PA-VM deployed in AWS does not detect secondary logging disk
5091
Created On 03/18/20 12:11 PM - Last Modified 04/06/20 17:42 PM
Symptom
The secondary disk is added to firewall instance deployed in AWS to have additional logging space; however the firewall instance does not detect the newly added logging disk.
- Run the below CLI command on PA-VM to verify disk space:
> show system disk-space
Filesystem Size Used Avail Use% Mounted on
/dev/root 6.9G 3.1G 3.5G 47% /
none 7.8G 52K 7.8G 1% /dev
/dev/xvda5 16G 1.1G 15G 7% /opt/pancfg
/dev/xvda6 8.0G 3.3G 4.4G 43% /opt/panrepo
tmpfs 4.8G 4.2G 657M 87% /dev/shm
/dev/xvda8 21G 231M 20G 2% /opt/panlogs
tmpfs 12M 0 12M 0% /opt/pancfg/mgmt/lcaas/ssl/private
/dev/root 6.9G 3.1G 3.5G 47% /
none 7.8G 52K 7.8G 1% /dev
/dev/xvda5 16G 1.1G 15G 7% /opt/pancfg
/dev/xvda6 8.0G 3.3G 4.4G 43% /opt/panrepo
tmpfs 4.8G 4.2G 657M 87% /dev/shm
/dev/xvda8 21G 231M 20G 2% /opt/panlogs
tmpfs 12M 0 12M 0% /opt/pancfg/mgmt/lcaas/ssl/private
- Above output indicates that firewall has not detected the additional disk, only one disk xvda is detected which carries the root partition
- Verify if the firewall instance was restarted after the disk was attached.
- Navigate to AWS Console > EC2 > Click on Instance > Check for Block Devices to verify the attached disk. In this case the disk path is seen as /dev/sdf
Environment
- Platform: PA-VM
- PAN-OS / Plugin Version: - 7.1.12 / -
- Deployment: AWS
Cause
- Secondary disk is attached with path /dev/sdf
Resolution
- Secondary disk should have the path as /dev/xvdb
- Detach the block volume from firewall instance and re-attach it while specifying the path as /dev/xvdb
- To detach, follow the below path: (refer above screenshots)
EC2 > Volume > Search by Instance ID > Click on Secondary disk > Action > Detach Volume
- To re-attach follow below path: (refer above screenshots)
Volume > Search by Instance ID > Click on Secondary disk > Action > attach Volume > Select Instance > Device : /dev/xvdb > Attach
- Restart the VM from AWS console