The F5 part is fairly straightforward, just creating VIPs for the various ports required then binding them in a single persistence profile with the 'match across virtuals' checkbox.  The bigger issue right now is that trying to replicate the suggested HA settings in SSO doesn't work as some of the file permissions prohibit the needed changes to files to point back at the VIP rather than the local real IP. 

This is something we (VMware team at F5) have on our radar and are working on.

Simon

Hi Simon,

We are currently using gateway_ICMP to bother primary and secondary nodes and trying to do the install. It looks like the installation went to the 99% state and then failed with an error code 20030.( Failed to create Multisite Package) . we are not doing a multi site install, rather we are looking at HA. I have a case open with VMware and is escalated to higher level. No response yet.

Any help in this regard will be appreciated.

Here is the portion of the error:

e Sign On-build-941610: 01/31/13 14:28:44 Found "C:\Program Files\VMware\Infrastructure\jre
bin\java.exe"

VMware Single Sign On-build-941610: 01/31/13 14:28:44 Launch as logon user dcx7587

VMware Single Sign On-build-941610: 01/31/13 14:28:44 Found "C:\Program Files\VMware\Infrastructure\jre
bin\java.exe"

VMware Single Sign On-build-941610: 01/31/13 14:28:47 Process returned 0

VMware Single Sign On-build-941610: 01/31/13 14:28:47 Successfully ran the command

VMware Single Sign On-build-941610: 01/31/13 14:28:47 failOnError value is : 0

VMware Single Sign On-build-941610: 01/31/13 14:28:47 VMSSOExecuteJava::done Res: 0

VMware Single Sign On-build-941610: 01/31/13 14:28:47 End Logging

VMware Single Sign On-build-941610: 01/31/13 14:28:47 Begin Logging

VMware Single Sign On-build-941610: 01/31/13 14:28:47 --- CA exec: VMExecuteSSOCommand

VMware Single Sign On-build-941610: 01/31/13 14:28:47 Found "C:\Program Files\VMware\Infrastructure\SSOServer\utils\rsautil.cmd"

VMware Single Sign On-build-941610: 01/31/13 14:28:47 Performing Creating a package for MultiSite node operation

VMware Single Sign On-build-941610: 01/31/13 14:28:47 COMMAND USED: -S configure-riat --verbose -a create-instance-pkg -u admin --password ***** --instance-pkg-secret pass

VMware Single Sign On-build-941610: 01/31/13 14:28:47 GetPath::File: C:\Program Files\VMware\Infrastructure\SSOServer\utils\rsautil.cmd

VMware Single Sign On-build-941610: 01/31/13 14:28:47 GetPath::done Res: C:\Program Files\VMware\Infrastructure\SSOServer\utils

VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA

VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA::File: C:\Program Files\VMware\Infrastructure\SSOServer\utils\rsautil.cmd Len: 66

VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA::Params Len: 114

VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA::ShellExecuteEx Res: 1

VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA::Process: 780

VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteA::done Res: 0

VMware Single Sign On-build-941610: 01/31/13 14:28:47 ShellExecuteWait::Execute Res: 0

VMware Single Sign On-build-941610: 01/31/13 14:28:54 ShellExecuteWait::WAIT_OBJECT_0

VMware Single Sign On-build-941610: 01/31/13 14:28:54 ShellExecuteWait::GetExitCodeProcess Process: 780 ExitCode: 1 Res: 1

VMware Single Sign On-build-941610: 01/31/13 14:28:54 ShellExecuteWait::done (wait) Res: 1

VMware Single Sign On-build-941610: 01/31/13 14:28:54 RunSSOCommand:: error code returned is 1 while launching C:\Program Files\VMware\Infrastructure\SSOServer\utils\rsautil.cmd

VMware Single Sign On-build-941610: 01/31/13 14:28:54 Posting error message 20030

VMware Single Sign On-build-941610: 01/31/13 14:30:12 MsiProcessMessage returned: 1

VMware Single Sign On-build-941610: 01/31/13 14:30:12 VMExecuteSSOCommand::done Res: 1603

VMware Single Sign On-build-941610: 01/31/13 14:30:12 End Logging

tcServerInst: 01/31/13 14:30:12

Were you ever able to resolve this?  I'm encountering more folk load balancing SSO now, so may be able to help if you got past this error.

Simon

We did . I Know I have to reply back with details. I had the 3rd level support engineers (2) worked with me. We did this in 3 environments from start to end and it is working. According to VMware they are going to setup a new KB to address this. We used 3 KB’s to fix the issue. Majority of the issue was related to certs.

Thanks

Deepu

Yes somehow the majority of everyone's problems with vCenter & View relate to certs in some way

Yes I've seen a couple of draft documents which will make life a lot easier for people to do this in future.

Simon

Please read all three pars of this blog. Will be useful. It was helpful for us.

http://www.virtualantipodeans.com/2012/11/ha-vcenter-51-sso-and-web-client_29.html

Thanks

Deepu

Hi Guys,

I need assistance in setting up Load Balancer and setting up Additional node for failover in SSO HA mode.

Can you please let me know on how to proceed with Load balancer

Thanks