Intelligent Logging and Analytics for VMware Cloud Foundation PDF

Summary

This document details the intelligent logging and analytics for VMware Cloud Foundation, providing design objectives, detailed design, planning, implementation, operational guidance, and other relevant information.

Full Transcript

Intelligent Logging and Analytics for VMware Cloud Foundation Modified on 09 OCT 2024 VMware Cloud Foundation services Intelligent Logging and Analytics for VMware Cloud Foundation You can find the most up-to-date technical documentation on the VMware by Broadcom website at: https://docs.vmware....

Intelligent Logging and Analytics for VMware Cloud Foundation Modified on 09 OCT 2024 VMware Cloud Foundation services Intelligent Logging and Analytics for VMware Cloud Foundation You can find the most up-to-date technical documentation on the VMware by Broadcom website at: https://docs.vmware.com/ VMware by Broadcom 3401 Hillview Ave. Palo Alto, CA 94304 www.vmware.com © Copyright 2023-2024 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries. For more information, go to https://www.broadcom.com. All trademarks, trade names, service marks, and logos referenced herein belong to their respective companies. VMware by Broadcom 2 Contents About Intelligent Logging and Analytics for VMware Cloud Foundation 7 1 Design Objectives of Intelligent Logging and Analytics for VMware Cloud Foundation 21 2 Detailed Design of Intelligent Logging and Analytics for VMware Cloud Foundation 23 Logical Design of Intelligent Logging and Analytics for VMware Cloud Foundation 23 Deployment Specification of Intelligent Logging and Analytics for VMware Cloud Foundation 25 Deployment Model for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 25 Retention and Archiving Design for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 30 Alert Notifications Design for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 33 Network Design for Intelligent Logging and Analytics for VMware Cloud Foundation 33 Life Cycle Management Design for Intelligent Logging and Analytics for VMware Cloud Foundation 37 VMware Aria Operations for Logs Design for Intelligent Logging and Analytics for VMware Cloud Foundation 37 Information Security and Access Control Design for Intelligent Logging and Analytics for VMware Cloud Foundation 45 Identity Management for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 45 Password Management for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 47 Certificate Management for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 51 3 Planning and Preparation for Intelligent Logging and Analytics for VMware Cloud Foundation 53 4 Implementation of Intelligent Logging and Analytics for VMware Cloud Foundation 54 Automated PowerShell Implementation of Intelligent Logging and Analytics for for VMware Cloud Foundation 56 User Interface Implementation of Intelligent Logging and Analytics for VMware Cloud Foundation 59 Deployment of VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation 60 Apply a Product Support Pack to VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation 63 VMware by Broadcom 3 Intelligent Logging and Analytics for VMware Cloud Foundation Create a vSphere Content Library for Operational Management for Intelligent Logging and Analytics for VMware Cloud Foundation 64 Obtain and Upload VMware Aria Suite Lifecycle Upgrade ISO to vSphere Content Library for Intelligent Logging and Analytics for VMware Cloud Foundation 65 Upgrade VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation 65 Delete Snapshots of VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation 67 Deployment of VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 67 Import the VMware Aria Operations for Logs OVA to vSphere Content Library for Intelligent Logging and Analytics for VMware Cloud Foundation 71 Add VMware Aria Operations for Logs License to VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation 71 Generate the VMware Aria Operations for Logs Certificate and Import it in VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation 72 Add the VMware Aria Operations for Logs Admin Password to VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation 73 Deploy VMware Aria Operations for Logs by Using VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation 73 Create Virtual Machine and Template Folder for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 75 Move the VMware Aria Operations for Logs Virtual Machines to the Dedicated Folder for Intelligent Logging and Analytics for VMware Cloud Foundation 75 Add the VMware Aria Operations for Logs Virtual Machines to the First Availability Zone VM Group for Intelligent Logging and Analytics for VMware Cloud Foundation 76 Configure SMTP for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 76 Configure Log Retention and Archiving for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 77 Configure VMware Aria Operations for Logs Authentication Using Active Directory for Intelligent Logging and Analytics for VMware Cloud Foundation 78 Connect a VI Workload Domain to VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 79 Configure All NSX Nodes to Forward Logs to VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 80 Configure Log Forwarding for the Clustered Workspace ONE Access Instance for Intelligent Logging and Analytics for VMware Cloud Foundation 81 Install Workspace ONE Access Content Pack for Intelligent Logging and Analytics for VMware Cloud Foundation 81 Install and Configure the VMware Aria Operations for Logs Agent on the Clustered Workspace ONE Access Nodes for Intelligent Logging and Analytics for VMware Cloud Foundation 82 Configure the VMware Aria Operations for Logs Agent Group for the Clustered Workspace ONE Access for Intelligent Logging and Analytics for VMware Cloud Foundation 83 Create a VMware Aria Operations for Logs Photon OS Agent Group for the Management Nodes for Intelligent Logging and Analytics for VMware Cloud Foundation 84 VMware by Broadcom 4 Intelligent Logging and Analytics for VMware Cloud Foundation Implementation of Intelligent Logging and Analytics for an Additional VMware Cloud Foundation Instance 85 Configure Log Forwarding Between VMware Cloud Foundation Instances 87 5 Operational Guidance for Intelligent Logging and Analytics for VMware Cloud Foundation 89 Personas in Intelligent Logging and Analytics for VMware Cloud Foundation 89 Operational Verification of Intelligent Logging and Analytics for VMware Cloud Foundation 90 Verify Authentication in VMware Aria Operations for Logs by Using a Local System Account and Verify the Cluster Status for Intelligent Logging and Analytics for VMware Cloud Foundation 91 Verify the Integration of VMware Aria Operations for Logs with Active Directory for Intelligent Logging and Analytics for VMware Cloud Foundation 92 Verify the Authentication in VMware Aria Operations for Logs by Using an Active Directory User Account for Intelligent Logging and Analytics for VMware Cloud Foundation 93 Verify the Integration of VMware Aria Operations for Logs with vSphere for Intelligent Logging and Analytics for VMware Cloud Foundation 94 Verify the VMware Aria Operations for Logs Agent Status for the Virtual Appliances of the Management Domain for Intelligent Logging and Analytics for VMware Cloud Foundation 94 Verify the VMware Aria Operations for Logs Agent Status for the Workspace ONE Access Appliances for Intelligent Logging and Analytics for VMware Cloud Foundation 95 Certificate Management for Intelligent Logging and Analytics for VMware Cloud Foundation 96 Replace the VMware Aria Operations for Logs Certificate for Intelligent Logging and Analytics for VMware Cloud Foundation 97 Retrust the New VMware Aria Operations for Logs Certificate on VMware Aria Operations for Intelligent Logging and Analytics for VMware Cloud Foundation 98 Retrust the New VMware Aria Operations for Logs Certificate on the VMware Aria Operations for Logs Clusters Configured for Log Forwarding for Intelligent Logging and Analytics for VMware Cloud Foundation 98 Password Management for Intelligent Logging and Analytics for VMware Cloud Foundation 99 Configuring Password Policies for Intelligent Logging and Analytics for VMware Cloud Foundation 99 Configure the Local User Password Expiration Policy for Intelligent Logging and Analytics for VMware Cloud Foundation 99 Configure the Local User Password Complexity Policy for the Intelligent Logging and Analytics for VMware Cloud Foundation 101 Configure the Local User Account Lockout Policy for the Intelligent Logging and Analytics for VMware Cloud Foundation 103 Password Rotation and Remediation for Intelligent Logging and Analytics for VMware Cloud Foundation 104 Schedule Password Rotation for Intelligent Logging and Analytics for VMware Cloud Foundation 104 Rotate an Account Password Using SDDC Manager for Intelligent Logging and Analytics for VMware Cloud Foundation 105 Update an Account Password Using SDDC Manager for Intelligent Logging and Analytics for VMware Cloud Foundation 106 VMware by Broadcom 5 Intelligent Logging and Analytics for VMware Cloud Foundation Password Remediation for the Intelligent Logging and Analytics for VMware Cloud Foundation 107 Alerts Management for Intelligent Logging and Analytics for VMware Cloud Foundation 108 Configure Alerts in VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 108 View the Full List of Alerts for a Management Product for Intelligent Logging and Analytics for VMware Cloud Foundation 109 Scale Management for Intelligent Logging and Analytics for VMware Cloud Foundation 110 Scale up VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 110 Shutdown and Startup of Intelligent Logging and Analytics for VMware Cloud Foundation 111 Shut Down the VMware Aria Operations for Logs Virtual Machines for Intelligent Logging and Analytics for VMware Cloud Foundation 111 Start the VMware Aria Operations for Logs Virtual Machines for Intelligent Logging and Analytics for VMware Cloud Foundation 112 Authentication Transition for Intelligent Logging and Analytics for VMware Cloud Foundation 112 Remove Active Directory Group Assignments in VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 113 Remove Standalone Workspace ONE Access Integration for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 114 6 Solution Interoperability of Intelligent Logging and Analytics for VMware Cloud Foundation 116 Monitoring and Alerting of Intelligent Logging and Analytics for VMware Cloud Foundation 116 Reconfigure the Collector Group for the VMware Aria Operations for Logs Integration for Intelligent Logging and Analytics for VMware Cloud Foundation 118 Add a Ping Adapter for the VMware Aria Operations for Logs Cluster for Intelligent Logging and Analytics for VMware Cloud Foundation 119 Verify the Integration of VMware Aria Operations with VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 120 Disaster Recovery of Intelligent Logging and Analytics for VMware Cloud Foundation 120 Life Cycle Management of Intelligent Logging and Analytics for VMware Cloud Foundation 120 7 Appendix: Design Decisions on Intelligent Logging and Analytics for VMware Cloud Foundation 122 8 Appendix: Default Password Policy Settings for Intelligent Logging and Analytics for VMware Cloud Foundation 139 VMware by Broadcom 6 About Intelligent Logging and Analytics for VMware Cloud Foundation The Intelligent Logging and Analytics for VMware Cloud Foundation validated solution provides information on the use of a log analysis tool that delivers highly scalable log management with intuitive and actionable dashboards, sophisticated analytics, and broad third-party extensibility. The solution provides deep operational visibility and fast troubleshooting across physical, virtual, and cloud environments. A VMware by Broadcom validated solution is a well-architected and validated implementation, built and tested by VMware to help customers deliver common business use cases. VMware validated solutions are operational, cost-effective, performant, reliable and secure. Each solution contains a detailed design, implementation, and operational guidance. Automation for This Design in VMware Cloud Foundation ® VMware Cloud Foundation™ SDDC Manager automates the implementation tasks for some design decisions. For the rest of the design decisions, as noted in the design implications, you must perform the implementation steps manually. To provide a fast and efficient path to automating the Intelligent Logging and Analytics for VMware Cloud Foundation implementation, this document provides Microsoft PowerShell cmdlets using an open-source module as code-based alternatives to completing certain procedures in each SDDC component's user interface. For additional information, see PowerShell