VMware Cloud Proxy HA using NSX-V Load balancer for vRealize Log Insight Cloud

 

In this blog, I will walk you through the architecture and configuration to enable HA of VMware Cloud Proxy aka RDC using NSX-V Loadbalancer.

What is VMware Cloud Proxy? 

A cloud proxy is a Virtual Appliance (VA) that is supplied as a downloadable OVA from the VMware Cloud service. The VA is comprised of several Docker containers. During VA deployment, the relevant agents are downloaded to the appliance based on your subscribed VMware Cloud Services. Cloud Proxy is required to ingest logs in to vRealize LogInsight Cloud. For understanding Cloud Proxy in detail you can refer the technical whitepaper for the same more details 

Architecture of VMware Cloud Proxy for vRealize LogInsight Cloud

In my setup, I have used NSX-V Loadbalancer (LB) which will provide High Availability of Cloud Proxies however technically it can be any other LB like NSX-T, AVI, HA Proxy, etc.

Log Sources like VC, ESXi, Applications would be configured using Load-balancer VIP and LB would be configured to use Round Robin algorithm to forward logs to the Cloud Proxies.

NSX-V Load balancer would be listening on ports.

514 TCP Syslog Traffic over TCP.
514 UDP Syslog Traffic over UDP.
9000 HTTP CFAPI traffic over HTTP.

Limitations

Following are the limitations with this procedure

  • It is only applicable for Log Ingestion feature not Log forwarding for vRealize LogInsight Cloud
  • It won’t work with vCenter Integration
  • It will not be applicable for other VMware Cloud Services like Cloud Assembly, Codestream 

Scenarios Tested 

I have validated the following scenarios VMware Cloud Proxy for vRealize LogInsight Cloud

I have only validated the configuration and it has not been Scale Tested. This should be used as a reference. Please perform proper validation before implementing in your Production Environment

Use Case Validation Performed
Log Ingestion using Syslog over TCP Validated log ingestion from ESXi & vCenter using Syslog over TCP (514) via LB
Log Ingestion using Syslog over UDP Validated log ingestion from ESXi & vCenter using Syslog over UDP (514) via LB
Log Ingestion using CFAPI over HTTP using vRLI Agent Validated application logs are flowing using vRLI Agent.
Auto upgrade of vRLI Agent Verified Auto upgrade of vRLI Agent works when pointing to LB IP instead of Cloud Proxy IP.
Centralized Config of liagent.ini Verified Centralized Config works when pointing to LB IP instead of Cloud Proxy IP.

NSX-V Load-balancer Configuration

I am assuming you have an NSX-V LB deployed. You can follow the NSX-V documentation for creating LB 

We need to configure the following

  • Application Profile for TCP/UDP/HTTP
  • Server Pools with VMware Cloud Proxy for vRealize LogInsight Cloud IPs as Members
  • Virtual Servers for TCP/UDP/HTTP

Configure Application Profile

TCP/UDP/HTTP

Configure Server Pools

Syslog TCP

Syslog UDP

HTTP

Configure Virtual Servers

Syslog TCP

Syslog UDP

HTTP

Verify Connectivity

In this blog, I will only be showing ESXi Config and verification.

You can refer vRealize LogInsight Cloud documentation for vRLI Agents configuration 

Ensure LB is listening on all the required ports

Configure ESXi with LB VIP (Virtual IP)

Verify Logs

Log Query to search logs would be following

source contains <LB VIP>

Related Articles

 

Deploy VMware Cloud Proxy on VMC/ vSphere using Terraform vSphere Provider

Automate Log Insight Agent Installation using SaltStack

 

Leave a Reply

Your email address will not be published.

%d bloggers like this: