architecture of vCenter 5.5

When I was building a 5.1 vSphere environment. The dominant recommendation seems to be to install SSO and vCenter on separate servers. Some recommendations are based on size of environment while the other physical separation seems to be based more on separating this young, essentially v1.0 product other services core vCenter. I see a new vSphere 5.5 environment I see slightly different planning recommendations. Most seem to suggest keeping vCenter and SSO on the same VM. I wanted to make sure that it is now the prevailing wisdom and what (if any) types of environments seperation would be even better. I'm looking at architecture appropriate for this environment. Case a couple vCenters, 100 guests, 2000-3000 VMs.

its really low for preference, to the recent Veforum I had to close and personal some smart cookies to VMware and told me SSO and vCenter are designed to work together on the same host and is recommended to keep them together. One of the reasons is not if you have multiple vCenters on one site, then you can extract SSO on its own box and vCenters all connect into that, if this is not the case, no need to have them separated

Tags: VMware

Similar Questions

  • vShield Migration to new vCenter

    Hello

    I'm planning an upgrade of our environment vSphere vSphere 5 6 by building a new architecture of vCenter/PSC and then migrate VM guests on the new vCenters.

    We use 5.1.2 POSSIBLE which I plan to migrate to POSSIBLE 5.5.4 and migrate to the new environment.

    POSSIBLE, we have a vShield Manager and 12 vShield edge devices that handle isolated bubble environments with a lot of firewall and NAT rules on each.

    I tested the process and migration, including the upgrade to 5.5.4 and migration POSSIBLE vShield Manager to the new vCenter and all works well.

    Migrated vShield edge devices work perfectly and their firewall rules all continue to work properly.

    The problem is that when you go in vShield Manager there now new data centers listed, and if you click New data centers there is no configuration in any of them.

    This means that I can not change the configuration of the any of the vShield edges so they are stuck with their set of existing rules.

    To test, I recorded the vShield Manager to return to the original vCenter and the old data center, I see all the edges to configure, but of course it cannot update the settings on them because physical devices no longer exist in this environment.

    The question is, is it possible to move the configuration that vShield Manager knows that there are in the new data center and manage all the edges that have been migrated?

    For example, is it possible to change the Manager vShield configuration database and the datacenter somehow references so the configuration is less visible from the new vCenter.

    I'm really not looking forward to having to recreate all these edges as there are currently a lot of rules in these...

    We have completed our upgrade and migration now and used a combination of processes.

    Below is essentially the whole of the process used.

    (1) upgraded existing vShield Manager and edge v5.5.4 (no effect on the edges running)

    (2) built a new U2 vCenter 6.0 environment

    (3) built a new vShield Manager server connected to the new vCenter

    (4) manually recreated new edges on the new vShield Manager

    -All our sides have basically the same rules so that we all firewalls and NAT configured on an edge rules and then transferred these rules to the remaining edges using the Rest API

    (5) to migrate all 5.0/5.1 for the new vCenter ESXi hosts

    -At this point, all the edges on the old vShield Manager continued to operate fully but could not be reconfigured because their configuration has been stored in the old vCenter.

    (6) upgraded or rebuilt all ESXi hosts to 6.0

    (7) to stop the old edges when it is able to plan outages and deployed a new benefit of the new vShield Manager to replace

    -At this point, we now have a fully managed, deployed and operational edge device that can be configured.

    I made a service call to try to get access to the database of the Manager of vShield directly, but they would not give me the credentials to use

  • Question of VLAN to control package mgt Nexus 1000v

    In the documentation of 1000v of last year he suggested that package VSM and control data use different VLAN. However, in the last 2010 document Cisco now has:

    «Cisco recommends to use the same VLAN for control, package and management, but you don't place data traffic on this VLAN.» Flexibility, you can configure separate VLANs. »

    Cisco also provides "Although the management interface is not used to Exchange data between the MSM and VEM, it is used to establish and maintain the connection between the MSM and VMware VirtualCenter Server".

    In a 'high security' deployment of the 1000v, I'm not quite clear what would look like architecture. VCenter clearly needs to connect to the management interface. Control/data packets can stay on a layer 2 VLAN and not be routable to other networks. I'm not a networking guy, but have need to interface with our network team help design, deploy our 1000v. Would put us the control/package/mgt all on a VIRTUAL LAN, then use the ACL to restrict the traffic of just vCenter and other stations approved management work?

