Configuring AD Authentication in vRealize Log Insight

Manish Jha

vRealize Log Insight supports 3 Authentication methods:

  • Local authentication.
  • VMware Identity Manager authentication.
  • Active Directory authentication.

You can use more than one method in the same deployment and users then select the type of authentication to use at log in.

To AD authentication to vRLI, login to web interface and navigate to Administration > Authentication page

vrli-auth01

Switch to Active Directory tab and toggle the “Enable Active Directory support” button.

vrli-auth02

Specify your domain related details and hit Test Connection button to test whether vRLI is able to talk to AD or not. Hit Save button if test is successful.  Read More

Scaling Up Standalone vRealize Log Insight Deployment

Manish Jha

vRealize log insight can be deployed as a standalone or as a clustered solution. In a clustered deployment the first node is the master node and the remaining nodes are termed as worker nodes. The process of scaling up is pretty straight forward and in this post I will walk through the steps of doing so.

Few things which you should consider before expanding a vRealize Log Insight deployment are:

  • vRealize Log Insight does not support WAN clustering (also called geo-clustering or remote clustering). All nodes in the cluster should be deployed in the same Layer 2 LAN. 
  • Configure a minimum of three nodes in a vRealize Log Insight cluster. 2 node cluster is not supported.
  • Verify that the versions of the vRealize Log Insight master and worker nodes are same. Do not add an older version vRealize Log Insight worker to a newer version vRealize Log Insight master node.
  • External load balancers are not supported for vRealize Log Insight clusters. You need to use the vRealize log insight integrated load balancer (ILB). 

Let’s jump into lab to see the process in action.

In this post I am not including deployment steps of my first vRLI instance as it’s a straightforward forward process. If you are still interested to see the deployment steps then you can follow this old post of mine. Read More

Distributed vRA Automated Upgrade via vRLCM

Manish Jha

In this post I will walk through steps of upgrading a distributed vRA 7.4 environment to v7.5. This is continuation of my earlier post where I deployed vRA 7.4 via vRLCM.

Upgrade Prerequisites

This post assumes that you have met all the prerequisites of vRA upgrade mentioned in this document

Important: If you are doing upgrade in a distributed environment, then make sure you have disabled the secondary members of pool and all monitors removed for the pool members during the upgrade process. 

To upgrade a vRA deployment, login to vRLCM and navigate to Home > Environments and click on view details. Read More

Cancelling Request in vRealize Suite Lifecycle Manager via API

Manish Jha

vRLCM is a great tool but the only shortcoming which is still there with v 2.0 is the ability to cancel any running task via GUI. I faced this situation when I was trying to add a remote collector node to an existing vROPS deployment and task kept running for more than 4 hours.

While searching on internet for how we can stop/cancel/delete a request in vRLCM, came across this thread on VMware Code website, where it was mentioned that it’s not possible from GUI and we need to use REST API.

Below steps shows how to use vRLCM API Read More

vRA Distributed Install using vRealize Suite Lifecycle Manger

Manish Jha

In first post of this series, I talked briefly about what vRealize Suite Lifecycle Manager is and its capabilities. Also I covered the installation and initial configuration settings of the appliance.

In this post I will walk through steps of deploying vRA 7.4 distributed install in automated fashion using vRLCM.

Before trying vRLCM, I did a vRA distributed install manually because I wanted to understand the flow of distributed install. If you are new to his topic then I would suggest reading below posts before you can start using vRLCM to automate deployments: Read More

Installing & Configuring vRealize Suite Life Cycle Manager 2.0

Manish Jha

vRealize Suite Life Cycle Manager 2.0 was released in September 2018 and with this release a lot of new features were added. Please refer to this post to learn What’s new in vRLCM 2.0.

What is vRealize Suite Lifecycle Manager?

vRealize Suite Lifecycle Manager automates install, configuration, upgrade, patch, configuration management, drift remediation and health from within a single pane of glass, and automates Day 0 to Day 2 operations of the entire vRealize Suite, enabling simplified operational experience for customers. Read More

vRA 7.4 Distributed Install: Part 4: vRA Distributed Install

Manish Jha

In last post of this series , I talked about how to configure NSX based load balancer for vRA environment. In this post I will walk through vRA appliance deployment.

If you are not following along this series, then I recommend reading earlier posts of this series from below links:

1: Introduction & Reference Architecture

2: Lab Setup

3: Load Balancer Configuration

Download vRA 7.4 appliance and deploy 2 instances of vRA VM’s.

Once both the appliance boots up, connect to the vami of first appliance by typing https://<vra1-fqdn>:5480/ Read More

vRA 7.4 Distributed Install: Part 3: Load Balancer Configuration

Manish Jha

In last post of this series, I talked about my lab setup. In this post I will walk through the load balancer configuration that needs to be in place for supporting the distributed install.