Module for VMware Validated Solutions. Intended Audience The Intelligent Logging and Analytics for VMware Cloud Foundation documentation is intended for cloud architects and administrators who are familiar with and want to use VMware software and an intelligent logging and analytics solution for VMware Cloud Foundation. Support Matrix The Intelligent Logging and Analytics for VMware Cloud Foundation validated solution is compatible with certain versions of the VMware products that are used for implementing the solution. VMware by Broadcom 7 Intelligent Logging and Analytics for VMware Cloud Foundation Table 1-1. Software Components in Intelligent Logging and Analytics for VMware Cloud Foundation VMware Cloud Foundation Version Product Group Component Versions 5.2.1 Products part of VMware Cloud Foundation See VMware Cloud Foundation 5.2.1 Release Notes. Solution-added products VMware Aria Operations for Logs 8.18.0 VMware Aria Suite Lifecycle 8.18.0 5.2.0 Products part of VMware Cloud Foundation See VMware Cloud Foundation 5.2.0 Release Notes. Solution-added products VMware Aria Operations for Logs 8.18.0 VMware Aria Suite Lifecycle 8.18.0 5.1.1 Products part of VMware Cloud Foundation See VMware Cloud Foundation 5.1.1 Release Notes. Solution-added products VMware Aria Operations for Logs 8.18.0 VMware Aria Suite Lifecycle 8.18.0 5.1.0 Products part of VMware Cloud Foundation See VMware Cloud Foundation 5.1.0 Release Notes. Solution-added products VMware Aria Operations for Logs 8.18.0 VMware Aria Suite Lifecycle 8.18.0 Table 1-2. End of General Support Software Components in Intelligent Logging and Analytics for VMware Cloud Foundation VMware Cloud Foundation Version Product Group Component Versions 5.0 Products part of VMware Cloud Foundation See VMware Cloud Foundation 5.0 Release Notes. VMware Aria Suite Lifecycle 8.10.0 (EOGS) Solution-added products VMware Aria Operations for Logs 8.10.0 4.5.2 Products part of VMware Cloud Foundation See VMware Cloud Foundation 4.5.2 Release Notes. VMware Aria Suite Lifecycle 8.10.0 (EOGS) Solution-added products VMware Aria Operations for Logs 8.10.0 4.5.1 Products part of VMware Cloud Foundation See VMware Cloud Foundation 4.5.1 Release Notes. vRealize Suite Lifecycle Manager 8.8.2 (EOGS) Solution-added products vRealize Log Insight 8.8.2 4.5.0 Products part of VMware Cloud Foundation See VMware Cloud Foundation 4.5.0 Release Notes. vRealize Suite Lifecycle Manager 8.8.2 (EOGS) Solution-added products vRealize Log Insight 8.8.2 4.4.1 Products part of VMware Cloud Foundation See VMware Cloud Foundation 4.4.1 Release Notes. VMware by Broadcom 8 Intelligent Logging and Analytics for VMware Cloud Foundation Table 1-2. End of General Support Software Components in Intelligent Logging and Analytics for VMware Cloud Foundation (continued) VMware Cloud Foundation Version Product Group Component Versions Solution-added products vRealize Log Insight 8.6.2 (EOGS) 4.4.0 Products part of VMware Cloud Foundation See VMware Cloud Foundation 4.4.0 Release Notes. Solution-added products vRealize Log Insight 8.6.2 (EOGS) 4.3.1 Products part of VMware Cloud Foundation See VMware Cloud Foundation 4.3.1 Release Notes. Solution-added products vRealize Log Insight 8.4.1 (EOGS) 4.3.0 Products part of VMware Cloud Foundation See VMware Cloud Foundation 4.3.0 Release Notes. Solution-added products vRealize Log Insight 8.4 (EOGS) Note The software component versions in this table are in End of General Support (EOGS) phase and are no longer generally supported by VMware. At the time of initial release and during the General Support phase, the software component versions in this solution are actively implemented, tested, and validated by VMware and VMware partners. See VMware Lifecycle Policies. Before You Apply This Guidance To design and implement the Intelligent Logging and Analytics for VMware Cloud Foundation validated solution, your environment must have a certain configuration. VMware by Broadcom 9 Intelligent Logging and Analytics for VMware Cloud Foundation Table 1-3. Supported VMware Cloud Foundation Deployment Workload Domain / Component Deployment Details Management domain n Automated deployment using VMware Cloud Builder™ n Required availability of overlay-backed or VLAN- backed NSX segments in VMware NSX for traffic in the same VMware Cloud Foundation instance. See the following VMware Cloud Foundation Documentation: n For information on designing the management domain, see VMware Cloud Foundation Design Guide. n For information on deploying the management domain, see Getting Started with VMware Cloud Foundation and VMware Cloud Foundation Deployment Guide. n For information on operating the management domain, see VMware Cloud Foundation Administration Guide and VMware Cloud Foundation Operations Guide. (Optional) One or more virtual infrastructure (VI) workload Automated deployment using SDDC Manager. domains See the following VMware Cloud Foundation Documentation: n For information on designing a VI workload domain, see VMware Cloud Foundation Design Guide. n For information on deploying the VI workload domains, see Getting Started with VMware Cloud Foundation and VMware Cloud Foundation Administration Guide. n For information on operating the VI Workload domain, see VMware Cloud Foundation Operations Guide. VMware Aria Suite Lifecycle Automated deployment by using SDDC Manager. See the following VMware Cloud Foundation Documentation: n For information on designing VMware Aria Suite ® Lifecycle , see VMware Aria Suite Lifecycle Design for VMware Cloud Foundation. n For information on deploying VMware Aria Suite Lifecycle, see Getting Started with VMware Cloud Foundation and VMware Cloud Foundation Operations and Administration Guide. n To ensure correct version support for VMware Aria Suite Lifecycle for your VMware Cloud Foundation version, follow the implementation guidance in this validated solution. See Deployment of VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation. VMware Cloud Foundation integrated with Active Manual or PowerShell automated configuration of Active Directory Directory over LDAP. See the Identity and Access Management for VMware Cloud Foundation validated solution. VMware by Broadcom 10 Intelligent Logging and Analytics for VMware Cloud Foundation Overview of Intelligent Logging and Analytics for VMware Cloud Foundation By applying the Intelligent Logging and Analytics for VMware Cloud Foundation validated solution, you implement centralized intelligent logging and analytics for the components of a VMware Cloud Foundation instance. Table 1-4. Implementation Overview of Intelligent Logging and Analytics for VMware Cloud Foundation Stage Steps 1. Plan and prepare the VMware Cloud Foundation Work with the technology team of your organization on environment configuring the physical servers, network, and storage in the data center. Collect the environment details and save them in the VMware Cloud Foundation Planning and Preparation Workbook. 2. Activate centralized logging for the management and 1 Deploy VMware Aria Operations for Logs in each workload components of VMware Cloud Foundation. VMware Cloud Foundation instance. 2 Configure each management component to forward logs to VMware Aria Operations for Logs. Frequently Asked Questions For additional questions, see VMware Validated Solutions Frequently Asked Questions. Update History The Intelligent Logging and Analytics for VMware Cloud Foundation validated solution is updated when necessary. VMware by Broadcom 11 Intelligent Logging and Analytics for VMware Cloud Foundation Revision Description 09 OCT 2024 n This validated solution now supports VMware Cloud Foundation 5.2.1. n The PowerValidatedSolutions PowerShell module is now version 2.12.0. n The VMware.PowerCLI PowerShell module is now version 13.3.0. n The ImportExcel PowerShell module is now version 7.8.9. 23 JUL 2024 n This validated solution now supports VMware Cloud Foundation 5.2.0. n This validated solution now provides a single procedure for PowerShell automation. See Automated PowerShell Implementation of Intelligent Logging and Analytics for for VMware Cloud Foundation n This validated solution now provides guidance on importing the VMware Aria Operations for Logs OVA in a vSphere Content library. See Import the VMware Aria Operations for Logs OVA to vSphere Content Library for Intelligent Logging and Analytics for VMware Cloud Foundation. n This validated solution now uses the PowerValidatedSolutions PowerShell module to generate a Microsoft CA signed certificate. See Generate the VMware Aria Operations for Logs Certificate and Import it in VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation n The PowerValidatedSolutions PowerShell module is now version 2.11.0. 28 MAY 2024 n The PowerValidatedSolutions PowerShell module is now version 2.10.0. 26 MAR 2024 n This validated solution now supports VMware Cloud Foundation 5.1.1. n This validated solution now supports VMware Aria Operations for Logs 8.16.0. n This validated solution now updates the password complexity and account lockout policy configuration for the latest version of Photon OS. n Configure the Local User Password Complexity Policy for the Intelligent Logging and Analytics for VMware Cloud Foundation n Configure the Local User Account Lockout Policy for the Intelligent Logging and Analytics for VMware Cloud Foundation n The PowerValidatedSolutions PowerShell module is now version 2.9.0. n The VMware.PowerCLI PowerShell module is now version 13.2.1. VMware by Broadcom 12 Intelligent Logging and Analytics for VMware Cloud Foundation Revision Description 30 JAN 2024 n This validated solution now updates the design, the implementation, and the operational guidance for the use of Active Directory over LDAP instead of Workspace ONE Access for authentication to VMware Aria Operations for Logs. See the following: n Note If you previously deployed this validated solution using Workspace ONE Access for authentication, to reconfigure the authentication provider, see Authentication Transition for Intelligent Logging and Analytics for VMware Cloud Foundation. n Deployment Model for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation n Identity Management for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation n Configure VMware Aria Operations for Logs Authentication Using Active Directory for Intelligent Logging and Analytics for VMware Cloud Foundation n Verify the Integration of VMware Aria Operations for Logs with Active Directory for Intelligent Logging and Analytics for VMware Cloud Foundation n Verify the Authentication in VMware Aria Operations for Logs by Using an Active Directory User Account for Intelligent Logging and Analytics for VMware Cloud Foundation n This validated solution now provides guidance on deploying VMware Aria Suite Lifecycle in a disconnected environment. See the following: n Chapter 4 Implementation of Intelligent Logging and Analytics for VMware Cloud Foundation n Deployment of VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation n Apply a Product Support Pack to VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation n Install Workspace ONE Access Content Pack for Intelligent Logging and Analytics for VMware Cloud Foundation n This validated solution now updates the password complexity policy configuration for the use of the pam_pwquality.so file. See Configure the Local User Password Complexity Policy for the Intelligent Logging and Analytics for VMware Cloud Foundation. VMware by Broadcom 13 Intelligent Logging and Analytics for VMware Cloud Foundation Revision Description n This validated solution now includes Scale Management for Intelligent Logging and Analytics for VMware Cloud Foundation. n The PowerValidatedSolutions PowerShell module is now version 2.8.0, adding support and updates for the following procedures: n Assign VMware Aria Operations for Logs Roles to Active Directory Groups for Intelligent Logging and Analytics for VMware Cloud Foundation n Create a vSphere Content Library for Operational Management for Intelligent Logging and Analytics for VMware Cloud Foundation n Apply a Product Support Pack to VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation n Deploy VMware Aria Operations for Logs by Using VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation n Install Workspace ONE Access Content Pack for Intelligent Logging and Analytics for VMware Cloud Foundation 07 NOV 2023 n This validated solution now supports VMware Cloud Foundation 5.1.0. n The PowerValidatedSolutions PowerShell module is now version 2.7.0. n The PowerVCF PowerShell module is now version 2.4.0. n The following solution-added product names are changing: n VMware vRealize Suite Lifecycle Manager is now VMware Aria Suite Lifecycle n VMware vRealize Log Insight is now VMware Aria Operations for Logs n VMware vRealize Operations is now VMware Aria Operations For more information on the VMware Aria rebranding, see Multi-Cloud Management and VMware Aria. VMware by Broadcom 14 Intelligent Logging and Analytics for VMware Cloud Foundation Revision Description 29 AUG 2023 n This validated solution now supports VMware Cloud Foundation 4.5.2. n This validated solution now provides guidance on alerts management. See Alerts Management for Intelligent Logging and Analytics for VMware Cloud Foundation. n The VMware.PowerCLI PowerShell module is now version 13.1.0. n The ImportExcel PowerShell module is now version 7.8.5. n The PowerValidatedSolutions PowerShell module is now version 2.6.0. 