0% found this document useful (0 votes)

371 views

Vcenter Server Installation and Setup - VMware Vsphere 6.7 PDF

Uploaded by

Sisay

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

371 views

Vcenter Server Installation and Setup - VMware Vsphere 6.7 PDF

Uploaded by

Sisay

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 207

vCenter Server Installation

and Setup
Update 2
Modified on 10 MAR 2020
VMware vSphere 6.7
vCenter Server 6.7
vCenter Server Installation and Setup

You can find the most up-to-date technical documentation on the VMware website at:

https://docs.vmware.com/

VMware, Inc.
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com

VMware, Inc. 2
Contents

About vCenter Server Installation and Setup 7

Updated Information 8

1 Introduction to vSphere Installation and Setup 10

Overview of the vSphere Installation and Setup Process 11
vCenter Server Components and Services 14
Overview of the vCenter Server Appliance 16
vCenter Server and Platform Services Controller Deployment Types 17
Understanding vSphere Domains, Domain Names, and Sites 21
Deployment Topologies with External Platform Services Controller Instances and High
Availability 22
vCenter Enhanced Linked Mode 25
vCenter Enhanced Linked Mode for a vCenter Server Appliance with Embedded Platform
Services Controller 26
Enhanced Linked Mode for vCenter Server or vCenter Server Appliance with an External
Platform Services Controller 28

2 Deploying the vCenter Server Appliance and Platform Services Controller

Appliance 29
System Requirements for the vCenter Server Appliance and Platform Services Controller
Appliance 31
Hardware Requirements for the vCenter Server Appliance and Platform Services Controller
Appliance 31
Storage Requirements for the vCenter Server Appliance and Platform Services Controller
Appliance 32
Software Requirements for the vCenter Server Appliance and Platform Services Controller
Appliance 33
Required Ports for vCenter Server and Platform Services Controller 33
DNS Requirements for the vCenter Server Appliance and Platform Services Controller
Appliance 38
vSphere Client Software Requirements 39
Preparing for Deployment of the vCenter Server Appliance and Platform Services Controller
Appliance 39
System Requirements for the vCenter Server Appliance Installer 39
Download and Mount the vCenter Server Appliance Installer 40
Synchronizing Clocks on the vSphere Network 41
System Clock Synchronization Between the Client and Server 42
Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance 43
GUI Deployment of the vCenter Server Appliance and Platform Services Controller Appliance
44

VMware, Inc. 3
vCenter Server Installation and Setup

Required Information for Deploying a vCenter Server Appliance or Platform Services

Controller Appliance 45
Deploy the vCenter Server Appliance with an Embedded Platform Services Controller by
Using the GUI 53
Deploy a Platform Services Controller Appliance by Using the GUI 59
Deploy the vCenter Server Appliance with an External Platform Services Controller by Using
the GUI 64
CLI Deployment of the vCenter Server Appliance and Platform Services Controller Appliance
70
Prepare Your JSON Configuration File for CLI Deployment 71
Deploy a vCenter Server Appliance or Platform Services Controller Appliance by Using the
CLI 85
Syntax of the CLI Deployment Command 86
Deploy Multiple vCenter Server Appliances or Platform Services Controller Appliances Using
the CLI 87

3 Installing vCenter Server and Platform Services Controller on Windows 90

vCenter Server for Windows Requirements 91
Pre-Install Checks for vCenter Server and Platform Services Controller on Windows 92
Hardware Requirements for vCenter Server and Platform Services Controller on Windows
93
Storage Requirements for vCenter Server and Platform Services Controller on Windows
94
Software Requirements for vCenter Server and Platform Services Controller on Windows
95
Database Requirements for vCenter Server on Windows 95
Required Ports for vCenter Server and Platform Services Controller 95
DNS Requirements for vCenter Server and Platform Services Controller on Windows 101
vSphere Client Software Requirements 101
Preparing for Installing vCenter Server and Platform Services Controller on Windows 102
Download the vCenter Server Installer for Windows 102
Preparing vCenter Server Databases for Install 103
Synchronizing Clocks on the vSphere Network 123
Using a User Account for Running vCenter Server 124
Installing vCenter Server on IPv6 Machines 124
Running the vCenter Server Installer from a Network Drive 125
Required Information for Installing vCenter Server or Platform Services Controller on Windows
125
Installing vCenter Server and Platform Services Controller on Windows 127
Install vCenter Server with an Embedded Platform Services Controller on Windows 128
Install a Platform Services Controller on Windows 130
Install vCenter Server with an External Platform Services Controller on Windows 132
Installing vCenter Server in an Environment with Multiple NICs on Windows 134

4 File-Based Backup and Restore of vCenter Server Appliance 136

VMware, Inc. 4
vCenter Server Installation and Setup

Considerations and Limitations for File-Based Backup and Restore 137

Schedule a File-Based Backup 140
Manually Back up a vCenter Server Appliance by Using the vCenter Server Appliance
Management Interface 142
Restore a vCenter Server Appliance from a File-Based Backup 143
Stage 1 - Deploy a New Appliance 146
Stage 2 - Transfer Data to the Newly Deployed Appliance 149

5 Image-Based Backup and Restore of a vCenter Server Environment 151

Considerations and Limitations for Image-Based Backup and Restore 151
Restore a vCenter Server Image-based Environment 155
Restoring a vCenter Server Instance with an Embedded Platform Services Controller 157
Restore a vCenter Server Environment with a Single Platform Services Controller 158
Restore a vCenter Server Environment with Multiple External Platform Services Controller
Instances 159
Restore a vCenter Enhanced Linked Mode Environment 160

6 After You Install vCenter Server or Deploy the vCenter Server Appliance 161
Log In to vCenter Server by Using the vSphere Client 161
Install the VMware Enhanced Authentication Plug-in 162
Collect vCenter Server Log Files 163
Repoint vCenter Server to External Platform Services Controller in a Different Domain 164
Syntax of the Domain Repoint Command 166
Understanding Tagging and Authorization Conflicts 167
vCenter Server Domain Repoint License Considerations 172
Repoint vCenter Server with Embedded Platform Services Controller to Another vCenter Server
with Embedded Platform Services Controller in a Different Domain 173
Repoint a Single Embedded Node from One Domain to an Existing Domain 174
Repoint an Embedded Node from One Domain to an Existing Domain with a Replication
Partner 176
Repoint an Embedded Node to a New Domain 179
Repoint vCenter Server to Another External Platform Services Controller in the Same Domain
181
Converging vCenter Server with an External Platform Services Controller to a vCenter Server
with an Embedded Platform Services Controller 183
Converge to an Embedded Platform Services Controller Node Using the vSphere Client
185
Converging to an Embedded Platform Services Controller Node Using the Command-Line
Utility 189
Reconfigure a Standalone vCenter Server with an Embedded Platform Services Controller to a
vCenter Server with an External Platform Services Controller 199

7 Troubleshooting vCenter Server Installation or Deployment 203

Collecting Logs for Troubleshooting a vCenter Server Installation or Upgrade 203

VMware, Inc. 5
vCenter Server Installation and Setup

Collect Installation Logs by Using the Installation Wizard 204

Retrieve Installation Logs Manually 204
Collect Deployment Log Files for the vCenter Server Appliance 204
Export a vCenter Server Support Bundle for Troubleshooting 205
Attempt to Install a Platform Services Controller After a Prior Installation Failure 205
Microsoft SQL Database Set to Unsupported Compatibility Mode Causes vCenter Server
Installation or Upgrade to Fail 206

8 Uninstall vCenter Server 207

VMware, Inc. 6
About vCenter Server Installation and
Setup

vCenter Server Installation and Setup describes how to install and configure VMware vCenter
® ®
Server , and deploy the VMware vCenter Server Appliance™.

vSphere Installation and Setup is intended for experienced administrators who want to install and
configure vCenter Server, and deploy and configure the vCenter Server Appliance.