    It seems to me the best solution would be a local network VIRTUAL package control information which is the layer 2 only and therefore no gateway or routing. Then place the management interface VLAN another which have Layer 3 connectivity and set the ACLs on the routing to limit what devices can talk to the management interface.

    Thoughts?

    We changed practices version 1.1 to 1.2 with respect to VLANs. There was a lot of pushing all VLANs was exaggerated and confusing to Setup. In a 'high security' configuration, I agree with your last paragraph. I put on a management VLAN is routable and stick control and packages on a non-routable network of L2.

    It's a perfectly acceptable Setup.

    If you go to ACL do not forget the VSM needed connections the following. You need access to vCenter, ssh/telnet access, monitoring of the access, and we use the network interface of pulsation of backup for VSM HA. The heart beat is pure L2 between two VSMs so keep that in mind.

    Louis

  • equivalent of Vcenter / responsible vlab architecture 32-bit?

    Hi all

    I think I'm on the right group... If not sorry and let me know what is the right one.

    My company has merged with another and we have a center of IBM HS20 blade blades 32 bit.

    I can't install esxi 4.0 because it requires 64 bit architecture (and even for Vcenter... etc.), ok, I'll use ESXi 3.5...

    So now the question: what are the latest version which would be suitable for the Vcenter management and virtual practical work?

    Thanks in advance

    L

    You can install vCenter Server 2.5 or 4.0.

    Both can manage ESXi 3.5.

    And vCenter Server 4.0 can be installed both in 32-bit or 64-bit.

    See the previous doc for all this matrix.

    André

  • Long distance vMotion, vCenter on 6.0, hosts on 5.5

    Has anyone tried this and is this still possible? We are in the middle of all our sites with a new architecture VMware 6.0 refreshing and a big reason is that we want to use vMotion long distance to migrate workloads as we slowly consolidate form 3 to 1 data centers. So far, we have deployed a device VCSA 6.0 and 2 MCS in 2 data centers. We have not yet upgraded 5.5 still hosts.

    I'm not request anyone to test this in their environment or to do our work for us, since we are in the middle of the project and the work that I type, looking for feedback as I'm sure that someone else has tried this scenario in the wild before and well that my google-fu did not surface this answer again. I'm just curious to know if you need to upgrade your managed host of esxi 5.5 computers. 6.0 to perform the vMotion improved long-distance over WAN using link lniked mode OR if the vCenters being on 6.0, added in the same domain SSO and improved bound mode is enough. We would be able to ignore the upgrade about 25 guests because we have not deployed yet VUM so fingers crossed.

    Thanks to anyone who can provide comment to my first question of communities.

    You move between vCenter also? If so, the hosts of ESXi and vCenter must be at version 6.0. See the requirements on the cross vCenter vMotion: Cross vCenter Server VMware vSphere 6.0 vMotion requirements (2106952). VMware KB

    To enable the migration through the server vCenter instances, your environment must meet these requirements:

    • The source and destination and ESXi hosts vCenter server instances must be running version 6.0 or later.

    Anyway, you can upgrade one host in each vCenter and use this host to start the migration.

  • vCenter 6: research MOB Service repeatedly prompts for credentials

    Hello world

    We have 2 vCenters Windows based in our environment, with the following windows + vCenter configuration of version:

    Windows Server 2008 R2 with vCenter 6.0 Update 1 (Embedded Architecture PSC)

    Windows Server 2012 (not R2) with vCenter 6.0 Update 2 (Embedded Architecture PSC)

    On both of these vCenter, we replaced the machine graduated with a 3rd party CA signed certificates (in the case of the vCenter 6.0U2, this has been done while version 6.0U1.)

    For some reason, trying to apply patches with SSL trust anchors broken documented in VMware KB: vCenter server certificate validation error or a service platform for the VMware Solutions external... controller When you go to the search interface of the MOB service @ https:// < vcenter-FQDN > lookupservice/mob, I'm prompted repeatedly for credentials to connect.  I tried the [email protected] account, but also integrated AD who have administrator SSO access accounts.  In both cases, these identification numbers can connect to the PSC / vCenter, fine, but nothing seems to authenticate with the MOB interface for the search service.

