Skip to content

feat: install aznfs package on AzureLinux 3.0#8084

Draft
mittachaitu wants to merge 2 commits intomainfrom
sai/add_aznfs
Draft

feat: install aznfs package on AzureLinux 3.0#8084
mittachaitu wants to merge 2 commits intomainfrom
sai/add_aznfs

Conversation

@mittachaitu
Copy link

@mittachaitu mittachaitu commented Mar 12, 2026

What this PR does / why we need it:
Install aznfs package on AzureLinux 3.0

Per aznfs-mount team's recommendation, we still need to download a rpm package from PMC site, and then use dnf to install aznfs package on Azure Linux 3.0, below are the working command lines:

curl -sSL -O https://packages.microsoft.com/config/rhel/9/packages-microsoft-prod.rpm
dnf install packages-microsoft-prod.rpm -y
env AZNFS_NONINTERACTIVE_INSTALL=1 dnf install aznfs -y

Which issue(s) this PR fixes:

Fixes #

@mittachaitu
feat: install aznfs package on AzureLinux 3.0
986abd2 
Signed-off-by: Mitta Sai Chaithanya <mittas@microsoft.com>
@mittachaitu
chore: auto generated changes
cf71dc9 
Signed-off-by: Mitta Sai Chaithanya <mittas@microsoft.com>
Copilot AI review requested due to automatic review settings March 12, 2026 07:36
Copilot AI reviewed Mar 12, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds Azure Linux 3.0 support for installing the aznfs package by enabling Microsoft’s RPM repo (packages-microsoft-prod.rpm) and installing aznfs via dnf, integrating the step into the Mariner/AzureLinux VHD build flow and updating snapshot testdata accordingly.

Changes:

  • Add installAznfsPkgFromPMC to the Mariner/AzureLinux install script to download/install Microsoft repo RPM and then install aznfs on Azure Linux 3.0.
  • Invoke installAznfsPkgFromPMC during VHD build for Mariner/AzureLinux images.
  • Regenerate multiple pkg/agent/testdata/**/CustomData snapshots to reflect the updated embedded provisioning scripts.

Reviewed changes

Copilot reviewed 18 out of 18 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
vhdbuilder/packer/install-dependencies.sh Calls installAznfsPkgFromPMC during Mariner/AzureLinux VHD build.
parts/linux/cloud-init/artifacts/mariner/cse_install_mariner.sh Implements installAznfsPkgFromPMC (Azure Linux 3.0-only) to install aznfs.
pkg/agent/testdata/Marinerv2+DisableUnattendedUpgrades=true/CustomData Snapshot update reflecting new provisioning script content.
pkg/agent/testdata/Marinerv2+DisableUnattendedUpgrades=false/CustomData Snapshot update reflecting new provisioning script content.
pkg/agent/testdata/MarinerV2+Kata/CustomData Snapshot update reflecting new provisioning script content.
pkg/agent/testdata/MarinerV2+CustomCloud/CustomData Snapshot update reflecting new provisioning script content.
pkg/agent/testdata/MarinerV2+CustomCloud+USSec/CustomData Snapshot update reflecting new provisioning script content.
pkg/agent/testdata/MarinerV2+CustomCloud+USNat/CustomData Snapshot update reflecting new provisioning script content.
pkg/agent/testdata/AzureLinuxv2+DisableUnattendedUpgrades=true/CustomData Snapshot update reflecting new provisioning script content.
pkg/agent/testdata/AzureLinuxv2+DisableUnattendedUpgrades=false/CustomData Snapshot update reflecting new provisioning script content.
pkg/agent/testdata/AzureLinuxV3+Kata/CustomData Snapshot update reflecting new provisioning script content.
pkg/agent/testdata/AzureLinuxV2+Kata/CustomData Snapshot update reflecting new provisioning script content.

vhdbuilder/packer/install-dependencies.sh
disableDNFAutomatic
enableCheckRestart
activateNfConntrack
installAznfsPkgFromPMC
Copy link

Copilot AI Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

installAznfsPkgFromPMC is invoked for all Mariner/AzureLinux builds. Since it only supports Azure Linux 3.0, this adds extra work/log noise for other OS versions. Consider gating the call here (e.g., only call when AzureLinux && OS_VERSION==3.0) rather than relying on the function’s early return.