This information is written for experienced Windows or Linux system administrators who are
familiar with virtual machine technology and data center operations. The information about using
®
the Image Builder and VMware vSphere Auto Deploy™ is written for administrators who have
®
experience with Microsoft PowerShell and VMware vSphere PowerCLI™.

VMware, Inc. 7
Updated Information

This vCenter Server Installation and Setup is updated with each release of the product or when
necessary.

This table provides the update history of the vCenter Server Installation and Setup.

Revision Description

8 SEP 2020 Added the requirement that, when you converge a vCenter Server with an external Platform Services
Controller to a vCenter Server with an embedded Platform Services Controller, you must refresh the
certificates for the ESXi hosts in your environment. Failing to do this results in connection errors when
other products attempt to connect to vCenter Server. See Converge to an Embedded Platform Services
Controller Node Using the vSphere Client and Converge vCenter Server with an External Platform
Services Controller to a vCenter Server with an Embedded Platform Services Controller.

10 AUG 2020 At VMware, we value inclusion. To foster this principle within our customer, partner, and internal
community, we are replacing some of the terminology in our content. We have updated this guide to
remove instances of non-inclusive language.

10 AUG 2020 Added the Microsoft SQL database permissions msdb.dbo.syssessions and msdb.dbo.sysjobactivity.
See Database Permission Requirements for vCenter Server.

05 JUN 2020 New information on performing an image-based restore of vCenter Server environments using an
external Platform Services Controller or vCenter Enahnced Link Mode were added. See Restore a
vCenter Server Environment with Multiple External Platform Services Controller Instances and Restore a
vCenter Enhanced Linked Mode Environment.

23 APR 2020 Added the prerequisite that, when deploying a new vCenter ServervCenter Server as part of an
Enhanced Linked Mode deployment, you must create an image-based backup of the existing vCenter
Server nodes in your environment. You can use the backup as a precaution in case there is a failure
during the deployment process. See Prerequisites for Deploying the vCenter Server Appliance or
Platform Services Controller Appliance.

10 MAR 2020 Minor changes.

22 JAN 2020 Added a note about using the SCP protocol to configure a file-based backup to Considerations and
Limitations for File-Based Backup and Restore .

02 DEC 2019 n Removed step for pre-check in Repoint an Embedded Node to a New Domain because this task is
performed without replication where pre-check is not required.
n In Stage 1 - Deploy a New Appliance, removed NFS and SMB as backup protocols supported by the
vCenter Server Appliance for a file-based restore.

05 NOV 2019 Added a reference to "Deploy an OVF or OVA Template" to GUI Deployment of the vCenter Server
Appliance and Platform Services Controller Appliance and Stage 1 - Deploy a New Appliance.

29 OCT 2019 Updated Repoint vCenter Server with Embedded Platform Services Controller to Another vCenter Server
with Embedded Platform Services Controller in a Different Domain to clarify that embedded repointing is
supported from vSphere 6.7 Update 1 and later.

VMware, Inc. 8
vCenter Server Installation and Setup

Revision Description

17 SEPT 2019 n Updated supported protocols for file-based backup in Chapter 4 File-Based Backup and Restore of
vCenter Server Appliance.
n Added a video link to Converge to an Embedded Platform Services Controller Node Using the
vSphere Client.

23 JUL2019 Added a graphic to Repoint a Single Embedded Node from One Domain to an Existing Domain.

28 JUNE 2019 n Updated vCenter Enhanced Linked Mode and Joining a vCenter Enhanced Linked Mode Domain to
include references to Repoint vCenter Server with Embedded Platform Services Controller to Another
vCenter Server with Embedded Platform Services Controller in a Different Domain as a way to join an
enhanced linked mode domain.
n Updated the maximum configuration of vCenter Server Appliance with external Platform Services
Controller nodes and vCenter Server with external Platform Services Controller installations that can
be joined with vCenter Enhanced Linked Mode in vCenter Enhanced Linked Mode
n Updated Repoint vCenter Server with Embedded Platform Services Controller to Another vCenter
Server with Embedded Platform Services Controller in a Different Domain to include tasks for
repointing a single embedded node to another node in an existing domain.

10 MAY 2019 Corrected pre-check mode command syntax in Repoint an Embedded Node to a New Domain.

23 APR 2019 n Updated instructions for creating a new vCenter Single Sign-On domain or joining an existing domain
in Stage 2 - Set up the Newly Deployed vCenter Server Appliance with an Embedded Platform
Services Controller and Stage 2 - Set up the Newly Deployed Platform Services Controller Appliance.
n Updated supported versions of ESXi and vCenter Server that you can deploy vCenter Server
Appliance and Platform Services Controller in Chapter 2 Deploying the vCenter Server Appliance and
Platform Services Controller Appliance and System Requirements for the vCenter Server Appliance
and Platform Services Controller Appliance.
n Updated instructions for the Convert to Embedded dialog box in Converge to an Embedded Platform
Services Controller Node Using the vSphere Client.
n Updated prerequisites and added a step to run the converge command in pre-check mode in
Converge vCenter Server with an External Platform Services Controller to a vCenter Server with an
Embedded Platform Services Controller.
n Added information about converging to a vCenter Server Appliance with an embedded Platform
Services Controller with a Platform Services Controller HA environment in Converging vCenter Server
with an External Platform Services Controller to a vCenter Server with an Embedded Platform
Services Controller.
n Added information about restoring vCenter Server backups with product patches in Stage 1 - Deploy
a New Appliance.
n Removed obsolete information.

11 APR 2019 Initial release.

VMware, Inc. 9
Introduction to vSphere
Installation and Setup 1
vSphere 6.7 provides various options for installation and setup. To ensure a successful vSphere
deployment, understand the installation and setup options, and the sequence of tasks.

The two core components of vSphere are ESXi and vCenter Server. ESXi is the virtualization
platform on which you can create and run virtual machines and virtual appliances. vCenter Server
is a service that acts as a central administrator for ESXi hosts connected in a network. vCenter
Server lets you pool and manage the resources of multiple hosts.

You can install vCenter Server on a Windows virtual machine or physical server, or deploy the
vCenter Server Appliance. The vCenter Server Appliance is a preconfigured Linux-based virtual
machine optimized for running vCenter Server and the vCenter Server components. You can
deploy the vCenter Server Appliance on ESXi hosts 6.0 or later, or on vCenter Server instances
6.0 or later.

Starting with vSphere 6.0, all prerequisite services for running vCenter Server and the vCenter
Server components are bundled in the VMware Platform Services Controller™. You can deploy
vCenter Server with an embedded or external Platform Services Controller, but you must always
install or deploy the Platform Services Controller before installing or deploying vCenter Server.

For detailed information about the ESXi installation process, see VMware ESXi Installation and
Setup .

This chapter includes the following topics:

n Overview of the vSphere Installation and Setup Process

n vCenter Server Components and Services

n Overview of the vCenter Server Appliance

n vCenter Server and Platform Services Controller Deployment Types

n Understanding vSphere Domains, Domain Names, and Sites

n Deployment Topologies with External Platform Services Controller Instances and High
Availability

n vCenter Enhanced Linked Mode

VMware, Inc. 10
vCenter Server Installation and Setup

Overview of the vSphere Installation and Setup Process

vSphere is a sophisticated product with multiple components to install and set up. To ensure a
successful vSphere deployment, understand the sequence of tasks required.

Installing vSphere includes the following tasks:

VMware, Inc. 11
vCenter Server Installation and Setup

Figure 1-1. vSphere Installation and Setup Workflow

Small envrionment with one Large envrionment with multiple

vCenter Server Instance vCenter Server Instances

Start the vSphere Start the vSphere

installation and setup installation and setup

Install ESXi Install ESXi

on at least one host on at least one host

Set up ESXi Set up ESXi

Deploy or install vCenter Server Deploy or install the Platform

with an embedded Platform Services Controller instances
Services Controller in a sequence

Deploy or install the vCenter Server

Log in to the vSphere
instances and register them with the
Client to create and organize
external Platform Services
your vCenter Server inventory
Controller instances

End of the vSphere

installation and setup Log in to the vSphere
Client to create and organize
your vCenter Server inventories

End of the vSphere

installation and setup

1 Read the vSphere release notes.

2 Install ESXi.

Note See VMware ESXi Installation and Setup for detailed information about the ESXi
installation process.

VMware, Inc. 12
vCenter Server Installation and Setup

3 Configure the ESXi boot and network settings, the direct console, and other settings. See
VMware ESXi Installation and Setup for information.

4 Consider setting up a syslog server for remote logging, to ensure sufficient disk storage for
log files. Setting up logging on a remote host is especially important for hosts with limited
local storage. See VMware ESXi Installation and Setup

5 Determine the vCenter Server and Platform Services Controller deployment model that is
suitable for your environment.

See vCenter Server and Platform Services Controller Deployment Types.

6 Deploy or install vCenter Server and Platform Services Controller.

You can deploy the vCenter Server Appliance or Platform Services Controller appliance on an
ESXi host or vCenter Server instance, or you can install vCenter Server and Platform Services
Controller on a Windows virtual machine or physical server.

You can deploy or install multiple vCenter Server instances connected in Enhanced Linked
Mode configuration by registering them to a common or different joined Platform Services
Controller instances.

n Deploy the vCenter Server Appliance or Platform Services Controller appliance.

1 Review the topics in System Requirements for the vCenter Server Appliance and
Platform Services Controller Appliance and verify that your system meets the
hardware and software requirements for deploying the appliance.

2 Determine the deployment method to use.

You can use the GUI method to deploy the appliance interactively. You can use the
CLI method to perform a silent deployment of the appliance. See GUI Deployment of
the vCenter Server Appliance and Platform Services Controller Appliance and CLI
Deployment of the vCenter Server Appliance and Platform Services Controller
Appliance.

3 Use the topic Required Information for Deploying a vCenter Server Appliance or
Platform Services Controller Appliance to create a worksheet with the information you
need for the GUI deployment, or use the topic Prepare Your JSON Configuration File
for CLI Deployment to create your JSON templates for the CLI deployment.

4 Deploy the appliance.

n Install vCenter Server or Platform Services Controller on a Windows virtual machine or

physical server.

1 Verify that your system meets the hardware and software requirements for installing
vCenter Server. See vCenter Server for Windows Requirements.

2 (Optional) Set up an external vCenter Server database. See Preparing vCenter Server
Databases for Install.

VMware, Inc. 13
vCenter Server Installation and Setup

For an environment with up to 20 hosts and 200 virtual machines, you can use the
bundled PostgreSQL database. For production and large scale environments, set up
an external database, because the migration from the embedded PostgreSQL
database to an external database is not a trivial manual process.

3 Create a worksheet with the information you need for installation. See Required
Information for Installing vCenter Server or Platform Services Controller on Windows.

4 Install vCenter Server with an embedded Platform Services Controller, Platform

Services Controller, or vCenter Server with an external Platform Services Controller.

7 Connect to vCenter Server from the vSphere Client. See Chapter 6 After You Install vCenter
Server or Deploy the vCenter Server Appliance.

8 Configure the vCenter Server Appliance or vCenter Server instance. See vCenter Server
Appliance Configuration and vCenter Server and Host Management.

vCenter Server Components and Services

vCenter Server provides a centralized platform for management, operation, resource
provisioning, and performance evaluation of virtual machines and hosts.

When you install vCenter Server with an embedded Platform Services Controller, or deploy the
vCenter Server Appliance with an embedded Platform Services Controller, vCenter Server, the
vCenter Server components, and the services included in the Platform Services Controller are
deployed on the same system.

When you install vCenter Server with an external Platform Services Controller, or deploy the
vCenter Server Appliance with an external Platform Services Controller, vCenter Server and the
vCenter Server components are deployed on one system, and the services included in the
Platform Services Controller are deployed on another system.

The following components are included in the vCenter Server and vCenter Server Appliance
installations:

n The VMware Platform Services Controller group of infrastructure services contains vCenter
Single Sign-On, License service, Lookup Service, and VMware Certificate Authority.

n The vCenter Server group of services contains vCenter Server, vSphere Client, vSphere Web
Client, vSphere Auto Deploy, and vSphere ESXi Dump Collector. vCenter Server for Windows
also contains the VMware vSphere Syslog Collector. The vCenter Server Appliance also
contains the VMware vSphere Update Manager Extension service.

Note Starting with vSphere 6.5, all vCenter Server services and some Platform Services
Controller services run as child processes of the VMware Service Lifecycle Manager service.

Services Installed with VMware Platform Services Controller

vCenter Single Sign-On

VMware, Inc. 14
vCenter Server Installation and Setup

The vCenter Single Sign-On authentication service provides secure authentication services to
the vSphere software components. By using vCenter Single Sign-On, the vSphere
components communicate with each other through a secure token exchange mechanism,
instead of requiring each component to authenticate a user separately with a directory
service like Active Directory. vCenter Single Sign-On constructs an internal security domain
(for example, vsphere.local) where the vSphere solutions and components are registered
during the installation or upgrade process, providing an infrastructure resource. vCenter
Single Sign-On can authenticate users from its own internal users and groups, or it can
connect to trusted external directory services such as Microsoft Active Directory.
Authenticated users can then be assigned registered solution-based permissions or roles
within a vSphere environment.

vCenter Single Sign-On is required with vCenter Server.

vSphere License Service

The vSphere License service provides common license inventory and management
capabilities to all vCenter Server systems that are connected to a Platform Services Controller
or multiple linked Platform Services Controllers.

VMware Certificate Authority

VMware Certificate Authority (VMCA) provisions each ESXi host with a signed certificate that
has VMCA as the root certificate authority, by default. Provisioning occurs when the ESXi
host is added to vCenter Server explicitly or as part of the ESXi host installation process. All
ESXi certificates are stored locally on the host.

For information about all Platform Services Controller services and capabilities, see Platform
Services Controller Administration.

Services Installed with vCenter Server

These additional components are installed silently when you install vCenter Server. The
components cannot be installed separately as they do not have their own installers.

PostgreSQL

A bundled version of the VMware distribution of PostgreSQL database for vSphere and
vCloud Hybrid Services.

vSphere Web Client

The vSphere Web Client lets you connect to vCenter Server instances by using a Web
browser, so that you can manage your vSphere infrastructure.

vSphere Client

The new user interface that lets you connect to vCenter Server instances by using a Web
browser. The terminology, topology, and workflow are closely aligned with the same aspects
and elements of the vSphere Web Client user interface.

