1# 2# Microsoft Azure Linux Agent Configuration 3# 4 5# Enable extension handling. Do not disable this unless you do not need password reset, 6# backup, monitoring, or any extension handling whatsoever. 7Extensions.Enabled=y 8 9# How often (in seconds) to poll for new goal states 10Extensions.GoalStatePeriod=6 11 12# How often (in seconds) to clean up the goal state history. The default value is 24 hrs 13Extensions.GoalStateHistoryCleanupPeriod=86400 14 15# Which provisioning agent to use. Supported values are "auto" (default), "waagent", 16# "cloud-init", or "disabled". 17Provisioning.Agent=auto 18 19# Password authentication for root account will be unavailable. 20Provisioning.DeleteRootPassword=y 21 22# Generate fresh host key pair. 23Provisioning.RegenerateSshHostKeyPair=y 24 25# Supported values are "rsa", "dsa", "ecdsa", "ed25519", and "auto". 26# The "auto" option is supported on OpenSSH 5.9 (2011) and later. 27Provisioning.SshHostKeyPairType=rsa 28 29# Monitor host name changes and publish changes via DHCP requests. 30Provisioning.MonitorHostName=y 31 32# How often (in seconds) to monitor host name changes. 33Provisioning.MonitorHostNamePeriod=30 34 35# Decode CustomData from Base64. 36Provisioning.DecodeCustomData=n 37 38# Execute CustomData after provisioning. 39Provisioning.ExecuteCustomData=n 40 41# Algorithm used by crypt when generating password hash. 42#Provisioning.PasswordCryptId=6 43 44# Length of random salt used when generating password hash. 45#Provisioning.PasswordCryptSaltLength=10 46 47# Allow reset password of sys user 48Provisioning.AllowResetSysUser=n 49 50# Format if unformatted. If 'n', resource disk will not be mounted. 51ResourceDisk.Format=y 52 53# File system on the resource disk 54# Typically ext3 or ext4. FreeBSD images should use 'ufs2' here. 55ResourceDisk.Filesystem=ext4 56 57# Mount point for the resource disk 58ResourceDisk.MountPoint=/mnt/resource 59 60# Create and use swapfile on resource disk. 61ResourceDisk.EnableSwap=n 62 63# Size of the swapfile. 64ResourceDisk.SwapSizeMB=0 65 66# Comma-separated list of mount options. See mount(8) for valid options. 67ResourceDisk.MountOptions=None 68 69# Enable verbose logging (y|n) 70Logs.Verbose=n 71 72# Enable Console logging, default is y 73# Logs.Console=y 74 75# Enable periodic log collection, default is n 76Logs.Collect=n 77 78# How frequently to collect logs, default is each hour 79Logs.CollectPeriod=3600 80 81# Is FIPS enabled 82OS.EnableFIPS=n 83 84# Root device timeout in seconds. 85OS.RootDeviceScsiTimeout=300 86 87# How often (in seconds) to set the root device timeout. 88OS.RootDeviceScsiTimeoutPeriod=30 89 90# If "None", the system default version is used. 91OS.OpensslPath=None 92 93# Set the SSH ClientAliveInterval 94# OS.SshClientAliveInterval=180 95 96# Set the path to SSH keys and configuration files 97OS.SshDir=/etc/ssh 98 99# If set, agent will use proxy server to access internet 100#HttpProxy.Host=None 101#HttpProxy.Port=None 102 103# Detect Scvmm environment, default is n 104# DetectScvmmEnv=n 105 106# 107# Lib.Dir=/var/lib/waagent 108 109# 110# DVD.MountPoint=/mnt/cdrom/secure 111 112# 113# Pid.File=/var/run/waagent.pid 114 115# 116# Extension.LogDir=/var/log/azure 117 118# 119# Home.Dir=/home 120 121# Enable RDMA management and set up, should only be used in HPC images 122# OS.EnableRDMA=y 123 124# Enable checking RDMA driver version and update 125# OS.CheckRdmaDriver=y 126 127# Enable or disable goal state processing auto-update, default is enabled 128# AutoUpdate.Enabled=y 129 130# Determine the update family, this should not be changed 131# AutoUpdate.GAFamily=Prod 132 133# Determine if the overprovisioning feature is enabled. If yes, hold extension 134# handling until inVMArtifactsProfile.OnHold is false. 135# Default is enabled 136# EnableOverProvisioning=y 137 138# Allow fallback to HTTP if HTTPS is unavailable 139# Note: Allowing HTTP (vs. HTTPS) may cause security risks 140# OS.AllowHTTP=n 141 142# Add firewall rules to protect access to Azure host node services 143OS.EnableFirewall=y 144 145# How often (in seconds) to check the firewall rules 146OS.EnableFirewallPeriod=30 147 148# How often (in seconds) to remove the udev rules for persistent network interface names (75-persistent-net-generator.rules and /etc/udev/rules.d/70-persistent-net.rules) 149OS.RemovePersistentNetRulesPeriod=30 150 151# How often (in seconds) to monitor for DHCP client restarts 152OS.MonitorDhcpClientRestartPeriod=30 153 154# Enforce control groups limits on the agent and extensions 155CGroups.EnforceLimits=n 156 157# CGroups which are excluded from limits, comma separated 158CGroups.Excluded=customscript,runcommand 159