    On the two vCenters as well, if I try to access the web interface of the PSC via https:// < vcenter-FQDN > / PSC, I get an error:

    State HTTP 400 - an error has occurred when sending a request for authentication on the Server Single Sign-On PSC - null

    type of status report

    An error occurred when sending a request for authentication on the Server Single Sign-On PSC - null

    Description the request sent by the client is syntactically incorrect.


    I am confident that the two symptoms are related, as we have other vCenters based on Windows running 6.0 Update 1 when it is not a problem.  However, I was at a loss to identify the cause to find all the logs that are correlated with the web interface of the PSC errors or failed authentications in the CROWD.


    Would appreciate advice or guidance on how to solve this problem.  Without being able to connect to the CROWD, we are unable to troubleshoot SSL certificate I described above.  Thank you very much in advance!

    I figured out the problem and documented the findings in my blog here: Troubleshooting expired certificates with vSphere PSC 6 | Virtually understood

  • Installation of VMware 5.5 distributed Architecture and UpdateManager

    Hello everyone

    I installed a new Vmware vCenter 5.5u2.

    In fact, I have 2 servers for this new architecture:

    1. With SSO, inventory and the Webclient service
    2. The other with SQL Server and vCenter Server

    My question is: can I install Manager Vmware update on the first server (adaptation of RAM) and linked the VUM to the SQL Server database on the second (using the ODBC source)?

    If not, which are the recommendations when we choose a Vmware 5.5 "Distributed Architecture".

    Thanks in advance for your help.

    Best regards

    Matt

    Hello MKguy

    I have the feedback of the customer to ensure that the solution would be nice on the production of vmware solution.

    Thank install you for your reply, with that I the Crossover on my virtual machine have SSO, inventory and Webclient and used sql server install on the vcenter server.

    I chose this solution to keep the vcenter server on a dedicated server solution and create a multi-service vmware server.

    In addition, for security reasons, I prefer to open for multi services vmware server firewall rules and not vcenter server.

    Good day

    Best regards

    Matt

  • Big client - vCenter 5.5 response time of the customer Web U1c / questions of Performance and Navigation

    So we're all aware of the issues with vCenter 5.5U1 WebClient and how we are forced to use it to make use of all the features of the v10, vDS 5.5 vHardware (config switch changes the synchronization problems if an emergency change is done on c# client vDS) VSAN only available via the web client, flash, sluggish to questions do not respond the questions and the list goes with the presentation of the menus and hard to navigate, issues SSO (always after 5.5 upgrades)

    So @ VMware vCenter Architecture Team is going to make an effort to hear and give due to the much needed performance improvements and improvements to the user interface before adding more features and SSO type services which majority of clients don't use not and not force it's customers continue to loose faith its vCenter product?

    Looking for answers with options to remove vCenter 5.5 U1c installation as well as a promise to answer to these in vCenter 6.0 version!

    Here is your answer. First of all, to use Chrome as your browser, then you need to go with at least 4vCPU * 32 GB of RAM & adjust the segment size of java for SSO, Tomcat, (TC) Management Server, inventory server and profile based storage to "refine" vCenter device with DB Oracle embedded or external memory. I did, and performance gains went 10 X. This includes the vSAN enabled running clusters. My recommendation that works very well based on design documents:

    vCenter Server inventory

    VMware VirtualCenter Management Webservices (tc Server)

    The inventory service

    (Sps) profile-based storage service

    Large (more than 400 guests or 4000 VMS) stock

    4 GB

    12 GB

    4 GB

    Setting on the vCenter server 5.5 of the memory unit

    • Connect the unit to vCenter server using SSH
    • VI /usr/lib/vmware-vsphere-client/server/wrapper/conf/wrapper.conf configuration file, locate the JVM memory section and change maxmemory to 4096
    Line 66 # Memory #wrapper.java.initmemory = 512wrapper.java.maxmemory = 4096 JVM
    • /usr/lib/vmware-vpx/inventoryservice/wrapper/conf/wrapper.conf VI configuration file, find the setting. MaxMemory and replace it with 12288
    Line 116 # Size (in MB) maximum Java heap wrapper.java.maxmemory = 12288
    • VI /usr/lib/vmware-vpx/sps/wrapper/conf/wrapper.conf find the setting. MaxMemory and change from 1024 to 4096
    On line 154 # Size (in MB) maximum Java heap wrapper.java.maxmemory = 4096
    • Restart the vCenter device w / DB (1000 hosts) external /embedded for lab (100 guests)

    http://KB.VMware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=2005086&sliceId=1&docTypeID=DT_KB_1_1&dialogID=294472825&StateID=1%200%20294492358

