In all regions and ROBOs, the vRealize Log Insight instances are connected to the region-specific management VXLANs.
Figure 1. Networking Design for the vRealize Log Insight Deployment

Application Network Design

This networking design has the following features:

  • All nodes have routed access to the vSphere management network through the distributed logical router (DLR).

  • Routing to the vSphere management network and the external network is dynamic, and is based on the Border Gateway Protocol (BGP).

For more information about the networking configuration of the application virtual networks for vRealize Log Insight, see Application Virtual Network in ROBO and Virtual Network Design Example in ROBO.

Table 1. Design Decision on Networking for vRealize Log Insight

Decision ID

Design Decision

Design Justification

Design Implication

ROBO-OPS-LOG-004

Deploy vRealize Log Insight on the region-specific application virtual network.

  • Ensures centralized access to log data per ROBO if a cross-region, upstream network outage occurs.

  • Co-locates log collection to the region-local SDDC applications using the region-specific application virtual networks.

  • Provides a consistent deployment model for management applications.

  • Interruption in the network can impact event forwarding between the vRealize Log Insight cluster in the ROBO and the hub resulting in gaps in log data.

  • You must use NSX to support this network configuration.

IP Subnets for vRealize Log Insight

You can allocate the following example subnets to the vRealize Log Insight deployment.

Table 2. IP Subnets in the Application Isolated Networks of vRealize Log Insight

vRealize Log Insight Cluster

IP Subnet

Table 3. IP Subnets in the Application Isolated Networks of vRealize Log Insight

vRealize Log Insight Cluster

IP Subnet

Region A

192.168.31.0/24

Region B

192.168.32.0/24

ROBO NYC01

172.18.19.0/24

ROBO Next

172.19.19.0/24

FQDNs for vRealize Log Insight

Realize Log Insight node name resolution, including the load balancer virtual IP addresses (VIPs), uses a root domain-specific suffix rainpole.local for its location. This prevents the need to provide a child domain for each ROBO.

Table 4. FQDNs of the vRealize Log Insight Nodes

FQDN

Role

nyc01vrli01.rainpole.local

Log Insight ILB VIP

nyc01vrli01a.rainpole.local

Master node

nyc01vrli01b.rainpole.local

Worker node

nyc01vrli01c.rainpole.local

Worker node

nyc01vrli01x.rainpole.local

Additional worker nodes (not deployed)

Table 5. Design Decisions on FQDNs for vRealize Log Insight

Decision ID

Design Decision

Design Justification

Design Implication

ROBO-OPS-LOG-005

Configure forward and reverse DNS records for all vRealize Log Insight nodes and VIPs.

All nodes are accessible by using fully qualified domain names instead of by using IP addresses only.

You must manually provide a DNS record for each node and VIP.