vShield Manager: disk is full

Az RVTools Health tabja jelezte, hogy a vShieled Manager VM-en (legutolso, vCNS) elfogyott a szabad hely:

vShieldManager On / is 0% disk space available! The threshold value is 10%

No, ennek fele sem trefa, mert az agentless Deep Security AV protection is ennek segitsegevel (vShield Endpoint Agent) mukodik, igy nezzuk meg mit lehet tenni. Belepve a console-ra a sajat vShieled CLI fogad minket (Linuxos parancsokat elfelejthetjuk), ami kicsit a Cisco IOS-re hasonlit. (bovebben pdf)

Manager # show filesystem


Igazan lehetoseg nincs hozzaferni a file-okhoz, probalkozunk log torlessel:

Manager # purge log manager 
Manager # purge log system

Sajnos erdemi valtozas nem tortent, a KB2135959 vShield Manager appliance system disk is full in VMware vCloud Networking and Security 5.5.x pedig a kovetkezot mondja:

This issue occurs due to a problem with the way the catalina.out log file is rotated. In this case, the tomcat process references a catalina.out* file even when it is deleted by the logrotate program. Files are removed from the disk only when the number of references to a file is zero and, therefore, the catalina.out files are not deleted and they build up until the entire partition is consumed.

A megoldas pedig:

This is a known issue affecting VMware vCloud Networking and Security 5.5.x. Currently, there is no resolution.To work around this issue, reboot the vShield Manager appliance.

Az igen. Bar mar 2013 szeptember ota EOA a termek, (az utolso verzio is lassan egy eves) de Essentials Plus felett legalabb megkapjuk vSphere melle “ingyen”. Mig az NSX-et – (amiben a vShield Endpoint Agent funkcionalitasat az utodja a Guest Introspection viszi tovabb) -, kulon licence elleneben hasznalhatjuk. Sajnos a vCNS vegleg kikerul a portfoliobol, 2016. szeptemberben eri el az End of General Support fazist (eletutjarol bovebben erre), varhatoan a kovetkezo major vSphere release (6.1 / 6.5?) megjelenesevel. A KB2110078 szerint szerencsere ezutan is tamogatva lesz a  vShield Endpoint:

Q: If I am a VMware vShield customer, what changes?
No change. VMware vShield Endpoint and vCloud Networking and Security Manager to manage vShield Endpoint continues to be available and supported. vCNS Manager will continue to be supported beyond the general vCNS product end of support for agent-less AV only.

A reboot legalabb segitett, igy fest a jelenlegi helyzet:


Hiaba, az IT-ben neha ez az ultimate answer:

