You place the vRealize Log Insight node in an application virtual network for isolation. The networking design also supports public access to the vRealize Log Insight cluster. For secure access and co-localization, the vRealize Log Insight node are deployed in the shared region-specific application virtual network Mgmt-RegionA01-VXLAN.

Figure 1. Networking Design for the vRealize Log Insight Deployment


In the SDDC, vRealize Log Insight nodes reside in the virtual network that is dedicated to the local region.

Application Virtual Network Design for vRealize Log Insight

This networking design has the following features:

  • All nodes have routed access to the vSphere management network through the Consolidated NSX universal distributed logical router (UDLR) for the home region.

  • Routing to the vSphere management network and the external network is dynamic, and is based on the Border Gateway Protocol (BGP).

For more information about the networking configuration of the application isolated networks for vRealize Log Insight, see Application Virtual Network for Consolidated SDDC and Virtual Network Design Example for Consolidated SDDC.

Table 1. Networking for vRealize Log Insight Design Decision

Decision ID

Design Decision

Design Justification

Design Implication

CSDDC-OPS-LOG-003

Deploy vRealize Log Insight on the region-specific application virtual network.

  • Ensures log collection that is co-located to the region-local SDDC applications using the region-specific application virtual networks.

  • Provides a consistent deployment model for management applications.

You must use NSX to support this network configuration.

IP Subnets for vRealize Log Insight

You can allocate the following example subnets to the vRealize Log Insight deployment.

Table 2. IP Subnets in the Application Isolated Networks of vRealize Log Insight

vRealize Log Insight Cluster

IP Subnet

Cluster in consolidated pod

192.168.31.0/24

DNS Names for vRealize Log Insight

vRealize Log Insight node name resolution, including the load balancer virtual IP addresses (VIPs), uses a region-specific suffix sfo01.rainpole.local for its location.

Table 3. DNS Names of the vRealize Log Insight Nodes

DNS Name

Role

sfo01vrli01.sfo01.rainpole.local

Log Insight ILB VIP

sfo01vrli01a.sfo01.rainpole.local

Master node

sfo01vrli01x.sfo01.rainpole.local

Additional worker nodes (not deployed)

Table 4. Design Decisions about DNS Names for vRealize Log Insight

Decision ID

Design Decision

Design Justification

Design Implication

CSDDC-OPS-LOG-004

Configure forward and reverse DNS records for all vRealize Log Insight nodes and VIPs deployed.

All nodes are accessible by using fully-qualified domain names instead of by using IP addresses only.

You must manually provide a DNS record for the initial master node and VIP address.