    Documentation Centre of vSphere 5.5

    PS: vCenter 6.0 has much better performance based on my beta test... so don't lose hope yet. Many improvements to come...

    PS: I've also broken down on this here until I figured this out just recently: Re: big client - vCenter 5.5 response time of the customer Web U1c / questions of Performance and Navigation

  • ESXi Update 2 work with vCenter 5.1 5.1 update 1?

    We had some communication problems this past weekend, and our team Windows have not upgraded vCenter 5.1 update 1 to 2 of the update. While my team upgraded from some of our guests GA 5.1 ESXI Update 2 to fix some bugs. The hosts are still in maintenance mode.

    We heard vCenter must always be a newer version than the hosts. Yet, the VMware compatibility matrix says may manage ESXi 5.1 5.1 vCenter update 1 update 2.

    We use the DRS, HA and 1 FT vm. We distributed switch and switches Standard.

    We will have problems? Which statement is accurate. vCenter must always be a newer version or the matrix?

    Hi Rutager,

    You can manage the host with vCenter 5.1 U1 U2 5.1 ESXi no impact on Production or the DRS HA nothing. Please find the screenshot for your reference

    This shows vCenter version 5.1 U1 can support up to 5.1 U2 ESXi host.

    off experience only question we face is that the Update Manager will not be able to download patches beyond the U1 5.1 patches a few shots in accordance with baseline

    Note: 5.1 U1 and U2 each thing will be same agent FDM. no change in architecture HA

    For more interoperability

    http://PartnerWeb.VMware.com/comp_guide2/SIM/interop_matrix.php

  • Architecture with two versions of vCOPs management Suite

    Hello

    I appreciate any help on this issue. I have a client who wants vSphere Enterprise to Enterprise vSOM (with vCenter Operations Manager Standard... by default).  This customer has some virtual machines that need monitoring of application., and as you know, it's possible witht vFabric Hyperic available later in the Operations Manager vCenter Enterprise. If the customer is going to buy this two products:

    -vSOM Enterprise: vSphere Enterprise + vCenter Standard Operations Management Suite (licensed per processor)... for the upgrade.   And

    -Operations Management Suite Enterprise (package of 25 OS Instance) vCenter... for VMS that need monitoring.

    In architecture, the question is whether they can 'mix' present two types of license in the same hosts, or if they put those VMs who need follow-up to separate host applications?

    Thanks for your help!

    It is possible to have two different instances of vC registered to a unique vCenter Ops.  My recommendation would be to manage these two versions at the cluster level (Group A would vSOM, Cluster B would be vC OPS, for example).

  • Collection of VCM on vCenter device

    How do you get a collection on a device, as opposed to a Windows Server vCenter Server vCenter?

    OK, then you follow the same process for a Windows vCenter vCenter device.  You must configure a Management Agent on a Windows Server, which will make the collection for your virtual environment.

    See Chapter 3 of the guide admin vCM for details and the architecture diagram...

    https://www.VMware.com/PDF/vCenter-Configuration-Manager-56-Administration-Guide.PDF

  • Cold of Vcenter server migration

    We change architechtures CPU from AMD to Intel.

    I moved all my virtual machines with the exception of the server that is running VirtualCenter 5.01.

    The database is on the machine as well.

    My plan is to:

    1. stop the server

    2. attach to the host, it's on with Vcenter client and remove from the inventory.

    3. using the Vcenter client attached to a host in the cluster I want to move to and save it on the host computer.

    4 cross my fingers and the power on the virtual machine.

    I fear that the center of V server will be confused when it starts on a different host and cluster

    All the world did this with success?

