Azure devops托管代理可疑主机文件 [英] Azure devops hosted agent suspicious hosts file

问题描述

这可能是一个奇怪的问题，但请坚持我.我正在使用Azure Devops托管代理进行连续部署.在发行过程中，我有一项任务是将一行添加到托管代理上的hosts文件.以前，hosts文件如下所示:

This might be a weird question but stick with me. I'm using Azure Devops Hosted Agent for my continuous deployment. During the release I have a task that adds one line to the hosts file on the hosted agent. Previously the hosts file looked like this:

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#   127.0.0.1       localhost
#   ::1             localhost 
xx.xxx.x.xx mydomain.net

您可以通过powershell看到，我正在将mydomain.net IP添加到主机文件中.很长时间以来，它的运行状况都很好.

As you can see with powershell I was adding mydomain.net IP to the hosts file. This was working fine for a long time.

最近，我的发行版开始失败，因为它错误地更新了主机文件.我已经检查了托管代理上的hosts文件，现在看起来像这样:

Lately my release started to fail because it was wrongly updating hosts file. I've checked hosts file on the hosted agent and now it looks like this:

# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#   127.0.0.1       localhost
#   ::1             localhost

127.0.0.1 aion.f2pool.com
127.0.0.1 asia.cryptonight-hub.miningpoolhub.com
127.0.0.1 asia.equihash-hub.miningpoolhub.com
127.0.0.1 asia.ethash-hub.miningpoolhub.com
127.0.0.1 asia.lyra2z-hub.miningpoolhub.com
127.0.0.1 ca.minexmr.com
127.0.0.1 ca.stratum.slushpool.com
127.0.0.1 cn.stratum.slushpool.com
127.0.0.1 cn02.stratum.slushpool.com
127.0.0.1 cn03.stratum.slushpool.com
127.0.0.1 dash.f2pool.com
127.0.0.1 dcr.f2pool.com
127.0.0.1 de.kano.is
127.0.0.1 de.minexmr.com
127.0.0.1 etc.f2pool.com
127.0.0.1 eth.f2pool.com
127.0.0.1 eu.stratum.slushpool.com
127.0.0.1 europe.cryptonight-hub.miningpoolhub.com
127.0.0.1 europe.equihash-hub.miningpoolhub.com
127.0.0.1 europe.ethash-hub.miningpoolhub.com
127.0.0.1 europe.lyra2z-hub.miningpoolhub.com
127.0.0.1 fr.minexmr.com
127.0.0.1 gulf.moneroocean.stream
127.0.0.1 hub.miningpoolhub.com
127.0.0.1 jp.kano.is
127.0.0.1 jp.stratum.slushpool.com
127.0.0.1 mmmoneropool.com
127.0.0.1 nya.kano.is
127.0.0.1 pool.minexmr.com
127.0.0.1 pool.supportxmr.com
127.0.0.1 sc.f2pool.com
127.0.0.1 sg.kano.is
127.0.0.1 sg.minexmr.com
127.0.0.1 sg.stratum.slushpool.com
127.0.0.1 stratum.antpool.com
127.0.0.1 stratum.f2pool.com
127.0.0.1 stratum.kano.is
127.0.0.1 stratum.slushpool.com
127.0.0.1 uk.kano.is
127.0.0.1 us-east.cryptonight-hub.miningpoolhub.com
127.0.0.1 us-east.equihash-hub.miningpoolhub.com
127.0.0.1 us-east.ethash-hub.miningpoolhub.com
127.0.0.1 us-east.lyra2z-hub.miningpoolhub.com
127.0.0.1 us-east.stratum.slushpool.com
127.0.0.1 xmr-classic.f2pool.com
127.0.0.1 xmr.f2pool.com
127.0.0.1 xmr.prohash.net
127.0.0.1 xmrpool.eu
127.0.0.1 xzc.f2pool.com
127.0.0.1 zec.f2pool.comxx.xxx.x.xx mydomain.net

尽管我可以通过在Powershell脚本中添加新的行分隔符来解决此问题，但我更感兴趣的是那些添加到主机文件中的地址是什么?我印象深刻的是，当我选择托管代理时，Azure会为我旋转一台新机器，这是正确的吗?谁可以给我解释一下这个?还是这是托管代理阻止某些加密挖矿的新方法?

Although, I can fix this just by adding new line separator to my powershell script, I'm more interested what are those addresses added to the hosts file? I was under impression that when I choose hosted agent, Azure spins for me fresh machine, is that correct? Can someone explain this to me? Or is this a new way for hosted agent to prevent some crypto mining?

编辑:

这是我正在使用的powershell脚本:

This is powershell script I'm using:

$file = "$env:windir\System32\drivers\etc\hosts"
"xx.xxx.x.xx mydomain.net" | Add-Content -PassThru $file
Get-Content -Path $file

推荐答案

Microsoft最近取消了对托管代理的按小时付费的限制.由于有不受限制的免费托管代理分钟，因此他们必须采取一些步骤来防止在自己的角钱上进行加密挖矿.

Microsoft recently removed the pay-by-hour limitation on hosted agents. Since there's unlimited free hosted agent minutes, they had to take some steps to prevent crypto mining on their dime.

我对此没有官方确认，但似乎很合逻辑.

I have no official confirmation on this, but it seems pretty logical.

这篇关于Azure devops托管代理可疑主机文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！