[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["上次更新時間:2025-09-04 (世界標準時間)。"],[[["\u003cp\u003eCompute Engine might fail to automatically register PAYG Ubuntu Pro licenses on virtual machines (VMs).\u003c/p\u003e\n"],["\u003cp\u003eYou can check the registration status of your Ubuntu Pro license by connecting to the VM and running \u003ccode\u003esudo ua status\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eIf automatic registration fails, you can manually register the license by running the \u003ccode\u003esudo pro auto-attach\u003c/code\u003e command.\u003c/p\u003e\n"],["\u003cp\u003eTroubleshooting registration failures involves verifying VM metadata server access, ensuring the Google guest agent is running, and checking if a service account is attached and enabled.\u003c/p\u003e\n"],["\u003cp\u003eRe-enabling the service account should resolve issues with license registration, at which point attempting the manual registration step should be successful.\u003c/p\u003e\n"]]],[],null,["Linux\n\n*** ** * ** ***\n\nOccasionally, Compute Engine fails to register PAYG Ubuntu Pro licenses\nautomatically. This document describes how to resolve issues you might encounter\nwith registering Compute Engine virtual machine (VM) instances running pay-as-you-go\n(PAYG) Ubuntu Pro licenses.\n\nCheck registration status\n\nTo check if your license is registered, connect to the VM and run\nthe following command \n\n```\nsudo ua status\n```\n\nIf the registration succeeded, you see output similar to the following and no\nfurther action is required: \n\n```\nSERVICE ENTITLED STATUS DESCRIPTION\ncc-eal yes disabled Common Criteria EAL2 Provisioning Packages\ncis yes disabled Security compliance and audit tools\nesm-apps yes enabled Expanded Security Maintenance for Applications\nesm-infra yes enabled Expanded Security Maintenance for Infrastructure\nfips yes disabled NIST-certified core packages\nfips-updates yes disabled NIST-certified core packages with priority security updates\nlivepatch yes enabled Canonical Livepatch service\n```\n\nIf the registration failed and Ubuntu Pro isn't registered, you see a message\nsimilar to the following: \n\n```\nThis machine is not attached to an Ubuntu Pro subscription.\n```\n\nManually register license\n\nIf Compute Engine failed to automatically register you Ubuntu pro license,\nyou can manually register the license by running the following command: \n\n```\nsudo pro auto-attach\n```\n\nThe output is similar to the following:\n\n- **Registration success**:\n\n ```\n This machine is already attached to PROJECT_ID\n To use a different subscription first run: sudo pro detach.\n ```\n- **Registration failure**:\n\n ```\n Internal Server Error\n ```\n\nTroubleshoot license registration\n\nIf you were unable to manually register a Ubuntu Pro license, resolve the issue by\ndoing the following:\n\n1. Verify that the VM can reach the metadata server by running the following command\n to check the number of disks attached to the VM:\n\n ```\n curl \"http://metadata.google.internal/computeMetadata/v1/instance/disks/\" -H \"Metadata-Flavor: Google\"\n ```\n\n The output is similar to the following, which shows the number of disks attached\n to the VM: \n\n ```\n 0/\n 1/\n 2/\n ```\n\n If the output doesn't show the number of disks attached to the VM, see\n [Troubleshooting metadata server access issues](/compute/docs/troubleshooting/troubleshoot-metadata-server).\n2. Verify the Google guest agent is running by running the following command:\n\n ```\n systemctl status google-guest-agent.service\n ```\n\n The output is similar to the following: \n\n ```\n ● google-guest-agent.service - Google Compute Engine Guest Agent\n Loaded: loaded (/lib/systemd/system/google-guest-agent.service; enabled;\n vendor preset: enabled)\n Active: active (running) since Thu 2023-04-20 16:35:11 PDT; 2h 12min ago\n Main PID: 4582 (google_guest_ag)\n Tasks: 10 (limit: 9525)\n ```\n\n If the guest agent is not installed or failed, [install or reinstall the\n the guest environment](/compute/docs/images/install-guest-environment).\n3. Verify that a Service account is attached to the VM, by running the following\n command from your local workstation:\n\n ```\n gcloud compute instances describe VM_NAME \\\n --zone ZONE --format=\"table(serviceAccounts.email)\"\n ```\n\n Replace the following:\n - \u003cvar translate=\"no\"\u003eVM_NAME\u003c/var\u003e: the name of the VM\n - \u003cvar translate=\"no\"\u003eZONE\u003c/var\u003e: the zone where the VM is located\n\n The output is similar to the following: \n\n ```\n EMAIL: ['XXXXXXXX-compute@developer.gserviceaccount.com']\n ```\n\n Note the email of the service account.\n4. Check if the service account is enabled by running the following query:\n\n ```\n gcloud logging read --freshness=90d \"SERVICE_ACCOUNT_EMAIL protoPayload.methodName=google.iam.admin.v1.DisableServiceAccount\"\n ```\n\n Replace \u003cvar translate=\"no\"\u003eSERVICE_ACCOUNT_EMAIL\u003c/var\u003e with the email address\n associated with the VM's service account.\n\n The output is similar to the following: \n\n ```\n insertId: 1ne5thkf13sxec\n logName: projects/testproject/logs/cloudaudit.googleapis.com%2Factivity\n protoPayload:\n '@type': type.googleapis.com/google.cloud.audit.AuditLog\n authenticationInfo:\n principalEmail: principalemail@google.com\n principalSubject: user:pricipalemail@google.com\n authorizationInfo:\n granted: true\n permission: iam.serviceAccounts.disable\n resource: projects/-/serviceAccounts/XXXXXXXXXXXXXX\n resourceAttributes:\n name: projects/-/serviceAccounts/XXXXXXXXXXXXXXXX\n methodName: google.iam.admin.v1.DisableServiceAccount\n request:\n '@type': type.googleapis.com/google.iam.admin.v1.DisableServiceAccountRequest\n name: projects/testproject/serviceAccounts/-compute@developer.gserviceaccount.com\n requestMetadata:\n destinationAttributes: {}\n requestAttributes:\n auth: {}\n time: '2024-01-25T21:37:55.748811275Z'\n resourceName: projects/-/serviceAccounts/XXXXXXXXXX\n response:\n '@type': type.googleapis.com/google.protobuf.Empty\n serviceName: iam.googleapis.com\n status: {}\n receiveTimestamp: '2024-01-25T21:37:56.409675900Z'\n resource:\n labels:\n email_id: -compute@developer.gserviceaccount.com\n project_id: testproject\n unique_id: 'XXXXXXXXXXXXXXXX'\n type: service_account\n severity: NOTICE\n timestamp: '2024-01-25T21:37:55.721215307Z'\n ```\n\n If the service account isn't enabled, [re-enable it](/iam/docs/service-accounts-disable-enable#enabling).\n\nAfter you have re-enabled the service account, try to register the license\nby following the instructions in the [manually register license](#manual_registration)\nsection of this document."]]
