Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11153
Views
48
Helpful
12
Replies

vMotion support for ISE

Go to solution
chrivand
Cisco Employee
Cisco Employee

‎05-22-2018 11:28 PM

Hi All,

I have found that currently vMotion is stated in the config guide as being supported. Is that correct? In a previous post that was closed I could read that this was not supported yet.

http://www.cisco.com/c/en/us/td/docs/security/ise/2-1/install_guide/b_ise_InstallationGuide21/b_ise_InstallationGuide21_chapter_010.pdf


If it is supported, what are the limitations and guidelines?


Thanks in advance!

1 person had this problem
1 Accepted Solution

Accepted Solutions

Go to solution
Craig Hyps
Level 10
Level 10

‎05-23-2018 04:32 AM

vMotion is listed as supported but we have received reports of issues with current ISE versions.  ISE does not have a facility to stop/pause the db operations during vMotion and so this may lead to data corruption issues.  A similar issue exists with snapshots.

We have a request in to QA to validate the current caveats / restrictions and update documentation with current status.  In short, I would not recommend vMotion at this time.   However, you should be able to shutdown and replicate/migrate VM without issues.

View solution in original post

12 Replies 12

Go to solution
Craig Hyps
Level 10
Level 10

‎05-23-2018 04:32 AM

vMotion is listed as supported but we have received reports of issues with current ISE versions.  ISE does not have a facility to stop/pause the db operations during vMotion and so this may lead to data corruption issues.  A similar issue exists with snapshots.

We have a request in to QA to validate the current caveats / restrictions and update documentation with current status.  In short, I would not recommend vMotion at this time.   However, you should be able to shutdown and replicate/migrate VM without issues.

Go to solution
Brian Taylor
Level 1
Level 1
In response to Craig Hyps

‎12-03-2018 02:10 AM

@Craig Hyps any new information on vMotion recommendation with ISE2.4/2.5?

0 Helpful

Go to solution
Guillaume BARBEROT
Level 1
Level 1
In response to Brian Taylor

‎04-03-2019 06:59 AM

i don't know if it answers your question, but a bug id is dealing with vMotion not supported on ISE : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvn47559

Regards,
Guillaume
0 Helpful

Go to solution
chrivand
Cisco Employee
Cisco Employee

‎05-23-2018 07:42 AM

Hey!

Thank you very much for the answer. We heard of this, but when we saw it in the guide we thought that this might have changed. I will pass on the information and I look forward to the support of vMotion in the future.

Thanks again!

0 Helpful

Go to solution
Jacob Pyle
Level 1
Level 1
In response to chrivand

‎05-01-2019 07:01 AM

Looks like we just hit this bug as well.. MNT node vmotioned and now certain UI elements aren't loading.  TAC case opened.. Have disabled automated vmotion for now.  

0 Helpful

Go to solution
justin_leopold
Level 1
Level 1
In response to Jacob Pyle

‎07-18-2019 07:24 AM

Is there any road map to implement a permanent fix? Having these as VMs is really harming our ability to have a fully hands off and automated patching or upgrade cycles. This seems ridiculous for a multi-billion dollar software company...

0 Helpful

Go to solution
Damien Miller
VIP Alumni
VIP Alumni
In response to justin_leopold

‎07-18-2019 08:42 AM - edited ‎07-18-2019 01:04 PM

If you are a Cisco employee you can use the internal page http://cs.co/ise-pm to discuss with the product managers. If you are a customer or a partner then you can use http://cs.co/ise-feedback to remind them of the enhancement request.
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvn60474

They won't discuss road maps for products on the public communities.

Go to solution
todd.roberts11
Level 1
Level 1
In response to Damien Miller

‎08-10-2021 04:32 PM

Is Cisco ever going to fix this?  If so, when can we expect it to be fixed?  Been a problem for years now.

Go to solution
Marcelo Morais
VIP
VIP
In response to todd.roberts11

‎08-10-2021 04:54 PM

Hi @todd.roberts11 ,

 ISE SNS 3600-Series only support cold vMotion (please take a look at: ISE 3.0 - SNS 3500/3600 Series Appliances and Virtual Machine Requirements).

 Note: you can open a TAC Case and ask TAC to add your case to the CSCvn60474 - Ability to perform vMotion while ISE VM is up and running .
 

Hope this helps !!!

Go to solution
todd.roberts11
Level 1
Level 1
In response to Marcelo Morais

‎08-10-2021 05:08 PM

I've read the documentation, Marcelo.  What Im asking is if you ever plan on fixing the problem?

Go to solution
Greg Gibbs
Cisco Employee
Cisco Employee
In response to todd.roberts11

‎08-10-2021 08:59 PM

The bug filed is a feature enhancement. ISE uses an in-memory distributed database which that does not react well to the quiesce of the disk that occurs as part of the hot vMotion operation.

As stated earlier in this thread, roadmap is not discussed on this public forum. Please use the feedback mechanisms provided at http://cs.co/ise-feedback or contact your Cisco account team so they can request any updates from the ISE Product Managers.

0 Helpful

Go to solution
todd.roberts11
Level 1
Level 1
In response to Greg Gibbs

‎08-10-2021 09:52 PM - edited ‎08-10-2021 10:10 PM

Greg, most of us have been living with the problem for years now and have a sound technical understanding of the applications fragility.   I don't see anyone on here asking for another technical write up on why it doesn't work, do you?  We aren't asking you for trade secrets, we just want to know if you have the slightest intention of ever fixing an obvious and debilitating flaw with your product.  Sounds a lot like no.  What is the benefit of virtualizing this application if it can't use the the most critical features of the hypervisor?

Customers Also Viewed These Support Documents