If you are not following along this series, then I recommend reading earlier posts of this series from below links:

1: Introduction & Reference Architecture

2: Lab Setup

Although it’s not mandatory to have the load balancer configured when kicking the distributed install, as we can configure it post vRA deployment, but it is recommended to configure this before attempting the install. Read More

vRA 7.4 Distributed Install: Part 2-Lab Setup

Manish Jha

In last post of this series, I talked about high level overview of vRA distributed installation. In this post I will be discussing about my lab setup.

Management Cluster

In my management cluster I have vSphere 6.5 installed and vCenter is deployed with embedded psc. I have total of 5 hosts in my management cluster.

lab-1.PNG

Host Details:

lab-2.PNG

VM/Appliance Details:

  • 2x vRealize Automation 7.4 Appliances
  • 2x Windows Servers for IaaS Web
  • 2x Windows Servers for the Management Service (Active / Passive)
  • 2x Windows Servers for the DEMs/Agents

lab-4.PNG

Windows Template Specifications

I deployed each of the windows vm using a template which was configured as per below:

1: Static IP set and windows domain joined.  Read More

VRA 7.4 Distributed Install: Part 1-Introduction

Manish Jha

vRA 7.x brought a lot of enhancements with it and one of the major enhancement was the simplicity of deploying the setup which was very complex till version 6.x. 

The second major enhancement was to cut the overall footprint of vRA. For VRA 6.x implementation, we needed at least 8 VA’s to form the core services (excluding the IaaS components). This limitation is no more with 7.x implementation.

Now a single pair of VRA VA’s forms the core services. In a distributed install, the load balanced VA’s delivers vRA’s framework services, Identity Manager, Database, vRO, and RabbitMQ. All these services are clustered and sits behind a single load balance VIP and a single SSL cert. Read More

AHV Networking: Part 4: Configuring OVS For Best Performance

Manish Jha

There is no dedicated storage network needed with Nutanix as AHV leverages the data network as the backplane for storage. In AHV based deployments, CVM, Hypervisor and Guest VMs connect with physical network via Open vSwitch (OVS). 

An instance of OVS is present on each AHV host and all instances of OVS in a cluster forms a single logical switch (somewhat similar to VMware vDS concept).

In a default AHV installation, all the interfaces present in the NX node are grouped together in a single bond called bro-up. A typical NX node ships with 2×10 GB and 2×1 GB interface.  Read More

AHV Networking: Part 3: Change OVS Bond Mode

Manish Jha

In last post of AHV Networking series, we learnt the basics of the various bond modes that are available with OVS in AHV. In this post we will learn how to change the bond mode configuration.

Lets jump into lab and start firing some commands.

1: Verify current bond mode.

SSH to any of the AHV host in cluster and run command: ovs-appctl bond/show

This command shows the current bond mode that is configured and the member interfaces that are present in the bond.

ahv-nw-2

Alternatively you can connect to a CVM and run command: allssh ssh root@192.168.5.1 ovs-vsctl show to fetch more information about a bond.  Read More

AHV Networking: Part 2: Understanding OVS Bond Mode

Manish Jha

In last post of this series we learnt few basics of AHV networking. In this post we will learn about network load balancing in Nutanix.

Nutanix networking is based on OVS and the networks are configured via Prism/ACLI. OVS supports 3 bond modes for network load balancing. 

1: Active/Backup

By default the bond mode is in Active/backup mode when AHV is installed. In this mode VM traffic is sent only over one of the physical uplink and rest all uplinks are in passive mode and they become active only when the active uplinks fails. Read More

AHV Networking: Part 1: Basics

Manish Jha

AHV Networking Overview

AHV uses Open vSwitch (OVS) to connect the CVM, the hypervisor, and guest VMs to each other and to the physical network on each node. When we install AHV, an instance of OVS is created on that host and all instance of OVS across a cluster combines to form a single logical switch.

What is Open vSwitch (OVS)

OVS is an open source software switch implemented in the Linux kernel and designed to work in a multiserver virtualization environment. OVS is a layer-2 learning switch that maintains a MAC address table. Read More

Unregistering a Cluster from Prism Central

Manish Jha

Once a cluster have been registered to Prism central, unregistering it via Prism UI is no longer available. This option was removed to reduce the risk of accidentally unregistering a cluster because several features require Prism Central to run your clusters.

If a cluster is unregistered from Prism Central, not only will these features not be available but the configuration for them may also be erased.

Unregistering a cluster can be done via CLI. Please follow below steps for removing a cluster from PC. Read More