Expand the Director Storage

As you use Mandiant Security Validation (MSV), you may come to a point where the default storage space for the Director is not enough and you need to expand it. The overall process is similar for all versions of the Director but is impacted by the form factor and where the Director is installed. There are differences between the underlying operating systems (CentOS 7 or Rocky Linux 8) for a virtual appliance, as well.

4.14.0.0 and later (Rocky Linux 8)

Default Director requirements

The following requirements must be met for the Security Validation Director to function properly. These requirements are the same for virtual appliance and installable software Directors:

4.14.0.0 and later

Specification Director Minimum Requirement

Processor

64-bit x86 CPU with at least 4 cores

Memory

16 GB

Disk Storage

Virtual Appliance: 500 GB of free disk space for Director files and database storage

Installer: 160 GB  of free disk space for Director files and database storage

Network Interfaces

A static, routable IP address

Symlinking the Install Directory is not supported, so it is important that you dedicate enough memory to the Validation Platform.

These requirements are form-factor specific and are only required when there are separate partitions:

Specification Form Factor Director Minimum Requirement
/opt Installable software a minimum of 80 GB
/var/lib/pgsql Installable software a minimum of 80 GB

Change the Director's storage - local

For most Directors, you can use the same procedure, whether the Director was installed from an appliance or from the installable software.

The process involves three steps:

  1. Expand the disk on the virtual infrastructure.
  2. Create a new partition.
  3. Increase logical volume.
  • This process is completed from the command line using an account that has root access.
  • This process is only possible if you are on a virtual infrastructure that allows for expansion of the disk and use a Logical Volume Manager (LVM) storage setup.

Expand the disk on the virtual infrastructure

This step varies based on where you installed your Director (VMware ESXi, Oracle VirtualBox, HyperV, Azure, AWS). For instructions, see the product's documentation. For example, if you used our AMI Director, you would follow these steps: Change the Director's Storage - AMI.

Create a new partition

  1. Connect to the Director through SSH.
  2. Run the following command to start the partition creation process: 
    fdisk /dev/vda

    Example output: 

    [root@director ~]# fdisk /dev/vda

Welcome to fdisk (util-linux 2.32.1).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
  3. Use the following options (in the given order) to configure the partition:
    step Key you press Explanation
    1. n New partition
    2. p New primary
    3. 3 Third primary partition
    4. Enter Default value for first sector
    5. Enter Default value for last sector
    6. t Set type
    7. 3 Select partition 3
    8. 8e Select partition type of Linux LVM
    9. w Write the partition table

    Example output:

    Command (m for help): n
Partition type
   p   primary (2 primary, 0 extended, 2 free)
   e   extended (container for logical partitions)
Select (default p): p
Partition number (3,4, default 3): 3
First sector (737280000-946995199, default 737280000): 
Last sector, +sectors or +size{K,M,G,T,P} (737280000-946995199, default 946995199): 

Created a new partition 3 of type 'Linux' and of size 100 GiB.

Command (m for help): t
Partition number (1-3, default 3): 3
Hex code (type L to list all codes): 8e

Changed type of partition 'Linux' to 'Linux LVM'.

Command (m for help): w
The partition table has been altered.
Syncing disks.
  4. Verify the partition was created:
    fdisk -l

    Example output:

    [root@director ~]# fdisk -l
Disk /dev/vda: 451.6 GiB, 484861542400 bytes, 946995200 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xd6c5f823

Device     Boot     Start       End   Sectors   Size Id Type
/dev/vda1  *         2048   2099199   2097152     1G 83 Linux
/dev/vda2         2099200 737279999 735180800 350.6G 8e Linux LVM
/dev/vda3       737280000 946995199 209715200   100G 8e Linux LVM


Disk /dev/mapper/VolGroup0-root: 10 GiB, 10737418240 bytes, 20971520 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/VolGroup0-swap: 8 GiB, 8589934592 bytes, 16777216 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/VolGroup0-opt: 182.6 GiB, 196020797440 bytes, 382853120 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/VolGroup0-home: 5 GiB, 5368709120 bytes, 10485760 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/VolGroup0-vartmp: 1 GiB, 1073741824 bytes, 2097152 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/VolGroup0-var: 80 GiB, 85899345920 bytes, 167772160 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/VolGroup0-tmp: 50 GiB, 53687091200 bytes, 104857600 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/VolGroup0-audit: 10 GiB, 10737418240 bytes, 20971520 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes


Disk /dev/mapper/VolGroup0-varlog: 4 GiB, 4294967296 bytes, 8388608 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
  5. Rescan the volume:
    partprobe -s

    Example output:

    [root@director ~]# partprobe -s
/dev/vda: msdos partitions 1 2 3

Increase the logical volume

  1. Create the physical volume 
    pvcreate /dev/vda3

    Example output:

    [root@director ~]# pvcreate /dev/vda3
  Physical volume "/dev/vda3" successfully created.
  2. Get the name of the volume group you are expanding: 
    vgdisplay

    When working with a virtual appliance Director on Rocky Linux 8, this value is VolGroup0.

