In both regions, the vRealize Log Insight instances are connected to the region-specific management VXLANs Mgmt-RegionA01-VXLAN and Mgmt-RegionB01-VXLAN for isolation and co-location with logging sources. The networking design also supports public access to the vRealize Log Insight cluster.
Figure 1. Networking Design for the vRealize Log Insight Deployment


In the SDDC, vRealize Log Insight nodes reside in the virtual network that is dedicated to the local region.

Application Network Design

This networking design has the following features:

  • All nodes have routed access to the vSphere management network through the universal distributed logical router (UDLR) for the management cluster for the home region.

  • Routing to the vSphere management network and the external network is dynamic, and is based on the Border Gateway Protocol (BGP).

For more information about the networking configuration of the application virtual networks for vRealize Log Insight, see Application Virtual Network and Virtual Network Design Example.

Table 1. Design Decision on Networking for vRealize Log Insight

Decision ID

Design Decision

Design Justification

Design Implication

SDDC-OPS-LOG-004

Deploy vRealize Log Insight on the region-specific application virtual networks.

  • Ensures centralized access to log data per region if a cross-region network outage occurs.

  • Co-locates log collection to the region-local SDDC applications using the region-specific application virtual networks.

  • Provides a consistent deployment model for management applications.

  • Interruption in the cross-region network can impact event forwarding between the vRealize Log Insight clusters and cause gaps in log data.

  • You must use NSX to support this network configuration.

IP Subnets for vRealize Log Insight

You can allocate the following example subnets to the vRealize Log Insight deployment.

Table 2. IP Subnets in the Application Isolated Networks of vRealize Log Insight

vRealize Log Insight Cluster

IP Subnet

Region A

192.168.31.0/24

Region B

192.168.32.0/24

FQDNs for vRealize Log Insight

vRealize Log Insight node name resolution, including the load balancer virtual IP addresses (VIPs), uses a region-specific suffix, such as sfo01.rainpole.local or lax01.rainpole.local. The Log Insight components in both regions have the following node names.

Table 3. FQDNs of the vRealize Log Insight Nodes

FQDN

Role

Region

sfo01vrli01.sfo01.rainpole.local

Log Insight ILB VIP

Region A

sfo01vrli01a.sfo01.rainpole.local

Master node

Region A

sfo01vrli01b.sfo01.rainpole.local

Worker node

Region A

sfo01vrli01c.sfo01.rainpole.local

Worker node

Region A

sfo01vrli01x.sfo01.rainpole.local

Additional worker nodes (not deployed)

Region A

lax01vrli01.lax01.rainpole.local

Log Insight ILB VIP

Region B

lax01vrli01a.lax01.rainpole.local

Master node

Region B

lax01vrli01b.lax01.rainpole.local

Worker node

Region B

lax01vrli01c.lax01.rainpole.local

Worker node

Region B

lax01vrli01x.lax01.rainpole.local

Additional worker nodes (not deployed)

Region B

Table 4. Design Decisions on FQDNs for vRealize Log Insight

Decision ID

Design Decision

Design Justification

Design Implication

SDDC-OPS-LOG-005

Configure forward and reverse DNS records for all vRealize Log Insight nodes and VIPs.

All nodes are accessible by using fully qualified domain names instead of by using IP addresses only.

You must manually provide a DNS record for each node and VIP.

SDDC-OPS-LOG-006

For all applications that fail over between regions (such as vRealize Automation and vRealize Operations Manager), use the FQDN of the VIP address of vRealize Log Insight in Region A when you configure logging.

Lgging continues when not all management applications are failed over to Region B. For example, only one application is moved to Region B.

If vRealize Automation and vRealize Operations Manager are failed over to Region B and the vRealize Log Insight cluster is no longer available in Region A, you must update the A record on the child DNS server to point to the vRealize Log Insight cluster in Region B.