Security

My Clearpass VM-500 is showing a memory error in the Event Viewer:
System is running with low memory. Available memory = 28%

But VMWare shows that the VM has 4GB available, and only 700MB currently in use.

Do I need to configure something in CPPM?

Thanks,

Tony

I would open a TAC case.

Hey Tony,

I have the same problem.

Have you found a solution?

Thanks in advance.

Best regards,

Marcel

#1 Make sure all your VMs are at the recomended resources.

http://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=15305

CP-VA-500

l 2 Virtual CPUs
l 500 GB disk space
l 4 GB RAM
l 2 Gigabit virtual switched ports
l Functional IOP rating for a 40-60 read/write profile for 4k random read/write = 75

CP-VA-5K

l 8 Virtual CPUs
l 500 GB disk space
l 8 GB RAM
l 2 Gigabit virtual switched portsl Functional IOP rating for a 40-60 read/write profile for 4k random read/write = 105

CP-VA-25K

l 24 Virtual CPUs
l 1024 GB disk space
l 64 GB RAM
l 2 Gigabit virtual switched ports
l Functional IOP rating for a 40-60 read/write profile for 4k random read/write = 350

#2 (Theses are just suggestions if you are having issues and what I personaly recomend)

• If they are running Vmware 5.1 have them install an SSD in each ESX host and have the VM's swap file located there. CPPM does lots of memory swapping and in vmware the swap file is normally stored with the VM, which is normally on the SAN. This causes a lot of SAN IO that people normally can't account for. By storing the Swap on SSD on the host, all of that is taken off of the SAN and the system performs much better, since SSD will be faster than the SAN. It doesn't have to be enterprise grade, I have run OCZ vertex 240GB and they work fine. Just note they will probably need to be refreshed every 3-4 years.
• More RAM the better
  • Also remember, vmware will create a swap file equal to memory allocated another reason for local SSD.
• If they are running iSCSI make sure the cards support iSCSI acceleration or TCP offloading. If not then they need to run Jumbo frames.
• DO NOT USE SOFTWARE iSCSI INITIATORS! ONLY USE HARDWARE! The difference in latency, reliability, and throughput is immense.

SAN:

• Use nothing but 15k disks. 7.2k is not recommended.
• SSD's have not yet been tested and so are currently not recommended.
• I would suggest a dedicated LUN and a dedicated stripe of disks for CPPM instead of using a storage pool where VM's share the same storage.
• NO THIN PROVISIONING!
• De-duplication is ok as long as the De-dupe job doesn't happen during production hours and does not inter fear with CPPM's nightly maintenance.
• The SAN should be able to sustain about 3500 iops sustained per CPPM server. This is what I was experiencing with Liberty while they had 'issues'.

• Use NFS instead of FC or iSCSI to eliminate the VMFS storage layer. It has been found file level storage to be more responsive then block level.
• Don't use and IO gateways unless they are high end ones. There are some pretty bad FC > iSCSI implementations.

Hey tarnold,

thank you for that detailed answer!

I had found a solution in another Thread and I would like to share that.

Clearpass: System is running with low memory.

Best regards,

Marcel