Solved

VM memory dump creation procedure for Acropolis (VM)

  • 13 August 2020
  • 6 replies
  • 1034 views

Badge

Hello
I am interested in the possibility to get a VM memory dump for further analysis (list of processes, sockets, other artifacts). How to do it if using the KVM hypervisor (Acropolis).

I need to create a dump on a running VM for analysis. A detailed description of the procedure is required. If I understand correctly, all VMs in Nutanix are kept in the form of files, which files are VM dump files? Оr does Nutanix have a special procedure for creating and downloading a complete dummy file(s) of a virtual machine?
OS doesn't matter, it can be anything.

Please tell me the information to understand this issue.

icon

Best answer by Sergei Ivanov 13 August 2020, 15:32

In AHV another concept is used for storing data and it doesn’t store it in files like ESXi does. 

To create a memory dump you will need to force a VM to crash. There is no such feature to suspend a VM, so you will need to crash it and then reboot it. For Windows VM that can be done by doing an NMI dump (VM will go to blue screen, then write a dump, then will reboot) and on Linux by running the “send-key” command. In both situations VM will be crashed and the memory dump will be generated. The dumps will then be available in the guest VM. Both procedures are described in details in the KBs that i linked above.

View original

This topic has been closed for comments

6 replies

Userlevel 3
Badge +4

Perhaps, these articles can be useful:

For Windows VMs: https://portal.nutanix.com/page/documents/kbs/details?targetId=kA03200000099a4CAA

For Linux VMs: https://portal.nutanix.com/page/documents/kbs/details?targetId=kA00e000000CwC9CAK

Badge

Yes, I have found similar procedures. Thanks you.
Did I understand correctly that the procedure for creating a memory dump will work for a VM that works in normal mode and does not hang?

In the internet i met information, that to save dump of a VM in the VMware, I can suspend work of the VM and then download direct file *.vmss

.vmss

<vmname>.vmss

This is the suspended state file, which stores the state of a suspended virtual machine


Maybe in the AHV there is feature like as in the VMware, pause a VM and and download ram dump file?
 

and maybe can you give me the information how can i open the folder with all files of a VM and download them?
Thank you.

Userlevel 3
Badge +4

In AHV another concept is used for storing data and it doesn’t store it in files like ESXi does. 

To create a memory dump you will need to force a VM to crash. There is no such feature to suspend a VM, so you will need to crash it and then reboot it. For Windows VM that can be done by doing an NMI dump (VM will go to blue screen, then write a dump, then will reboot) and on Linux by running the “send-key” command. In both situations VM will be crashed and the memory dump will be generated. The dumps will then be available in the guest VM. Both procedures are described in details in the KBs that i linked above.

Badge

I think I figured it out. Thanks for the help.
I will give this information to the customer, I hope this information and he will close the question.

Badge

Sergei,

I tried to make a dump-file for the VM Windows, the file was created. All is work.

But, Maybe there is a not standard procedure to create a dump file of VM memory from ACLI and from ACLI download dump file without going to the VM?
Or is there no such possibility at all? :)

 

Userlevel 3
Badge +4

As far as i know, there is no such possibility in AHV now. The dump files can only be acquired from inside the VMs.