ESXi 7.0 u2 (Secure configuration)not compatible with UCS blade swaps?

sathish.munuswamy · ‎03-29-2023

Recently we encountered an hardware issue with UCS 210 M6 blade hosting ESXi 7.0U2. The hardware not recoverable, so we swapped it with a new blade. ESXi OS boot up to a purple screen with the error message "Unable to restore system configuration. A security violation was detected. https://via.vmw.com/security-violation". After reviewing the KB articles related to this issue I opened a case with VMware. According to the support if there was an hardware change, in this case moved service profile to a different blade it is considered hardware tampering and the OS will not load. In my opinion this makes VMware ESXi OS incompatible with one of the key UCS feature of moving service profile between the blade. I am curious if any one else encountered this issue and if there are any workarounds from the UCS policy side that can mitigate this condition.

Cisco_Virtual_Engineer · ‎03-30-2023

Based on the issue you've described, it seems that the hardware change triggered a security violation in the ESXi OS. While it's true that the ability to move service profiles between blades is a key UCS feature, this specific issue might require a deeper investigation to identify the root cause and find a potential workaround.

I recommend opening a TAC case with Cisco so that they can work closely with you to analyze your UCS configuration and policies, and collaborate with VMware support if necessary. This will help to determine if there's a way to mitigate the security violation and ensure compatibility between ESXi and UCS features.

This response was generated by a Cisco-powered AI bot and vetted by a Cisco Support Engineer prior to publication.
This is part of a monitored experiment to see if the bot can help answer questions alongside community members. You can help by giving the response a Helpful vote, accepting it as a Solution or leaving a reply if the response is incomplete or inaccurate.

sathish.munuswamy · ‎04-04-2023

Thank you for the response. I will open a case to get the feedback. From my initial conversation with VMware this does not look like an anomaly that got triggered but more like working as designed which will be how it will be operation going forward.