Skip to content

Instantly share code, notes, and snippets.

Created August 4, 2017 11:32
Show Gist options
  • Save tombuildsstuff/1e214b15fe12664d175622c8a02fdf00 to your computer and use it in GitHub Desktop.
Save tombuildsstuff/1e214b15fe12664d175622c8a02fdf00 to your computer and use it in GitHub Desktop.
hashicorp/terraform-provider-azurerm#199 Linux Terraform Configuration
variable "prefix" {
default = "issue199"
variable "configuration_json" {
default = "{\"diagnosticMonitorConfiguration\":{\"metrics\":{\"resourceId\":\"%VirtualMachineResourceId%\",\"metricAggregation\":[{\"scheduledTransferPeriod\":\"PT1H\"},{\"scheduledTransferPeriod\":\"PT1M\"}]},\"performanceCounters\":{\"performanceCounterConfiguration\":[{\"class\":\"Memory\",\"counterSpecifier\":\"PercentAvailableMemory\",\"table\":\"LinuxMemory\"},{\"class\":\"Memory\",\"counterSpecifier\":\"AvailableMemory\",\"table\":\"LinuxMemory\"},{\"class\":\"Memory\",\"counterSpecifier\":\"UsedMemory\",\"table\":\"LinuxMemory\"},{\"class\":\"Memory\",\"counterSpecifier\":\"PercentUsedSwap\",\"table\":\"LinuxMemory\"},{\"class\":\"Processor\",\"counterSpecifier\":\"PercentProcessorTime\",\"table\":\"LinuxCpu\"},{\"class\":\"Processor\",\"counterSpecifier\":\"PercentIOWaitTime\",\"table\":\"LinuxCpu\"},{\"class\":\"Processor\",\"counterSpecifier\":\"PercentIdleTime\",\"table\":\"LinuxCpu\"},{\"class\":\"PhysicalDisk\",\"counterSpecifier\":\"AverageWriteTime\",\"table\":\"LinuxDisk\"},{\"class\":\"PhysicalDisk\",\"counterSpecifier\":\"AverageReadTime\",\"table\":\"LinuxDisk\"},{\"class\":\"PhysicalDisk\",\"counterSpecifier\":\"ReadBytesPerSecond\",\"table\":\"LinuxDisk\"},{\"class\":\"PhysicalDisk\",\"counterSpecifier\":\"WriteBytesPerSecond\",\"table\":\"LinuxDisk\"}]}}}"
resource "azurerm_resource_group" "test" {
name = "${var.prefix}-dev"
location = "West Europe"
resource "azurerm_virtual_network" "test" {
name = "${var.prefix}vn"
address_space = [""]
location = "${azurerm_resource_group.test.location}"
resource_group_name = "${}"
resource "azurerm_subnet" "test" {
name = "main"
resource_group_name = "${}"
virtual_network_name = "${}"
address_prefix = ""
resource "azurerm_network_interface" "test" {
name = "${var.prefix}-ni"
location = "${azurerm_resource_group.test.location}"
resource_group_name = "${}"
ip_configuration {
name = "testconfiguration1"
subnet_id = "${}"
private_ip_address_allocation = "dynamic"
resource "azurerm_storage_account" "test" {
name = "${var.prefix}sa22"
resource_group_name = "${}"
location = "${azurerm_resource_group.test.location}"
account_type = "Standard_LRS"
tags {
environment = "staging"
resource "azurerm_virtual_machine" "test" {
name = "${var.prefix}-vm"
location = "${azurerm_resource_group.test.location}"
resource_group_name = "${}"
network_interface_ids = ["${}"]
vm_size = "Standard_DS1_v2"
storage_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "14.04.5-LTS"
version = "latest"
storage_os_disk {
name = "myosdisk1"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
os_profile {
computer_name = "hostname"
admin_username = "testadmin"
admin_password = "Password1234!"
os_profile_linux_config {
disable_password_authentication = false
tags {
environment = "staging"
data "template_file" "xml" {
template = "${file("template.xml.tpl")}"
vars {
virtual_machine_id = "${}"
resource "azurerm_virtual_machine_extension" "test" {
name = "hostname"
location = "${azurerm_resource_group.test.location}"
resource_group_name = "${}"
virtual_machine_name = "${}"
publisher = "Microsoft.OSTCExtensions"
type = "LinuxDiagnostic"
type_handler_version = "2.3"
settings = <<SETTINGS
"ladCfg": "${base64encode(var.configuration_json)}",
"storageAccount": "${}"
protected_settings = <<SETTINGS
"storageAccountName": "${}",
"storageAccountKey": "${azurerm_storage_account.test.primary_access_key}"
tags {
environment = "Production"
Copy link

wawrzek commented Sep 15, 2017

I think 'ladCfg' is wrong and it should be 'xmlCfg'.

Copy link

wawrzek commented Sep 18, 2017

Actually, 'ladCfg' seems to be OK (, at least for 3.0. I don't see a reason for the above example to fail.

Copy link

wawrzek commented Sep 18, 2017

Now I logged to the machine and see following:

2017/09/18 11:26:24 [Microsoft.OSTCExtensions.LinuxDiagnostic-2.3.9027] Enable,success,0,Invalid mdsd config given. Can't enable.
 This extension install/enable operation is still considered a success as it's an external error. Config validation result: Parse
 reported these messages:
2017/09/18 11:26:24 /var/lib/waagent/Microsoft.OSTCExtensions.LinuxDiagnostic-2.3.9027/./xmlCfg.xml(3) Error: Storage credential
validation for table storage failed: length of base64 string is not an even multiple of 4
2017/09/18 11:26:24 /var/lib/waagent/Microsoft.OSTCExtensions.LinuxDiagnostic-2.3.9027/./xmlCfg.xml(38) Error: No default credent
ials were defined
2017/09/18 11:26:24 /var/lib/waagent/Microsoft.OSTCExtensions.LinuxDiagnostic-2.3.9027/./xmlCfg.xml(43) Error: No default credent
ials were defined
2017/09/18 11:26:24 /var/lib/waagent/Microsoft.OSTCExtensions.LinuxDiagnostic-2.3.9027/./xmlCfg.xml(43) Error: No default credentials were defined
2017/09/18 11:26:24 /var/lib/waagent/Microsoft.OSTCExtensions.LinuxDiagnostic-2.3.9027/./xmlCfg.xml(43) Error: No default credentials were defined
2017/09/18 11:26:24 . Terminating LAD as it can't proceed.

Copy link

smanross commented May 7, 2018

so, the "no default credentials" seems to indicate your protected_settings dont include the storageaccount and storageaccountkey (or possibly the SAS) or maybe not accurately?

protected_settings = {'storageAccountName': sa,
                      'storageAccountKey': sa_key,
                      'storageAcocuntEndPoint': ''}

as for the xmlCfg v ladCfg, yes.. xmlCfg is the way to go and I found this stackoverflow article helpful as that string is base64 encoded.

so, just create a VM and enable the diags from the portal, then decode the xmlCfg from base64 and then you understand what it wants for the structure, and config entries.. and voila you should be able to reproduce it from the REST, powershell.. or or or....


funny note: when you enable the diags from the portal... it creates a "wadcfg" in the XML for a linux system (i would have expected a ladcfg).. go figure. :)


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment