amitb79
Contributor
Contributor

FAQ about SSO multi-site

Jump to solution

During up-graduation from 5.0 to 5.5 ( we have vCenter in Linked Mode)

To install vCenter Single Sign-On in a multisite can we have 3 sites and 3 vcenter server if yes then how it will work .

1 Install SSO at primary site

2 Install SSO at secondary location BUT point it to primary instance

3 Install SSO at third location and point it to 1 or 2 site ??

Thanks

0 Kudos
1 Solution

Accepted Solutions
bayupw
Leadership
Leadership

Yes, SSO in 5.1 and SSO in 5.5 are different see this blog post: Allow me to introduce you to vCenter Single Sign-On 5.5 | VMware vSphere Blog - VMware Blogs

vCenter Single SIgn-On 5.5 has been rewritten from the ground up to provide the level of service expected from a VMware product. The new architecture is based on a multi-master model where each instance is automatically kept up to date with it peers via builtin replication.

For SSO 5.1 you can read these posts:

vCenter Single Sign-On Part 1: what is vCenter Single Sign-On? | VMware vSphere Blog - VMware Blogs

vCenter Single Sign-On – Part 2: Deployment Options

vCenter Single Sign-On – Part 3: Availability

vCenter Single SIgn-On – Part 4: Pre Install Requirements

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw

View solution in original post

0 Kudos
7 Replies
amitb79
Contributor
Contributor

Any update experts ?? Thanks

0 Kudos
admin
Immortal
Immortal

You can choose either first or second site, depending on where you want the replication agreement to go.

0 Kudos
bayupw
Leadership
Leadership

See these docs:

vSphere 5.5 Documentation Center - vCenter Single Sign-On Deployment Modes

Multiple Single Sign-On instances in different locations: You can install the vCenter Single Sign-On nodes in this deployment in any order. Any node that is installed after the first node can point to any node that is already installed. For example, the third node can point to either the first or second node.

vSphere 5.5 Documentation Center - Joining a Linked Mode Group During and After Installation

On Machine 3, you upgrade to vCenter Server 5.x. After the upgrade, you configure Machine 3 to join either Machine 1 or Machine 2. Machine  1, Machine  2, and Machine  3 are now members of a Linked Mode group.

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw
0 Kudos
Atul_gen
Enthusiast
Enthusiast

For Ex.

- Deploy first SSO-1 server on site-1

- Install virtual center server on site-1 and register it to SSO-1

-Deploy second SSO-2 server on site-2 but while deploying second sso server select the third option , click next and provide the first sso details (it is called multi site).

- Install second virtual center server on site-2 and register it to SSO-2

- Deploy third SSO-2 server on site-3 but while deploying third sso server select the third option , click next and provide the first or second sso details (it is called multi site).

- Install third virtual center server on site-3 and register it to SSO-3

- Now you can join virtual center server from first to second once it is done then join second virtaul center server to third virtual center server.

- If it configured successfully all three vc is linked.

Please let me know if you have any other problems/doubts.

If you find this or any other answer useful please mark the answer as correct or helpful.
amitb79
Contributor
Contributor

Just need to know small thing does we really need to install SSO in multi-site mode in order to take advantage of linked mode.bcoz as you mentioned the doc  Getting ready to upgrade production to vCenter Server 5.5? Make sure you're using the corre...that while selecting the option 3 duing SSO installation if SSO goes down at primary site it does not take affect the others SSO servers /Vcenter bcoz the things has been replicated during the replication then it's mentioned in thise blog that we need to look for multi site SSO - Linked mode with SSO for SRM | VMware vSphere Blog - VMware Blogs or things are differet in 5.1 and 5.5

0 Kudos
bayupw
Leadership
Leadership

Yes, SSO in 5.1 and SSO in 5.5 are different see this blog post: Allow me to introduce you to vCenter Single Sign-On 5.5 | VMware vSphere Blog - VMware Blogs

vCenter Single SIgn-On 5.5 has been rewritten from the ground up to provide the level of service expected from a VMware product. The new architecture is based on a multi-master model where each instance is automatically kept up to date with it peers via builtin replication.

For SSO 5.1 you can read these posts:

vCenter Single Sign-On Part 1: what is vCenter Single Sign-On? | VMware vSphere Blog - VMware Blogs

vCenter Single Sign-On – Part 2: Deployment Options

vCenter Single Sign-On – Part 3: Availability

vCenter Single SIgn-On – Part 4: Pre Install Requirements

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw
0 Kudos
amitb79
Contributor
Contributor

bayu got that . Thanks for your help

0 Kudos