VMware Cloud Community
JayScheponik
Contributor
Contributor
‎05-23-2013 11:28 AM

vCenter 5.1 and SSO Failover - Who needs heartbeat?

So for those of us who don't want to drop the 10k per license on Heartbeat, here is a work around. While it is not as flashy, it is a free option. Also, while the process as a whole is not supported, the individual pieces are. Here are the pre-reqs for this to work:

1. 2 servers setup as Primary SSO and Web Client (they should not know about each other)

2. vCenter and Inventory Services on same VM.

3. You are cloning your vCenter Server VM and it remains powered off until there is a BCP event (scriptable)

4. You have either a CNAME, F5, or some other way to repoint your vCenter IP.

5. 7zip needs to be installed on your vCenter Server (can be replaced with some other unzip commandline)

6. Needs to be run from an x86 PowerCLI session. (Invoke-VMScript)

7. Your vCenter Infrastructure servers are not running in the vCenter you are failing over. (working on a version that this is not required)

Function Set-WinVMIP ($VM, $IP, $SNM, $GW)

#host root creds
$rcred = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$pass
#vm guest creds
$gcred = new-object -typename System.Management.Automation.PSCredential -argumentlist "DOMAIN\User",$pass

   $netsh1 = "c:\windows\system32\netsh.exe interface ip set address ""Local Area Connection"" static $IP $SNM $GW 1"
   $netsh2 = "c:\windows\system32\netsh.exe interface ip set dns ""Local Area Connection"" static $DNS1"
   $netsh3 = "c:\windows\system32\netsh.exe interface ip add dns ""Local Area Connection"" $DNS2 index=2"
   $netsh4 = "c:\windows\system32\netsh.exe interface ip set wins ""Local Area Connection"" static $WINS1"
   $netsh5 = "c:\windows\system32\netsh.exe interface ip add wins ""Local Area Connection"" $WINS2"
  
   Write-Host "Setting IP address for $VM..." 
   Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh1 -ScriptType Bat -Confirm:$false
   Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh2 -ScriptType Bat -Confirm:$false
   Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh3 -ScriptType Bat -Confirm:$false
   Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh4 -ScriptType Bat -Confirm:$false
   Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh5 -ScriptType Bat -Confirm:$false
   Write-Host "Setting IP address completed."

Function RepointVC($VM, $lookup)
{
#host root creds
$rcred = new-object -typename System.Management.Automation.PSCredential -argumentlist "root",$pass
#vm guest creds
$gcred = new-object -typename System.Management.Automation.PSCredential -argumentlist "DOMAIN\User",$pass

$netsh1 = '"PathTo\VMware\Infrastructure\Inventory Service\scripts\is-change-sso.bat" ' + $lookup + ' admin@System-Domain "MyAdminPassword"'
$netsh2 = "net stop vimQueryService"
$netsh3 = "net start vimQueryService"
$netsh4 = '"PathTo\7z.exe" x "PathTo\VMware\Infrastructure\VirtualCenter Server\ssoregtool\sso_svccfg.zip" -oc:\temp\sso_svccfg -y'
$netsh5 = 'C:\temp\sso_svccfg\repoint.cmd configure-vc --lookup-server ' + $lookup + ' --user admin@system-domain --password "MyAdminPassword" --openssl-path "PathTo\VMware\Infrastructure\Inventory Service\bin"'
$netsh6 = "rd c:\temp\sso_svccfg /S /Q"

Write-Host "Repointing vCenter SSO" 
Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh1 -ScriptType Bat -Confirm:$false
Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh2 -ScriptType Bat -Confirm:$false
Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh3 -ScriptType Bat -Confirm:$false
Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh4 -ScriptType Bat -Confirm:$false
Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh5 -ScriptType Bat -Confirm:$false
Invoke-VMScript -VM $VM -HostCredential $rcred -GuestCredential $gcred -ScriptText $netsh6 -ScriptType Bat -Confirm:$false
}

$File = "PathTo\failover.txt"

$targ = "MyVCVM"

$str = (Get-Date)
$log = "`n"
$log += $str
$log += " MyVCName"

Connect-VIServer "MyVC"