    [root@director ~]# vgdisplay
  --- Volume group ---
  VG Name               VolGroup0
  System ID             
  Format                lvm2
  Metadata Areas        1
  Metadata Sequence No  10
  VG Access             read/write
  VG Status             resizable
  MAX LV                0
  Cur LV                9
  Open LV               9
  Max PV                0
  Cur PV                1
  Act PV                1
  VG Size               < 350.56 GiB
  PE Size               4.00 MiB
  Total PE              89743
  Alloc PE / Size       89743 / < 350.56 GiB
  Free  PE / Size       0 / 0   
  VG UUID               rOqPYv-jjDW-lKwI-OoEf-k3lg-VTGT-49cpxA
  3. Extend the physical volume group: 
    vgextend VolGroup0 /dev/vda3

    Example output:

    [root@director ~]# vgextend VolGroup0 /dev/vda3
  Volume group "VolGroup0" successfully extended
  4. Scan the new disk: 
    pvscan

    Example output:

      PV /dev/vda2   VG VolGroup0       lvm2 [< 350.56 GiB / 0    free]
  PV /dev/vda3   VG VolGroup0       lvm2 [< 100.00 GiB / < 100.00 GiB free]
  Total: 2 [450.55 GiB] / in use: 2 [450.55 GiB] / in no VG: 0 [0   ]
  5. Get the path of the logical volume: 
    lvdisplay
    For a virtual appliance Director on Rocky Linux 8, this value is /dev/VolGroup0/root.
    If expanding /var or /opt depending on needs, replace references to root with var or opt in the remaining commands, such as /dev/VolGroup0/var.

    Example output:

    [root@director ~]# lvdisplay

…….SEVERAL LOGICAL VOLUMES THAT CAN BE IGNORED……

     --- Logical volume ---
  LV Path                /dev/VolGroup0/root
  LV Name                root
  VG Name                VolGroup0
  LV UUID                8mEqh1-cIJl-URC7-ZyU8-ZQhz-358N-xtuNoz
  LV Write Access        read/write
  LV Creation host, time localhost.localdomain, 2024-05-15 14:18:10 +0000
  LV Status              available
  # open                 1
  LV Size                10.00 GiB
  Current LE             2560
  Segments               1
  Allocation             inherit
  Read ahead sectors     auto
  - currently set to     256
  Block device           253:0
  6. Extend the logical volume: 
    lvextend /dev/VolGroup0/root /dev/vda3

    Example output: 

    [root@director ~]# lvextend /dev/VolGroup0/root /dev/vda3
  Size of logical volume VolGroup0/root changed from 10.00 GiB (2560 extents) to < 110.00 GiB (28159 extents).
  Logical volume VolGroup0/root successfully resized.
  7. Expand the disk size: 
    xfs_growfs /dev/VolGroup0/root

    Example output:

    [root@director ~]# xfs_growfs /dev/VolGroup0/root
meta-data=/dev/mapper/VolGroup0-root isize=512    agcount=4, agsize=655360 blks
         =                       sectsz=512   attr=2, projid32bit=1
         =                       crc=1        finobt=1, sparse=1, rmapbt=0
         =                       reflink=1    bigtime=0 inobtcount=0
data     =                       bsize=4096   blocks=2621440, imaxpct=25
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0, ftype=1
log      =internal log           bsize=4096   blocks=2560, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=1
realtime =none                   extsz=4096   blocks=0, rtextents=0
data blocks changed from 2621440 to 28834816
  8. Verify the disk is expanded:
    df -h

    Before expansion: 

    [root@director nodeone]# df -h
Filesystem                    Size  Used Avail Use% Mounted on
devtmpfs                      3.8G     0  3.8G   0% /dev
tmpfs                         3.8G  296K  3.8G   1% /dev/shm
tmpfs                         3.8G  8.9M  3.8G   1% /run
tmpfs                         3.8G     0  3.8G   0% /sys/fs/cgroup
/dev/mapper/VolGroup0-root     10G  5.5G  4.6G  55% /
/dev/sda1                    1014M  277M  738M  28% /boot
/dev/mapper/VolGroup0-var      80G  1.6G   79G   2% /var
/dev/mapper/VolGroup0-home    5.0G  2.7G  2.4G  53% /home
/dev/mapper/VolGroup0-vartmp 1014M   40M  975M   4% /var/tmp
/dev/mapper/VolGroup0-opt     183G   17G  166G  10% /opt
/dev/mapper/VolGroup0-varlog  4.0G  227M  3.8G   6% /var/log
/dev/mapper/VolGroup0-audit    10G  109M  9.9G   2% /var/log/audit
/dev/mapper/VolGroup0-tmp      50G  390M   50G   1% /tmp
shm                            63M   64K   63M   1% /usr/lib/msi/containers/overlay-containers/75c47f103d920230a218ffb327cfe5d339322bff5ecee5f4f824419e983faebf/userdata/shm
overlay                        10G  5.5G  4.6G  55% /usr/lib/msi/containers/overlay/5bf832397b4d01ed643d5615c487b00ec85d6f7605b52fdf95a171b71f048625/merged
tmpfs                         769M     0  769M   0% /run/user/1000

    After expansion: 

    [root@director nodeone]# df -h
Filesystem                    Size  Used Avail Use% Mounted on
devtmpfs                      3.8G     0  3.8G   0% /dev
tmpfs                         3.8G  296K  3.8G   1% /dev/shm
tmpfs                         3.8G  8.9M  3.8G   1% /run
tmpfs                         3.8G     0  3.8G   0% /sys/fs/cgroup
/dev/mapper/VolGroup0-root     10G  5.5G  4.6G  55% /
/dev/sda1                    1014M  277M  738M  28% /boot
/dev/mapper/VolGroup0-var      80G  1.6G   79G   2% /var
/dev/mapper/VolGroup0-home    5.0G  2.7G  2.4G  53% /home
/dev/mapper/VolGroup0-vartmp 1014M   40M  975M   4% /var/tmp
/dev/mapper/VolGroup0-opt     331G   18G  314G   6% /opt
/dev/mapper/VolGroup0-varlog  4.0G  227M  3.8G   6% /var/log
/dev/mapper/VolGroup0-audit    10G  109M  9.9G   2% /var/log/audit
/dev/mapper/VolGroup0-tmp      50G  390M   50G   1% /tmp
shm                            63M   64K   63M   1% /usr/lib/msi/containers/overlay-containers/75c47f103d920230a218ffb327cfe5d339322bff5ecee5f4f824419e983faebf/userdata/shm
overlay                        10G  5.5G  4.6G  55% /usr/lib/msi/containers/overlay/5bf832397b4d01ed643d5615c487b00ec85d6f7605b52fdf95a171b71f048625/merged
tmpfs                         769M     0  769M   0% /run/user/1000

Change the Director's storage - AMI

You must be able to SSH into your Director to complete these steps.

T2 instance

  1. Disable the Security Validation repo:

    yum-config-manager --disable verodin

  2. Install the growpart utility:

    yum install cloud-utils-growpart

  3. Enable the Security Validation repo:

    yum-config-manager --enable verodin

  4. Grow the partition /dev/mapper/centos-root is living on:

    sudo growpart /dev/xvda 2

  5. Resize the underlying physical volume:

    pvresize /dev/xvda2

  6. Resize the logical volume:

    lvextend -r /dev/mapper/centos-root /dev/xvda2

T3 instance

You can use NVMe disk to upgrade Directors installed on T3 instances.

  1. Grow the partition /dev/mapper/centos-root is living on:

    growpart /dev/nvme0n1 2

  2. Resize the underlying physical volume:

    pvresize /dev/nvme0n1p2

  3. Resize the logical volume:

    lvextend -r /dev/mapper/centos-root /dev/nvme0n1p2

  4. Grow the partition /dev/mapper/centos-root is living on:

    growpart /dev/nvme0n1 2

  5. Resize the underlying physical volume:

    pvresize /dev/nvme0n1p2

  6. Resize the logical volume:

    lvextend -r /dev/mapper/centos-root /dev/nvme0n1p2

4.13.0.0 and earlier (CentOS 7)

Default Director requirements

The following requirements must be met for the Security Validation Director to function properly. These requirements are the same for virtual appliance and installable software Directors:

4.13.0.0 and earlier*

Specification Director Minimum Requirement

Processor

64-bit x86 CPU with at least 4 cores

Memory

16GB

Disk Storage

160GB of free disk space for Director files and database storage

Network Interfaces

A static, routable IP address

Symlinking the Install Directory is not supported, so it is important that you dedicate enough memory to the Validation Platform.

