[azure provider] Juju purges resource group VMs and other resources that do not belong to it

Bug #1904020 reported by Peter De Sousa on 2020-11-12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ian Booth
Ian Booth

Bug Description



When bootstrapping juju on azure if the bootstrap fails, juju will kill all resources inside that Resource Group (But keep the Resource Group)


1. Create a resource group (Outside of juju)

2. Configure the Azure Resource group via Policies to disable public IPs (This should cause juju to fail bootstrap)

3. Create a VM in that resource group as a jumphost

4. Follow juju docs to connect azure, preferably with an Azure Service Principal that has permissions to operate on the Resource Group

5. Bootstrap: juju bootstrap --debug --config use-public-ip=true --config resource-group-name=JujuControllerRG --config network=SPOKE_NET/JujuControllerVNET /SUBNET --no-default-model azure/westeurope azure-controller

The important part here is for juju to fail bootstrapping then begin cleanup.


None at time of writing

Peter De Sousa (pjds) wrote :

Attached is the JSON dump from Azure showing the actions triggered by the Service Principal operated by juju.

Peter De Sousa (pjds) wrote :

Screenshot of Activity Log in azure showing VMs being deleted

John A Meinel (jameinel) on 2020-11-12
Changed in juju:
assignee: nobody → Ian Booth (wallyworld)
importance: Undecided → Critical
milestone: none → 2.9-rc3
status: New → Triaged
Ian Booth (wallyworld) wrote :

purge was originally done because of a misplaced understanding that a BYO RG would be created empty specifically for that juju model; it is non-trivial for juju to figure out the dependencies so as to know what order to delete things in, but that's something that will need to be done.

Changed in juju:
milestone: 2.9-rc3 → 2.8.7
status: Triaged → In Progress
Ian Booth (wallyworld) on 2020-11-16
Changed in juju:
status: In Progress → Fix Committed
Changed in juju:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers