Nordic VMUG User Conference 2014 - Design VMware vCenter Server

© 2010 VMware Inc. All rights reserved

Welcome to the

Nordic VMUG

User Conference

2

Design a VMware vCenter ServerAndrew Mauro – VCDX & vExpert

http://vinfrastructure.it/en/

3

Credits

vCenter Deep Dive

• Justing King @vCenterGuy

vBrownBag @VMworld 2014 EU

• vCSA pro and cons

VMware KB

Practical experience

Stay up to date with vCenter Server

• http://blogs.vmware.com/vsphere/

4

Requirements, constraints, assumptions

VMware vCenter Server is almost mandatory

• With more than one ESXi

Usually a dedicated system

• 1 service -> 1 server approach

It needs some resources

• Not so «light»

Authentication, Authorization, Accounting

• Delegation with Role based approach

5

Design criterias

Design for

• Scale

• Availability

• Manageability

• Security

• …

6

Choosing the vCenter

Which version?

Different editions

• Essential, Foundation, Standard

Windows installable vs. Appliance

• There are the same features?

• What about next version?

• There are the same limits?

• Hosts per vCenter: 1.000

• Powered on VMs: 10.000

• Registered VMs: 15.000

• http://vinfrastructure.it/en/2014/01/vmware-vcenter-server-installable-vs-

appliance/

7

VMware vCenter Server Components

8

Deployment options

Simple install

• Single server

Custom install

• Single or multiple servers

Or vCSA

• Single VA

9

Installing vCenter Server 5.5 best practices (2052334)

10

Before install

Review the vSphere Installation and Setup Guide

• Documentation Center http://vmware.com/go/docs

Met all minimum software and hardware requirements

• Compatibility Guide http://vmware.com/go/compatibility

• Product Interoperability Matrix http://vmware.com/go/interop

You have configured both a forward and reverse lookup zone

When you plan to authenticate against Active Directory, you have

joined your Microsoft Windows server to the domain

• Other Identity Sources supported with 5.5

• Active Directory as an LDAP server (no more supported)

• OpenLDAP

• KB 2064977

• Local OS

• Local SSO

11

Hardware requirements

Simple Install (Minimums)

• 2CPU / 12GB RAM / 100GB Disk /

1Gbps

Custom Install (Minimums)

• Single Sign-On

• 1CPU / 3GB RAM / 2GB Disk / 1Gbps

• vSphere Web Client

• 1CPU / 2GB RAM / 2GB Disk / 1Gbps

• Inventory Service

• 1CPU / 3GB RAM / 5GB Disk / 1Gbps

• vCenter Server

• 2CPU / 4GB RAM / 60GB Disk / 1Gbps

Simple Install (Recommended)

• 4CPU / 24GB RAM / 200GB Disk /

1Gbps

Custom Install (Recommended)

• Single Sign-On

• 2CPU / 4GB RAM / 8GB Disk / 1Gbps

• vSphere Web Client

• 2CPU / 4GB RAM / 8GB Disk / 1Gbps

• Inventory Service

• 1CPU / 8GB RAM / 32GB Disk / 1Gbps

• vCenter Server

• 4CPU / 8GB RAM / 100GB Disk / 1Gbps

Based on an Inventory Size of 400

hosts or 4000 virtual machines

12

Design vCenter Server

Which operating system?

For installable v5.5 is needed at least a Windows Server 2008 SP2 64 bit

Single server or multiple servers?

Database?

Physical or virtual?

Management cluster?

• http://vinfrastructure.it/vdesign/vcenter-server-physical-or-virtual/

• Availability?

• Which vSphere services really require vCenter Server?

13

Single vCenter Server Design Recommendation

VC Database

vCenter Server Host or VM

vCenter

Server

SSO

Server

Web Client

Inventory Svc

A Datacenter with 1-5 vCenter

Servers

No change to architecture

All services are local

Supports 1-1000 Hosts / 1-

10,000 VMs

Minimum latency across the

components

“Easy to protect”

14

Multiple Local vCenter Server Design Recommendations

A Datacenter with more than 5 vCenter Servers

• Same Physical location

• Centralized SSO authentication

• Centralized vSphere Web Client?

• Use VM or host affinity?

• Multi site

• Only with SSO 5.5

vCenter Server 2

vCenter

Server 5.5

Inventory Svc

SSO

Server

Web Client

Database

ServerVCDB1,VCDB2,VCDB3

vCenter Server 3

vCenter

Server 5.5

Inventory Svc

vCenter Server 1

vCenter

Server 5.1

Inventory Svc

Backwards compatible to vCenter Single Sign-On 5.1

15

Database

Required databases

• vCenter Server DB

• Stats and tasks will increase this database (choose the right detail!)

• SSO DB

• VUM DB

• …

Database “embedded” or external?

