Monday, 27 June 2016

Securing Virtual machine: Limit Informational Messages from Virtual Machines to VMX Files

Limiting the informational messages from the virtual machine to the VMX file helps to avoid filling the datastore and causing a Denial of Service (DoS).

A Denial of Service can occur when size of a virtual machine's VMX file is not controlled and the amount of information exceeds the datastore capacity.

The configuration file (.vmx) containing the informational name-value pairs is limited to 1MB by default.

The default limit of 1 MB is in place even if you do not see tools.setInfo.sizeLimit parameter in the advanced options.



In most cases, this capacity is sufficient, however, you may have to increase the limit as and when required like large amounts of custom information are being stored in the configuration file. 


Procedure in web client:
  1. Find the virtual machine in the vSphere Web Client inventory.
  2. Select a data center, folder, cluster, resource pool, or host.
  3. Click the Related Objects tab and click Virtual Machines.
  4. Right-click the virtual machine and click Edit Settings.
  5. Select VM Options tab.
  6. Click Advanced and click Edit Configuration.
  7. Add or edit the tools.setInfo.sizeLimit parameter.
Do check other article in this series Securing Virtual Machines: Unnecessary Hardware Devices

No comments:

Post a Comment

Popular Posts This Week