25 JUL 2023 n This validated solution now supports VMware Cloud Foundation 5.0. n This validated solution now supports vRealize Log Insight 8.10.2. n vRealize Suite Lifecycle Manager is now listed as a solution-added product for VMware Cloud Foundation 4.5.1 and VMware Cloud Foundation 5.0. See Table 1-1. Software Components in Intelligent Logging and Analytics for VMware Cloud Foundation. n This validated solution now provides guidance on deploying and upgrading vRealize Suite Lifecycle Manager. See Deployment of VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation. n This validated solution now includes Chapter 8 Appendix: Default Password Policy Settings for Intelligent Logging and Analytics for VMware Cloud Foundation for quick reference. n The PowerValidatedSolutions PowerShell module is now version 2.5.0. VMware by Broadcom 15 Intelligent Logging and Analytics for VMware Cloud Foundation Revision Description 30 MAY 2023 n This validated solution now supports VMware Cloud Foundation 4.5.1. n The PowerValidatedSolutions PowerShell module is now version 2.3.0. n This validated solution now provides guidance on implementing the solution in an additional VMware Cloud Foundation instance. See Implementation of Intelligent Logging and Analytics for an Additional VMware Cloud Foundation Instance. n This validated solution now updates the Information Security and Access Control Design for Intelligent Logging and Analytics for VMware Cloud Foundation, providing guidance on: n Active Directory Integration for VMware Aria Operations for Logs n Password Policies for VMware Aria Operations for Logs. n This validated solution now includes the following operational guidance procedures: n Configuring Password Policies for Intelligent Logging and Analytics for VMware Cloud Foundation n Password Rotation and Remediation for Intelligent Logging and Analytics for VMware Cloud Foundation 25 APR 2023 n The VMware.PowerCLI PowerShell module is now version 13.0.0. n The VMware.vSphere.SsoAdmin PowerShell module is now version 1.3.9. n The ImportExcel PowerShell module is now version 7.8.4. n The PowerVCF PowerShell module is now version 2.3.0 n The PowerValidatedSolutions PowerShell module is now version 2.2.0. 28 MAR 2023 The PowerValidatedSolutions PowerShell module is now version 2.1.0. 28 FEB 2023 The PowerValidatedSolutions PowerShell module is now version 2.0.1. 31 JAN 2023 The PowerValidatedSolutions PowerShell module is now version 2.0.0. 29 NOV 2022 n The VMware.PowerCLI PowerShell module is now version 12.7.0. n The VMware.vSphere.SsoAdmin PowerShell module is now version 1.3.8. n The PowerValidatedSolutions PowerShell module is now version is 1.10.0. VMware by Broadcom 16 Intelligent Logging and Analytics for VMware Cloud Foundation Revision Description 25 OCT 2022 n This validated solution now supports VMware Cloud Foundation 4.5.0. n The PowerValidatedSolutions PowerShell module is now version 1.9.0, adding support for the following procedures: n Configure Log Forwarding Between VMware Cloud Foundation Instances n Verify the Integration of VMware Aria Operations with VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation 27 SEP 2022 The PowerValidatedSolutions PowerShell module is now version 1.8.0. 31 MAY 2022 n This validated solution now supports VMware Cloud Foundation 4.4.1. n The PowerVCF PowerShell module is now version 2.2.0. n The PowerValidatedSolutions PowerShell module is now version 1.7.0. 28 APR 2022 The PowerValidatedSolutions PowerShell module is now version 1.6.0 adding support for the Reconfigure the Collector Group for the VMware Aria Operations for Logs Integration for Intelligent Logging and Analytics for VMware Cloud Foundation procedure. 29 MAR 2022 n The PowerValidatedSolutions PowerShell module is now version 1.5.0, adding support for the Add a Ping Adapter for the VMware Aria Operations for Logs Cluster for Intelligent Logging and Analytics for VMware Cloud Foundation procedure. n The Configure the VMware Aria Operations for Logs Agent Group for the Clustered Workspace ONE Access for Intelligent Logging and Analytics for VMware Cloud Foundation PowerShell procedure has been updated. n The Create a VMware Aria Operations for Logs Photon OS Agent Group for the Management Nodes for Intelligent Logging and Analytics for VMware Cloud Foundation PowerShell procedure has been updated. n Added an example persona reference. See Personas in Intelligent Logging and Analytics for VMware Cloud Foundation. n Added two new design decisions about monitoring 005 and 006 for Intelligent Logging and Analytics for VMware Cloud Foundation that already had procedures in the guide. Design decision 004 is also updated. See Monitoring and Alerting of Intelligent Logging and Analytics for VMware Cloud Foundation. VMware by Broadcom 17 Intelligent Logging and Analytics for VMware Cloud Foundation Revision Description 22 FEB 2022 n This validated solution now supports VMware Cloud Foundation 4.4. n This validated solution now requires installation of the ImportExcel PowerShell module. n The PowerValidatedSolutions PowerShell module is now version 1.4.0. n The VMware.PowerCLI PowerShell module is now version 12.4.1. n Starting with VMware Cloud Foundation 4.4, installation and life cycle management of vRealize Log Insight is performed by using vRealize Suite Lifecycle Manager. See Life Cycle Management Design for Intelligent Logging and Analytics for VMware Cloud Foundation. 