Hi Mark, thanks for the reply…
Nothing unique about our subscription… I should note this started happening when we moved octopus behind the Barracuda WAF. We do enforce TLS 1.1 and 1.2 only at the WAF.
As I said communication is fine on the VM… I did try to track down with Azure if they have weird TLS rules or anything from Vm Extensions, but we couldn’t actually communicate about it.
Before answering your second question, I would like to ask if we can just turn off the ssl redirect on then the TCP endpoints running 5986 and 10943 will work without TLS. In this architecture we would route external communication through the Barracuda and
all internal communication would be over 80, and the other ports, but we don’t want them enforcing and TLS. Is that possible?
To answer your next questions I recreated my problem with the portal, through power shell, and through custom ARM. In each of those cases I can log into the VM, but I then I have to delete the tentacle and reinstall and all is just fine… I even copy and
paste the values out of my scripts into the tentacle installer to make sure they don’t have a problem.
The VM Extension logs didn’t seem to have much more info, but I may have missed it.
Remove failed tentacle
tried enforcing TLS version
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$publicSettings = @{
OctopusServerUrl = “https://octopus.phxmn.com”;
Environments = @(“Int-Prep”);
Roles = @(“Web”);
CommunicationMode = “Poll”;
Port = 10934
}
$privateSettings = @{“ApiKey” = “API-MYKEY”}
$rg = “Development”
$vm = “dev-ext-tst1”
$loc = “WestUS”
Set-AzureRmVMExtension -ResourceGroupName $rg `
-Location $loc `
-VMName $vm `
-Name “OctopusDeployWindowsTentacle” `
-Publisher “OctopusDeploy.Tentacle” `
-TypeHandlerVersion “2.0” `
-Settings $publicSettings `
-ProtectedSettings $privateSettings `
-ExtensionType "OctopusDeployWindowsTentacle"
PS C:\dev> .\octo-install.ps1
Set-AzureRmVMExtension : Long running operation failed with status ‘Failed’. Additional Info:'VM has reported a
failure when processing extension ‘OctopusDeployWindowsTentacle’. Error message: "Enabling Tentacle failed. The
OctopusServerUrl ‘https://octopus.phxmn.com’ was not found.".’
ErrorCode: VMExtensionProvisioningError
ErrorMessage: VM has reported a failure when processing extension ‘OctopusDeployWindowsTentacle’. Error message:
“Enabling Tentacle failed. The OctopusServerUrl ‘https://octopus.phxmn.com’ was not found.”.
ErrorTarget:
StartTime: 5/16/2019 10:26:47 PM
EndTime: 5/16/2019 10:27:53 PM
OperationID: 2c5c162b-c8a8-4e37-836a-9007842fdd51
Status: Failed
At C:\dev\octo-install.ps1:19 char:1
-
Set-AzureRmVMExtension -ResourceGroupName $rg `
-
-
CategoryInfo : CloseError: (
[Set-AzureRmVMExtension], ComputeCloudException
-
FullyQualifiedErrorId : Microsoft.Azure.Commands.Compute.SetAzureVMExtensionCommand