In this blog post, I will take you through how we can integrate VMware Enterprise PKS with vRealize log insight.
Centralized logging is a main part of any Kubernetes deployment. Configuring and maintaining a real-time high-performance central repository for log collection can ease the day-to-day operations of any environment.
vRealize Log Insight is a log collection and analytics appliance that enables administrators to collect, view, manage and analyze syslog data. Log Insight provides real-time monitoring of application logs, network traces, configuration files, messages and performance data.
Let’s see how to configure Enterprise PKS with vRLI.
Configure PKS Tile :
To begin the process, login to Operations Manager using the admin user account.
From the installation dashboard, click on the Enterprise PKS Tile.
Go to settings > Logging
Select ‘Yes’ under Enable VMware vRealize Log Insight Integration option
Update the vRLI host details and other configuration as below.
- Host : IP address or FQDN of the vRLI host
- Enable SSL : Encrypt the logs being sent to vRLI using SSL
- Disable certification SSL validation : Skips certificate validation for the vRLI host
- Rate limiting : The rate(Time in milliseconds) at which logs are sent to the vRLI host
- Disabling certificate validation is not recommended for production environments
- If your deployment is generating a high volume of logs, you can increase rate limit value to limit network traffic
Once done, click on the save button to update the configuration on the PKS Tile. You will see the confirmation on the top of the page.
Now apply the changes so that the settings gets pushed into the PKS vm and the Kubernetes clusters. For that, from the installation dashboard window, click on Review Pending Changes.
These settings apply to any clusters created after you have saved these configuration settings and clicked Apply Changes. If the Upgrade all clusters errand has been enabled, these settings are also applied to existing clusters. Once done, click on Apply Changes.
Once the changes are applied successfully, you will see the confirmation as below.
Enterprise PKS is now integrated with vRealize Log Insight. Let’s go to the vRLI and verify it. For that, login to the vRLI GUI using the admin account.
Go to the interactive analytics tab and search for PKS. You will see all the entries with PKS in the logs.
Now let’s search for any uaa related entries in the logs. You can see client authentication successful logs from the uaa events logs as below.
I have now created some nginx PODS on the Kubernetes cluster.
You can see the POD creation success entries as below
vRLI delivers innovative indexing and machine learning based intelligent grouping which enables high performance searching, faster troubleshooting across physical, virtual and cloud environments. It reduces problem resolution time for your PKS or any other environment that it is integrated with. You can create specific dashboards and set email alerts for specific events happening in the environment.
This concludes the blog post, I hope it helps you to integrate your PKS environment with VMware vRealize Log Insight easily.