Disk Extend Problem

Aaron_Hayward · ‎2019-02-27

Hi all,

I currently have a issue where my secondary management server has reached its OS volume capacity and not syncing with my primary. The secondary management server is also acting as the log server (I know, not best practice) and as such our ability to view the logs are down.

I have tried to extend the 'lv_current' partition to match the primary by following sk94671 but this has created a separate volume, 'lv_extended_current'. I would like to remove the newly created and extend the correct volume, any help would be very much appreciated.

Server is hosted in VMWare,

Outputs below from SSH;

LVM overview
============
                           Size(GB)   Used(GB)   Configurable    Description
    lv_current             15         15         yes             Check Point OS and products
    lv_current_snap        0          0          no              Snapshot volume
    lv_extended_current    26         26         no              Snapshot volume
    lv_log                 500        441        yes             Logs volume
    upgrade                17         N/A        no              Reserved for version upgrade
    swap                   8          N/A        no              Swap volume size
    free                   33         N/A        no              Unused space
    -------                ----
    total                  599        N/A        no              Total size

press ENTER to continue.

[Expert@xxxxx]# df -k
Filesystem           1K-blocks      Used Available Use% Mounted on
/dev/mapper/vg_splat-lv_current
                      15236080 15100688         0 100% /
/dev/sda1               295561     24107    256194   9% /boot
tmpfs                  8149992         0   8149992   0% /dev/shm
/dev/mapper/vg_splat-lv_log
                     507869624 462259956 19395268 96% /var/log

[Expert@xxxxxx]# fdisk -l

Disk /dev/sda: 107.3 GB, 107374182400 bytes
255 heads, 63 sectors/track, 13054 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id System
/dev/sda1   *           1          38      305203+ 83 Linux
/dev/sda2              39        1082     8385930   82 Linux swap / Solaris
/dev/sda3            1083       13054    96165090   8e Linux LVM

Vladimir · ‎2019-02-27

Hi,

Would you mind specifying resource for the statement that having secondary management defined as a log server is not a best practice?

Thank you,

Vladimir

Aaron_Hayward · ‎2019-02-28

Hi Vladimir,

I have got this information from my current CCSA & CCSE course.

Timothy_Hall · ‎2019-02-28

Course and page number where this statement is made? I teach the CCSA/CCSE classes and don't recall a statement like this in the courseware.

--
"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com

Gaia 3.10 Immersion Self-paced Video Series
now available at http://www.maxpowerfirewalls.com

Aaron_Hayward · ‎2019-02-28

Hi Timothy,

Not sure if this is captured in the documentation, haven't doubled checked... I captured this in my own personal notes from the course after a class discussion with the instructor.

Jerry · ‎2019-02-28

Second that guys, once you've got Management HA for instance I have never heard myself that someone dedicated a "function" to the 2nd SMS as Log Server (former CLM). I agree with Tim, never head of it on either courses. That's definitely not a case!

Jerry

Vladimir · ‎2019-02-28

It is contrary to what I was led to believe should be done in management HA, where I explicitly define secondary management as a log destination.

Timothy Hall‌, can you take a look at this post of mine to validate the accuracy of the statements I've made there? https://community.checkpoint.com/docs/DOC-2922-logging-in-a-single-security-domain

Thank you,

Vladimir

Timothy_Hall · ‎2019-02-28

Added a comment to that thread with a suggestion, looks accurate to me...

--
"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com

Gaia 3.10 Immersion Self-paced Video Series
now available at http://www.maxpowerfirewalls.com

MikaelJohnsson · ‎2019-02-28

I had a similar case where lvm_manager would hang during the extension of a volume, resulting in the same problem with a lv_extended_current snapshot-partition and I got the following suggestion / resolution from ITAC:

In order to remove the lv_extended_current snapshot-volume you can use:
lvremove -f /dev/vg_splat/lv_extended_current

As always, know what you're doing and make sure you have a way back if things take an unexpected turn...

Cheers

Aaron_Hayward · ‎2019-03-01

Thank you Mikael, this was the same response I got as well, unfortunately did not work and got the following:

lvremove -f /dev/vg_splat/lv_extended_current
/dev/cdrom: open failed: Read-only file system
Can't remove open logical volume "lv_extended_current"

I have been given the following suggestion:

In case this does not succeed, we can suggest to create a new VM with the desired disk size and fresh install the system as sometimes there are issues with disk space on virtual platforms and manipulating it may cause unexpected results.

Thanks

MikaelJohnsson · ‎2019-03-01

Try to reboot the machine in maintenance-mode first.

Since there's probably all kind of locks on the filesystem I think I had to do it in Single-user mode (Mainentance-mode).

Cheers

hrath · ‎2020-10-19

Had the same issue as yours and this command worked perfectly fine on Smart-1 405

Many Thanks !