In Part 1 of this series we covered the simple installation and configuration of VMware vRealize Log Insight. In Part 2 we will cover how we can further configure and customise Log Insight via Content Packs in order to leverage further logging capabilities.
As mentioned in Part 1, one of the caveats of utilising this ‘free’ version of Log Insight (or more aptly, the 25 OSI license available to all vCenter Server licensees), is the ability to use VMware-only Content Packs. This is far from a bad thing and, as a result, enables us to integrate with other VMware products including NSX, Horizon, SRM, etc. In this article we will focus on the former product.
Applying a new SSL certificate to your NSX Manager really couldn’t be easier and, as the NSX Manager is part of a wider, security orientated product, we might as well do things properly and apply one!
First of all, and if already not in place, we’ll need to create a new Microsoft CA Template for SSL in vSphere. To do this, please take a look at VMware KB article 2112009. The procedure itself is a simple one, and I make reference below to a vSphere 6.x SSL certificate template, so it’s worth pointing out. This template was created using the aforementioned VMware KB.
To replace the NSX Manager SSL certificate, and to cert against your CA of choice, simply follow the below process.
If, like most of us, you forward vCenter and ESXi host Syslog data to centralised Syslog targets (and if you don’t, then I’d advise you do), then you’ll be pleased to hear that (as long as you have a valid vCenter Server license) you’ll be able to utilise the power of VMware vRealize Log Insight to interrogate this data.
This article will be the first in a two part VMware vRealize Log Insight series, the first of which will detail the simple installation and configuration process, with the second article focusing on advanced configuration and integration with VMware NSX via vRealize Log Insight Content Packs (vRealize Log Insight add-ins enabling further integration with both VMware and 3rd party products).
Last Friday I had the privilege of attending the exclusive, and first ever Define Tomorrow Huddle, hosted at the amazing Aerospace Bristol (home of the historic last flight Concorde) by the fantastic team at Computer World Group. The Huddle featured demos from three brilliant sponsors, including Rubrik, Bitdefender and Zerto, all of whom gave a true deep dive of fantastic technologies and solutions.
Absolutely stunned and honoured, and my biggest thank you to the Royal College of Nursing and to all who nominated me for the award of Employee of the Year, presented by none other than Poirot, Jorah Mormont, and Gandalf!
It’s been a busy few weeks (when does ‘busy’ stop being ‘busy’ and just become ‘BAU’?), and with the final quarter upon us, I’m working to complete the last of our projects and implementations, and there aren’t many on my list bigger than a major data centre migration.
One item from the list I’m excited about is our in-house training. Compared with other projects, technical designs, or R&D, internal training can sometimes be seen as a secondary concern, however, rather than simply handing over a solution to an operational support team, I’m a huge fan of getting every member of the team around a table to discuss, challenge, and question the solution, the designs, and the technology. Specifically, myself and colleagues within our Technical Operations team (made up of both Infrastructure and Network Architects) will regularly provide internal training and/or overview sessions to both business owners and technical teams, as well as deep dives into the technologies we either have in development or the designs and implementations we are transitioning into live service.
At this time of year, it’s nice to step back and try not to take things for granted. It’s a real privilege to be able to work with such great partners, technologies (VMware NSX, Horizon, Pure Storage), our colleagues, and being part of a team that’s so passionate about the solutions we design and deploy; ultimately enabling the business to support both our users and members. Thanks to such projects and technologies we have been able to enhance security and automation within the SDDC, provide micro segmentation of critical workloads, and deliver anything services and applications wherever the’re located.
This year will see Vice President & Chief Technology Officer, EMEA at VMware, Joe Baguley presenting the opening keynote, followed by an astounding list of technology breakout sessions and speakers, as well as the much coveted VMware Hands On Labs. This truly is an event not to be missed!
Having designed and deployed VMware NSX in 2017, I’m personally looking forward to the NSX sessions, as well as those covering the recent integration of VMware Cloud and AWS, and I look forward to catching up with the old faces, as well as meeting any new ones.
For information on this year’s UK VMUG UserCon, and to follow the agenda as it’s released, simply visit www.vmug.com, or to register click here.
Following a recent VMware Horizon 7 upgrade, we had a few issues whereby users were unable to download the VMware Horizon Client via the Web Portal. Specifically, clicking the Install VMware Horizon Client link simply resulted in a 404 error. So, where had the installation media gone?
On closer inspection, it appears VMware Horizon 7 handles this configuration slightly differently than in previous versions, but the issue can be easily remedied.
1. First of all, we’ll need to download all clients relevant to your environment (Windows, Linux, Mac, iOS, Android, etc.) via www.vmware.com/go/viewclients. These will need to be saved to C:\Program Files\VMware\VMware View\Server\broker\webapps\downloads on each of your Connection servers.
2. The URL utilised in the Web Portal is defined in the portal-links-html-access.properties configuration file (available at C:\ProgramData\VMware\VDM\portal\). Amend each of the links (or rather the filenames) accordingly to your required platforms:
32-bit Windows installer: link.win32=https://Server-FQDN/downloads/VMware-Horizon-Client-x86-build#.exe
64-bit Windows installer: link.win64=https://Server-FQDN/downloads/VMware-Horizon-Client-x86_64-build#.exe
Windows Phone installer: link.winmobile=https://Server-FQDN/downloads/VMware-Horizon-Client-build#.appx
32-bit Linux installer: link.linux32=https://Server-FQDN/downloads/VMware-Horizon-Client-build#.x86.bundle
64-bit Linux installer: link.linux64=https://Server-FQDN/downloads/VMware-Horizon-Client-build#.x64.bundle
Mac OS X installer: link.mac=https://Server-FQDN/downloads/VMware-Horizon-Client-build#.dmg
Chrome OS installer: link.chromeos=https://Server-FQDN/downloads/VMware-Horizon-Client-ChromeOS-build#.apk
Following the amendments, your portal-links-html-access.properties file should resemble something like the below. Please note, I mention ‘https://ConnectionServerFQDN/ below. In my instance, and as this utilises multiple this is the load-balanced address. When complete, save and close.
# Configure whether download page is accessible
# Configure whether web client page is accessible
# Configure the download page's URL address
# Configure the help page's URL address
# Links of view clients installers on different platforms
3. Lastly, restart the VMware Horizon View Web Component service.
4. Revisit the Web Portal and all should now be well.
If you’ve somehow managed to miss these brilliant (and free) VMware NSX guides, then worry not, as here are the links in all their glory. I cannot praise these books enough. Simply brilliant (and free!)
VMware NSX Micro-segmentation Day 1, by Wade Holmes
In Day 1, Wade Holmes details the migration away from a perimeter-orientated approach, to that of a micro-segmented architecture. VMware NSX enables organisations to utilise enhanced security functionality, whilst visualising traffic within the software-defined data centre.
VMware NSX Micro-segmentation Day 2, by Geoff Wilmington
In Day 2, Geoff Wilmington complements the first guide by delving deeper into micro-segmentation, and details the process of both building and planning an architecture best suited to your applications. Also touched on are the additional tools such as VMware Log Insight, Application Rule Manager, and vRealize Network Insight.
From a personal point of view, the process of planning the migration of applications into NSX was a little daunting during my own implementation, and this guide has been simply invaluable.
In Operationalizing VMware NSX, Kevin Lees discusses how best to bring VMware NSX into ‘business as usual’. Both monitoring and troubleshooting are covered, and insights into team structures and cultures, team roles and responsibilities, etc., are provided. Unlike the ‘how-to’ style of the first two books, this third guide provides a fantastic insight into how NSX can be brought into service.
Following on from my previous posts (What’s New in vSphere 6.5 and VMware VCSA 6.5: Installation & Configuration), a major area for discussion (and excitement) is the VMware Migration Assistant which, should you wish, is able to easily migrate you away from the Windows-based vCenter Server to the Linux-based vCenter Server Appliance (VCSA).
There are pros and cons to the vCenter appliance of course, as well as a healthy number of supporters in each camp, but if you fancy shaving some licensing costs (Windows Server and SQL Server), would like to enjoy a faster vSphere experience (since 6.0), or would just like to be able to take a quick backup of vCenter without having to either snapshot both Windows and SQL Servers elements, or by utilising your backup product of choice to take a full image of your environment, you might just want to take VCSA for a spin.