Last Modified: Jun 20, 2019
See more info
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 11.6.4, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 13.1.0, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 13.1.1, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206
Opened: Aug 18, 2015
The block-device-image and block-device-hotfix components allow a vCMP guest to view and install TMOS images located on the vCMP host, if permitted by the host. When the redirect-http-to-https setting is enabled on a vCMP guest, the set of host-provided images visible to the guest may be inconsistent with what is actually present on the host. If a guest tries to install an image that is present in its block-device-image or block-device-hotfix lists, but not present on the host, the installation will fail. Similarly, if a guest tries to install an image that is not present in its block-device-image or block-device-hotfix lists, but present on the host, the installation will fail.
The vCMP guest may not be able to list or install one or more block-device-images or block-device-hotfixes provided by the vCMP host. The guest will still be able to install images and hotfixes on its own filesystem.
The issue occurs when the redirect-http-to-https setting is enabled on the vCMP guest. This setting can be viewed with "tmsh list sys httpd redirect-http-to-https". It is disabled by default.
The issue can be worked around by disabling the redirect-http-to-https setting with "tmsh modify sys httpd redirect-http-to-https disabled". Shortly after disabling this setting, the set of block-device-images and block-device-hotfixes visible to the guest will synchronize with what is present on the host.
Enabling the redirect-http-to-https setting on a vCMP guest no longer causes the block-device-images and block-device-hotfixes visible to the guest become inconsistent with what is present on the vCMP host.