Suggested change
installAznfsPkgFromPMC
if [ "${OS}" = "${AZURELINUX_OS_NAME}" ] && [ "${OS_VERSION}" = "3.0" ]; then
installAznfsPkgFromPMC
fi

Copilot uses AI. Check for mistakes.
parts/linux/cloud-init/artifacts/mariner/cse_install_mariner.sh
local aznfs_pkg_url="https://packages.microsoft.com/config/rhel/9/packages-microsoft-prod.rpm"
retrycmd_curl_file 120 5 25 ${aznfs_rpm_file} ${aznfs_pkg_url} || exit $ERR_MS_PROD_DEB_DOWNLOAD_TIMEOUT
rpm -i ${aznfs_rpm_file}
dnf check-update --refresh -y
Copy link

Copilot AI Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

dnf check-update exits with status 100 when updates are available. Since install-dependencies.sh runs with set -e, this will abort the VHD build/CSE even though it’s not an error. Use dnf makecache --refresh instead, or explicitly tolerate exit code 100 (e.g., dnf check-update ... || [ $? -eq 100 ]).

Suggested change
dnf check-update --refresh -y
dnf check-update --refresh -y || [ $? -eq 100 ]

Copilot uses AI. Check for mistakes.
parts/linux/cloud-init/artifacts/mariner/cse_install_mariner.sh
Comment on lines +302 to +311
readonly aznfs_rpm_file="/tmp/packages-microsoft-prod.rpm"
local aznfs_pkg_url="https://packages.microsoft.com/config/rhel/9/packages-microsoft-prod.rpm"
retrycmd_curl_file 120 5 25 ${aznfs_rpm_file} ${aznfs_pkg_url} || exit $ERR_MS_PROD_DEB_DOWNLOAD_TIMEOUT
rpm -i ${aznfs_rpm_file}
dnf check-update --refresh -y
export AZNFS_NONINTERACTIVE_INSTALL=1
if ! dnf_install 30 1 600 aznfs; then
exit $ERR_APT_INSTALL_TIMEOUT
fi
rm -f ${aznfs_rpm_file}
Copy link

Copilot AI Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

readonly aznfs_rpm_file=... inside a function makes the variable globally readonly for the rest of the script execution, which can have surprising side effects if the function is called more than once or other code reuses the name. Prefer a function-scoped variable (e.g., local / local -r) and quote expansions when passing paths to commands.

Suggested change
readonly aznfs_rpm_file="/tmp/packages-microsoft-prod.rpm"
local aznfs_pkg_url="https://packages.microsoft.com/config/rhel/9/packages-microsoft-prod.rpm"
retrycmd_curl_file 120 5 25 ${aznfs_rpm_file} ${aznfs_pkg_url} || exit $ERR_MS_PROD_DEB_DOWNLOAD_TIMEOUT
rpm -i ${aznfs_rpm_file}
dnf check-update --refresh -y
export AZNFS_NONINTERACTIVE_INSTALL=1
if ! dnf_install 30 1 600 aznfs; then
exit $ERR_APT_INSTALL_TIMEOUT
fi
rm -f ${aznfs_rpm_file}
local -r aznfs_rpm_file="/tmp/packages-microsoft-prod.rpm"
local -r aznfs_pkg_url="https://packages.microsoft.com/config/rhel/9/packages-microsoft-prod.rpm"
retrycmd_curl_file 120 5 25 "${aznfs_rpm_file}" "${aznfs_pkg_url}" || exit $ERR_MS_PROD_DEB_DOWNLOAD_TIMEOUT
rpm -i "${aznfs_rpm_file}"
dnf check-update --refresh -y
export AZNFS_NONINTERACTIVE_INSTALL=1
if ! dnf_install 30 1 600 aznfs; then
exit $ERR_APT_INSTALL_TIMEOUT
fi
rm -f "${aznfs_rpm_file}"

Copilot uses AI. Check for mistakes.
parts/linux/cloud-init/artifacts/mariner/cse_install_mariner.sh
Comment on lines +305 to +306
rpm -i ${aznfs_rpm_file}
dnf check-update --refresh -y
Copy link

Copilot AI Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rpm -i is not idempotent (it fails if the package is already installed) and isn’t wrapped in retry/error handling. Because this function is invoked during VHD build with set -e, a preinstalled/partial install scenario can break the build. Consider installing the repo RPM via dnf install -y <file> / dnf_install ... <file> or using rpm -Uvh --replacepkgs with appropriate error handling.

