No se pudo arrancar en ninguna de las nuevas AWS regiones no predeterminadas como HongKong, Capetown

No se pudo arrancar en ninguna de las nuevas AWS regiones no predeterminadas como HongKong, Capetown

9004
Created On 03/12/21 17:39 PM - Last Modified 02/06/25 21:15 PM


Symptom


  • No se puede detectar el bucket de S3 implementado en N . Región de Virginia y instancia EC2 de arranque AWS en regiones no predeterminadas como HongKong, Capetown.
  • El mismo escenario de implementación se realiza correctamente cuando AWS el bucket de S3 se mueve a la misma región, es decir, Hong Kong (ap-east-1).
mp        pan_vm_plugin.log                  2020-11-30 10:44:15   2020-11-30 10:44:15.781 -0800 vm_install_media INFO: : Platform Identified as AWS
mp        pan_vm_plugin.log                  2020-11-30 10:44:15   2020-11-30 10:44:15.840 -0800 vm_install_media INFO: : AWS cloud_setting called
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.974 -0800 vm_install_media INFO: : AWS bootstrap_attach called
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.974 -0800 vm_install_media INFO: : VM bootstrap: AWS
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.976 -0800 vm_install_media INFO: : AWS get_meta_data called http://169.254.169.254/latest/ user-data
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.977 -0800 vm_install_media INFO: : AWS get_meta_data succeedeed
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.977 -0800 vm_install_media INFO: : AWS get_meta_data called http://169.254.169.254/latest/ meta-data/iam/security-credentials
mp        pan_vm_plugin.log                  2020-11-30 10:44:16   2020-11-30 10:44:16.978 -0800 vm_install_media INFO: : AWS get_meta_data succeedeed
mp        pan_vm_plugin.log                  2020-11-30 10:45:17   2020-11-30 10:45:17.556 -0800 vm_install_media INFO: : AWS: unable to list bucket objects
mp        pan_vm_plugin.log                  2020-11-30 10:45:17   2020-11-30 10:45:17.781 -0800 vm_install_media INFO: : vm_mode: 4
mp        pan_vm_plugin.log                  2020-11-30 10:45:17   2020-11-30 10:45:17.866 -0800 vm_install_media INFO: : Platform Identified as AWS
mp        pan_vm_plugin.log                  2020-11-30 10:45:17   2020-11-30 10:45:17.925 -0800 vm_install_media INFO: : AWS cloud_setting called
mp        pan_vm_plugin.log                  2020-11-30 10:45:19   2020-11-30 10:45:19.059 -0800 vm_install_media INFO: : bootstrap_detach Unmount /mnt/install_media
mp        pan_vm_plugin.log                  2020-11-30 10:45:19   2020-11-30 10:45:19.063 -0800 vm_install_media INFO: : Detach failed for mount point /mnt/install_media
mp        pan_vm_plugin.log                  2020-11-30 10:45:19   2020-11-30 10:45:19.066 -0800 vm_install_media INFO: : clean up /tmp/.customdata
mp        pan_vm_plugin.log                  2020-11-30 10:47:24   2020-11-30 10:47:24.786 -0800 vm_license_check INFO: : vm_mode: 4
mp        pan_vm_plugin.log                  2020-11-30 10:47:24   2020-11-30 10:47:24.880 -0800 vm_license_check INFO: : Platform Identified as AWS
mp        pan_vm_plugin.log                  2020-11-30 10:47:24   2020-11-30 10:47:24.971 -0800 vm_license_check INFO: : AWS cloud_setting called
mp        pan_vm_plugin.log                  2020-11-30 10:47:25   2020-11-30 10:47:25.374 -0800 vm_host_init INFO: : vm_mode: 4
  • bts_details
--------------------------------------------------------------------------------
2020-11-30 10:44:15.640 -0800 INFO: Bootstrap log initialized
--------------------------------------------------------------------------------
2020-11-30 10:44:15.640 -0800 INFO: Running command: detect []
2020-11-30 10:44:15.640 -0800 DEBUG: /mnt/install_media: created
2020-11-30 10:45:17.623 -0800 INFO: Failed to mount install media: 1 [] [] 4098
2020-11-30 10:45:17.623 -0800 ERROR: btsErrorNoMedia: No Install media detected.(2)
2020-11-30 10:45:17.623 -0800 DEBUG: Syslogging: /usr/local/bin/pan_elog -u 12 -e 201326619 -s critical -m "No bootstrap media detected." -x
2020-11-30 10:45:17.726 -0800 DEBUG: Adding status: Media Detection Failed No bootstrap media detected.
2020-11-30 10:45:19.130 -0800 ERROR: btsErrorNoMedia: No Install media detected.(2)

 

Environment


  • Plataforma: VM- Serie en AWS
  • PAN-OS/Versión del plugin: Cualquier
  • Implementación: Existente

Cause


  • Debido a AWS la limitación para regiones más nuevas como ap-east-1, nuestro diseño actual no funciona para acceder al bucket S3 desde diferentes regiones.

Resolution


  • Si PA-VM se implementa en cualquiera de las nuevas regiones no predeterminadas como HongKong, Capetown, Bootstrapping on solo funcionará si el cliente utiliza AWS buckets de almacenamiento S3 locales. Esto está básicamente en línea con el AWS comportamiento predeterminado para estas nuevas regiones para restringir la interacción con los recursos en otras AWS regiones.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000001UlrCAE&lang=es&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language