vCenter

 View Only

  • 1.  SSO HA

    Posted May 29, 2016 12:36 PM

    Hi All

    I have a vCenter 5.5 U2 Implementation. The powers that be want me to start looking at options for protecting vCenter, over and above vSphere HA. It seems I can use Microsoft Clustering, which I will start to explore. However the guide I'm looking at states SSO should be installed on a different server if clustering vCenter.

    What options do I have for protecting SSO then?

    I am assuming if I had a single SSO server and it went down, I am completely locked out of accessing vCenter, therefore kinda pointless protecting vCenter if I cant adequately protect SSO?

    Thanks

    D



  • 2.  RE: SSO HA

    Posted May 30, 2016 07:12 AM

    You can install SSO in HA mode with vCenter 5.5 Update 2.

    You need to put SSO server behind Load Balancer, refer below documents for more details.

    vSphere 5.5 Documentation Center

    VMware KB: vCenter Single Sign-On deployment modes for vSphere 5.5

    Thanks,

    Haridas

    Virtual Admin



  • 3.  RE: SSO HA

    Posted May 30, 2016 07:41 AM

    Hi,

    Thanks for the response. The only issue is I don't have a load balancer. Do you know if I can still install in HA mode, until the time I can perhaps get approval for a load balancer? What I mean by this is I still deploy the 2 SSO servers, and always have vCenter point to the first SSO server... then if the first SSO server was ever to fail, I could potentially manually point vCenter to the second one?



  • 4.  RE: SSO HA

    Posted May 30, 2016 08:26 AM

    You can use apache load balancer module, try this before you for purchase of any LB.

    VMware KB: Setting up vCenter Single Sign-On in high availability mode with an Apache load balancing software

    Thanks,

    Haridas



  • 5.  RE: SSO HA

    Posted May 30, 2016 12:23 PM

    Hi vHaridas

    Thanks for the great responses! I will definitely try this out, but at some point I will also need to ensure the Load Balancer is redundant, or again, I guess I will be stuffed if this Apache Load Balancer fails.

    So, do you know if it is at all possible to build 2 SSO Servers in HA mode and point vCenter manually to the Second SSO server if the First SSO server fails?  Of course they'll be outage but I need to know how would I get myself out of the situation should it arise.

    I am hoping to get a F5 VE.



  • 6.  RE: SSO HA
    Best Answer

    Posted May 30, 2016 01:12 PM

    If primary SSO fails, it should allow you to repoint vCenter to secondary SSO server as both SSO replicates data with each other. Am not 100% certain as I have not tried it, So I would suggest you to test these scenario in LAB setup first.

    You need to repoint all services with each other to get vCenter, SSO working.

    See this -

    VMware KB: Re-pointing and re-registering VMware vCenter Server 5.1 / 5.5 and components



  • 7.  RE: SSO HA

    Posted May 31, 2016 07:54 AM

    Fantastic vHaridas, Thank you for the guidance here... Yes, Lab setup will definitely need to be done first I think... I will try and report back onto this thread. At the moment still trying to do the paperwork in working out how this will all hang together