25 JAN 2022 n The PowerValidatedSolutions PowerShell module is now version 1.3.0. n The VMware.vSphere.SsoAdmin PowerShell module is now version 1.3.7. VMware by Broadcom 18 Intelligent Logging and Analytics for VMware Cloud Foundation Revision Description 30 NOV 2021 n The PowerVCF PowerShell module is now version 2.1.7. n The PowerValidatedSolutions PowerShell module is now version 1.2.0, adding support for the following implementation procedures. n Deploy VMware Aria Operations for Logs by Using VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation n Activate Authentication for VMware Aria Operations for Logs by Using Active Directory over LDAP for Intelligent Logging and Analytics for VMware Cloud Foundation n Connect a VI Workload Domain to VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation n Configure All NSX Nodes to Forward Logs to VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation n Install and Configure the VMware Aria Operations for Logs Agent on the Clustered Workspace ONE Access Nodes for Intelligent Logging and Analytics for VMware Cloud Foundation n Configure the VMware Aria Operations for Logs Agent Group for the Clustered Workspace ONE Access for Intelligent Logging and Analytics for VMware Cloud Foundation n Create a VMware Aria Operations for Logs Photon OS Agent Group for the Management Nodes for Intelligent Logging and Analytics for VMware Cloud Foundation n Configure SMTP for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation n Configure Log Retention and Archiving for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation n Assign VMware Aria Operations for Logs Roles to Active Directory Groups for Intelligent Logging and Analytics for VMware Cloud Foundation VMware by Broadcom 19 Intelligent Logging and Analytics for VMware Cloud Foundation Revision Description 26 OCT 2021 n This validated solution now supports VxRail. See Chapter 1 Design Objectives of Intelligent Logging and Analytics for VMware Cloud Foundation. n The PowerValidatedSolutions PowerShell module is now version 1.1.0, adding support for the following implementation procedures. n Add VMware Aria Operations for Logs License to VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation n Add the VMware Aria Operations for Logs Admin Password to VMware Aria Suite Lifecycle for Intelligent Logging and Analytics for VMware Cloud Foundation n Add the VMware Aria Operations for Logs Virtual Machines to the First Availability Zone VM Group for Intelligent Logging and Analytics for VMware Cloud Foundation n The operational guidance now includes shutdown and startup procedures for the solution components. See Shutdown and Startup of Intelligent Logging and Analytics for VMware Cloud Foundation. 05 OCT 2021 This validated solution now supports VMware Cloud Foundation 4.3.1. 24 AUG 2021 Initial release. VMware by Broadcom 20 Design Objectives of Intelligent Logging and Analytics for VMware Cloud Foundation 1 The Intelligent Logging and Analytics for VMware Cloud Foundation validated solution has objectives to deliver prescriptive content about the solution so that it is fast to deploy and is suitable for use in production environments. VMware Validated Solution Objective Description Main objective Provide logging, analytics and reporting for VMware Cloud Foundation infrastructure components. VMware Cloud Foundation architecture n vSAN ReadyNodes support n Consolidated n Standard n Single VMware Cloud Foundation instance n Multiple VMware Cloud Foundation instances with NSX Federation n Single or multiple VMware Cloud Foundation instances with multiple availability zones n Dell VxRail Nodes n Standard n Single VMware Cloud Foundation instance n Multiple VMware Cloud Foundation instances with NSX Federation n Single or multiple VMware Cloud Foundation instances with multiple availability zones Workload domain type support n Management Workload domain n VI Workload domain Scope of guidance n Detailed design for solution components. n Deployment and initial configuration of intelligent logging and analytics components for management and VI workload domains. n Operational guidance for solution components, such as operational verification, password management, and certificate management. n Solution interoperability with solution components, such as monitoring and life cycle. VMware by Broadcom 21 Intelligent Logging and Analytics for VMware Cloud Foundation VMware Validated Solution Objective Description Scope of implementation n Deployment and configuration of solution components: n VMware Aria Operations for Logs n Content Packs n Configuration of logging of VMware Cloud Foundation components: n ESXi n vCenter Server n NSX n SDDC Manager n VMware Aria Suite Lifecycle n Workspace ONE Access Cloud type Private Cloud Number of syslog connections 200 Retention period for the medium-size 7 days appliance Archive policy for the medium-size 90 days appliance Shared storage space for log archival 400 GB Load Balancing VMware Aria Operations for Logs Integrated Load Balancer Overall availability 99% Authentication, authorization, and access n Use of Active Directory over LDAP for authentication. control n Use of security groups and roles for least-privilege access control. n Use of service accounts and least-privilege access control for solution integration. Certificate signing Certificates are signed by a certificate authority (CA) that consists of a root and intermediate certificate authority layers. VMware by Broadcom 22 Detailed Design of Intelligent Logging and Analytics for VMware Cloud Foundation 2 The design considers the components of the Intelligent Logging and Analytics for VMware Cloud Foundation validated solution. It includes numbered design decisions, and the justification and implications of each decision. Read the following topics next: n Logical Design of Intelligent Logging and Analytics for VMware Cloud Foundation n Deployment Specification of Intelligent Logging and Analytics for VMware Cloud Foundation n Network Design for Intelligent Logging and Analytics for VMware Cloud Foundation n Life Cycle Management Design for Intelligent Logging and Analytics for VMware Cloud Foundation n VMware Aria Operations for Logs Design for Intelligent Logging and Analytics for VMware Cloud Foundation n Information Security and Access Control Design for Intelligent Logging and Analytics for VMware Cloud Foundation Logical Design of Intelligent Logging and Analytics for VMware Cloud Foundation Deploy a VMware Aria Operations for Logs cluster of three nodes in the default management vSphere cluster in each VMware Cloud Foundation instance. This