Azure · ehvs · Mar 17, 2026 · Mar 26, 2026
@@ -7,6 +7,8 @@ import (
 	"encoding/json"
 	"os"
 
+	"github.com/sirupsen/logrus"
+
 	"github.com/Azure/ARO-RP/pkg/util/arm"
 )
 
@@ -17,11 +19,13 @@ type Generator interface {
 
 type generator struct {
 	production bool
+	log        *logrus.Entry
 }
 
 func New(production bool) Generator {
 	return &generator{
 		production: production,
+		log:        logrus.WithField("component", "generate"),
 	}
 }
 

@@ -4,6 +4,8 @@ package generator
 // Licensed under the Apache License 2.0.
 
 import (
+	"bytes"
+	"compress/gzip"
 	"encoding/base64"
 	"fmt"
 	"strings"
@@ -101,7 +103,19 @@ func (g *generator) devProxyVMSS() *arm.Resource {
 		)
 	}
 
+	var buffer bytes.Buffer
+	gz := gzip.NewWriter(&buffer)
+
 	trailer := base64.StdEncoding.EncodeToString([]byte(scriptDevProxyVMSS))
+	if _, err := gz.Write([]byte(trailer)); err != nil {
+		g.log.Errorf("failed to gzip script trailer: %s", err)
+		return &arm.Resource{}
+	}
+
+	if err := gz.Close(); err != nil {
+		g.log.Errorf("failed to close gzip: %s", err)
+		return &arm.Resource{}
+	}
 	parts = append(parts, "'\n'", fmt.Sprintf("base64ToString('%s')", trailer))
 	customScript := fmt.Sprintf("[base64(concat(%s))]", strings.Join(parts, ","))
 

@@ -4,6 +4,8 @@ package generator
 // Licensed under the Apache License 2.0.
 
 import (
+	"bytes"
+	"compress/gzip"
 	"encoding/base64"
 	"fmt"
 	"strings"
@@ -248,7 +250,20 @@ func (g *generator) gatewayVMSS() *arm.Resource {
 		scriptUtilServices +
 		scriptUtilSystem +
 		scriptGatewayVMSS
+
+	var buffer bytes.Buffer
+	gz := gzip.NewWriter(&buffer)
+
 	trailer := base64.StdEncoding.EncodeToString([]byte(bootstrapScript))
+	if _, err := gz.Write([]byte(trailer)); err != nil {
+		g.log.Errorf("failed to gzip script trailer: %s", err)
+		return &arm.Resource{}
+	}
+
+	if err := gz.Close(); err != nil {
+		g.log.Errorf("failed to close gzip: %s", err)
+		return &arm.Resource{}
+	}
 	parts = append(parts, "'\n'", fmt.Sprintf("base64ToString('%s')", trailer))
 	customScript := fmt.Sprintf("[base64(concat(%s))]", strings.Join(parts, ","))
 

@@ -4,6 +4,8 @@ package generator
 // Licensed under the Apache License 2.0.
 
 import (
+	"bytes"
+	"compress/gzip"
 	"encoding/base64"
 	"fmt"
 	"strings"
@@ -479,10 +481,26 @@ func (g *generator) rpVMSS() *arm.Resource {
 		scriptUtilServices +
 		scriptUtilSystem +
 		scriptRpVMSS
+
+	var buffer bytes.Buffer
+	gz := gzip.NewWriter(&buffer)
+
 	trailer := base64.StdEncoding.EncodeToString([]byte(bootstrapScript))
-	parts = append(parts, "'\n'", fmt.Sprintf("base64ToString('%s')", trailer))
+	if _, err := gz.Write([]byte(trailer)); err != nil {
+		g.log.Errorf("failed to gzip script trailer: %s", err)
+		return &arm.Resource{}
+	}
+
+	if err := gz.Close(); err != nil {
+		g.log.Errorf("failed to close gzip: %s", err)
+		return &arm.Resource{}
+	}
+
+	g.log.Info("Writting gzipped customScript buffer.")
+	parts = append(parts, "'\n'", fmt.Sprintf("base64ToString('%s')", buffer.Bytes()))
 	customScript := fmt.Sprintf("[base64(concat(%s))]", strings.Join(parts, ","))
 
