I recently covered the newly supported VIDM integration in Log Insight 4.3. In this post, I would like to focus on the “Redirect URL Host” option to discuss how it works and what is required to make it work properly. Read on to learn more.
Log Insight 4.3 offers supported, external VIDM integration. What I mean is that it does NOT ship with VIDM internally — like vRealize Automation — and instead requires an external VIDM instance to be available (e.g. on-prem VIDM, cloud version of VIDM, or vRealize Automation). Given that an external VIDM instance is required when logging into Log Insight via VIDM, the Log Insight UI forces redirection to the VIDM UI to handle the authentication request. After authentication is completed, VIDM must redirect back to Log Insight. This last piece is exactly what the “Redirect URL Host” option under VIDM integration is referring to:
When configuring VIDM integration in Log Insight, the follow behavior can be expected for the “Redirect URL Host” option:
- If a standalone Log Insight instance, the IP of the standalone node will be used
- If a clustered Log Insight instance with no ILB VIP, the nodes hostname as defined in /internal/config (always IP for workers nodes, but may be IP or FQDN for master node) will be used
- If a clustered Log Insight instance with a single ILB VIP, the ILB VIP will be used
- If a clustered Log Insight instance with multiple ILB VIPs, the alphabetically sorted VIP will be the default, but the user has the ability to select a different ILB VIP
After initial configuration, the “Redirect URL Host” option can be changed if a different ILB VIP becomes available (i.e. is added on the /admin/cluster page). Changing this option does require re-entering the credentials associated with the local user used for binding. So why am I explaining all of this to you? Yes, I want to you understand how the system works, but the primary reason is because configuration of this option and how you connect Log Insight matters. In my next post, I will cover different behaviors you may experience depending on how you have Log Insight configured and changes you can make to optimize the experience.
© 2017, Steve Flanders. All rights reserved.
2 comments on “Log Insight VIDM: Redirect URL Host”
on my nonclustered vRealice LogInsight instance I just see the IP address of my LI instance, not the hostname. Hence, I get redirected to the IP address which gives an SSL certificate error, since it’s only valid for the host name.
Why is the FQDN not available?
The hostname resolves to the IP address and the IP adress resolves back to the hostname (I just double-checked in via ping and nslookup).
Thanks for the comment! I think you will enjoy my post tomorrow as it covers exactly this. In short, the best practice is to use a clustered environment in production, but whether using a clustered environment or not you should be using the Integrated Load Balancer (ILB). The ILB allows you to work around this issue.