CategoryVMware

Natural Language Searches with PowervRNI

vRealize Network Insight 6.3 brought a new API endpoint: /search/ql. The QL stands for Query Language, which is the same language that’s used in the search bar. I added support for that endpoint in PowervRNI 2.0 with the cmdlet Invoke-vRNISearch. With this post, I’d like to explain why that’s the best since sliced bread. 😉

Previously, there was the /search API endpoint, but that used an internal query language. You would run a search in the vRNI interface, open up the browser Developer Tools and look for the internal query that went against the vRNI backend. You could … Read more

Securing Platform Communication in a vRealize Network Insight Cluster

Hi there! It’s been a while. How are you doing? In the last release of vRealize Network Insight, version 6.3, there’s a new feature called Secure Cluster Communication. By default, the communication between Platform and Collectors is encrypted via TLS. A Platform cluster, has a few data replication services (FoundationDB, Kafka,  running between them – which are not all encrypted by default. The Secure Cluster Communication feature allows you to set up VPN tunnels between the Platform nodes and encrypt all traffic going between them. 

It’s not recommended to split Platform nodes between different locations. But, if you do … Read more

Adding a second network interface to a vRealize Network Insight Collector

Sometimes networks are so firewalled off that you need management appliances with 2 network interfaces to manage the devices inside the quarantined network. This is sometimes true for network device management, where there’s no way to connect to the switch, router, firewall, or load balancer over the regular network and a jump host is always needed. If you want to monitor them, the monitoring appliances would have 1 interface in the quarantined network and 1 interface in a network where it can be accessed by admins. While it’s a different discussion about whether that’s safe or not (compromise the monitoring … Read more

Using OAuth for VMware Cloud Authentication

API calls towards VMware Cloud are typically done using refresh tokens. Most examples you can find about the VMC API are around refresh tokens. These are personally bound to a VMC user. Which makes sense, you are doing something (creating an SDDC, or getting info, etc.). But, what if you’re building a service against VMware Cloud and need all API calls not to be bound to an individual? That’s where OAuth apps come in.

I wanted to document my tinkering to get an OAuth app to work and retrieving information around SDDCs, using that way of authentication. 

Create OAuth App

Read more

Using Terraform to deploy vRealize Network Insight Cloud Collector to VMware Cloud on AWS

That’s a long post title, right?! Well, a lot of moving parts for this one. 😉

Terraform is a powerful tool to achieve infrastructure-as-code. You can do many things, from configuring Cisco ACI to creating and maintaining a VMware Cloud on AWS and everything in between. There’s also a vSphere provider that allows you to deploy VMs from OVA templates. That’s where this story begins.

vRealize Network Insight Cloud has a platform where the data is stored and a collector, which does the collecting. This collector needs to be placed as close to the data source as possible. For VMware Read more

NSX-T Manager: Increasing API requests per second

By default, the NSX-T Manager has a protection mechanism in place to prevent the API from being overloaded. This is a good thing, protecting the NSX-T Manager.

But, the increasing integrations into NSX-T, make it so that more and more products are using the NSX-T API to monitor or configure NSX (vRealize Network Insight, vRealize Operations, vRealize Automation, etc.). I’ve hit this limit several times and needed to push that limit up. 

The API Guide states that the default maximum API request number is 100 per second. In the guide, there’s a reference to the API call to change the … Read more

Archiving Network Flows from vRealize Network Insight to Log Insight

vRealize Network Insight (vRNI) captures all traffic going through the network. It stores the traffic in flow records, and these are made up out of a source, destination, protocol, and port number. The metrics are attached so you can get a nice graph of the traffic behavior.

vRNI Flows and context

After creating the flow, vRNI goes on and attaches a lot of context to that flow: Is it coming from a VM? Is there a firewall rule attached? Which vCenter is this flow going through? What kind of SD-WAN Policies are attached? If any of this context changes (i.e., a VM got renamed), … Read more

© 2024 Lostdomain

Theme by Anders NorénUp ↑