VMware, Inc. 15
vCenter Server Installation and Setup

vSphere ESXi Dump Collector

The vCenter Server support tool. You can configure ESXi to save the VMkernel memory to a
network server, rather than to a disk, when the system encounters a critical failure. The
vSphere ESXi Dump Collector collects such memory dumps over the network.

VMware vSphere Syslog Collector

The vCenter Server on Windows support tool that enables network logging and combining of
logs from multiple hosts. You can use the vSphere Syslog Collector to direct ESXi system logs
to a server on the network, rather than to a local disk. The recommended maximum number
of supported hosts to collect logs from is 30. For information about configuring vSphere
Syslog Collector, see http://kb.vmware.com/kb/2021652.

The vCenter Server Appliance uses the built-in Rsyslog service of the Linux OS. For
information how to redirect the log files to another machine with the Appliance Management
Interface, see vCenter Server Appliance Configuration.

vSphere Auto Deploy

The vCenter Server support tool that can provision hundreds of physical hosts with ESXi
software. You can specify the image to deploy and the hosts to provision with the image.
Optionally, you can specify host profiles to apply to the hosts, and a vCenter Server location
(folder or cluster) for each host.

VMware vSphere Update Manager Extension

Update Manager enables centralized, automated patch and version management for VMware
vSphere and offers support for VMware ESXi hosts, virtual machines, and virtual appliances.
The VMware vSphere Update Manager Extension is an optional service of only the vCenter
Server Appliance 6.7.

Overview of the vCenter Server Appliance

The vCenter Server Appliance is a preconfigured Linux-based virtual machine that is optimized
for running vCenter Server and the associated services.

The vCenter Server Appliance reduces the deployment time of vCenter Server and the
associated services, and provides a low-cost alternative to the Windows-based vCenter Server
installation.

The vCenter Server Appliance package contains the following software:

®
n Project Photon OS 1.0

n The Platform Services Controller group of infrastructure services

n The vCenter Server group of services

n PostgreSQL

n VMware vSphere Update Manager Extension

VMware, Inc. 16
vCenter Server Installation and Setup

Version 6.7 of the vCenter Server Appliance is deployed with virtual hardware version 10, which
supports 64 virtual CPUs per virtual machine in ESXi.

The vCenter Server Appliance uses the embedded PostgreSQL database that has the scalability
of up to 2,000 hosts and 35,000 virtual machines. During the deployment, you can choose the
vCenter Server Appliance size for your vSphere environment size and the storage size for your
database requirements.

Starting with vSphere 6.5, the vCenter Server uses the VMware vSphere Update Manager
Extension service. An external VMware Update Manager instance on Windows is no longer
required for vSphere centralized automated patch and version management. For information
about the vCenter Server and Platform Services Controller services, see vCenter Server
Components and Services.

Starting with vSphere 6.5, the vCenter Server Appliance supports high availability. For
information about configuring vCenter Server Appliance in a vCenter High Availability cluster, see
vSphere Availability.

Starting with vSphere 6.5, the vCenter Server Appliance and Platform Services Controller
appliance support file-based backup and restore. For information backing up and restoring, see
Chapter 4 File-Based Backup and Restore of vCenter Server Appliance.

For information about the vCenter Server Appliance maximums, see the Configuration Maximums
documentation.

vCenter Server and Platform Services Controller

Deployment Types
You can deploy the vCenter Server Appliance or install vCenter Server for Windows with an
embedded or external Platform Services Controller. You can also deploy a Platform Services
Controller as an appliance or install it on Windows. If necessary, you can use a mixed operating
systems environment.

Before you deploy the vCenter Server Appliance or install vCenter Server for Windows, you must
determine the deployment model that is suitable for your environment. For each deployment or
installation, you must select one of the three deployment types.

VMware, Inc. 17
vCenter Server Installation and Setup

Table 1-1. vCenter Server and Platform Services Controller Deployment Types
Deployment Type Description

vCenter Server with an embedded Platform Services All services that are bundled with the Platform Services
Controller Controller are deployed together with the vCenter Server
services on the same virtual machine or physical server.

Platform Services Controller Only the services that are bundled with the Platform
Services Controller are deployed on the virtual machine or
physical server.

vCenter Server with an external Platform Services Only the vCenter Server services are deployed on the
Controller virtual machine or physical server.
(Requires external Platform Services Controller) You must register such a vCenter Server instance with a
Platform Services Controller instance that you previously
deployed or installed.

Note vCenter Server deployments using an external Platform Services Controller will not be
supported in a future vSphere release. Deploy or upgrade to a vCenter Server deployment using
an embedded Platform Services Controller. For more information, see the VMware Knowledge
Base article http://kb.vmware.com/kb/60229.

vCenter Server with an Embedded Platform Services Controller

Using an embedded Platform Services Controller results in a standalone deployment that has its
own vCenter Single Sign-On domain with a single site.

Starting with vSphere 6.5 Update 2, other instances of vCenter Server with an embedded
Platform Services Controller can be joined to enable enhanced linked mode.

For more information, see vCenter Enhanced Linked Mode for a vCenter Server Appliance with
Embedded Platform Services Controller.

Figure 1-2. vCenter Server with an Embedded Platform Services Controller

Virtual Machine or Physical Server

Platform Services
Controller

vCenter Server

Installing vCenter Server with an embedded Platform Services Controller has the following
advantages:

n The connection between vCenter Server and the Platform Services Controller is not over the
network, and vCenter Server is not prone to outages caused by connectivity and name
resolution issues between vCenter Server and the Platform Services Controller.

n If you install vCenter Server on Windows virtual machines or physical servers, you need fewer
Windows licenses.

VMware, Inc. 18
vCenter Server Installation and Setup

n You manage fewer virtual machines or physical servers.

You can configure the vCenter Server Appliance with an embedded Platform Services Controller
in vCenter High Availability configuration. For information, see vSphere Availability.

Platform Services Controller and vCenter Server with an External

Platform Services Controller
When you deploy or install a Platform Services Controller instance, you can create a vCenter
Single Sign-On domain or join an existing vCenter Single Sign-On domain. Joined Platform
Services Controller instances replicate their infrastructure data, such as authentication and
licensing information, and can span multiple vCenter Single Sign-On sites. For information, see
Understanding vSphere Domains, Domain Names, and Sites.

For information about managing the Platform Services Controller services, see Platform Services
Controller Administration.

You can register multiple vCenter Server instances with one common external Platform Services
Controller instance. The vCenter Server instances assume the vCenter Single Sign-On site of the
Platform Services Controller instance with which they are registered. All vCenter Server instances
that are registered with one common or different joined Platform Services Controller instances
are connected in Enhanced Linked Mode.

See Enhanced Linked Mode for vCenter Server or vCenter Server Appliance with an External
Platform Services Controller.

Figure 1-3. Example of Two vCenter Server Instances with a Common External Platform Services
Controller

Virtual Machine or Physical Server

Platform Services
Controller

Virtual Machine or Physical Server Virtual Machine or Physical Server

vCenter Server vCenter Server

VMware, Inc. 19
vCenter Server Installation and Setup

Installing vCenter Server with an external Platform Services Controller has the following
disadvantages:

n The connection between vCenter Server and Platform Services Controller might have
connectivity and name resolution issues.

n If you install vCenter Server on Windows virtual machines or physical servers, you need more
Microsoft Windows licenses.

n You must manage more virtual machines or physical servers.

