dsohayda wrote:
I would like to join our two environments with Linked Mode but had some questions I have not been able to find the answers to;
- in the management guide it states that all vcenter servers have to be registered to the same SSO server. I set one of the vcenter servers up using the first SSO choice, first vcenter server, and the other as the third option, additional vcenter server with a new site. Would this constitute them being registered to the same SSO server? I took this to mean that each is independent of one another with regards to SSO, but that they would replicate to one another. Does this mean they’re one and the same SSO servers?
As documented here: vSphere 5.5 Documentation Center - Linked Mode Prerequisites for vCenter Server
The requirements for Linked Mode is to have all vCenter Servers in a Linked Mode group are registered to the same vCenter Single Sign-On server.
If you have selected the third option for the 2nd SSO server, it will become one single SSO domain and the 3rd option is the required for Linked Mode if you have multiple vCenter on different site.
vSphere 5.5 Documentation Center - vCenter Single Sign-On Deployment Modes
Multiple Single Sign-On instances in different locations
This mode is designed for vCenter Server deployments with multiple physical locations. Multisite deployment is required when a single administrator needs to administer vCenter Server instances that are deployed on geographically dispersed sites in Linked Mode.
This deployment mode is required if you have geographically dispersed vCenter Servers in Linked Mode. You might also consider this mode in the following cases:
■ If multiple vCenter Servers require the ability to communicate with each other.
■ If you require one vCenter Single Sign-On server security domain for your organization.
- the user you are logged in with to join the group needs to “have access” to the vcenter server database of each vcenter server. Needs access how? specific permissions? this seems vague.
See vSphere 5.5 Documentation Center - Linked Mode Prerequisites for vCenter Server
When you join a vCenter Server instance to a Linked Mode group, the installer must be run by a domain user who is an administrator on both the machine where vCenter Server is installed and the target machine of the Linked Mode group.
So the required permission is administrator (domain user) on both vCenter machine
- the prerequisites only mention ensuring that all servers have their time in sync, being sure that they are within 5 minutes apart. The servers I intend to join are geographically quite far, from NJ to Austin, TX, but they’re using NTP to keep their time so the 5 minutes shouldn’t be a problem. Is there generally a limit with regards to latency between the sites I should be aware of though? I didn’t see mention of such things in the guide or other articles I read. If one site takes a while to respond does that drag down the whole experience even when accessing more local resources in the vsphere or web clients?
The time sync part is required to join the Linked Mode. I also haven't see any requirements for latency, I guess it should be okay since Linked Mode is view and search only, can’t be used to move VMs or ESX hosts between vCenter instances on current vSphere version.
- the guide states that when you click finish after linking “vcenter server” restarts. Which one? The one you’re linking to, or the one you’re initiating the linking from? Or is it both?
I'm not sure, need to try on the lab but I think it will be both.
There a good blog post documenting the step by step on this, see it here: Back To Basics: vCenter 5.5 with MultiSite SSO and Linked Mode Configuration Mike Laverick
Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw
