In each VMware Cloud Foundation instance, for isolation and collocation with logging sources, the VMware Aria Operations for Logs cluster nodes are connected to the corresponding local-instance NSX segment.

Network Segments

The network segments design consists of characteristics and decisions for placement of VMware Aria Operations for Logs in the management domain.

For collection of logs locally, the VMware Aria Operations for Logs nodes are connected to the local-instance NSX segment in the corresponding VMware Cloud Foundation instance. This configuration ensures collection of logs locally per VMware Cloud Foundation instance if there is a cross-instance network outage.

This validated solution uses an implementation of the VMware Cloud Foundation application virtual networks feature in the management domain provided by NSX. The application virtual networks in the management domain can be either overlay-backed NSX segments or VLAN-backed NSX segments.
Table 1. NSX Segment Types

Type

Description

Overlay-backed NSX segment

The routing to the VLAN-backed management network segment and other networks is dynamic and based on the Border Gateway Protocol (BGP).

Routed access to the VLAN-backed management network segment is provided through an NSX Tier-1 and Tier-0 gateway.

Recommended option to provide scale out to a multi instance design supporting disaster recovery.

VLAN-backed NSX segment

You must provide two unique VLANs, network subnets, and vSphere distributed port group names.
Figure 1. Network Design of the VMware Aria Operations for Logs Deployment on Overlay-backed NSX Segments
The VMware Aria Operations for Logs cluster nodes are connected to the corresponding local-instance NSX segments. Each local-instance NSX segment is connected to the management network in the corresponding VMware Cloud Foundation instances through the cross-instance NSX Tier-0 gateway and the local-instance Tier-1 gateway.
Table 2. Design Decision on Network Segments for VMware Aria Operations for Logs

Decision ID

Design Decision

Design Justification

Design Implication

ILA-VAOL-NET-001

Place the VMware Aria Operations for Logs cluster nodes on the local-instance NSX network segment.

Provides a consistent deployment model for management applications.

You must use an implementation in NSX to support this networking configuration.

IP Addressing

Allocate statically assigned IP addresses and host names to the VMware Aria Operations for Logs nodes from their corresponding networks.
Table 3. Design Decisions on the IP Addressing for VMware Aria Operations for Logs

Decision ID

Design Decision

Design Justification

Design Implication

ILA-VAOL-NET-002

Allocate statically assigned IP addresses from the local-instance NSX segment to the VMware Aria Operations for Logs cluster nodes and the integrated load balancer (ILB).

Ensures stability across the SDDC and makes it simpler to maintain and easier to track.

Requires precise IP address management.

IP Addressing for Multiple VMware Cloud Foundation Instances

In an environment with multiple VMware Cloud Foundation instances, the VMware Aria Operations for Logs cluster nodes in each instance are assigned IP addresses associated with their corresponding network.
Table 4. Design Decisions on the IP Addressing for VMware Aria Operations for Logs for Multiple VMware Cloud Foundation Instances

Decision ID

Design Decision

Design Justification

Design Implication

ILA-VAOL-NET-003

In an environment with multiple VMware Cloud Foundation instances, allocate statically assigned IP addresses from each local-instance NSX segment to the VMware Aria Operations for Logs cluster nodes in the instance.

Ensures stability across the SDDC and makes it simpler to maintain and easier to track.

Requires precise IP address management.

Name Resolution

Name resolution provides the translation between an IP address and a fully qualified domain name (FQDN), which makes it easier to remember and connect to components across the VMware Cloud Foundation instance. The IP address of each VMware Aria Operations for Logs cluster node, including the integrated load balancer VIP, must have a valid internal DNS forward (A) and reverse (PTR) record.
Table 5. Design Decisions on Name Resolution for VMware Aria Operations for Logs

Decision ID

Design Decision

Design Justification

Design Implication

ILA-VAOL-NET-004

Configure forward and reverse DNS records for all VMware Aria Operations for Logs cluster nodes and the integrated load balancer (ILB) VIP address.

All nodes are accessible by using fully qualified domain names instead of by using IP addresses only.

You must provide DNS records for the VMware Aria Operations for Logs nodes.

Load Balancing

A VMware Aria Operations for Logs cluster deployment requires a load balancer to manage connections to VMware Aria Operations for Logs.
Table 6. Design Decision on Load Balancing for VMware Aria Operations for Logst

Decision ID

Design Decision

Design Justification

Design Implication

ILA-VAOL-NET-005

Enable the VMware Aria Operations for Logs integrated load balancer (ILB) for balancing incoming traffic.

Supports balancing ingestion traffic among the VMware Aria Operations for Logs nodes and high availability.

You must provide an extra IP address and FQDN for the integrated load balancer (ILB).

Time Synchronization

Time synchronization provided by the Network Time Protocol (NTP) ensures that all components within the SDDC are synchronized to the same time source. This section of the design consists of characteristics and decisions that support the time configuration for VMware Aria Operations for Logs nodes.
Table 7. Design Decision on Time Synchronization for VMware Aria Operations for Logs

Decision ID

Design Decision

Design Justification

Design Implication

ILA-VAOL-NET-006

Configure NTP on each VMware Aria Operations for Logs cluster node.

VMware Aria Operations for Logs depends on time synchronization.

None.