+	g.log.Info("Returning arm resource.")
 	return &arm.Resource{
 		Resource: &mgmtcompute.VirtualMachineScaleSet{
 			Sku: &mgmtcompute.Sku{
@@ -583,7 +601,7 @@ func (g *generator) rpVMSS() *arm.Resource {
 								VirtualMachineScaleSetExtensionProperties: &mgmtcompute.VirtualMachineScaleSetExtensionProperties{
 									Publisher:               pointerutils.ToPtr("Microsoft.Azure.Extensions"),
 									Type:                    pointerutils.ToPtr("CustomScript"),
-									TypeHandlerVersion:      pointerutils.ToPtr("2.0"),
+									TypeHandlerVersion:      pointerutils.ToPtr("2.1"),
 									AutoUpgradeMinorVersion: pointerutils.ToPtr(true),
 									Settings:                map[string]interface{}{},
 									ProtectedSettings: map[string]interface{}{

@@ -147,8 +147,11 @@ RPIMAGE='$rpimage'"
     reboot_vm
 }
 
+# export AZURE_CLOUD_NAME="${AZURECLOUDNAME:?"Failed to carry over variables"}"
 export AZURE_CLOUD_NAME="${AZURECLOUDNAME:?"Failed to carry over variables"}"
 
+# util="util.sh"
+#
 # util.sh does not exist when deployed to VMSS via VMSS extensions
 # Provides shellcheck definitions
 util="util.sh"

@@ -8,10 +8,12 @@ main() {
     # transaction attempt retry time in seconds
     # shellcheck disable=SC2034
     local -ri retry_wait_time=30
-    local -ri pkg_retry_count=60
 
     create_required_dirs
+
     configure_sshd
+
+    local -ri pkg_retry_count=60
     configure_rpm_repos retry_wait_time \
                         "$pkg_retry_count"
 
@@ -53,10 +55,16 @@ main() {
     # shellcheck disable=SC2153 disable=SC2034
     local -r mdmimage="${RPIMAGE%%/*}/${MDMIMAGE#*/}"
     local -r rpimage="$RPIMAGE"
+
+    # shellcheck disable=SC2034
     local -r miseimage="${RPIMAGE%%/*}/${MISEIMAGE#*/}"
+
+    # shellcheck disable=SC2034
     local -r otelimage="$OTELIMAGE"
+
     # shellcheck disable=SC2034
     local -r fluentbit_image="$FLUENTBITIMAGE"
+
     # shellcheck disable=SC2034
     local -rA aro_images=(
         ["mdm"]="mdmimage"
@@ -143,8 +151,7 @@ main() {
     )
 
     # shellcheck disable=SC2034
-    # use default podman network with range 10.88.0.0/16
-    # static IPs used for uniquely identifying services in monitors
+    # Static IPs used for uniquely identifying services in monitors
     local -rA static_ip_addresses=(
         ["rp"]="10.88.0.2"
         ["monitor"]="10.88.0.3"
@@ -218,11 +225,15 @@ MSI_RP_ENDPOINT='$MSIRPENDPOINT'
     reboot_vm
 }
 
+# export AZURE_CLOUD_NAME="${AZURECLOUDNAME:?"Failed to carry over variables"}"
+#
 # This variable is used by az-cli
 # It's assumed that if this variable hasn't been carried over, that others are also not present, so we fail early by returning an error
 # This was mostly helpful when testing on a development VM, but is still applicable
 export AZURE_CLOUD_NAME="${AZURECLOUDNAME:?"Failed to carry over variables"}"
 
+# util="util.sh"
+#
 # util.sh does not exist when deployed to VMSS via VMSS extensions
 # Provides shellcheck definitions
 util="util.sh"