vRealize Log Insight Cloud Migration Guide

 

Overview

Migrating to Cloud enables organizations with a lot of benefits. This unofficial vRealize Log Insight Cloud Migration Guide will help users come up with a plan on how to migrate from vRealize Log Insight to vRealize Log Insight Cloud.

vRealize® Log Insight Cloud™ Value Proposition

VMware vRealize® Log Insight Cloud™ offers IT teams unified visibility across private, hybrid, and native public clouds by adding structure to unstructured log data, providing intuitive dashboards, and leveraging machine learning for faster troubleshooting.

 It provides the following benefits

  1. Multi-Cloud Observability – It supports Public Clouds (AWS, Azure, & GCP) along with VMware Clouds like VMC on AWS and VMware Cloud on DELL EMC
  2. Availability – It provides availability commitment of 3 9s
  3. Scalability – It is designed to handle all kinds of machine-generated data while delivering near-real-time monitoring.
  4. Time to Value – Simple and flexible logging architecture allows IT teams to get quickly started which improves Productivity.

Getting Started with the Migration Journey

Before starting the migration project, it is important to understand the following

  1. vRealize Log Insight Cloud Architecture
  2. Differences/Similarities between vRealize Log Insight & vRealize Log Insight Cloud

1.    VMware vRealize® Log Insight Cloud™ Architecture

vRealize Log Insight Cloud Architecture

 

2.    Differences/Similarities between vRealize Log Insight & vRealize Log Insight Cloud

 

Category Product / Features vRealize Log Insight vRealize Log Insight Cloud
VMware Cloud VMC On AWS Not Supported Supported
VMware Cloud VMC on Dell EMC Not Supported Supported
Integration with VMware Product VMware SDDC Integration
(VC / ESXi + NSXv / NSX-T)
Supported Supported
Integration with VMware Product vROPs Supported with Onprem vROPs Supported with vROPs Cloud
Integration with VMware Product vRA Supported with Onprem vRA Currently its via Onprem vRLI.
Direct Integration is on Roadmap
Integration with VMware Product Wavefront Not Supported Supported
 Cloud-Native Tanzu Kubernetes Grid Supported Supported
 Cloud-Native Redhat OpenShift Supported Supported
 Cloud-Native Vanilla Kubernetes using kubeadm Supported Supported
 Cloud-Native Managed Kubernetes
(EKS, AKS, GKE)
Not Supported Supported
Alerts Type of Alerts Windowed Windowed & Real-Time
Notification Webhook Notifications Supported

via shims

Direct Integration
Notification Email Notification Supported Supported
Content Pack Content Packs Supported Supported* (90% Parity with On-prem
Dashboards Dashboards Supported Supported
Log Management Log Forwarding Supported Supported
Log Management Log Masking Not Supported Supported
Log Management Log Retention Supported Supported **
Log Management Log Archival Supported (NFS) Supported (S3) ****
Log Management Log Partition Supported (NFS) Supported (S3) *****
Log Management Log Query Supported
(Up to 72TB of searchable storage)
Supported
(Up to 30 days)
Log Management Log Export Unlimited Log Export
(CSV, JSON, RAW)
Export limited to 20,000 Events (RAW only)
Log Management Live Tail Not Supported Supported
Log Management KB Insights Not Supported Supported
RBAC Access Local Accounts / AD Integration AD Integration via Cloud Services Portal (CSP)
RBAC Customer Roles Not Supported Supported
RBAC Custom Data Sets Not Supported Supported
Compliance STIG Supported N/A
Compliance FIPs Supported N/A
Licensing Licensing Charged per PLU or OSI Based on GB ingested

*  – Please reach out to the Account team if you have any Custom Content Pack).

** – Maximum of 30 days.

*** – Archival to S3 has additional charges.

Migration Planning

Proper planning is a very critical task for your migration journey to be successful.  Following questionnaire would help you with migration planning

  1. What VMware Products do you plan to migrate?
  2. What Applications do you plan to migrate?
  3. How would traffic flow look like from your corporate network to Cloud?
  4. Does your Security Team have any requirements?
  5. Does the corporate network have enough bandwidth?
  6. Do you have any GDPR requirements for the data?
  7. How will migration affect your internal user experience?
  8. Will there be any downtime due to the migration?
  9. Do you have any Custom Content Pack requirements?
  10. Do you have any long-term archival requirements for the data?

Setting up your Environment for Migration

After you have done your planning exercise you can start setting your vRealize Log Insight Cloud Environment. There are 2 options when starting the migration

  1. Configure Event Forwarding in vRealize Log Insight to forward logs to vRealize Log Insight Cloud. This allows you to play around with the environment before cutting it over completely*
  2. Modify the Sources to send logs to vRealize Log Insight Cloud.

Depending upon your Sources / Application following feature/agent can be leveraged

Source / Application Feature/Agent Comments
vSphere Infrastructure vSphere Integration You can configure vSphere Integration via Cloud Proxy. This helps configure syslog configuration on VC & ESXi to point it to Cloud Proxy
NSXv / NSX-T Cloud Proxy Configure Syslog via API to point it to Cloud Proxy
Kubernetes Cluster (For e.g., TKG) Fluentd

Fluentbit

You can configure Kubernetes Clusters to forward logs using the agent of your choice.
Traditional Applications Fluentd

Fluentbit

Logstash

vRLI Agent

If you have traditional applications, you can leverage agents of your choice to forward logs.

·       Fluentd/Fluentbit/Logstash – Allows Log ingestion directly to Cloud or via Cloud Proxy*

·       vRLI Agent – Log Ingestion is only supported via Cloud Proxy

*  – This might require additional licensing to have both Products

** – Payload should be JSON.

Operating the vRealize Log Insight Cloud Environment

Once you have enabled the logs to be sent to vRealize Log Insight Cloud, there are a couple of things that you should do to manage the environment.

  • Controlling User Access – vRealize Log Insight Cloud supports two default service roles from VMware Cloud Services – administrator and user. In vRealize Log Insight Cloud, the organization owner can create and assign additional roles from the Access Control page. For more details, Please Read the How to Control Access
  • Setting up Content Packs – Content packs contain dashboards, extracted fields, saved queries, and alerts that are related to a specific product or set of logs. For more details, Please Read the Working with Content Pack documentation

Next Steps

If you’re not already using vRealize Log Insight Cloud, check out our free 30-day trial. To learn more about how to use Log Insight Cloud, please check out

 

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: