Objectives

Deploy vCenter core components according to a deployment plan
Deploy and Configure a Platform Services Controller (PSC):
Determine use case for embedded vs external PSC
Re-point a vCenter Server Appliance to another External PSC
Deploy and Configure Identity Sources for Single Sign-On:
Configure Single Sign-On users and groups
Change Default domain for Single Sign-On
List services registered with Single Sign-on
Deploy and configure vCenter Server
Deploy / Configure Enhanced Link Mode
Manage / Configure vCenter components according to a deployment plan:
Configure Global Permissions for vCenter services
Configure Dump Collector service
Configure the Syslog Collector / Syslog service
Managing vCenter Server advanced configurations

The deployment steps of some of the components are straight forward and are not covered in this post.

Deploy vCenter core components according to a deployment plan – Steps

Re-point a vCenter Server Appliance to another External PSC

Re-point embedded to external: Run installer and deploy PSC (vCenter, datastore, network etc.,) > After deployment, while configuring, Join an SSO domain in an existing vCenter PSC > provide the SSO details of embedded vCenter (PSC URL, SSO domain, credentials) > Complete the setup.

SSH to PSC to get case sensitive name (vmafd-cli is also useful to get-site-name): /usr/lib/vmware-vmafd/bin/vmafd-cli get-pnid –server-name psc2

SSH to VCSA > Login to Shell (shell.set –enabled true) > Run the command: cmsso-util reconfigure –repoint-psc psc2.domain.com –username administrator –domain-name cc.local –passwd P@ssw0rd!

Linking external PSC to embedded PSC is only supported in this scenario i.e. to re-point embedded vCenter to external PSC.

To re-point vCenter from external1 to external2: Run the command: cmsso-util repoint –repoint-psc psc2.domain.com

Deploy and Configure Identity Sources for Single Sign-On – Steps

Configure Single Sign-On users and groups

Menu > Administration > Single Sign On > Users and Groups >Can add users to local domain

… Configuration > Identity sources > Add > Choose ‘AD as an LDAP server’ or a relevant option > complete details

Change Default domain for Single Sign-On

Select a desired domain > Click Default Domain icon at the top. Users belonging to the default domain can login without domain suffix

List services registered with Single Sign-on

SSH to VCSA > /usr/lib/vmidentity/tools/scripts/lstool.py list –url https://vc.domain.com:7444/lookupservice/sdk

or just /usr/lib/vmidentity/tools/scripts/lstool.py to get the various switches available

Deploy and configure vCenter Server

Load vCenter installer ISO > Launch installer > Choose Install > Fill in required details (Deployment type – vCenter with embedded PSC vs PSC vs vCenter, deployment target – vCenter or esxi, SSO, deployment size, datastore, network)

Configure vCenter > choose time source, Enable SSH > SSO domain name and credentials | or PSC name and credentials >  CEIP > Finish

Deploy / Configure Enhanced Link Mode

vCenter servers joining the same SSO domain (one or more PSCs, one or more sites) are in Enhanced Link Mode.

Manage / Configure vCenter components according to a deployment plan – Steps

Configure Global Permissions for vCenter services

Web Client > Menu > Administration > Global Permissions > Click Plus > Add desired group and assign the appropriate role > Check ‘Propagate to children’.

If required can create custom roles or use one of the inbuilt roles

Configure Dump Collector service

Web Client > Menu > Administration >System Configuration > Services > VMware vSphere ESXi Dump Collector > Start | if required set startup type to automatic | Set port and max dump file size

Config file – /etc/sysconfig/netdumper

Configure ESXi host:

esxcli system coredump network set –interface-name vmk0 –server-ipv4 10.xx.xx.xx –server-port 6500
esxcli system coredump network set –enable true
esxcli system coredump network get
To test connectivity: esxcli system coredump network get & check in vcsa –
tail -f /var/log/vmware/netdumper/netdumper.log

Dumps are stored here – /var/core/netdumps

To manually trigger PSOD, dump gets generated in above location:

In ESX host, send NMI interrupt in HW or type:
vsish
set /reliability/crashMe/Panic


Configure the Syslog Collector / Syslog service

Web Client > System Configuration > Services > VMware Syslog Service > Configure Syslog host IP |  port | protocol. In 6.5, this is moved to VAMI > Syslog configuration. Default port used by Log insight as syslog is 514 TCP

To forward vpxd.log from vCenter, configure Web Client > vCenter > Configure > Advanced Settings > config.log.outputToSyslog to true | Restart vCenter service

Logs from ESXi hosts, vCenter partial set of services, events, vpxd.log (if configured) etc., are forwarded.

Managing vCenter Server advanced configurations

configure Web Client > vCenter > Configure > Advanced Settings > add key and value or modify existing.

Most of the settings needs restart of vCenter service (Web Client > Menu > Administration >System Configuration > Services > VMware vCenter server)

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s