From: Jan Vlach <janus@volny.cz>
To: Proxmox VE user list <pve-user@lists.proxmox.com>
Subject: [PVE-User] Cisco ironport appliances on proxmox 8.1 not booting after upgrade (solved, FYI)
Date: Wed, 14 Feb 2024 16:15:23 +0100 [thread overview]
Message-ID: <3A1AB2AD-9A83-4405-B7C7-263A0830F4B7@volny.cz> (raw)
Hi proxmox user list,
we're running Cisco Ironport antispam appliances versions 14.x (FreeBSD11-based) and 15.x (FreeBSD13-based) on multiple proxmox clusters.
In previous weeks, I've upgraded to latest 8.1.4, live migrated machines around. This worked flawlessly this time between 6.2.x and 6.5.x kernel.
Today colleague needed to bump up RAM from 8G to 16G on an appliance and after shutdown and fresh start, appliance wouldn't come up with various errors - detecting raid device that's not there, missing python files, not bringing up networking.
Same behavior was observed on old 14.x appliance, just shutdown and boot. No other changes.
After some digging around and reading changelog for qemu 8.1, the only real change logged for x86 is "Default to SMBIOS 3.0 information".
Turns out this means that now default SMBIOS record size is 64bits vs 32bits and this causes problems.
Changing Hardware version for q35 to 8.0 from "latest" makse the appliance boot correctly, have networking, but even though UUID stays the same, the appliance generates new serial and games with cisco licensing ensue. Trying to use HW version 7.2 from time of installation doesn't help with keeping serials either.
Seems like FreeBSD can read 64bit SMBIOS entries since version 14.
Just a heads up so the next guy doesn't need to jump in head first and can prepare a bit.
JV
RELATED LINKS:
https://reviews.freebsd.org/rGee97f198b42d50437f87aa4111d478eca2a5be16
https://wiki.qemu.org/ChangeLog/8.1 <https://wiki.qemu.org/ChangeLog/8.1>
https://forum.proxmox.com/threads/uuid-lost-after-changing-machine-type.136942/ <https://forum.proxmox.com/threads/uuid-lost-after-changing-machine-type.136942/>
https://www.cisco.com/c/dam/en/us/td/docs/security/content_security/virtual_appliances/Cisco_Content_Security_Virtual_Appliance_Install_Guide.pdf
reply other threads:[~2024-02-14 15:16 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3A1AB2AD-9A83-4405-B7C7-263A0830F4B7@volny.cz \
--to=janus@volny.cz \
--cc=pve-user@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox