5:54:33 PM - Checking deployment status in 5 seconds VERBOSE: 5:54:40 PM - Checking deployment status in 5 seconds VERBOSE: 5:54:46 PM - Checking deployment status in 5 seconds VERBOSE: 5:54:53 PM - Checking deployment status in 5 seconds VERBOSE: 5:54:59 PM - Resource Microsoft.Network/virtualNetworks 'e3wxurb5pslm2' provisioning status is succeeded VERBOSE: 5:54:59 PM - Checking deployment status in 5 seconds VERBOSE: 5:55:05 PM - Checking deployment status in 5 seconds VERBOSE: 5:55:12 PM - Checking deployment status in 5 seconds VERBOSE: 5:55:18 PM - Checking deployment status in 5 seconds VERBOSE: 5:55:25 PM - Checking deployment status in 5 seconds VERBOSE: 5:55:31 PM - Checking deployment status in 5 seconds VERBOSE: 5:55:38 PM - Checking deployment status in 5 seconds VERBOSE: 5:55:44 PM - Checking deployment status in 5 seconds VERBOSE: 5:55:50 PM - Resource Microsoft.Network/networkInterfaces 'e3wxurb5pslm2' provisioning status is succeeded VERBOSE: 5:55:51 PM - Checking deployment status in 5 seconds VERBOSE: 5:55:57 PM - Checking deployment status in 5 seconds VERBOSE: 5:56:04 PM - Checking deployment status in 5 seconds VERBOSE: 5:56:10 PM - Checking deployment status in 5 seconds VERBOSE: 5:56:16 PM - Checking deployment status in 5 seconds VERBOSE: 5:56:23 PM - Checking deployment status in 5 seconds VERBOSE: 5:56:29 PM - Resource Microsoft.Compute/virtualMachines 'e3wxurb5pslm2' provisioning status is running VERBOSE: 5:56:29 PM - Checking deployment status in 9 seconds VERBOSE: 5:56:40 PM - Checking deployment status in 5 seconds VERBOSE: 5:56:46 PM - Checking deployment status in 29 seconds VERBOSE: 5:57:17 PM - Checking deployment status in 5 seconds VERBOSE: 5:57:23 PM - Checking deployment status in 5 seconds VERBOSE: 5:57:30 PM - Checking deployment status in 10 seconds VERBOSE: 5:57:41 PM - Resource Microsoft.Compute/virtualMachines 'e3wxurb5pslm2' provisioning status is succeeded VERBOSE: 5:57:41 PM - Checking deployment status in 5 seconds VERBOSE: 5:57:47 PM - Checking deployment status in 5 seconds VERBOSE: 5:57:54 PM - Resource Microsoft.Compute/virtualMachines/extensions 'e3wxurb5pslm2/AzureWireGuard' provisioning status is running VERBOSE: 5:57:54 PM - Resource Microsoft.Compute/virtualMachines/extensions 'e3wxurb5pslm2/Microsoft.Insights.VMDiagnosticsSettings' provisioning status is running VERBOSE: 5:57:55 PM - Checking deployment status in 14 seconds VERBOSE: 5:58:10 PM - Checking deployment status in 5 seconds VERBOSE: 5:58:17 PM - Checking deployment status in 13 seconds VERBOSE: 5:58:31 PM - Checking deployment status in 5 seconds New-AzureRmResourceGroupDeployment : 5:58:37 PM - Resource Microsoft.Compute/virtualMachines/extensions 'e3wxurb5pslm2/AzureWireGuard' failed with message '{ "status": "Failed", "error": { "code": "ResourceDeploymentFailure", "message": "The resource operation completed with terminal provisioning state 'Failed'.", "details": [ { "code": "VMExtensionProvisioningError", "message": "VM has reported a failure when processing extension 'AzureWireGuard'. Error message: "Enable failed: failed to get configuration: json validation error: invalid public settings JSON: fileUris.0: Does not match format 'uri'"." } ] } }' At C:\Users\mvajid\Desktop\Deploy-AzureResourceGroup.ps1:108 char:5
-
New-AzureRmResourceGroupDeployment -Name ((Get-ChildItem $Templat ... -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
- FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
New-AzureRmResourceGroupDeployment : 5:58:37 PM - VM has reported a failure when processing extension 'AzureWireGuard'. Error message: "Enable failed: failed to get configuration: json validation error: invalid public settings JSON: fileUris.0: Does not match format 'uri'". At C:\Users\mvajid\Desktop\Deploy-AzureResourceGroup.ps1:108 char:5
-
New-AzureRmResourceGroupDeployment -Name ((Get-ChildItem $Templat ... -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
- FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
VERBOSE: 5:58:37 PM - Resource Microsoft.Compute/virtualMachines/extensions 'e3wxurb5pslm2/Microsoft.Insights.VMDiagnosticsSettings' provisioning status is succeeded New-AzureRmResourceGroupDeployment : 5:58:37 PM - Template output evaluation skipped: at least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details. At C:\Users\mvajid\Desktop\Deploy-AzureResourceGroup.ps1:108 char:5
-
New-AzureRmResourceGroupDeployment -Name ((Get-ChildItem $Templat ... -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
- FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
New-AzureRmResourceGroupDeployment : 5:58:37 PM - Template output evaluation skipped: at least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details. At C:\Users\mvajid\Desktop\Deploy-AzureResourceGroup.ps1:108 char:5