configuration provides continued availability and increased log ingestion rates. VMware Aria Operations for Logs collects logs to provide logging information about components of a VMware Cloud Foundation instance from a central location. VMware by Broadcom 23 Intelligent Logging and Analytics for VMware Cloud Foundation Figure 2-1. Logical Design of VMware Aria Operations for Logs Log Forwarding VCF Instance A VCF Instance B Integration Access Access Integration vSphere User Inteface User Inteface vSphere VMware Aria Operations API API VMware Aria VMware Aria Operations for Logs Operations for Logs Integrated Integrated Logging Sources Load Balancer Load Balancer Logging Sources NSX Primary Worker Primary Worker NSX 1 1 Worker Worker Worker Worker vCenter 2 N 2 N vCenter Server Server Content Packs Content Packs ESXi Ingestion API Ingestion API ESXi Syslog Syslog VMware Aria VMware Aria Operations Operations VMware Aria VMware Aria Automation Supporting Supporting Automation Log Log Infrastructure Infrastructure Archive, Archive, AD, AD, NFS NFS DNS,NTP, DNS,NTP, Additional Export Export Additional SMTP SMTP Solutions Solutions You deploy a VMware Aria Operations for Logs cluster configuration that consists of the following entities. VMware by Broadcom 24 Intelligent Logging and Analytics for VMware Cloud Foundation Table 2-1. VMware Aria Operations for Logs Cluster Configuration Single VMware Cloud Foundation Single VMware Cloud Foundation Instance with a Single Availability Instance with Multiple Availability Multiple VMware Cloud Foundation Zone Zones Instances n A three-node medium-size n A three-node medium-size n In each VMware Cloud VMware Aria Operations for Logs VMware Aria Operations for Logs Foundation instance, a three- cluster that is highly available with cluster that is highly available with node medium-size VMware Aria an integrated load balancer (ILB) an integrated load balancer (ILB) Operations for Logs cluster that is deployed on the local-instance deployed on the local-instance highly available with an integrated NSX segment in the management NSX segment in the management load balancer (ILB) deployed on domain. domain. the corresponding local-instance n vSphere HA protects the VMware n vSphere HA protects the VMware NSX segment in the management Aria Operations for Logs cluster. Aria Operations for Logs cluster. domain. n A vSphere DRS rule specifies n vSphere HA protects the VMware that the VMware Aria Operations Aria Operations for Logs cluster. for Logs cluster virtual machines run on ESXi hosts in the first availability zone. Deployment Specification of Intelligent Logging and Analytics for VMware Cloud Foundation The deployment specification details the design decisions covering physical design and sizing for VMware Aria Operations for Logs. Deployment Model for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation The VMware Aria Operations for Logs cluster consists of one primary node and two worker nodes behind an integrated load balancer. Deployment Type You enable the integrated load balancer (ILB) on the three-node cluster so that all log sources can send logs to the cluster. When using the ILB, if there is a scale-out, it is not necessary to reconfigure all log sources with a new destination address. Using the ILB also guarantees that VMware Aria Operations for Logs accepts all incoming ingestion traffic. VMware Aria Operations for Logs users accessing the web user interface or API, and clients ingesting logs using syslog or the Ingestion API, connect to VMware Aria Operations for Logs by using the ILB address. In this validated solution, you deploy the VMware Aria Operations for Logs nodes on the default management vSphere cluster in each VMware Cloud Foundation instance. The SDDC can comprise multiple VMware Cloud Foundation instances and multiple availability zones. VMware by Broadcom 25 Intelligent Logging and Analytics for VMware Cloud Foundation VMware Aria Operations for Logs is distributed as a product bundle that you download to VMware Aria Suite Lifecycle in VMware Cloud Foundation mode. To accomplish the design objective of this design, you deploy or reuse the following components to deploy this validated solution for VMware Cloud Foundation: n SDDC Manager n VMware Aria Suite Lifecycle n Supporting infrastructure services, such as Active Directory, DNS, and NTP. Table 2-2. Design Decisions on Deployment of VMware Aria Operations for Logs Decision ID Design Decision Design Justification Design Implication ILA-VAOL-CFG-001 Deploy a three node n Provides high n You must deploy a VMware Aria Operations availability. minimum of three for Logs cluster - n Using the integrated medium-size nodes. one primary and two load balancer prevents n You must size all nodes worker nodes with an a single point of failure. identically. integrated load balancer, n Using the integrated n If the capacity of in the default management load balancer simplifies your VMware Aria vSphere cluster. the VMware Aria Operations for Logs Operations for Logs cluster must expand, deployment and identical capacity must subsequent integration. be added to each node. ILA-VAOL-CFG-002 To deploy VMware Aria VMware Aria Operations You must deploy VMware Operations for Logs, use for Logs product binary Aria Suite Lifecycle in each the VMware Aria Suite is downloaded directly VMware Cloud Foundation Lifecycle instance in the to VMware Aria Suite instance. corresponding VMware Lifecycle in VMware Cloud Cloud Foundation instance. Foundation mode. ILA-VAOL-CFG-003 Protect all VMware Aria Supports the availability None. Operations for Logs cluster objectives for VMware nodes by using vSphere Aria Operations for Logs High Availability. without requiring manual intervention during an ESXi host failure event. VMware by Broadcom 26 Intelligent Logging and Analytics for VMware Cloud Foundation Table 2-2. Design Decisions on Deployment of VMware Aria Operations for Logs (continued) Decision ID Design Decision Design Justification Design Implication ILA-VAOL-CFG-004 Apply a vSphere Using vSphere DRS n You must perform Distributed Resource prevents the VMware Aria additional configuration Scheduler (DRS) anti- Operations for Logs cluster to set up an anti- affinity rule to the VMware virtual machines from affinity rule. Aria Operations for Logs running on the same ESXi n For a default cluster virtual machines. host and risking the high management vSphere availability of the cluster. cluster that consists of four ESXi hosts, only a single ESXi host can enter maintenance mode at the same time. ILA-VAOL-CFG-005 Place the VMware Aria Provides an organization You must create the virtual Operations for Logs cluster of the VMware Aria machine folder. virtual machines in a Operations for Logs nodes dedicated virtual machine in the management domain folder. inventory. Deployment for Multiple Availability Zones In an environment with multiple availability zones, the VMware Aria Operations for Logs cluster runs in the first availability zone. If a failure occurs in the first availability zone, the VMware Aria Operations for Logs cluster is failed over to the second availability zone. Table 2-3. Design Decision on Deployment of VMware Aria Operations for Logs for Multiple Availability Zones Decision ID Design Decision Design Justification Design Implication ILA-VAOL-CFG-006 When using two availability Ensures that, by default, If VMware Aria Operations zones, add the VMware the VMware Aria for Logs is deployed Aria Operations for Logs Operations for Logs cluster after the creation of cluster virtual machines to virtual machines are the stretched cluster the first availability zone powered on within the for management domain VM group. first availability zone hosts availability zones, the group. VM group for the first availability zone virtual machines must be updated to include the VMware Aria Operations for Logs cluster nodes. Deployment for Multiple VMware Cloud Foundation Instances In an environment with multiple VMware Cloud Foundation instances, you deploy a VMware Aria Operations for Logs cluster in each VMware Cloud Foundation instance. VMware by Broadcom 27 Intelligent Logging and Analytics for VMware Cloud Foundation Table 2-4. Design Decisions on Deployment of VMware Aria Operations for Logs for Multiple VMware Cloud Foundation Instances Decision ID Design Decision Design Justification Design Implication ILA-VAOL-CFG-007 In an environment with Provides a local VMware You must deploy VMware multiple VMware Cloud Aria Operations for Aria Suite Lifecycle in each Foundation instances, Logs infrastructure to VMware Cloud Foundation deploy a three node each VMware Cloud instance. VMware Aria Operations Foundation instance for for Logs cluster the default both availability, scale and management vSphere performance reasons. cluster in each VMware Cloud Foundation instance. ILA-VAOL-CFG-008 In an environment with Provides an organization You must create the virtual multiple VMware Cloud of the VMware Aria machine folder. Foundation instances, Operations for Logs cluster place the VMware Aria nodes in the management Operations for Logs cluster domain inventory. virtual machines in each instance in a dedicated virtual machine folder. Sizing Compute and Storage Resources To provide enough resources to accommodate the logs for the management components of the SDDC, you size resources for VMware Aria Operations for Logs. To accommodate log data from the products in the SDDC, you must correctly size the compute resources and storage for the VMware Aria Operations for Logs cluster nodes. For a detailed sizing guidance, see the Sizing Estimator for VMware Aria Operations for Logs. By default, the VMware Aria Operations for Logs appliance uses the predefined values for medium configurations. To collect and store log data from management components according to the objectives of this design, select the appropriate size for the VMware Aria Operations for Logs nodes. Table 2-5. Compute Resources for VMware Aria Operations for Logs per VMware Cloud Foundation Instance Attribute Per Appliance Per Cluster Appliance size Medium Medium CPU 8 vCPUs 24 vCPUs Memory 16 GB 48 GB Disk capacity 530 GB 1,590 GB IOPS 1,000 3,000 Amount of processed log data when 75 GB/day 225 GB/day using log ingestion VMware by Broadcom 28 Intelligent Logging and Analytics for VMware Cloud Foundation Table 2-5. Compute Resources for VMware Aria Operations for Logs per VMware Cloud Foundation Instance (continued) Attribute Per Appliance Per Cluster Number of processed log messages 5,000 events/second 15,000 events/second Environment Up to 250 syslog connections Up to 750 syslog connections Sizing is usually based on the organization requirements. This design provides calculations that are based on an implementation in a single VMware Cloud Foundation instance. This sizing is calculated according to the following logging sources in the VMware Cloud Foundation instance: Table 2-6. Logging Sources for VMware Aria Operations for Logs Category Logging Source Management domain SDDC Manager appliance vCenter Server appliance ESXi hosts NSX Manager instances NSX Edge instances VI workload domain vCenter Server appliance ESXi hosts NSX Manager instances NSX Edge instances VMware Aria Suite life cycle and access management VMware Aria Suite Lifecycle appliance Clustered Workspace ONE Access nodes Additional Solutions (if integrated into the environment VMware Aria Operations nodes VMware Aria Automation nodes Site Recovery Manager appliance vSphere Replication appliance The expected number of logging sources across two VMware Cloud Foundation instances requires approximately 160 GB of storage per node. Based on this example, the storage space that is allocated per medium-size VMware Aria Operations for Logs appliance is sufficient to monitor a multi-instance VMware Cloud Foundation. VMware by Broadcom 29 Intelligent Logging and Analytics for VMware Cloud Foundation Table 2-7. Design Decision on Sizing of VMware Aria Operations for Logs Decision ID Design Decision Design Justification Design Implication ILA-VAOL-CFG-009 Deploy each node in the n Accommodates You must scale-up the VMware Aria Operations the expected appliance size of the for Logs cluster as a approximately 200 VMware Aria Operations medium-size appliance. syslog and VMware for Logs nodes if the Aria Operations number of log sources for Logs agent exceeds the connection connections. threshold for a medium- n Using medium-size sized appliance. nodes ensures that the storage space for the VMware Aria Operations for Logs cluster is sufficient for seven days of data retention. Retention and Archiving Design for VMware Aria Operations for Logs for Intelligent Logging and Analytics for VMware Cloud Foundation Conf

Use Quizgecko on...
Browser
Browser