You can set up vRealize Network Insight collector for AWS by importing Amazon Machine Image (AMI) to your AWS environment.

If your environment does not have a VMware vCenter server, and you can deploy your collector in a cloud environment and then deploy your collector in AWS.
Note: Currently, vRealize Network Insight supports the collector deployment in AWS using AMI only for VMware SD-WAN.

The procedure and task related to EC2 instances are documented in https://docs.aws.amazon.com/efs/index.html.

Procedure

  1. Launch your EC2 instance using the VMware provided AMI in the Amazon EC2 console. For procedure details, see Create Your EC2 Resources and Launch Your EC2 Instance topic in the Amazon Elastic File System documentation.
    Note: When you Launch your EC2 instance in AWS, you must select the following:
    Option Action
    Instance type m4.xlarge (MEDIUM BRICK)
    Network Select an appropriate network and subnet.
    Storage Default Storage.
    Tags As per customer Policies.
    Security Group Allow Outbound to 0.0.0.0/0 for port 443 (or for restricted rules, allow outbound for NI SaaS Prod FQDN for port 443).
    Key Select appropriate Key (SSH Login is enabled for the AMI).
  2. When your EC2 instance is in the running state, log in to the instance.
  3. Log in with the given console credentials. Run the setup command.
  4. Create the password for the support login. Change the password for the consoleuser.
    Note: After you change the password, the network options will be skipped during setup CLI.
    Also, Proxy AMI does not support the following:
    • IP change
    • IPv6
    • Web Proxy Configuration.
  5. Network Time Server Configuration: Configure NTP or secure NTP servers.
    • Enter y if network time security is supported for the NTP server. Network time security is supported only in secure NTP servers.
    • Enter n if network time security is not supported for the NTP server.
  6. Based on your choice in step 5, enter the IP address or FQDN details of a NTP or secure NTP server. Ensure that the VMs can reach these servers. If the NTP time is out of sync, the services will fail to start.
    To enter multiple servers, use commas.
  7. A check is made to see if the shared secret key has been configured. The collector is paired with the corresponding platform. This process can take few minutes.
  8. All the services are verified.

What to do next

Enable the flow collection from Edges to the collector you deployed in AWS. To enable the flow collection, do the following:
  • Make the collector you deployed in AWS as a Non-VeloCloud Site. For details, contact VMware support.