* As of June 30, 2024, CentOS 7, the underlying operating system for Directors prior to 4.14.0.0, will be End of Life (EOL), therefore no longer supported as a base operating system for MSV Directors. Plan to upgrade to 4.14.0.0 or later on the Rocky Linux platform as soon as possible. See Upgrade Security Validation Components to Rocky Linux 8 for more information.

These requirements are form-factor specific and are only required when there are separate partitions:

Specification Form Factor Director Minimum Requirement
/opt installable software a minimum of 80GB
/var/lib/pgsql installable software a minimum of 80GB

Change the Director's storage - local

For most Directors, you can use the same procedure, whether the Director was installed from an appliance or from the installable software.

The process is three-fold: expand the disk on the virtual infrastructure, create a new partition, and then increase logical volume.

This process is completed from the command line using an account that has root access.

This process is only possible if you are on a virtual infrastructure that allows for expansion of the disk and use an LVM storage setup.

Resize the HD

This step varies based on where you installed your Director (VMware ESXi, Oracle VirtualBox, HyperV, Azure, AWS). For instructions, see the product's documentation. For example, if you used our AMI Director, you would follow these steps: Change the Director's Storage - AMI.

Create a new partition

  1. Run the following command to start the partition creation process:

    #fdisk /dev/sda

  2. Use the following options (in the given order) to configure the partition

    step Key you press Explanation
    1. n new partition
    2. p new primary
    3.

    3

    		 3rd primary partition
    4. Enter Default value for first sector
    5. Enter Default value for last sector
    6. t set type
    7. 3 select partition 3
    8. 8e select partition type of Linux LVM
    9. w write the partition table
    Code for creating & verifying new partition


  3. Verify the partition was created:

    fdisk -l

  4. Rescan the volume:

    partprobe -s

Increase the logical volume

  1. Create the physical volume:

    pvcreate /dev/sda3

    Code & response for creating physical volume

  2. Get the name of the volume group you are expanding:

    vgdisplay

    We expect this to be centos when working with the OVA Director:
    Code & response for capturing physical volume name

    Extend the physical volume group:

  3. vgextend centos /dev/sda3
    Code & response for extending the volume group
  4. Scan the new disk: 
    pvscan
    Code & response for scanning the disk

  5. Get the path of the logical volume:

    lvdisplay

    We expect this to be /dev/centos/root for the OVA Director:Code & response for getting the path of the logical volume

  6. Extend the logical volume:

    lvextend /dev/centos/root /dev/sda3
    Code & response for extending the logical volume

  7. Expand the disk size:

    xfs_growfs /dev/centos/root
    Code & response for expanding the disk

  8. Verify the disk is expanded:

    df -h
    Code & response for verifying disk was expanded

Change the Director's storage - AMI

You must be able to SSH into your Director to complete these steps.

T2 instance

  1. Disable the Security Validation repo:

    yum-config-manager --disable verodin

  2. Install the growpart utility:

    yum install cloud-utils-growpart

  3. Enable the Security Validation repo:

    yum-config-manager --enable verodin

  4. Grow the partition /dev/mapper/centos-root is living on:

    sudo growpart /dev/xvda 2

  5. Resize the underlying physical volume:

    pvresize /dev/xvda2

  6. Resize the logical volume:

    lvextend -r /dev/mapper/centos-root /dev/xvda2

T3 instance

You can use NVMe disk to upgrade Directors installed on T3 instances.

  1. Grow the partition /dev/mapper/centos-root is living on:

    growpart /dev/nvme0n1 2

  2. Resize the underlying physical volume:

    pvresize /dev/nvme0n1p2

  3. Resize the logical volume:

    lvextend -r /dev/mapper/centos-root /dev/nvme0n1p2

  4. Grow the partition /dev/mapper/centos-root is living on:

    growpart /dev/nvme0n1 2

  5. Resize the underlying physical volume:

    pvresize /dev/nvme0n1p2

  6. Resize the logical volume:

    lvextend -r /dev/mapper/centos-root /dev/nvme0n1p2

© Copyright Mandiant. All rights reserved
  • First Published: June 9, 2022
  • Last updated: November 26, 2025
In This Article
Related Articles
  • None
Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.