Guest

Preview Tool

Cisco Bug: CSCvv74951 - Disable memory cgroups when running the system upgrade scripts

Last Modified

Oct 06, 2020

Products (1)

  • Sourcefire Defense Center

Known Affected Releases

6.6.0.1

Description (partial)

Symptom:
FMC and FTD system upgrade may fail due to Out Of Memory events since system update management operations will consume large amounts of memory and experience premature OOM events that terminate the upgrade patch installation event. The normal memory consumption checks that are valid on a system that is in normal operational mode are not valid for a system that is in a system upgrade maintenance mode.

Conditions:
Upgrade script fails and the main_upgrade_script.log shows a Fatal error, for example:
Fatal error: Error running script 000_start/000_check_update.sh
[] Exiting.

Failed script log exits with error code 137, for example:
Exit return value = 137

System logs (/var/log/messages) show processes killed due to memory exhaustion similar to the following example:
Memory cgroup out of memory: Kill process 11340 (syslog-ng) score 0 or sacrifice child
Killed process 11340 (syslog-ng) total-vm:12156kB, anon-rss:632kB, file-rss:0kB
ndclientd invoked oom-killer: gfp_mask=0xd0, order=0, oom_score_adj=-600
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.