In my previous post Step-by-step VMware Cloud Foundation 4.3 design and install vRNI Binaries we have uploaded vrealize network insight binaries to the local repository which has enabled us for deployment of vRealize network insight.
As we have already discussed in our previous post that vRealize network insight is not a part of VMware cloud foundation bill of material. Its deployment is a little bit different from other vRealize suite products.
In this post we will be discussing how to deploy vRNI and how this deployment is different from other vRealize suite products. This is not the last product which can be integrated with VMware cloud foundation, this is the last product I am going to cover in this VCF design and deploy series.
What is vRealize network insight?
Well in simple words, VMware vRealize network insight is a very powerful network monitoring tool. It provides insightful information about the network (Virtual and Physical), which helps in an efficient use of network resources.
But do not confuse it with just a monitoring tool, its more than that. It can manage network with application discovery. It helps in managing/operating an optimized, scalable, highly available and secure network. This is not limited to an op-prem datacenter but can be leveraged in a multi-cloud infrastructure.
So if I have to summarize, I would say vRNI is a powerful network monitoring and management tool, which is getting matured and refined each passing day as VMware engineering teams are innovating it.
One of my friend Bharath Babbur wrote a nice piece on vRNI, you can refer.
What are the benefits of vRealize Network insight?
We now know network insight is a network monitoring tool, but is that the only purpose it serves or can it do more?
Well it does have other use cases, which will help you understand the capabilities of the product.
1) Single Pane of glass for network monitoring
vRealize network insight is a product of VMware that signifies it has a tight integration with VMware's software defined network solution. Not only virtual but vRNI has integration with almost every major players in networking space. Which makes it a tool which can not only monitor virtual, but physical network as well.
2) Application Discovery and Visibility
vRNI not only monitors, but helps network admins to look onto network flows which are aligned with application network requirements. For instance when vRNI collects the data, it starts using its machine learning capability and starts generating insightful information, which then helps network admins to understand application boundaries in network topologies, what are shared services, which one are independent flows. So in other words we can say that vRNI gives capability to network admin of looking into network flows from application view point.
3) Dependency Mapping
vRNI uses its machine learning capabilities and AI to present network admins with a application components dependent view based on traffic flow. Which is network admin to understand how application components are interacting with each other. Which can also be looked at by the application teams to verify if the interaction or flows are legit or not.
4) Micro-Segmentation Journey
Micro-segmentation is not something which an organization can achieve over night, its a journey. Anyone who is planning for micro-segmentation should understand their network, servers and most importantly their applications connectivity model. As in how application components interact with each other. Dependency mapping does just that and vRNI AI provides recommendations with the rules which should be in place to allow necessary network flows, network admins can review the firewall rules and apply them before enabling Zero Trust Model, that's not just it, even in a brown field deployment or incase a new application is introduced in your organization vRNI will learn the flows and will help implementing policies easily and effectively which could have taken way more efforts.
5) Troubleshooting Network issues
I would recommend you to review vRNI product page.
Watch deployment video
How to deploy VMware vRealize Network Insight?
3) Click on generate to generate or import for importing a third party cert. I am generating the cert.
4) Now fill in all the required details, this the same cert which will be used for platform and proxy VM hence don't forget to mention names and IP for both appliances.
7) Provide a name for vRNI environment, select default password, select datacenter and choose Activate SDDC manager Integration on the environment radio button.
8) Now choose vRNI from available products list, and choose deployment type. In production you should be going with cluster mode, hence while generating certificate make sure you include all cluster nodes and VIP in certificate. I am deploying this as standard mode.
14) For all other vRealize products Infrastructure and network tabs were pre-populated, where-in for network insight you need to provide these details. Here you can choose to integrate with identity manager (WSA).
15) First provide network details. to use same DNS server as rest of the products click on edit server selection or click on add new server for adding new.
17) Select checkbox for use NTP server.
18) Select VCF NTP server from the list.
19) Now check the box for creating an anti affinity rule for the appliances. and provide appliance details.
20) Perform pre-checks and all checks should be passed, finally submit the task.
21) Now keep an eye on the deployment status, if you observe any error then resolve it and restart the task.
22) Once all tasks are complete deployment is complete.
No comments:
Post a Comment