For information about the Platform Services Controller and vCenter Server maximums, see the
Configuration Maximums documentation.

For information about the deployment topologies and Platform Services Controller high
availability, see Deployment Topologies with External Platform Services Controller Instances and
High Availability.

For information about configuring the vCenter Server Appliance with an external Platform
Services Controller in vCenter High Availability configuration, see vSphere Availability.

Note After you deploy or install vCenter Server with an external Platform Services Controller,
you can reconfigure the deployment type and switch to vCenter Server with an embedded
Platform Services Controller.

See Converging vCenter Server with an External Platform Services Controller to a vCenter Server
with an Embedded Platform Services Controller.

Mixed Operating Systems Environment

A vCenter Server instance installed on Windows can be registered with either a Platform Services
Controller installed on Windows or a Platform Services Controller appliance. A vCenter Server
Appliance can be registered with either a Platform Services Controller installed on Windows or a
Platform Services Controller appliance. Both vCenter Server and the vCenter Server Appliance
can be registered with the same Platform Services Controller.

Figure 1-4. Example of a Mixed Operating Systems Environment with an External Platform
Services Controller on Windows

Windows Virtual Machine

or Physical Server

Platform Services
Controller on Windows

Virtual Machine or Physical Server Virtual Machine

vCenter Server on Windows vCenter Server Appliance

VMware, Inc. 20
vCenter Server Installation and Setup

Figure 1-5. Example of a Mixed Operating Systems Environment with an External Platform
Services Controller Appliance

Virtual Machine

Platform Services
Controller Appliance

Virtual Machine or Physical Server Virtual Machine

vCenter Server on Windows vCenter Server Appliance

Note To ensure easy manageability and maintenance, use only appliances or only Windows
installations of vCenter Server and Platform Services Controller.

Understanding vSphere Domains, Domain Names, and Sites

Each Platform Services Controller is associated with a vCenter Single Sign-On domain. The
domain name defaults to vsphere.local, but you can change it during installation of the first
Platform Services Controller. The domain determines the local authentication space. You can split
a domain into multiple sites, and assign each Platform Services Controller and vCenter Server
instance to a site. Sites are logical constructs, but usually correspond to geographic location.

Platform Services Controller Domain

When you install a Platform Services Controller, you are prompted to create a vCenter Single
Sign-On domain or join an existing domain.

The domain name is used by the VMware Directory Service (vmdir) for all Lightweight Directory
Access Protocol (LDAP) internal structuring.

With vSphere 6.0 and later, you can give your vSphere domain a unique name. To prevent
authentication conflicts, use a name that is not used by OpenLDAP, Microsoft Active Directory,
and other directory services.

Note You cannot change the domain to which a Platform Services Controller or vCenter Server
instance belongs.

After you specify the name of your domain, you can add users and groups. It usually makes more
sense to add an Active Directory or LDAP identity source and allow the users and groups in that
identity source to authenticate. You can also add vCenter Server or Platform Services Controller
instances, or other VMware products, such as vRealize Operations, to the domain.

VMware, Inc. 21
vCenter Server Installation and Setup

Platform Services Controller Sites

You can organize Platform Services Controller domains into logical sites. A site in the VMware
Directory Service is a logical container for grouping Platform Services Controller instances within
a vCenter Single Sign-On domain.

Starting with vSphere 6.5, sites become important. During Platform Services Controller failover,
the vCenter Server instances are affinitized to a different Platform Services Controller in the same
site. To prevent your vCenter Server instances from being affinitized to a Platform Services
Controller in a distant geographic location, you can use multiple sites.

You are prompted for the site name when you install or upgrade a Platform Services Controller.
See the vCenter Server Installation and Setup documentation.

Deployment Topologies with External Platform Services

Controller Instances and High Availability
To ensure Platform Services Controller high availability in external deployments, you must install
or deploy at least two joined Platform Services Controller instances in your vCenter Single Sign-
On domain. When you use a third-party load balancer, you can ensure an automatic failover
without downtime.

Platform Services Controller with a Load Balancer

Figure 1-6. Example of a Load Balanced Pair of Platform Services Controller Instances

Virtual Machine or Virtual Machine or

Physical Server Physical Server

Platform Services Platform Services

Controller Controller

Load Balancer

Virtual Machine or Virtual Machine or

Physical Server Physical Server

vCenter Server vCenter Server

VMware, Inc. 22
vCenter Server Installation and Setup

You can use a third-party load balancer per site to configure Platform Services Controller high
availability with automatic failover for this site. For information about the maximum number of
Platform Services Controller instances behind a load balancer, see the Configuration Maximums
documentation.

Important To configure Platform Services Controller high availability behind a load balancer, the
Platform Services Controller instances must be of the same operating system type. Mixed
operating systems Platform Services Controller instances behind a load balancer are
unsupported.

The vCenter Server instances are connected to the load balancer. When a Platform Services
Controller instance stops responding, the load balancer automatically distributes the load among
the other functional Platform Services Controller instances without downtime.

Platform Services Controller with Load Balancers Across vCenter

Single Sign-On Sites
Figure 1-7. Example of Two Load Balanced Pairs of Platform Services Controller Instances Across
Two Sites
Site 1 Site 2

Virtual Machine or Virtual Machine or Virtual Machine or Virtual Machine or

Physical Server Physical Server Physical Server Physical Server

Platform Services Platform Services Platform Services Platform Services

Controller Controller Controller Controller

Load Balancer Load Balancer

Virtual Machine or Virtual Machine or Virtual Machine or Virtual Machine or

Physical Server Physical Server Physical Server Physical Server

vCenter Server vCenter Server vCenter Server vCenter Server

Your vCenter Single Sign-On domain might span multiple sites. To ensure Platform Services
Controller high availability with automatic failover throughout the domain, you must configure a
separate load balancer in each site.

VMware, Inc. 23
vCenter Server Installation and Setup

Platform Services Controller with No Load Balancer

Figure 1-8. Example of Two Joined Platform Services Controller Instances with No a Load
Balancer

Virtual Machine or Virtual Machine or

Physical Server Physical Server

Platform Services Platform Services

Controller Controller

Virtual Machine or Virtual Machine or Virtual Machine or Virtual Machine or

Physical Server Physical Server Physical Server Physical Server

vCenter Server vCenter Server vCenter Server vCenter Server

When you join two or more Platform Services Controller instances in the same site with no load
balancer, you configure Platform Services Controller high availability with a manual failover for
this site.

When a Platform Services Controller instance stops responding, you must manually fail over the
vCenter Server instances that are registered to it. You fail over the instances by repointing them
to other functional Platform Services Controller instances within the same site. See Repoint
vCenter Server to Another External Platform Services Controller in the Same Domain.

Note If your vCenter Single Sign-On domain includes three or more Platform Services Controller
instances, you can manually create a ring topology. A ring topology ensures Platform Services
Controller reliability when one of the instances fails. To create a ring topology, run the /usr/lib/
vmware-vmdir/bin/vdcrepadmin -f createagreement command against the first and last
Platform Services Controller instance that you have deployed.

VMware, Inc. 24
vCenter Server Installation and Setup

Platform Services Controller with No Load Balancer Across vCenter

Single Sign-On Sites
Figure 1-9. Example of Two Joined Pairs of Platform Services Controller Instances Across Two
Sites with No Load Balancer

Site 1 Site 2

Virtual Machine or Virtual Machine or Virtual Machine or Virtual Machine or

Physical Server Physical Server Physical Server Physical Server

Platform Services Platform Services Platform Services Platform Services

Controller Controller Controller Controller

Virtual Machine or Virtual Machine or Virtual Machine or Virtual Machine or

Physical Server Physical Server Physical Server Physical Server

vCenter Server vCenter Server vCenter Server vCenter Server

Your vCenter Single Sign-On domain might span multiple sites. When no load balancer is
available, you can manually repoint vCenter Server from a failed to a functional Platform Services
Controller within the same site. See Repoint vCenter Server to Another External Platform Services
Controller in the Same Domain.

vCenter Enhanced Linked Mode

vCenter Enhanced Linked Mode allows you to log in to any single instance of vCenter Server
Appliance or vCenter Server and view and manage the inventories of all the vCenter Server
systems in the group.

The following are the configuration maximums for vCenter Enhanced Linked Mode:

n For vCenter Server Appliance with embedded Platform Services Controller deployments, you
can join up to 15 nodes in one vSphere Single Sign-On domain.

n For vCenter Server with external Platform Services Controller installations, you can join up to
10 external Platform Services Controller and 15 vCenter Server systems in a single vSphere
Single Sign-On domain.

You can create a vCenter Enhanced Linked Mode group during the deployment of vCenter
Server Appliance or installation of vCenter Server.

After deployment, you can join a vCenter Enhanced Linked Mode group by moving, or
repointing, a vCenter Server with an embedded Platform Services Controller from one vSphere
domain to another exisitng domain. See Repoint vCenter Server with Embedded Platform
Services Controller to Another vCenter Server with Embedded Platform Services Controller in a
Different Domain for information on repointing an embedded vCenter Server node.

VMware, Inc. 25
vCenter Server Installation and Setup

vCenter Enhanced Linked Mode for a vCenter Server Appliance with

Embedded Platform Services Controller
Enhanced linked mode support is enabled for vCenter Server Appliance deployments with an
embedded Platform Services Controller.

You can connect vCenter Server Appliance deployments with an embedded Platform Services
Controller together to form a domain. Enhanced linked mode support for vCenter Server
Appliance deployments with an embedded Platform Services Controller is not supported for
Windows vCenter Server installations. vCenter Enhanced Linked Mode for vCenter Server
Appliance deployments with an embedded Platform Services Controller is supported starting
with vSphere 6.5 Update 2 and suitable for most deployments.

Other features include:

n No external Platform Services Controller, providing a more simplified domain architecture

than an external deployment with enhanced linked mode.

n A simplified backup and restore process. See Chapter 4 File-Based Backup and Restore of
vCenter Server Appliance for more information.

n A simplified HA process, removing the need for load balancers.

n Up to 15 vCenter Server Appliance deployments can be linked together using enhanced

linked mode and displayed in a single inventory view.

n For a vCenter High Availability (vCenter HA) cluster, three nodes are considered one logical
vCenter Server node. See "vCenter Architecture Overview" in vSphere Availability for the
vCenter HA architecture overview. A single vCenter Server standard license is needed for one
vCenter HA cluster.

Figure 1-10. Enhanced Linked Mode for vCenter Server Appliance Deployments with an
Embedded Platform Services Controller

Appliance Appliance Appliance Appliance

Platform Services Platform Services Platform Services Platform Services

Controller Controller Controller Controller

vCenter Server vCenter Server vCenter Server vCenter Server

Note Enhanced linked mode for vCenter Server Appliance deployments with an Platform
Services Controller is not supported for Windows vCenter Server installations.

Enhanced Linked Mode with Read Only Replication

If a vCenter High Availability (vCenter HA) instance is connected with another vCenter Server
instance with enhanced linked mode for an embedded Platform Services Controller and vCenter
HA failover occurs to the passive node and is unable to communicate with its replication partner
on the other vCenter Server node, the replica on the vCenter HA node enters read-only mode.

VMware, Inc. 26
vCenter Server Installation and Setup

Joining a vCenter Enhanced Linked Mode Domain

You can join a vCenter Server Appliance with an embedded Platform Services Controller to
another embedded node during deployment of the vCenter Server Appliance.

Note You can join a vCenter Enhanced Linked Mode group after deployment by moving, or
repointing, a vCenter Server with an embedded Platform Services Controller from one vSphere
domain to another exisitng domain. See Repoint vCenter Server with Embedded Platform
Services Controller to Another vCenter Server with Embedded Platform Services Controller in a
Different Domain for information on repointing an embedded vCenter Server node.

For example, suppose you want to deploy two vCenter Server Appliance with embedded
Platform Services Controller systems, and join the two nodes using vCenter Enhanced Linked
Mode.

Note Enhanced linked mode for vCenter Server Appliance deployments with an Platform
Services Controller is not supported for Windows vCenter Server installations.

If you are deploying the vCenter Server Appliance nodes with the UI Installer:

1 For Appliance 1, deploy the vCenter Server Appliance as an instance on ESXi Host 1.
Synchronize the time settings with ESXi Host 1.

2 For Appliance 2, deploy the vCenter Server Appliance as an instance on ESXi Host 1 and
configure the time settings so that Appliance 2 are synchronized with ESXi Host 1. In stage 2
you select to join the vCenter Single Sign-On server of the deployed appliance on Machine 1.
For specific instructions, see Stage 2 - Set up the Newly Deployed vCenter Server Appliance
with an Embedded Platform Services Controller.

If you are deploying the vCenter Server Appliance nodes with the CLI:

1 Configure the JSON configuration template embedded_vCSA_on_VC.json (or

embedded_vCSA_on_ESXi.json) for Appliance 1 as an instance on ESXi Host 1. See Prepare
Your JSON Configuration File for CLI Deployment for specific instructions on preparing the
JSON configuration file.

2 Deploy Appliance 1 by running the vcsa-cli-installer command. See Deploy a vCenter

Server Appliance or Platform Services Controller Appliance by Using the CLI for instructions.

3 Configure the JSON configuration template embedded_vCSA_replication_on_VC.json (or

embedded_vCSA_replication_on_ESXi.json) for Appliance 2 as an instance on ESXi Host 1.
Enter the hostname of the first embedded node in the replication_partner_hostname field in
the sso section.

4 Deploy Appliance 2 by running the vcsa-cli-installer command using the

embedded_vCSA_replication_on_VC.json (or embedded_vCSA_replication_on_ESXi.json)
file.

VMware, Inc. 27
vCenter Server Installation and Setup

Enhanced Linked Mode for vCenter Server or vCenter Server

Appliance with an External Platform Services Controller
Enhanced Linked Mode connects multiple vCenter Server systems together by using one or more
Platform Services Controllers.

Enhanced Linked Mode lets you view and search across all linked vCenter Server systems and
replicate roles, permissions, licenses, policies, and tags.

When you install vCenter Server or deploy the vCenter Server Appliance with an external
Platform Services Controller, you must first install the Platform Services Controller. During
installation of the Platform Services Controller, you can select whether to create a vCenter Single
Sign-On domain or join an existing domain. You can select to join an existing vCenter Single Sign-
On domain if you have already installed or deployed a Platform Services Controller instance and
have created a vCenter Single Sign-On domain. When you join an existing vCenter Single Sign-On
domain, the infrastructure data between the existing Platform Services Controller and the new
Platform Services Controller is replicated.

With Enhanced Linked Mode, you can connect not only vCenter Server systems running on
Windows but also many vCenter Server Appliances. You can also have an environment where
multiple vCenter Server systems and vCenter Server Appliances are linked together.

If you install vCenter Server with an external Platform Services Controller, you first must deploy
the Platform Services Controller on one virtual machine or physical server and then deploy
vCenter Server on another virtual machine or physical server. While installing vCenter Server, you
must select an existing external Platform Services Controller. You cannot select an existing
Platform Services Controller that is a part of an embedded installation. For more information
about the supported topologies, see vCenter Server and Platform Services Controller
Deployment Types.

VMware, Inc. 28
Deploying the vCenter Server
Appliance and Platform Services
Controller Appliance
2
You can deploy the vCenter Server Appliance with an embedded or external Platform Services
Controller to manage your vSphere environment. You can deploy a Platform Services Controller
appliance and register external deployments and Windows installations of vCenter Server
Appliance with this Platform Services Controller appliance.

You can deploy the vCenter Server Appliance or Platform Services Controller appliance on an
ESXi host 6.0 or later, or on an ESXi host or DRS cluster from the inventory of a vCenter Server
instance 6.0 or later.

For information about the software included in the vCenter Server Appliance 6.7, see Overview
of the vCenter Server Appliance.

For information about the software and hardware requirements for deploying the vCenter Server
Appliance and Platform Services Controller appliance, see System Requirements for the vCenter
Server Appliance and Platform Services Controller Appliance.

The vCenter Server Appliance installer contains executable files for GUI and CLI deployments,
which you can use alternatively.

n The GUI deployment is a two stage process. The first stage is a deployment wizard that
deploys the OVA file of the appliance on the target ESXi host or vCenter Server instance.
After the OVA deployment finishes, you are redirected to the second stage of the process
that sets up and starts the services of the newly deployed appliance.

n The CLI deployment method involves running a CLI command against a JSON file that you
previously prepared. The CLI installer parses the configuration parameters and their values
from the JSON file and generates an OVF Tool command that automatically deploys and sets
up the appliance.

Important For topologies with external Platform Services Controller instances, you must deploy
the replicating Platform Services Controller instances in a sequence. After the successful
deployment of all Platform Services Controller instances in the domain, you can perform
concurrent deployments of multiple vCenter Server appliances that point to a common external
Platform Services Controller instance.

VMware, Inc. 29
vCenter Server Installation and Setup

The vCenter Server Appliance and Platform Services Controller appliance have the following
default user names:

User Name Description

root Use this user name to log in to the appliance operating system and the Appliance
Management Interface.
You set the password while deploying the virtual appliance.

administrator@your_domain_name Use this user name for vCenter Single Sign-On login.
You set the password while creating the vCenter Single Sign-On domain. You create
a vCenter Single Sign-On domain during the deployment of a vCenter Server
Appliance with an embedded Platform Services Controller or the first Platform
Services Controller instance in a new vCenter Single Sign-On domain.
After you create a vCenter Single Sign-On domain, only the
administrator@your_domain_name user has the privileges required to log in to
vCenter Single Sign-On and vCenter Server.
The administrator@your_domain_name user can proceed as follows:
n Add an identity source in which additional users and groups are defined to
vCenter Single Sign-On.
n Give permissions to the users and groups.
For information about adding identity sources and giving permissions to the users
and groups, see Platform Services Controller Administration.

For information about upgrading and patching the vCenter Server Appliance and Platform
Services Controller appliance, see vSphere Upgrade.

For information about configuring the vCenter Server Appliance and Platform Services Controller
appliance, see vCenter Server Appliance Configuration.

If you want to set up the vCenter Server Appliance to use an IPv6 address version, use the fully
qualified domain name (FQDN) or host name of the appliance. To set up an IPv4 address, the
best practice is to use the FQDN or host name of the appliance, because the IP address can
change if assigned by DHCP.

This chapter includes the following topics:

n System Requirements for the vCenter Server Appliance and Platform Services Controller
Appliance

n Preparing for Deployment of the vCenter Server Appliance and Platform Services Controller
Appliance

n Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance

n GUI Deployment of the vCenter Server Appliance and Platform Services Controller Appliance

n CLI Deployment of the vCenter Server Appliance and Platform Services Controller Appliance

VMware, Inc. 30
vCenter Server Installation and Setup

System Requirements for the vCenter Server Appliance and

Platform Services Controller Appliance
You can deploy the vCenter Server Appliance or Platform Services Controller appliance on an
ESXi host 6.0 or later, or on a vCenter Server instance 6.0 or later. Your system must also meet
specific software and hardware requirements.

When you use Fully Qualified Domain Names, verify that the client machine from which you are
deploying the appliance and the network on which you are deploying the appliance use the same
DNS server.

Before you deploy the appliance, synchronize the clocks of the target server and all vCenter
Server and Platform Services Controller instances on the vSphere network. Unsynchronized
clocks might result in authentication problems and can cause the installation to fail or prevent the
appliance services from starting. See Synchronizing Clocks on the vSphere Network.

Hardware Requirements for the vCenter Server Appliance and

Platform Services Controller Appliance
When you deploy the vCenter Server Appliance, you can select to deploy an appliance that is
suitable for the size of your vSphere environment. The option that you select determines the
number of CPUs and the amount of memory for the appliance. The size of the Platform Services
Controller appliance is the same for all environment sizes.

Hardware Requirements for the vCenter Server Appliance

The hardware requirements for a vCenter Server Appliance depend on the size of your vSphere
inventory.

Table 2-1. Hardware Requirements for a vCenter Server Appliance with an Embedded or External
Platform Services Controller
Number of vCPUs Memory

Tiny environment (up to 10 hosts or 2 10 GB

100 virtual machines)

Small environment (up to 100 hosts or 4 16 GB

1,000 virtual machines)

Medium environment (up to 400 hosts 8 24 GB

or 4,000 virtual machine)

Large environment (up to 1,000 hosts 16 32 GB

or 10,000 virtual machines)

X-Large environment (up to 2,000 24 48 GB

hosts or 35,000 virtual machines)

Note If you want to add an ESXi host with more than 512 LUNs and 2,048 paths to the vCenter
Server Appliance inventory, you must deploy a vCenter Server Appliance for a large or x-large
environment.

VMware, Inc. 31
vCenter Server Installation and Setup

Hardware Requirements for the Platform Services Controller Appliance

The hardware requirements for an external Platform Services Controller appliance are 2 vCPUs
and 4 GB memory.

Storage Requirements for the vCenter Server Appliance and

Platform Services Controller Appliance
When you deploy the vCenter Server Appliance or Platform Services Controller appliance, the
ESXi host or DRS cluster on which you deploy the appliance must meet minimum storage
requirements. The required storage depends not only on the size of the vSphere environment
and the storage size, but also on the disk provisioning mode.

Storage Requirements for the vCenter Server Appliance

The storage requirements are different for each vSphere environment size and depend on your
database size requirements.

Table 2-2. Storage Requirements for a vCenter Server Appliance with an Embedded or External
Platform Services Controller
Default Storage Size Large Storage Size X-Large Storage Size

Tiny environment (up to 10 300 GB 825 GB 1700 GB

hosts or 100 virtual
machines)

Small environment (up to 340 GB 870 GB 1750 GB

100 hosts or 1,000 virtual
machines)

Medium environment (up to 525 GB 1025 GB 1905 GB

400 hosts or 4,000 virtual
machine)

Large environment (up to 740 GB 1090 GB 1970 GB

1,000 hosts or 10,000 virtual
machines)

X-Large environment (up to 1180 GB 1230 GB 2110 GB

2,000 hosts or 35,000
virtual machines)

Note The storage requirements include the requirements for the VMware Update Manager that
runs as a service in the vCenter Server Appliance.