    Don't anticipate any issues... it's one of the benefits of virtualization, because virtual machines are encapsulated in a set of files, they can be easily imported/exported on any standard x 86 architectures. Although an essential part of the management of vSphere, vCenter it wouldn't hurt to keep a clone backup of it on the existing (just in case) host. Post migration you may be prompted with a uuid warning message, take a look at the below URL for the explanation:

    http://techhead.co/VMware-ESX-i-moved-it-or-i-copied-it-whats-the-difference/

  • upgrade to vCenter 4.1 to 5.0 and vDS...

    Hi guys

    I want to enhance vcenter 4.1 to 5.0... I ealready created a normal vSwitch to manage my vCenter but I would like to know if my VMs who are the 4 different dvportgroups in my main vDS will be down while I update my vCenter?

    or I should all move toward normal vSwitch?

    Thank you very much

    DvSwitch architecture is such that the data plan resides on individual ESX / I host, and all traffic is sent and received through the hosts data plan. The control plan is responsible for managing configuration changes, and resides on the vCenter server.

    Therefore, I don't think the upgrade will have an impact on existing virtual machines, but you will not be able to make changes to the same as existing exchanges when the vCenter is out of service.

    A few points on a side note,

    --> Make sure to spend at least once by the vSphere upgrade guide.

    --> Ensure the SSL certificates, vpxd.cfg and vCenter Database backup

    --> Please check the ESX / I version that you use on the matrix of VMware interoperaibility. VMware ESX/ESXi 4.1 (without U1 or U2) is not compatible with the 5.0 vCenter and can cause the CMTF:

    http://PartnerWeb.VMware.com/comp_guide2/SIM/interop_matrix.php

    Good luck with the upgrade

  • Multi-site architecture view

    Hi, I was wondering if it is possible to deploy architecture view multi-site 5.0 with one instance of vCenter and View Composer.

    I enclose a jpg with the diagram.


    Thanks in advance!

    Pablo. -.

    You make very valid points, but I just check our Guide to planning and Architecture on this and we do not specify "in scenarios where a view deployment must cover data centers, create a separate view deployment for each data center." Since the deployment of the view includes vCentert, it really doesn't mean a complete split.

    Power management and cloning would clearly fail in site B while the link is down, and so we really couldn't recommend/support/support it.

    This came from page 43 here http://pubs.vmware.com/view-50/topic/com.vmware.ICbase/PDF/view-50-architecture-planning.pdf

    Select this option.

  • vCenter Desktop - bound Modus?

    Hello

    while I was diving in the VMware View architecture, I was wondering if I can join a vCenter Installation Desktop in my other environment related modus of two other vCenters "normal."

    As far as I know the only difference is the licening (that you are allowed to manage desktop and server you need to manage the offices below an instance Office vCenter). So I guess that its possible to join an environment related modus.

    Anyone done this before and know if his license in license perspectiv?

    Thanks in advance!

    See you soon,.

    Mario

    I have my vCenter server and my vCenter VDI (one license per desktop vSphere) combined modes related without any problem.

Maybe you are looking for

  • Updated some graphics on my A60 card?

    Hello I had an embedded graphic A60 ATI Raedon 7000 memory shared for more than a year and have had continuous problems with crashing. I think I have (at least temporarally) solved this problem by reducing the colors to 16 m... I now use some more in

  • How to find number of disabling modem com port if I know the name of the interface of the modem?

    Hello I know that if I see a modem device in Device Manager, I can do a right click on it, go to properties, then click the Modem tab for the port com for this modem device number. But how can I do deactivation in Labview? I hope that I can search by

  • VGA Driver for XP on presario CQ45 205AU

    Hello I have compaq presario CQ45 205AU, I bought BACK installed. I have a copy of XP and Windows 7 license. Windows 7 works very well with my laptop, but I have some software that does not work with Win 7, but were working on XP on my old system. So

  • Pavilion 500 adding hard drive

    Bought a desktop Pavilion 500 computer last week.  Kind of disappointed with the documentation that comes with it, also disappointed with the documentaion on this site, just seems to have two manuals supplied with the computer, PDF files (but, maybe

  • Aurora-R5, size of PSU (power supply)?

    Hi all The R5 uses a standard size PSU? I can just pictures and thank you.