Root file system not on sda1

The extension incorrectly assumes that the root filesystem (/) is always on the partition /dev/sda1. Unfortunately this won't be the case in a few circumstances:

  1. If we swap a VM's OS disks.
  2. If we add new data disks.
  3. If the names of devices in the initramfs don't match ordinary userspace.

In general udev makes no guarantees about device naming as it works to enable devices asynchronously to save time and it's poor practice to rely on these. Luckily Azure already makes the OS disk available at a predictable location, /dev/disk/azure/root-part1, via udev rules. We can force the initramfs to use this disk by editing /etc/crypttab as follows:

 # <target name> <source device>         <key file>      <options>
-osencrypt /dev/sda1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh
+osencrypt /dev/disk/azure/root-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh

Then we must update the initramfs images:

$ sudo update-initramfs -u -k all
update-initramfs: Generating /boot/initrd.img-5.4.1-050401-generic
update-initramfs: Generating /boot/initrd.img-5.3.8-050308-generic