Account Used for Rebooting an Azure VM

Category: azure batch

Question

teekonfcg on Mon, 16 Jul 2018 00:46:08


What is the user account that Azure uses to reboot a node within a Batch Account Pool?<tmui style="top:1px;right:1px;"></tmui>

teekon

Replies

Micah McKittrick on Mon, 16 Jul 2018 22:32:20


Actions taken by Azure such as a reboot via the portal for example would show up as the System initiated the event. So they run under the SYSTEM account/ privilege. 

DarylMsft on Tue, 17 Jul 2018 04:22:16


Across the OS families and distros, the identities are subject to change but it is fair to point out that the processes are run under elevation.  In this github issue on the node agent changeover, the names of the window processes (that initiate reboot) are found to be: tvm.exe and node_agent.exe.  I'll get someone from the team to amend this reply with the name of the linux process.

So the answer is a function of <windows, PAAS, IAAS> or <linux, IAAS>.  Or, since the origin of the divergence is deployment type: <PAAS, windows>, <IAAS, windows, linux>.  All these values are subject to change at any time but the above can help you inspect your nodes and find the identities in effect today.

d

teekonfcg on Tue, 17 Jul 2018 15:51:24


This is a Linux node I have in the pool. I created two User Accounts (one an Admin and the other a Non-Admin). There is not account called SYSTEM in Linux unless you are referring to Windows. So for Linux, does this mean it is using the 'root' account?<tmui style="top:1px;right:1px;"></tmui>

teekonfcg on Tue, 17 Jul 2018 15:56:14


Thanks Daryl, i will wait for your reply. I really need to know this because I have a script that i need to execute on node restart.<tmui style="top:1px;right:1px;"></tmui>

Micah McKittrick on Tue, 17 Jul 2018 18:12:15


Thanks Daryl. Not sure why I was just assuming windows haha :) 

DarylMsft on Tue, 17 Jul 2018 20:15:00


It turns out that no Batch process requests a reboot from the kernels (windows, linux).  Batch always asks the vm allocator (virtualmachine or cloudconfig) to effect a reboot.  So there is no Batch "identity" in play here and those mechanisms are out of scope for this forum.

For completeness, the name of the Linux process node agent is "node_agent" (both processes named this).  And, again, these are subject to change at any time... but typically do not change often.

The only feature from Batch that enables "execute a script on node startup" is the StartTask.   You can, of course, create a custom image that does whatever it wants or have a StartTask that modifies the OS to perform functions on reboot, etc.

d