Failed to bootstrap in any of new AWS non-default regions like HongKong, Capetown

Failed to bootstrap in any of new AWS non-default regions like HongKong, Capetown

8970
Created On 03/12/21 17:39 PM - Last Modified 02/06/25 21:15 PM


Symptom


  • Unable to detect S3 bucket deployed in N. Virginia region and bootstrap AWS EC2 instance in non-default regions like HongKong, Capetown.
  • Same deployment scenario is successful when AWS S3 bucket is moved to same region i.e. Hong Kong (ap-east-1).
mp        pan_vm_plugin.log                  2020-11-30 10:44:15   2020-11-30 10:44:15.781 -0800 vm_install_media INFO: : Platform Identified as AWS
mp        pan_vm_plugin.log                  2020-11-30 10:44:15   2020-11-30 10:44:15.840 -0800 vm_install_media INFO: : AWS cloud_setting called
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.974 -0800 vm_install_media INFO: : AWS bootstrap_attach called
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.974 -0800 vm_install_media INFO: : VM bootstrap: AWS
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.976 -0800 vm_install_media INFO: : AWS get_meta_data called http://169.254.169.254/latest/ user-data
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.977 -0800 vm_install_media INFO: : AWS get_meta_data succeedeed
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.977 -0800 vm_install_media INFO: : AWS get_meta_data called http://169.254.169.254/latest/ meta-data/iam/security-credentials
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.978 -0800 vm_install_media INFO: : AWS get_meta_data succeedeed
mp        pan_vm_plugin.log                  2020-11-30 10:45:17   2020-11-30 10:45:17.556 -0800 vm_install_media INFO: : AWS: unable to list bucket objects
mp        pan_vm_plugin.log                  2020-11-30 10:45:17   2020-11-30 10:45:17.781 -0800 vm_install_media INFO: : vm_mode: 4
mp        pan_vm_plugin.log                  2020-11-30 10:45:17   2020-11-30 10:45:17.866 -0800 vm_install_media INFO: : Platform Identified as AWS
mp        pan_vm_plugin.log                  2020-11-30 10:45:17   2020-11-30 10:45:17.925 -0800 vm_install_media INFO: : AWS cloud_setting called
mp        pan_vm_plugin.log                  2020-11-30 10:45:19   2020-11-30 10:45:19.059 -0800 vm_install_media INFO: : bootstrap_detach Unmount /mnt/install_media
mp        pan_vm_plugin.log                  2020-11-30 10:45:19   2020-11-30 10:45:19.063 -0800 vm_install_media INFO: : Detach failed for mount point /mnt/install_media
mp        pan_vm_plugin.log                  2020-11-30 10:45:19   2020-11-30 10:45:19.066 -0800 vm_install_media INFO: : clean up /tmp/.customdata
mp        pan_vm_plugin.log                  2020-11-30 10:47:24   2020-11-30 10:47:24.786 -0800 vm_license_check INFO: : vm_mode: 4
mp        pan_vm_plugin.log                  2020-11-30 10:47:24   2020-11-30 10:47:24.880 -0800 vm_license_check INFO: : Platform Identified as AWS
mp        pan_vm_plugin.log                  2020-11-30 10:47:24   2020-11-30 10:47:24.971 -0800 vm_license_check INFO: : AWS cloud_setting called
mp        pan_vm_plugin.log                  2020-11-30 10:47:25   2020-11-30 10:47:25.374 -0800 vm_host_init INFO: : vm_mode: 4
  •      bts_details
--------------------------------------------------------------------------------
2020-11-30 10:44:15.640 -0800 INFO: Bootstrap log initialized
--------------------------------------------------------------------------------
2020-11-30 10:44:15.640 -0800 INFO: Running command: detect []
2020-11-30 10:44:15.640 -0800 DEBUG: /mnt/install_media: created
2020-11-30 10:45:17.623 -0800 INFO: Failed to mount install media: 1 [] [] 4098
2020-11-30 10:45:17.623 -0800 ERROR: btsErrorNoMedia: No Install media detected.(2)
2020-11-30 10:45:17.623 -0800 DEBUG: Syslogging: /usr/local/bin/pan_elog -u 12 -e 201326619 -s critical -m "No bootstrap media detected." -x
2020-11-30 10:45:17.726 -0800 DEBUG: Adding status: Media Detection Failed No bootstrap media detected.
2020-11-30 10:45:19.130 -0800 ERROR: btsErrorNoMedia: No Install media detected.(2)

 

Environment


  • Platform: VM-Series on AWS
  • PAN-OS/Plugin Version: Any
  • Deployment: Existing

Cause


  • Due to AWS limitation for newer regions like ap-east-1, our current design does not work to access S3 bucket from different region.

Resolution


  • If PA-VM is deployed in any of new non-default regions like HongKong, Capetown, Bootstrapping on AWS will only work if the customer uses local S3 storage buckets. This is basically inline with AWS default behavior for these new regions to restrict interaction with AWS resources in other regions.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000001UlrCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language