vCenter Server Architecture and Deployment Deep Dive

INF2311

Justin King, VMware Harish Niddagatta, VMware Robert Perugini, VMware

Disclaimer •  This presentation may contain product features that are currently under development. •  This overview of new technology represents no commitment from VMware to deliver these

features in any generally available product. •  Features are subject to change, and must not be included in contracts, purchase orders, or

sales agreements of any kind.

•  Technical feasibility and market demand will affect final delivery. •  Pricing and packaging for any new technologies or features discussed or presented have not

been determined.

CONFIDENTIAL 2

CONFIDENTIAL 3

Agenda

vCenter Server 5.5 •  VMware Services Evolution

•  Deployment Configurations

•  Install & Upgrade

vCenter Server Tech Preview •  VMware Services Evolution

•  Deployment Configurations

•  Install & Upgrade

Q & A

vCenter Server 5.5

CONFIDENTIAL 5

vCenter Server Configuration Options

IS

SSO

Web

1 VM/Host

2 VMs/Hosts

IS

Web

SSO

IS

SSO

Web

4 VMs/Hosts

Sufficient for most environments Easiest to maintain and deploy

Large customers with numerous vCenter Servers Reduces footprint by sharing SSO across vCenter Servers

Most complex to maintain and deploy Some customers have experienced performance issues with Inventory Service and vCenter in separate VMs

5.1 and 5.5

5.0 One configuration for all environments

CONFIDENTIAL 6

Configuration #1 - Single vCenter Server 5.5

VC Database

vCenter Server Host or VM

vCenter Server

SSO Server

Web Client

Inventory Service

Use Simple Installer Installs / Upgrades core components with a single virtual machine

1.  vCenter Single Sign-On

2.  vSphere Web Client

3.  vCenter Inventory Service

4.  vCenter Server

§  No change to architecture §  All services are local •  Reduced complexity

§  Supports 1-1000 Hosts / 1-10,000 Virtual Machines

CONFIDENTIAL 7

Configuration #1 - Multiple vCenter Server 5.5

By Default §  Each site is independent §  Does not provide a single pane of glass view §  SSO builtin replication

§  SSO Users & Groups §  SSO Policies §  Identity sources

§  Use custom installer to expend vSphere.local domain

§  Linked Mode §  Maintains single pane of glass §  Replicates Licenses, permissions and roles

vCenter Server

vCenter Server

New York

vCenter Server

vCenter Server

Miami

vCenter Server

vCenter Server Web Client

Inventory Svc

SSO Server – vsphere.local

Los Angeles

Web Client

Inventory Svc

Web Client

Inventory Svc

SSO  Site  1   SSO  Site  2   SSO  Site  3  Single  SSO  Authen0ca0on  Domain  

CONFIDENTIAL 8

Configuration #2 – Centralized Single Sign-On Server 5.5 A Datacenter with 3 or more solutions  Centralized SSO authentication

–  Same Physical location

 Availability (Required) –  vSphere HA –  Network Load Balancer

Solution 2

vCenter Server 5.5

SSO Server

Web Client vCenter SSO

Server 5.5

Database Server

VCDB1,VCDB2

Solution 3

vCloud Automation

Center

Solution 1

vCenter Server 5.1

Inventory Svc

Backwards  compa0ble  to  vCenter  Server  5.1  for  staging  of  upgrades  

Web Client Web Client Inventory Svc

CONFIDENTIAL 9

Upgrading 5.1 Architecture when Distributed

 Upgrade the current vCenter Single Sign-On 5.1 to 5.5  Deploy a new vCenter Single Sign-On server to the vCenter Server or single virtual machine specifying that vCenter Single Sign-On is an additional instance placing it in the already created vsphere.local security domain

 On the vCenter Server install the vSphere Web Client 5.5 using the local vCenter Single Sign-On instance  On the vCenter Server install the vCenter Inventory Service using the local vCenter Single Sign-On instance  On the vCenter Server install the vCenter Server using the local vCenter Single Sign-On instance  Power off and remove the original separate vCenter Single Sign-On instance

Host or VM

SSO

Host or VM

Web Client

Host or VM

vCenter

IS

Host or VM

vCenter

SSO

Web Client

IS

CONFIDENTIAL 10

Utilize a Management Cluster 1.  Run multiple vCenter components together on same

virtual machine •  Database excluded (for performance)

2.  Recommendations –  3 vSphere Hosts (minimum) –  Enable vSphere HA

•  Enable VM Monitoring

–  Enable DRS •  Affinity / Anti Affinity Rules

–  Understand and configure service dependency order

CONFIDENTIAL 10

vCenter Server (2)

vSphere Update

Manager

Site Recovery Manager

Management Cluster

vCenter Server (1)

Database Server

vCenter Operations

Log Insight

vCenter Orchestrator

vCAC

CONFIDENTIAL 11

CONFIDENTIAL 12

CONFIDENTIAL 13

Simple Install •  Simple Install Changes –  Added Web Client –  Installer Order changes

5.1

Single Sign-On

Inventory Service

vCenter

5.5

Single Sign-On

vSphere WebClient

Inventory Service

vCenter

§ Why? •  In the rare case SSO goes wrong, users can log into Web

Client and troubleshoot

•  Simple Install puts all components in a single server •  VMware’s suggested best practice

CONFIDENTIAL 14

Custom Install •  Why would you run this? –  Distribute services across

multiple servers

• Customize location •  Advanced configurations

•  E.g. additional vCenter servers

1 2 3 4

Order of Installation

CONFIDENTIAL 15

vCenter Single Sign-On Recomendations •  Embedded vCenter Single Sign-On reduces complexity

–  Up to 8 instances peer to peer –  12ms Latency

•  Same vSphere.local domain –  Single point of administration

•  Centralized vCenter Single Sign-On –  3 or more Solutions (vCenter, vCAC, etc) –  Redundancy required (HA, NLB) –  Single pane of glass (per central instance)

•  All configurations –  Backup each instance –  Recovery of additional instances may require manual re-sync (if changes were made)

•  Worst case, redeploy new and reregister solutions

VMware Confidential

CONFIDENTIAL 16

Choose the correct deployment option!  The installation choices of the vCenter Single Sign-On will dictate how SSO functions

•  Middle Radio Button – Merges Lookup Services – For SSO HA, requires loadbalancer

•  Bottom Radio Button – Configures new Lookup Services – For multiple deployments •  http://kb.vmware.com/kb/2058239 and http://kb.vmware.com/kb/2058249

CONFIDENTIAL 17

What Is the vCenter Server Inventory Service?

 Maintains a cache of the vCenter Server inventory

–  (VMs, Hosts, etc)  Reduces the load on VPXD by offloading client requests

 Installs locally to vCenter Server (do not install to a separate virtual machine)

–  Separate spindles or SSD (better)

 Enables use of Tags  Enables Storage Based Policy Management

–  Remember to backup Inventory service data files to provide recovery of tags and SBPM

Inventory Service provides a query service for the web client

CONFIDENTIAL 18

vSphere Clients

 vSphere Web Client (use this) –  Primary client for vSphere administrators –  Matched functionality to legacy VI Client –  New functionality available only thru the Web Client –  Browser based on Windows and Mac –  Install local to vCenter Server

•  If installing to alternative drive, enable 8.3 paths

 vSphere Client (not this) –  Available with legacy features –  Use it for all supported host client functionalities –  Update Manager Remediation –  Added HW10 support (5.5 Update 2)

vCenter Server Tech Preview

CONFIDENTIAL 20

VMware Platform Services

IS

SSO

Web

1 VM/Host

2 VMs/Hosts

IS

Web

SSO

IS

SSO

Web

4 VMs/Hosts

Single Sign-On (SSO) 5.1 – 1st release of platform services (SSO 1.0) 5.5 – 2nd release of platform services (SSO 2.0)

5.1 and 5.5

5.0 No Platform Services

CONFIDENTIAL 21

VMware Platform Services Controller We’re adding additional services No longer just Single Sign-On

Platform Services Controller includes a set of common infrastructure services that are used by the vCloud Suite (vCenter, vCAC, vCOPS, etc)

•  Single Sign-On (SSO) •  Licensing

•  Certificate Authority •  Certificate Store

•  Service (Product) Registration

•  Other Services will be added in future releases

Platform Services Controller supports data replication

21

Platform Services

Controller Platform Services

Controller

Platform Services

Controller

CONFIDENTIAL 22

vCenter Server – Embedded PSC vs. External PSC vCenter Server with Embedded PSC •  Sufficient for most environments •  Easiest to maintain and deploy

•  Supports up to 8 vCenter Servers •  Supports embedded & external vCenter DB

•  Supports Windows & Appliance

vCenter Server with External PSC •  For larger customers with numerous vCenter

Servers

•  Reduces footprint by sharing Platform Services Controller across several vCenter Servers

