Forward GCVE SDDC logs to Aria Operations for Logs (vRealize Log Insight Cloud )

September 8, 2022 RAGHU VMware 0

Disclaimer: This is not officially supported by VMware yet. This should be considered as a stop-gap / work-around solution for time being. 
PAGE CONTENTS
What is Google Cloud VMware Engine? (GCVE)
Assumption
Goal
Pre-Requisites
Step-by-Step Guide

What is Google Cloud VMware Engine? (GCVE)

Google Cloud VMware Engine is a fully managed service that lets you run the VMware platform in Google Cloud. VMware Engine includes vSphere, vCenter, vSAN, NSX-T, HCX, and corresponding tools, so it’s fully compatible with your existing VMware tools, processes, and skills training. For more details visit the official documentation page here

Assumption: You have VMware Aria Operations for Logs (vRealize Log Insight Cloud) and SDDC deployed in Google Cloud VMware Engine.

Goal: How to forward GCVE SDDC logs to vRealize Log Insight Cloud / VMware Aria Operations for Logs.

Pre-Requisites for Aria Operations for Logs (vRealize Log Insight Cloud) 

  1. Cloud Proxy Virtual Appliance deployed in SDDC GCVE. The following URLs need to be whitelisted and allowed from CPVA as outbound access. Official Documentation: Deploying Cloud Proxy
    1. *.vmware.com
    2. symphony-docker-external.jfrog.io
    3. ci-data-collector.s3.amazonaws.com
  2. You need DNS entry for Cloud Proxy deployed. This should be resolvable from ESXi.
    1. You will have to raise a request to Google Support to have a DNS entry created which can be resolved by the ESXi host.
    2. You can elevate your privileges in SDDC GCVE for short period and manually add a host entry in the ESXi host (This is not recommended step: it can be done only for PoC)
  3. Using solution user accounts in GCVE SDDC
    1. VMware Engine also creates user accounts with administrative privileges that you can use for third-party tools and products
    2. Prepare a Solution User Account in vSphere SDDC GCVE: Refer to Official Documentation

Step-by-Step Guide

  1. Deploy Cloud Proxy Virtual Appliance for Aria Operations for Logs (vRealize Log Insight Cloud) in SDDC GCVE. Refer to the detailed VMware Official Documentation                                                             
  2. Login to Cloud Proxy and validate External Connectivity and Registration is successful.                       
  3. Ensure that you have prepared the solution user account through vSphere Management Console by following GCVE Official Documentation here 
  4. If you are performing Proof-of-Concept and would not like to have the DNS Record created for Cloud Proxy: Go ahead and manually add host entry in ESXi Host (This step is not a recommended practice).
  5. Raise Support Ticket GCVE and have a DNS Record created for Cloud Proxy deployed: Which is resolvable by ESXi hosts & vCenter
  6. Perform vSphere Integration in VMware Aria Operations for Logs (vRealize Log Insight Cloud).         
  7. Ensure the following: Usage of solution-user-01@gve.local account for vSphere Integration (or any solution accounts that you prepared for this purpose as per documentation).
  8. Go to Explore logs and search for GCVE SDDC environment-specific keywords to see your logs.