-
New-AzureRmResourceGroupDeployment -Name ((Get-ChildItem $Templat ... -
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [New-AzureRmResourceGroupDeployment], Exception
- FullyQualifiedErrorId : Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet
ResourceGroupName : AzureWireGuardRG
OnErrorDeployment :
DeploymentName : LinuxVirtualMachine-0624-1343
CorrelationId : f9d773b5-348e-44a7-aef3-f7ee7225f71c
ProvisioningState : Failed
Timestamp : 6/24/2019 1:58:34 PM
Mode : Incremental
TemplateLink :
TemplateLinkString :
DeploymentDebugLogLevel :
Parameters : {[adminUsername, Microsoft.Azure.Commands.ResourceManager.Cmdlets.SdkModels.DeploymentVariable], [adminPassword, Microsoft.Azure.Commands.ResourceManager.Cmdlets.SdkModels.DeploymentVariable], [_artifactsLocation, Microsoft.Azure.Commands.ResourceManager.Cmdlets.SdkModels.DeploymentVariable],
[_artifactsLocationSasToken, Microsoft.Azure.Commands.ResourceManager.Cmdlets.SdkModels.DeploymentVariable]}
ParametersString :
Name Type Value
=============== ========================= ==========
adminUsername String vmadmin
adminPassword SecureString
_artifactsLocation String azurewireguardstorage
_artifactsLocationSasToken SecureString
Outputs : OutputsString :
Template deployment returned the following errors: 5:58:37 PM - Resource Microsoft.Compute/virtualMachines/extensions 'e3wxurb5pslm2/AzureWireGuard' failed with message '{ "status": "Failed", "error": { "code": "ResourceDeploymentFailure", "message": "The resource operation completed with terminal provisioning state 'Failed'.", "details": [ { "code": "VMExtensionProvisioningError", "message": "VM has reported a failure when processing extension 'AzureWireGuard'. Error message: "Enable failed: failed to get configuration: json validation error: invalid public settings JSON: fileUris.0: Does not match format 'uri'"." } ] } }' 5:58:37 PM - VM has reported a failure when processing extension 'AzureWireGuard'. Error message: "Enable failed: failed to get configuration: json validation error: invalid public settings JSON: fileUris.0: Does not match format 'uri'". 5:58:37 PM - Template output evaluation skipped: at least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details. 5:58:37 PM - Template output evaluation skipped: at least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/arm-debug for usage details.
@vijayshinva I made some changes to LinuxVirtualMachine.json..
OLD: "fileUris": [ "[concat(parameters('_artifactsLocation'), '/', variables('AzureWireGuardScriptFolder'), '/', variables('AzureWireGuardScriptFileName'), parameters('_artifactsLocationSasToken'))]" ],
NEW: "fileUris":"[concat(parameters('_artifactsLocation'), '/', variables('AzureWireGuardScriptFolder'), '/', variables('AzureWireGuardScriptFileName'), parameters('_artifactsLocationSasToken'))]",
It still fails expecting an array instead of a string. Not sure what's wrong. Will keep trying.
Template deployment returned the following errors: 12:03:14 PM - Resource Microsoft.Compute/virtualMachines/extensions 'e3wxurb5pslm2/AzureWireGuard' failed with message '{ "status": "Failed", "error": { "code": "ResourceDeploymentFailure", "message": "The resource operation completed with terminal provisioning state 'Failed'.", "details": [ { "code": "VMExtensionProvisioningError", "message": "VM has reported a failure when processing extension 'AzureWireGuard'. Error message: "Enable failed: failed to get configuration: json validation error: invalid public settings JSON: fileUris: Invalid type. Expected: array, given: string"."
Hi @vijayshinva So I managed to get this working without the ARM template. Lots of manual script running on the VM directly. I can connect a client to my wireguard server and I get an IP assigned, all good there.
However, why does the location not change when the client is connected? I am based in UAE, Wireguard VM is hosted in Central US. Checking on whatismyipaddress.com shows my IP from UAE although technically it should be from the Central US (Azure VM).
Do I need to route traffic in some way? Any ideas?
PS. Sorry I am not an unix/linux expert. Thank you.
Hi @vijayshinva So I managed to get this working without the ARM template. Lots of manual script running on the VM directly. I can connect a client to my wireguard server and I get an IP assigned, all good there.
However, why does the location not change when the client is connected? I am based in UAE, Wireguard VM is hosted in Central US. Checking on whatismyipaddress.com shows my IP from UAE although technically it should be from the Central US (Azure VM).
Do I need to route traffic in some way? Any ideas?
PS. Sorry I am not an unix/linux expert. Thank you.
Nevermind, I just figured I was missing AllowedIPs = 0.0.0.0/0 in the client config. All good now :)
Thank you very much.