Overcommitted resources within ESXi may result in high memory usage or high CPU usage status within ATP UI
search cancel

Overcommitted resources within ESXi may result in high memory usage or high CPU usage status within ATP UI

book

Article ID: 170683

calendar_today

Updated On:

Products

Endpoint Detection and Response Advanced Threat Protection Platform

Issue/Introduction

Overcommitted resources within ESXi may result in high memory usage or high CPU usage status within the user interface (UI) of Advanced Threat Protection (ATP) Virtual Edition (VE) or may cause the UI to never prompt for a login.

  • At the UI of the ATP Management Server, the System Health status for the ATP VE device may reflect high CPU or high memory usage.
  • Within messages log, you may see messages such as “kernel: BUG: soft lockup - CPU#0 stuck for 23s!” or "Memory Usage is Very High, Take Some Action".
  • The system may appear to idle for long periods and you may receive high memory usage messages in the log files.
  • The web interface may perpetually say that services are still loading and never allow a login

Cause

When running ATP in a virtual environment, errors can occur if your physical resources are over-committed.

Resolution

Make certain system memory and other resources are reserved in your virtual environment for the virtual machine running your ATP appliances. See the Symantec Advanced Threat Protection Installation Guide for a complete list of system requirements and see your VMware documentation for more information about reserving system resources.

 

To reserve the resources for the ATP VM only for that VM:

  1. Within the vSphere Client, navigate to the VM
  2. Right-click the VM and choose Edit Settings
  3. On the settings screen, click the Resources tab
  4. In the Memory section, confirm that Reservation is set to 48192 MB or that 'Reserve all guest memory (All locked)' is checked
  5. In CPU, make sure that at least 12000 Mhz (12 Ghz) is reserved for this VM

 

ESXi 6 and later using the ESXi web interface:

  1. Log in to the ESXi web interface
  2. Click on Virtual Machines on the left panel
  3. Right-click on the ATP VM and choose Edit Settings
  4. Under CPU, choose 12000 as the reservation
  5. Under Memory check the box 'Reserve all guest memory (All locked)'

Before adding memory, check with the adminstrator of the host where ATP VE resides to ensure that the needed memory is available both within the host where ATP VE resides and within the resource pool where ATP VE resides.

Powered by Wolken Software