Technical Tip: Reducing VM storage size / Removing a disk from LVM

tpreethamsingh · ‎01-13-2023

Description

This article describes how to release some over-provisioned storage space in cases where the initial storage estimate was incorrect.

It is difficult to predict exactly how much storage space would be required for FortiAnalyzer VM or FortiManager VM. This is especially true during initial deployments where no previous records for log rate or object database size are available yet. It is therefore possible that too much space is assigned initially to the VM, but the space is not being actually utilized.

'WARNING: All data currently stored on the FortiAnalyzer/FortiManager VM will be lost during this operation.'

Scope

FortiAnalyzer / FortiManager VM.

Solution

To reduce the size, the virtual disk must be removed from the VM and then recreated with a smaller size.

If multiple virtual disks are used in the VM configuration, it is possible to remove one or more of themto reduce the total storage size.

WARNING: In both cases, deleting a disk from the logical volume will cause the LVM to stop.
Restarting the LVM after that will format the logical volume, resulting in complete data loss.

If the data currently present on the disk is important, make sure to back it up beforehand:

How to Backup and Restore FortiAnalyzer Settings and Logs.

Check the current LVM status. In the example below, the VM has two virtual disks in the logical volume:

execute lvm info

LVM Status: OK

LVM Size: 1000GB

File System: ext4 975GB

Disk1: Used 500GB

Disk2: Used 500GB

Disk3: Unavailable 0GB

…

On the hypervisor side, the disks from the above example look like this (note the different numbers:(

The first virtual disk under the machine settings ('Hard disk 1' in this VMware example) is always the OS disk. It is not part of the logical volume, which is why the disk identifiers do not match.

Hard disks 2 and 3 correspond to Disk1 and Disk2 from the LVM output.

To delete one of the multiple virtual disks:

Shut down the VM:

execute shutdown

Delete the extra disk (for example 'Hard disk 3').

Start the VM. During boot up, the LVM will be stopped, and the virtual console will print:

‘/var’ is not mounted.

The LVM status should now look like this:

execute lvm info

LVM Status: Not Started

LVM Size: 0GB

File System: 0GB

Disk1: Unused 500GB

Disk2: Unavailable 0GB

Disk3: Unavailable 0GB

…

Start the LVM again and confirm with 'y' when prompted (the command is available until version 7.0.4). See the FortiManager CLI reference.

exec lvm start
This operation will start managing disks using LVM.
All the data on the log disk will be ERASED!
Please backup your data before starting LVM.
The unit will REBOOT.
Do you want to continue? (y/n) y

Once the VM boots up, the logical volume will be formatted automatically. Check the LVM status again to verify:

execute lvm info

LVM Status: OK

LVM Size: 500GB

File System: 488GB

Disk1: Used 500GB

Disk2: Unavailable 0GB

Disk3: Unavailable 0GB

…

The process for reducing a single disk size is similar except for the fact that a new disk should be added after deleting the virtual disk and before starting the VM:

Shut down the VM (execute shutdown).
Delete the disk (in this case, 'Hard disk 2').
Add a new disk and set the required size (minimum 500GB is required for FortiAnalyzer, or 100GB for FortiManager).
Start the virtual machine.
Start the LVM again (exec lvm start).
Once the VM boots up, verify the status (exec lvm info).

Troubleshooting:

In problems are encountered after following the steps above (for example, LVM does not start or the new disk is missing from the LVM list), follow these steps:

Try to reboot the VM again (execute reboot).
Try a file system check (diagnose system fsck harddisk).
Try to format the disk (execute format disk).
If the issue persists, re-deploy the VM from scratch.

Related articles: