It’s great to see that a lot of people are starting to consider upgrading to vSphere 5.1 and are upgrading their lab environments. vCloud Networking and Security is one of the jewels in the crown for VMware and it’s expanded functionality, including high availability, means it is an even stronger candidate for enterprise firewall replacement in addition to it’s use cases with vCloud Director. I had used the previous version in an enterprise firewall replacement project and discussed that in Enterprise Firewall Replacement with vShield Edge and vShield App.
There are a number of considerations when upgrading to vSphere 5.1 covered in my article vSphere 5.1 Generally Available – Important Upgrade Considerations. However a specific issue has come up with some upgrades to vShield Manager 5.1 that you need to be aware of. This article will try and help address this particular issue.
A number of people have been reporting problems with vShield Manager after the upgrade to 5.1 with symptoms of a kernel panic after modifying the guest to 2 vCPU’s and 8GB RAM as recommended. The reason the kernel panic is occurring in most cases is that the vShield Manager is now 64bit and will require you to change the Guest OS type in vCenter from Other 32bit to Other 64bit. You will also have to change the vSCSI controller from BusLogic Parallel to LSI Logic Parallel. Failure to do this will render your vShield Manager VM inoperative. If you make these simple changes when you change the vCPU and RAM you should have no problems. Remember with vShield Manager 5.1 there are 3 different configuration types and it’s important to match the virtual hardware configuration to the correct configuration type. I would expect a KB article to be posted by VMware very shortly on this topic and when I know what the KB number is I will link through to it.
Based on the above and another issue that is discussed in KB 2035939 re vShield Edge Disk Full Error. I would recommend that you upgrade to vShield Manager 5.1.1 as soon as practicable.
—
This post first appeared on the Long White Virtual Clouds blog at longwhiteclouds.com, by Michael Webster +. Copyright © 2012 – IT Solutions 2000 Ltd and Michael Webster +. All rights reserved. Not to be reproduced for commercial purposes without written permission.
[…] Optionally supports SSO for authentication. Storage Tiering within a single PvDC may change how you want to define your service offerings and pricing/charging within a PvDC. Org vDC Networks constrained within an Org vDC replace Organization wide networks as the default. There is an option to ‘share’ Org VDC networks to maintain compatibility and allow a smooth upgrade. VXLAN now integrated in vCloud Director and part of vSphere Distributed Switch (note name change). RHEL 6.2 now supported as a vCD Cell OS. You will have to upgrade vShield Manager as part of the upgrade process and this may require a change of virtual hardware configuration (see Kernel Panic in vShield Manager after Upgrade to 5.1). […]
[…] Manager (KB Article) After upgrading to vSphere 5.1 vShield Endpoint stops functioning (KB Article) Kernel Panic in vShield Manager after Upgrade to 5.1 (Long White […]
Hi Michael – thanks for this. I ran into the kernel panic issue as well after upgrading, unfortunately i didn't see this post until the next day. I assumed it was related to the ram/cpu change so i set them back after the kernel panic appeared, but it didn't resolve the issue with the upgraded appliance. I reverted to a snapshot and tried the upload again from vshield manager, but now i'm having issues getting the upload to complete, as the install button never appears in vshield manager (i've tried using msie 8 and 9). i've been watching the upload seemingly complete in the appliance by running "show filesystems" to ensure that all of the data arrives (there doesn't appear to be any other viable user feedback for this process), increasing the Used value /dev/sda6 by the size of the uploaded .bin file. Unfortunately the install option never appears in vshield manager after the upload seems complete. i'm working with vmware tech support on this issue now.
So I believe I have this resolved, and it appears to have been an issue with virtual disk space similar to KB 2035939. I needed to revert again to my snapshot, then from the console enter “en”, provide the admin password, then clear up some space by entering “purge log manager” then “purge log system”. This freed up a modest amount of space on /dev/sda3 and I believe /dev/shm, but didn’t have much impact /dev/sda6 which is where the upload of the bin is placed. I then initiated the upload from vShield Manager and it completed, displaying the install link. However, the version displayed for the update was 5.0, which concerned me until I clicked “Install”, and the confirmation screen showed the 5.1 version. I’ve now got the appliance updated and will implement your recommendations. hope that is helpful to anyone else encountering this issue.