Add a Virtual Disk to Panorama on AWS
Add a virtual logging disk to Panorama™ in Panorama or
Log Collector mode on Amazon Web Services (AWS) and AWS GovCloud.
After you Install
Panorama on AWS or Install Panorama on AWS GovCloud, add virtual
logging disks to the Panorama™ virtual appliance instance to provide
storage for logs generated by managed firewalls. You can add virtual
disks to a local log Collector for a Panorama virtual appliance
in Panorama mode or for a Dedicated Log Collector. To add virtual
disks, you must have access to the Amazon Web Service Console, the
Panorama command-line interface (CLI), and the Panorama web interface.
The
Panorama virtual appliance on AWS supports only 2TB logging disks
and, in total, supports up to 24TB of log storage. You cannot add
a logging disk smaller than 2TB or a logging disk of a size that
is not evenly divisible by 2TB because the Panorama virtual appliance
partitions logging disks in to 2TB partitions. For example, if you
attach a 4TB logging disk, Panorama will create two 2TB partitions.
However, you cannot add a 5TB logging disk because the leftover
1TB is not supported as a partition.
- Log in to AWS Web Service console and select the EC2 Dashboard.
- Add a virtual logging disk to Panorama.In all modes, the first logging disk on the Panorama VM must be at least 2TB in order to add additional disks. If the first logging disk is smaller than 2TB, you will be unable to add additional disk space.
- On the EC2 Dashboard, selectVolumesandCreate Volume:
- Select your preferred Volume Type. For general purpose use, selectGeneral Purpose SSD (GP2).
- Configure theSizeof the volume as 2048 GiB.
- Select the same Availability Zone that your Panorama virtual appliance instance is located in.
- (Optional) Encrypt the volume.
- (Optional) Add tags to your volume.
- ClickCreate Volume.
- In the Volumes page, select the volume you, select .
- Attach the Panorama virtual appliance Instance.
- Configure each disk.The following example uses the sdc virtual disk.
- Enter the following command to view the disks on the Panorama virtual appliance:show system disk detailsThe user will see the following response:Name : sdb State : Present Size : 2048000 MB Status : Available Reason : Admin enabled Name : sdc State : Present Size : 2048000 MB Status : Available Reason : Admin disabled
- Enter the following command and confirm the request when prompted for all disks with theReason : Admin disabledresponse:request system disk add sdcTherequest system disk addcommand is not available on a Panorama management server in Management Only mode because logging is not supported in this mode. If you do not see the command, Set up a Panorama Virtual Appliance in Panorama Mode to enable the logging disks. Once in Panorama mode, Log in to the Panorama CLI and continue to Step 4 to verify the disk addition.
- Enter theshow system disk detailscommand to verify the status of the disk addition. Continue to the next step when all newly added disk responses displayReason : Admin enabled.
- Make disks available for logging.
- Log in to the Panorama web interface.
- Edit a Log Collector ().
- SelectDisksandAddeach newly added disk.
- ClickOK.
- Select .For Panorama in an Active/Passive high availability (HA) configuration, wait for HA sync to complete before continuing.
- Select and push the changes to the Collector Group the Log Collector belongs to.
- (New Panorama deployments in Panorama mode only) Configure Panorama to receive logs.If you are adding logging disks to an existing Panorama virtual appliance, skip to step 6.
- Verify that the Panorama Log Storage capacity is increased.
- Log in to the Panorama web interface.
- Select the Collector Group to which the Panorama virtual appliance belongs ().
- Verify that theLog Storagecapacity accurately displays the disk capacity.
