This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 56.00000000000001%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
When using the EncryptFormatAll feature to initiate ADE on a Linux VM the temporary disk will get encrypted as well. The Azure documentation states that the Azure Linux Agent therefore cannot manage swap files anymore on that disk. The documentation recommends to manually manage swap space instead.
As I find it quite impracticable to actually manage something ephemeral such as swap disks on a temporary drive manually, I believe this process should be automated somehow. Otherwise a VM ends up without swap drive after an unplanned reboot, for instance.
Are there any recommendations or hints on how to automatically manage swap files on ADE encrypted temporary drives? Or are there even plans to add this functionality to the Linux Agent in future?
@Manuel Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.
You need to follow the manual swap process and add the disk to the Virtual Machine.
This the only option for now.
Hope this helps!
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------------------
Please don’t forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.
@Manuel Just checking in to see if the above answer helped. If this answers your query, please don’t forget to "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
@Manuel Just checking in to see if the above answer helped. If this answers your query, please don’t forget to "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Thanks for your answer! Is it planned to extend the waagent in a way to automate swap creation in that configuration?
@Manuel Firstly, apologies for the delay in responding here and any inconvenience this issue may have caused.
The temporary (resource) disk is present on all VM models on azure, and it is primarily used to store temporary data, most commonly a swap file.
Under the traditional management scheme, the resource disk is managed by the linux agent (waagent), the agent takes control of this drive (/dev/sdb) and configures it to be formatted and mounted at boot time, the agent also handles the swap file configuration.
When Azure Disk Encryption is used in conjunction with the EncryptFormatAll option, it encrypts the resource disk, which causes the Linux agent to lose control over the resource disk and activation of the swap file.
When EncryptFormatAll is used, the resource disk is taken out of the waagent control and remains under ADE control to avoid conflicts (removing the ability of letting waagent to handle the resource disk including swap file management ).
!/bin/bash
Variables () {
Name for the swapfile
export swapname=myswapfile
Size for the swapfile
export swapsize=2048
Location for the swapfile
export swaplocation=/mnt/resource
}
Verifymount () {
if cat /proc/mounts | grep -q ${swaplocation}; then
echo "swap location ${swaplocation} found to be mounted"
else
echo "swap location is not mounted, calling it quits"
exit
fi
}
Createswap () {
echo "Creating swapfile ${swaplocation}/${swapname}"
fallocate -l ${swapsize}M ${swaplocation}/${swapname}
chmod 600 ${swaplocation}/${swapname}
}
Activateswap () {
echo "Enabling swapfile ${swaplocation}/${swapname}"
mkswap ${swaplocation}/${swapname}
swapon ${swaplocation}/${swapname}
echo "swapfile ${swaplocation}/${swapname} enabled"
swapon --show
}
Verifyswapfile () {
if [ -e ${swaplocation}/${swapname} ] ; then
echo "swapfile ${swaplocation}/${swapname} already exists"
if swapon --show | grep -q ${swaplocation}/${swapname} ; then
echo "swap file ${swaplocation}/${swapname} is already enabled"
exit
else
echo "But is not enabled"
Activateswap
fi
else
echo "swapfile ${swaplocation}/${swapname} doesn't exists"
Createswap
Activateswap
fi
}
Variables
Verifymount
Verifyswapfile
Hope this helps!
Kindly let us know if the above helps or you need further assistance on this issue.
Please don’t forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members