Cloud Skyline Support Experience

Skyline Advisor Proactive Findings – September Edition

VMware Skyline Advisor releases new Proactive Findings every month. Findings are prioritized by trending issues in VMware Support, issues raised through Post Escalation review, Security vulnerabilities, and issues raised from VMware engineering, and customers.

For the month of September, we released 37 new findings. Of these, there are 25 findings based on trending issues, 6 based on post escalation reviews, and 3 based on VMware Security Advisories. We picked a few findings from each of these categories which stand out in this release.

VMware Support Trending Issues

VMware Support trending issue are KBs which GS believes has solved a large number of SRs and/or a KB which has been viewed a large number of times.

In KB 83963, ESXi hosts which boot off USB SD Cards become non-responsive which is due to race condition in the ESXi storage stack. KB 83963 is considered trending by Global Services because it has been viewed over 26,000 times and GS believed it has helped solve over 1,100 SRs. It is important to note that in the future VMware would like customers to no longer boot off USB SD cards. This is outline in the following KB – https://kb.vmware.com/s/article/85685.

  • Finding ID: vSphere-MissingBootbank-KB#83963
    • Description: Bootbank cannot be found at path ‘/bootbank’ errors being seen after upgrading to ESXi 7.0 U2.
    • Resolution: This issue is resolved in VMware vSphere ESXi 7.0 U2c and later
    • Helpful Link: https://kb.vmware.com/s/article/83963
    • Severity: Critical

Security Vulnerabilities

CVE-2021-22005 Critical CVE with a 9.8 score, in VMSA-2021-0020 where VMware vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file. This Analytics service is not part of VMware Skyline Advisor. Skyline cannot check the workaround of changing the local ph-web.xml, please patch your vCenter to remediate this vulnerability.

  • Finding ID: vSphere-MultipleVCVulnerabilites-VMSA#202120
    • Description: VMware vCenter Server updates address multiple security vulnerabilities.
    • Resolution: Most of the CVEs noted in the VMSA are resolved with vCenter 7.02c, 6.7 u3o, and 6.5 u3q. We will be releasing a follow-up finding for the two non-critical CVEs fixed in 7.0u2d.
    • Helpful Link: https://www.vmware.com/security/advisories/VMSA-2021-0020.html
    • Severity: Critical

Post Escalation Review

VMware Support has developed a Post Escalation Review process. We review critical escalations which come into our Escalation management team and determine steps to prevent these escalations in the future with other customers. One of the outcomes of this process is the creation of Skyline Findings.

From a critical customer escalation we determined 3 different Findings on VMware NSX-T Data Center. One of the findings is that a customer can ran into an out of memory issue that can cause the NSX-T manager /image/core partition to fill up that in turn causes the UI and corfu cluster to go down. Another finding from this escalation is that a customer ran into a performance issue on their NSX-T Edge Transport nodes that was resolved with recommended ESXi Host advanced settings. This advanced setting is configured on all hosts in a vSphere cluster which holds the NSX-T Edge Transport nodes. This increase will allow for more memory to be allocated to VMX devices of VMs.

  • Finding ID: NSXT-UIandcorfudown-KB#83629
    • Description: NSX-T Manager node Image partition is full or near capacity.
    • Resolution: To remediate this vulnerability please upgrade your vCenter to the patches outlined in the KB under helpful links.
    • Helpful Link: https://kb.vmware.com/s/article/83629
    • Severity: Critical
  • Finding ID: NSXT-ManagerImageDiskSpace-KB#79846
    • Description: NSX-T Manager node Image partition is full or near capacity.
    • Resolution: Please review KB under helpful links for remediation steps.
    • Helpful Link: https://kb.vmware.com/s/article/79846
    • Severity: Critical
  • Finding ID: NSXT-P2MBufferSize-KB#76387
    • Description: Configuring P2M Buffer size for virtual machines.
    • Resolution: It is recommended that all VMs in clusters that contain NSX edges have increased ShareCOSBufSize settings.
    • Helpful Link: https://kb.vmware.com/s/article/76387
    • Severity: Moderate

To review all released Findings for the month of September and all current active VMware Skyline findings please go to the VMware Skyline Findings Catalog.

Most Viewed Findings in Last 30 Days

Below are the most viewed Findings by users in Skyline Advisor.

  1. vSphere-VMFS-L-SDCards-KB2383376
  2. vSphere-CustomizeWindowsGuests-KB#1020716
  3. vSphere-VCFEsxNTPRule-KB#81647
  4. vSphere-CVE-2020-3992-VMSA#23202023
  5. vSphere-VMmorethan3snapshots-KB#231025279
  6. vSphere-PSODQLFE3-KB2382237
  7. vSphere-EsxRemoteSysLogRuleVVD#SDDCOPSLOG026
  8. vSphere-PSODQLogicFCHBA-KB2383790
  9. vSphere-SpectreMeltdown-VMSA#201804-2
  10. vSphere-VmUnresponsivememoryleak-KB#2077302
  11. vSphere-DisablePowerManagement-KB#231018206
  12. vSphere-CVE-2021-21999-VMSA23202113
  13. vSphere-Vmtoolsmemoryleak-KB#2376163
  14. vSphere-CVE-2021-21994-21995-VMSA23202114
  15. vSphere-iscsiesxibooting-KB#2379694
  16. vSphere-L1TerminalFault-VMSA#201820-3
  17. vSphere-PSODQFLE3-KB#2379058
  18. vSAN-PSODdedupblock-KB2380703
  19. vSphere-PSODigbnPFException14-KB#2367686
  20. vSphere-XHCI-USB-controller-VMSA#23202026

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *