Cisco ACI based environment conflicting with the VIP in vRealize Log Insight
book
Article ID: 315988
calendar_today
Updated On:
Products
VMware Aria Suite
Issue/Introduction
Symptoms:
- The Administration > Management >System Monitor page intermittentlyshows Failed to load resourcesand agents are reporting Disconnectedin a Cisco ACI based environment.
- vRealize Log Insight VIP is not reachable for ingestion, however ingestion sent directly to a node succeeds.
Environment
VMware vRealize Log Insight 8.x
VMware vRealize Log Insight 4.6.x
VMware vRealize Log Insight 4.8.x
VMware vRealize Log Insight 8.1.x
VMware vRealize Log Insight 4.7.x
Aria operation for logs 8.x
Cause
The vRealize Log Insightload balancer uses a Direct Server Return (DSR) configuration.
By default, DSR does not work in Cisco ACI because of data-plane IP learning.
Resolution
The L4-L7 Virtual IPs option was introduced in Cisco Application Policy Infrastructure Controller (APIC) Release 1.2(1m).
This option is located at Tenant > Application Profiles > Application EPGs or uSeg EPGs.
This option disables data-plane IP learning for the specific DSR virtual IP address. Failure to disable IP learning for the DSR virtual IP address will result in IP endpoint flapping between different locations in the Cisco ACI fabric.
For more information, seeACI Fabric Endpoint Learning White Paper.
Note: Ensure that GARP is set to "enabled" for the segment on CISCO ACI. The default GARP setting is "disabled."
After following the above steps, it is necessary to perform a reboot of all nodes in the vRealize Log Insight cluster.
Note:A service restart will not suffice here, a reboot is required.
- In the vRealize Log Insight UI, note which node has the ILB (Integrated Load Balancer). You will reboot this nodelast.
- From the vSphere Web Client, right click the vRealize Log Insight node, selectPower > Restart Guest OS
- Repeat step 2 on the remaining nodes in the cluster, one by one.
Feedback
thumb_up Yes
thumb_down No
