3

I am using Custom Script Extension (CSE) to set the proxy in Windows VMs and then to install antivirus solution. The antivirus solution setup needs internet connection. But it seems that during CSE provisionning the proxy configuration is not taking effect immediately and as a result the antivirus installation fails. Here is my proxy settings script:

Set-ItemProperty -Path 'HKLM:\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings' -name ProxySettingsPerUser -Value 0
Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Internet Settings' -name ProxyServer -Value "123.123.123.123:80"
Set-ItemProperty -Path 'HKLM:\Software\Microsoft\Windows\CurrentVersion\Internet Settings' -name ProxyEnable -Value 1

netsh winhttp set proxy 123.123.123.123:80

After the CSE provisioning, when I connect to the vm, i see that the proxy is set correctly and able to reach internet. Also, the antivirus solution can be installed by launching the script manually. My problem is that the proxy configuration is not taking effect immediately during the CSE provisionning and antivirus fails because there is no internet.

Here is the part of the policy declaration for CSE deployment:

"resources": [
  {
    "apiVersion": "2015-06-15",
    "copy": {
      "count": "[length(variables('vmListArray'))]",
      "name": "avAgentCopy"
    },
    "location": "[parameters('vmLocation')]",
    "name": "[concat(trim(variables('vmListArray')[copyIndex()]),'/AntivirusAgent')]",
    "properties": {
      "autoUpgradeMinorVersion": true,
      "protectedSettings": {
        "commandToExecute": "[concat ('powershell -ExecutionPolicy Unrestricted -File \"./Scripts/installation-proxy-windows.ps1\" && powershell -ExecutionPolicy Unrestricted -File \"./Scripts/installation-antivirus-windows.ps1\" ')]",
        "storageAccountKey": "mykey",
        "storageAccountName": "mystorageaccount"
      },
      "publisher": "Microsoft.Compute",
      "settings": {
        "fileUris": "[split(variables('fileUris'), ' ')]"
      },
      "type": "CustomScriptExtension",
      "typeHandlerVersion": "1.7"
    },
    "type": "Microsoft.Compute/virtualMachines/extensions"
  }
],
"variables": {
  "fileUris": "https://mystorageaccount.blob.core.windows.net/mycontainer/Scripts/installation-antivirus-windows.ps1 https://mystorageaccount.blob.core.windows.net/mycontainer/Scripts/installation-proxy-windows.ps1",
      "vmListArray": "[split(parameters('vmList'),',')]"
}

So my question is why Custom Script Extension proxy setting doesn't take effect immediately? Is there a way to overcome this issue or an alternate approach?

MoonHorse
  • 1,966
  • 2
  • 24
  • 46
  • How do you use CSE to set the proxy in windows and how to set up the antivirus solution? Could you provide more details? – Nancy Mar 12 '21 at 09:55
  • @NancyXiong, i have added the CSE declaration inside the policy. – MoonHorse Mar 12 '21 at 10:38
  • What about if you include installation-proxy and installation-antivirus-windows in the same `.ps1` file? I mean what is the result if separately execute these scripts inside the VM? Are these scripts executed in order? – Nancy Mar 15 '21 at 08:31
  • at the beginning, i have installed them together but it was the same problem. Then i have separated them. Yes they are executing in the order as it is precised on the commandToExecute value. I put a 90 seconds of sleep at the beginning of the second script as well. – MoonHorse Mar 15 '21 at 10:47

0 Answers0