Suggested change
rpm -i ${aznfs_rpm_file}
dnf check-update --refresh -y
if ! retrycmd_if_failure 30 5 120 dnf install -y "${aznfs_rpm_file}"; then
echo "Failed to install packages-microsoft-prod repo RPM from ${aznfs_rpm_file}"
exit $ERR_APT_INSTALL_TIMEOUT
fi
retrycmd_if_failure 10 5 60 dnf check-update --refresh -y

Copilot uses AI. Check for mistakes.
parts/linux/cloud-init/artifacts/mariner/cse_install_mariner.sh
Comment on lines +313 to +314
systemctl disable aznfswatchdog
systemctl stop aznfswatchdog
Copy link

Copilot AI Mar 12, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

systemctl disable/stop aznfswatchdog will fail if the unit name doesn’t exist (or is masked differently), and with set -e that would abort the build/provisioning. It’s safer to guard these calls (e.g., check systemctl list-unit-files/systemctl cat first) or make them non-fatal if the unit is absent.

Suggested change
systemctl disable aznfswatchdog
systemctl stop aznfswatchdog
systemctl disable aznfswatchdog || true
systemctl stop aznfswatchdog || true

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@yewmsft yewmsft Awaiting requested review from yewmsft yewmsft will be requested when the pull request is marked ready for review yewmsft is a code owner

@YaoC YaoC Awaiting requested review from YaoC YaoC will be requested when the pull request is marked ready for review YaoC is a code owner

@cameronmeissner cameronmeissner Awaiting requested review from cameronmeissner cameronmeissner will be requested when the pull request is marked ready for review cameronmeissner is a code owner

@ganeshkumarashok ganeshkumarashok Awaiting requested review from ganeshkumarashok ganeshkumarashok will be requested when the pull request is marked ready for review ganeshkumarashok is a code owner

@Devinwong Devinwong Awaiting requested review from Devinwong Devinwong will be requested when the pull request is marked ready for review Devinwong is a code owner

@lilypan26 lilypan26 Awaiting requested review from lilypan26 lilypan26 will be requested when the pull request is marked ready for review lilypan26 is a code owner

@AbelHu AbelHu Awaiting requested review from AbelHu AbelHu will be requested when the pull request is marked ready for review AbelHu is a code owner

@junjiezhang1997 junjiezhang1997 Awaiting requested review from junjiezhang1997 junjiezhang1997 will be requested when the pull request is marked ready for review junjiezhang1997 is a code owner

@djsly djsly Awaiting requested review from djsly djsly will be requested when the pull request is marked ready for review djsly is a code owner

@phealy phealy Awaiting requested review from phealy phealy will be requested when the pull request is marked ready for review phealy is a code owner

@r2k1 r2k1 Awaiting requested review from r2k1 r2k1 will be requested when the pull request is marked ready for review r2k1 is a code owner

@timmy-wright timmy-wright Awaiting requested review from timmy-wright timmy-wright will be requested when the pull request is marked ready for review timmy-wright is a code owner

@zachary-bailey zachary-bailey Awaiting requested review from zachary-bailey zachary-bailey will be requested when the pull request is marked ready for review zachary-bailey is a code owner

@awesomenix awesomenix Awaiting requested review from awesomenix awesomenix will be requested when the pull request is marked ready for review awesomenix is a code owner

@mxj220 mxj220 Awaiting requested review from mxj220 mxj220 will be requested when the pull request is marked ready for review mxj220 is a code owner

@pdamianov-dev pdamianov-dev Awaiting requested review from pdamianov-dev pdamianov-dev will be requested when the pull request is marked ready for review pdamianov-dev is a code owner

@calvin197 calvin197 Awaiting requested review from calvin197 calvin197 will be requested when the pull request is marked ready for review calvin197 is a code owner

@sulixu sulixu Awaiting requested review from sulixu sulixu will be requested when the pull request is marked ready for review sulixu is a code owner

@surajssd surajssd Awaiting requested review from surajssd surajssd will be requested when the pull request is marked ready for review surajssd is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@mittachaitu