$livevc = Get-VM -Name $targ | where {$_.PowerState -eq "PoweredOn"}
$bcpvc = Get-VM -Name $targ | where {$_.PowerState -eq "PoweredOff"}

$liveclus = Get-Cluster -VM $livevc
$bcpclus = Get-Cluster -VM $bcpvc

if($bcpclus.Name -eq "MyProdCluster")
{
$IP = "192.168.1.2"
$SNM = "255.255.255.0"
$GW = "192.168.1.1"
$DNS1 = "192.168.1.1"
$DNS2 = "192.168.2.1"
$WINS1 = "192.168.1.1"
$WINS2 = "192.168.2.1"
$lookup = "https://MyProdSOServerFQDN:7444/lookupservice/sdk"
$SSO = "MyProdSSOServer"
}   

if($bcpclus.Name -eq "MyBCPCluster")
{
$IP = "192.168.2.2"
$SNM = "255.255.255.0"
$GW = "192.168.2.1"
$DNS1 = "192.168.2.1"
$DNS2 = "192.168.1.1"
$WINS1 = "192.168.2.1"
$WINS2 = "192.168.1.1"
$lookup = "https://MyBCPSOServerFQDN:7444/lookupservice/sdk"
$SSO = "MyBCPSSOServer"
}   

try
{
Write-Host -ForegroundColor DarkGreen "Powering On VM"
Stop-VM -VM $livevc -Confirm:$false | Out-Null
Start-VM -VM $bcpvc -Confirm:$false | Out-Null
sleep 180
}
catch [System.Exception]
{
$log += "Failed Power On VM`n"
}

$bcpvc = Get-VM -Name $targ | where {$_.PowerState -eq "PoweredOn"}

$ServiceObj = Get-Service -Name "vspherewebclientsvc" -ComputerName $SSO -ErrorAction Continue
Stop-Service -InputObj $ServiceObj -erroraction Continue

try
{
Write-Host -ForegroundColor DarkGreen "Setting IP on Target"
Set-WinVMIP $bcpvc $IP $SNM $GW
RepointVC $bcpvc $lookup
sleep 30
}
catch [System.Exception]
{
$log += "Failed IP Change`n"
}

Disconnect-VIServer -Server * -Confirm:$false

$ServiceObj = Get-Service -Name "ssotomcat" -ComputerName $SSO -ErrorAction Continue
Restart-Service -InputObj $ServiceObj -erroraction Continue

$ServiceObj = Get-Service -Name "vpxd" -ComputerName $targ -ErrorAction Continue
Restart-Service -InputObj $ServiceObj -erroraction Continue -Force

$ServiceObj = Get-Service -Name "vctomcat" -ComputerName $targ -ErrorAction Continue
Start-Service -InputObj $ServiceObj -erroraction Continue

$ServiceObj = Get-Service -Name "vspherewebclientsvc" -ComputerName $SSO -ErrorAction Continue
Restart-Service -InputObj $ServiceObj -erroraction Continue

5 Replies
LucD
Leadership
Leadership
‎05-23-2013 11:35 AM

Thanks for sharing.

Looks interesting, I'll have to try this out.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

0 Kudos
JayScheponik
Contributor
Contributor
‎05-23-2013 11:48 AM

Any time.

0 Kudos
RaymundoEC
VMware Employee
VMware Employee
‎09-02-2014 12:07 PM

Hi I will try this script, just one question :  it also works for vCenter server 5.5?? and if I have the vCenter with all his components in same VM?

Thanks for sharing, thanks a lot.

Ray

+vRay
0 Kudos
JayScheponik
Contributor
Contributor
‎09-02-2014 12:15 PM

For starters, you should probably have the SSO and Web Client on a separate VM than vCenter Server. Since you have everything on the same machine, you would probably not need to repoint the vCenter server. That being said, yes it does work on 5.5. You would need to modify the admin account from system-domain vsphere.local, but other than that it should be good.

0 Kudos
RaymundoEC
VMware Employee
VMware Employee
‎09-03-2014 09:24 AM

thanks for reply, anything let you know.

thanks for sharing!!!

Ray

+vRay
0 Kudos