Hi All
I have a vCenter 5.5 U2 Implementation. The powers that be want me to start looking at options for protecting vCenter, over and above vSphere HA. It seems I can use Microsoft Clustering, which I will start to explore. However the guide I'm looking at states SSO should be installed on a different server if clustering vCenter.
What options do I have for protecting SSO then?
I am assuming if I had a single SSO server and it went down, I am completely locked out of accessing vCenter, therefore kinda pointless protecting vCenter if I cant adequately protect SSO?
Thanks
D
If primary SSO fails, it should allow you to repoint vCenter to secondary SSO server as both SSO replicates data with each other. Am not 100% certain as I have not tried it, So I would suggest you to test these scenario in LAB setup first.
You need to repoint all services with each other to get vCenter, SSO working.
See this -
VMware KB: Re-pointing and re-registering VMware vCenter Server 5.1 / 5.5 and components
You can install SSO in HA mode with vCenter 5.5 Update 2.
You need to put SSO server behind Load Balancer, refer below documents for more details.
vSphere 5.5 Documentation Center
VMware KB: vCenter Single Sign-On deployment modes for vSphere 5.5
Thanks,
Haridas
Hi,
Thanks for the response. The only issue is I don't have a load balancer. Do you know if I can still install in HA mode, until the time I can perhaps get approval for a load balancer? What I mean by this is I still deploy the 2 SSO servers, and always have vCenter point to the first SSO server... then if the first SSO server was ever to fail, I could potentially manually point vCenter to the second one?
You can use apache load balancer module, try this before you for purchase of any LB.
Thanks,
Haridas
Hi vHaridas
Thanks for the great responses! I will definitely try this out, but at some point I will also need to ensure the Load Balancer is redundant, or again, I guess I will be stuffed if this Apache Load Balancer fails.
So, do you know if it is at all possible to build 2 SSO Servers in HA mode and point vCenter manually to the Second SSO server if the First SSO server fails? Of course they'll be outage but I need to know how would I get myself out of the situation should it arise.
I am hoping to get a F5 VE.
If primary SSO fails, it should allow you to repoint vCenter to secondary SSO server as both SSO replicates data with each other. Am not 100% certain as I have not tried it, So I would suggest you to test these scenario in LAB setup first.
You need to repoint all services with each other to get vCenter, SSO working.
See this -
VMware KB: Re-pointing and re-registering VMware vCenter Server 5.1 / 5.5 and components
Fantastic vHaridas, Thank you for the guidance here... Yes, Lab setup will definitely need to be done first I think... I will try and report back onto this thread. At the moment still trying to do the paperwork in working out how this will all hang together