•  Recommended for 3+ vCenter Servers per site

•  Supports embedded & external vCenter DB •  Supports Windows & Appliance

PSC vCenter

vCenter PSC

CONFIDENTIAL 23

vCenter Server – Embedded Configuration

5.1 & 5.5

vSphere Tech Preview

Configuration isn’t changing, we’re just adding more services

VC SSO VC SSO VC SSO VC SSO

VC PSC VC PSC VC PSC VC PSC

CONFIDENTIAL 24

vCenter Server – External Configurations

vSphere Tech Preview

Configuration isn’t changing, we’re just adding more services

5.1 & 5.5

SSO

VC VC VC VC VC

PSC

VC VC VC VC VC

CONFIDENTIAL 25

vCloud Suite Embedded And External Configurations

Embedded PSC

External PSC

Extending this concept to the rest of the vCloud Suite

VC PSC vCAC PSC

PSC

VC vCOPs VCO VC vCAC

CONFIDENTIAL 26

Growth – Transition from “Embedded PSCs” to “External PSCs” •  Supports “Embedded” and “External” in the same SSO Domain •  Hybrid configuration – Windows and Appliance

SAN FRANCISCO

VC

PSC

vCAC

VC PSC

vCOps PSC

vCAC PSC

VC PSC

NEW YORK LONDON SINGAPORE

VC PSC

VC PSC

VC

LONDON

CONFIDENTIAL 27

vCenter Server Tech Preview - Install and Upgrade

vCenter Server for Windows vCenter Server Appliance

CONFIDENTIAL 28

vCenter Server Tech Preview - Install For Windows

One installer

Choose deployment type

All input up front & validated

Pre-Check functionality •  Min CPU/Memory/Disk

requirements

•  Internal/External Ports Availability

•  OS/DB support check

Scripted Install for Advanced Administrators

CONFIDENTIAL 29

vCenter Server Tech Preview - Appliance Install

New Guided Install

Choose deployment type

All input up front & validated

Pre-Check functionality

Scripted Install for Advanced Administrators

CONFIDENTIAL 30

vCenter Server Upgrade: 5.0 to Tech Preview 5.0 Tech Preview

Tech Preview 5.0

vCenter PSC

To External PSC (pre-requisite: PSC must exist)

Step 1: Install PSC

vCenter PSC To Embedded PSC

Step 2: Upgrade 5.0 to .Next

CONFIDENTIAL 31

vCenter Server – 5.1 / 5.5 Upgrade to Tech Preview

5.1 / 5.5 Tech Preview

IS

SSO

Web

1 VM/Host

To Embedded PSC

To External PSC

Step 1: Upgrade SSO to PSC

Step 2: vCenter Server to Tech Preview

vCenter PSC

2 VMs/Hosts IS

Web

SSO

vCenter PSC

Separate Web Client and Inventory Service migrated to vCenter

IS

SSO

Web

4 VMs/Hosts

vCenter PSC

CONFIDENTIAL 32

vCenter Server Appliance Improvements

32

Metric Windows Appliance* Hosts per VC 1k ✔ Powered on VMs per VC 10k ✔ Hosts per cluster 64 ✔ VMs per cluster 6k ✔ Linked Mode 10 ✔

* Single instance VC with embedded vPostgres

CONFIDENTIAL 33

Comparing Linked Mode (LM) and Enhanced Linked Mode (ELM)

CONFIDENTIAL 33

vSphere 5.5 (LM) Tech Preview (ELM) vCenter for Windows Yes Yes vCenter Server Appliance No Yes Single Sign On Yes Yes Single Inventory View Yes Yes Single Inventory Search Yes Yes Replication Technology Microsoft ADAM Native •  Roles and Permissions Yes Yes •  Licenses Yes Yes •  Policies No Yes •  Tags No Yes

CONFIDENTIAL 34

Clients Update

34

Use case vSphere Web Client vSphere Client

vCenter management ✔ ✔

Host management ✔ ✔

ESXi patch updates ✖ ✔

Hardware version 9-11 ✔ ✔*

New features ✔ ✖

* Read only access

Q & A Sign up http://tinyurl.com/vSphereBeta

Thank You

Fill out a survey Every completed survey is entered into a

drawing for a $25 VMware company store gift certificate

vCenter Server Architecture and Deployment Deep Dive

INF2311

Harish Niddagatta Sr. Product Manager, vCenter Install And Upgrade harishn@vmware.com Bob Perugini, Sr. Product Manager, Suite Install And Upgrade rperugini@vmware.com Justin King Architect, Technical Product Manager justinking@vmware.com