• SQL Express is limited to 5 hosts or 50 VMs

• Due to the internal limitation

vCSA

• Actually there are some limits using the embedded (v)Postgres

• In 5.5:

• Max 100 hosts or

• Max 3000 VMs

• What about next version?

16

Availability of vCenter Server

Different HA solutions

• Cold standby?

• VMware HA and/or Application HA?

• VMware FT?

• Single vCPU limit

• Guest clustering?

• VMware vCenter Server Heartbeat

• EOA since June 2, 2014

• KB 1024051

• Supported vCenter Server high availability options

Database?

• vCenter Server 5.5 in vSphere 5.5, VMware introduced support for using

Microsoft SQL Cluster Service for use as a back end database

• KB 2059560

• Enabling Microsoft SQL Clustering Service for VMware vCenter Server 5.5 database

17

Backup of vCenter Server

A good backup solution

• Basically the entire database

• KB 2012138

• Backing up the vCenter Server database running on

Microsoft SQL or SQL Express server

• But not only

• KB 1029864

• Manually backing up and restoring the VMware vCenter Server 4.x and 5.x ADAM

instance data

• KB 2057353

• Backing up and restoring the VMware vCenter Single Sign-On 5.5 configuration

• SSL Certificates?

For the vCSA?

• KB 2062682

• Backing up and restoring the vCenter Server Appliance Inventory Service database

• Or manage it as a black-box

18

SSO

KB 2058239

• Installing vCenter Single Sign-On 5.5 on a Microsoft Windows platform

Choose the right password

• KB 2060746

• Installing vCenter Single Sign-On 5.5 fails if the password for

[email protected] contains certain special character

• Avoid & ; “ ‘ ^ \ !

Improved architecture in SSO 5.5

• Multi-master

• Built-in replication

• Site awareness

• Multi Tenant

• Database

• There is no database!

19

SSO

Type of deployment

• vCenter Single Sign-On for and additional vCenter in an existing site

• Merges Lookup Services – For SSO HA, requires load balancer

• vCenter Single Sign-On for and additional vCenter with a new site

• Configures new Lookup Services – For multiple vCenter Server deployments

20

Web Client

Always deploy the Web Client

• Multiplatform

• Internet Explorer / FireFox / Chrome fully supported on Windows and Mac

• Faster or slower?

• Sometimes it will become the only client

• In the rare case SSO goes wrong, users can log into and troubleshoot

But check plugin compatibility

And still have the old vSphere Client

And not suitable for mobile devices

• VMware vSphere Mobile Watchlist

• https://communities.vmware.com/

community/vmtn/vsphere/vsphere-mobile

21

vCenter Server Inventory Service

Maintains a cache of the vCenter Server inventory (VMs, Hosts, …)

Reduces the load on VPXD by offloading client requests

Installs locally to vCenter Server (although can be separated)

• Suggested to keep it locally

• Separate spindles or SSD (better)

• vFRC (requires a virtual vCenter Server and VH10)

Enables use of Tags

• Remember to backup Inventory service data files to provide recovery of tags

22

vCenter Server AppliancevCSA

23

vCenter Server Appliance

Pro

• It’s a VA with all-in-one (included the Web Client)

• Simple and smaller (OVA is smaller than ISO)

• Faster to deploy (or re-deploy)

• Does not require a Windows license

Cons

• Not the same features

• Not compatible with other components (ie: VUM)

Virtual Appliance

• Angels or daemons?

• http://vinfrastructure.it/2012/06/virtual-appliance-angels-o-demons/

• VA are bricks but also are (or must be considered) black-boxes

24

Linked Mode

Windows only (ADAM/AD-LDAP) based

• Max 10 vCenters

• Max 3.000 hosts

• Max 30.000 powered on VMs

• Max 50.000 registered VMs

No way with vCSA

• What about next version?

• Do you really need Linked Mode?

25

Scalability consideration?

Actually vCSA is a monolithic VM

• optional can have an external DBMS

SSO and other platform services are not sharable

• Can be used a Windows Server with vCenter components

• What about next version?

26

VA Deployment

Faster than the Windows version

Could be faster?

Could be easiest?

Guided or scripted installation?

• What about next version?

27

VA patching

The vCSA upgrade process is quite easy

• Single point, single updade/upgrade

But could be better?

What about security patches at the OS level?

Multiple repositories or patch levels?

• What about next version?

28

VM sizing

KB 2005086 for version 5.5

• Very small inventory

• 10 or fewer hosts, 100 or fewer virtual machines

• at least 8 GB

• Small inventory

• 10-50 hosts or 100-1500 virtual machines

• at least 16 GB

• Medium inventory

• the maximum inventory supported with the embedded database; 50-100 hosts or

1500-3000 virtual machines

• at least 24 GB

29

Thank youAndrew Mauro – VCDX & vExpert

http://vinfrastructure.it/en/

30

Enjoy The Day!

Join the Conversation!

@DenmarkVMUG

@MyVMUG

#VMUGDK

www.vmug.com/denmark

@VMUG