There are a few reasons you’d want to have multiple Network Insight instances collecting data from the same data sources. Maybe one is a staging instance, and the other is a production instance. Perhaps you’re rebuilding Network Insight on another instance (and can’t move the existing one), but do want to have them running parallel for some time. I could go on.
One of the challenges is being able to collect network flows in both instances, as vSphere can only send flows to a single collector IP. You could solve this with a NetFlow duplicator, but now there’s another option.
With the release of vRealize Network Insight version 5.3 – there was a pretty cool tool added to the command-line interface: flow-sync
Flow Sync
Instead of opting to forward the NetFlow records and hoping they are correctly received (it’s still UDP), the flow sync tool synchronizes the capture files from the sender collector to the receiver collector. The tool uses rsync to do so, which is more reliable than UDP. 😉
Synchronizing the capture files happens every time the source collector creates or edits one of its capture files. This means that syncing is instantaneous and not a scheduled task. The sync will catch all flow updates, and make sure both the sender and receiver are looking at the same flows.
Configuration
The flow-sync configuration is pretty straight forward. As it uses rsync, there’s a pairing process when you first set it up. You have the sender collector; this is the collector that receives the flows from ESXi, NSX, or physical network devices. Then you have the receiver collector; this is the collector that will receive the flows from the sender collector.
Start Receiver
First, start the receiver process on the collector, which will allow the sender to make contact. You’ll get a shared secret that you can then use on the sender:
The secret contains the information that the sender needs to connect to the receiver collector—the IP address, and the SSH key used for authentication.
Start Sender
As you can see, you get the exact command needed to execute on the sender. Copy and paste away on the sender collector!
Checking the Sync
After configuring the sender, the process will start to watch the flow capture files and use rsync to synchronize them to the receiver. You can check the status by using flow-sync status and flow-sync logs.
On the receiver:
That’s it!
You can find references for the flow-sync tool in the Network Insight CLI documentation, here.Â
Leave a Reply