Storage Requirements for the Platform Services Controller Appliance

The storage requirement for an external Platform Services Controller appliance is 60 GB.

VMware, Inc. 32
vCenter Server Installation and Setup

Software Requirements for the vCenter Server Appliance and

Platform Services Controller Appliance
The VMware vCenter Server Appliance and Platform Services Controller appliance can be
deployed on ESXi 6.0 hosts or later, or on vCenter Server instances 6.0 or later.

You can deploy the vCenter Server Appliance or Platform Services Controller appliance by using
the GUI or CLI installer. You run the installer from a network client machine that you use to
connect to the target server and deploy the appliance on the server. You can connect directly to
an ESXi 6.x host on which to deploy the appliance. You can also connect to a vCenter Server 6.x
instance to deploy the appliance on an ESXi host or DRS cluster that resides in the vCenter
Server inventory.

For information about the requirements for network client machine, see System Requirements for
the vCenter Server Appliance Installer.

Required Ports for vCenter Server and Platform Services Controller

The vCenter Server system, both on Windows and in the appliance, must be able to send data to
every managed host and receive data from the vSphere Client and the Platform Services
Controller services. To enable migration and provisioning activities between managed hosts, the
source and destination hosts must be able to receive data from each other.

If a port is in use or is blocked using a denylist, the vCenter Server installer displays an error
message. You must use another port number to proceed with the installation. There are internal
ports that are used only for inter-process communication.

VMware uses designated ports for communication. Additionally, the managed hosts monitor
designated ports for data from vCenter Server. If a built-in firewall exists between any of these
elements, the installer opens the ports during the installation or upgrade process. For custom
firewalls, you must manually open the required ports. If you have a firewall between two
managed hosts and you want to perform source or target activities, such as migration or cloning,
you must configure a means for the managed hosts to receive data.

Note In Microsoft Windows Server 2008 and later, firewall is enabled by default.

Table 2-3. Ports Required for Communication Between Components

Used for Node-to-
Port Protocol Description Required for Node Communication

22 TCP System port for SSHD. Appliance No

deployments of
n vCenter Server
n Platform Services
Controller

53 DNS service Windows installations No

and appliance
deployments of
Platform Services
Controller

VMware, Inc. 33
vCenter Server Installation and Setup

Table 2-3. Ports Required for Communication Between Components (continued)

Used for Node-to-
Port Protocol Description Required for Node Communication

80 TCP vCenter Server requires port 80 for Windows installations No

direct HTTP connections. Port 80 and appliance
redirects requests to HTTPS port 443. deployments of
This redirection is useful if you n vCenter Server
accidentally use http://server instead n Platform Services
of https://server. Controller
WS-Management (also requires port
443 to be open).
If you use a Microsoft SQL database
that is stored on the same virtual
machine or physical server as the
vCenter Server, port 80 is used by the
SQL Reporting Service. When you
install or upgrade vCenter Server, the
installer prompts you to change the
HTTP port for vCenter Server. Change
the vCenter Server HTTP port to a
custom value to ensure a successful
installation or upgrade.

Important You can only change this

port number during the vCenter
Server and Platform Services
Controller installation.

88 TCP Active Directory server. This port Windows installations No

must be open for host to join Active and appliance
Directory. If you use native Active deployments of
Directory, the port must be open on Platform Services
both vCenter Server and Platform Controller
Services Controller.

389 TCP/UDP This port must be open on the local Windows installations n vCenter Server to
and all remote instances of vCenter and appliance Platform Services
Server. This is the LDAP port number deployments of Controller
for the Directory Services for the Platform Services n Platform Services
vCenter Server group. If another Controller Controller to
service is running on this port, it might Platform Services
be preferable to remove it or change Controller
its port to a different port. You can
run the LDAP service on any port
from 1025 through 65535.
If this instance is serving as the
Microsoft Windows Active Directory,
change the port number from 389 to
an available port from 1025 through
65535.

VMware, Inc. 34
vCenter Server Installation and Setup

Table 2-3. Ports Required for Communication Between Components (continued)

Used for Node-to-
Port Protocol Description Required for Node Communication

443 TCP The default port that the vCenter Windows installations n vCenter Server to
Server system uses to listen for and appliance vCenter Server
connections from the vSphere Client. deployments of n vCenter Server to
To enable the vCenter Server system n vCenter Server Platform Services
to receive data from the vSphere Controller
n Platform Services
Client, open port 443 in the firewall. Controller n Platform Services
The vCenter Server system also uses Controller to
port 443 to monitor data transfer vCenter Server
from SDK clients.
This port is also used for the following
services:
n WS-Management (also requires
port 80 to be open)
n Third-party network management
client connections to vCenter
Server
n Third-party network management
clients access to hosts

Important You only can change this

port number during the vCenter
Server and Platform Services
Controller installation.

514 TCP/UDP vSphere Syslog Collector port for Windows installations No

vCenter Server on Windows and and appliance
vSphere Syslog Service port for deployments of
vCenter Server Appliance n vCenter Server

Important You can change this port n Platform Services

number during the vCenter Server Controller
and Platform Services Controller
installations on Windows.

636 TCP vCenter Single Sign-On LDAPS Windows installations During upgrade from
For backward compatibility with and appliance vSphere 6.0 only.
vSphere 6.0 only. deployments of vCenter Server 6.0 to
Platform Services Platform Services
Controller Controller 6.5

VMware, Inc. 35
vCenter Server Installation and Setup

Table 2-3. Ports Required for Communication Between Components (continued)

Used for Node-to-
Port Protocol Description Required for Node Communication

902 TCP/UDP The default port that the vCenter Windows installations No
Server system uses to send data to and appliance
managed hosts. Managed hosts also deployments of
send a regular heartbeat over UDP vCenter Server
port 902 to the vCenter Server
system. This port must not be blocked
by firewalls between the server and
the hosts or between hosts.
Port 902 must not be blocked
between the VMware Host Client and
the hosts. The VMware Host Client
uses this port to display virtual
machine consoles

Important You can change this port

number during the vCenter Server
installations on Windows.

1514 TCP vSphere Syslog Collector TLS port for Windows installations No
vCenter Server on Windows and and appliance
vSphere Syslog Service TLS port for deployments of
vCenter Server Appliance n vCenter Server

Important You can change this port n Platform Services

number during the vCenter Server Controller
and Platform Services Controller
installations on Windows.

2012 TCP Control interface RPC for vCenter Windows installations n vCenter Server to
Single Sign-On and appliance Platform Services
deployments of Controller
Platform Services n Platform Services
Controller Controller to
vCenter Server
n Platform Services
Controller to
Platform Services
Controller

2014 TCP RPC port for all VMCA (VMware Windows installations n vCenter Server to
Certificate Authority) APIs and appliance Platform Services
deployments of Controller
Important You can change this port
Platform Services n Platform Services
number during the Platform Services
Controller Controller to
Controller installations on Windows.
vCenter Server

2015 TCP DNS management Windows installations Platform Services

and appliance Controller to Platform
deployments of Services Controller
Platform Services
Controller

VMware, Inc. 36
vCenter Server Installation and Setup

Table 2-3. Ports Required for Communication Between Components (continued)

Used for Node-to-
Port Protocol Description Required for Node Communication

2020 TCP/UDP Authentication framework Windows installations n vCenter Server to

management and appliance Platform Services
deployments of Controller
Important You can change this port
n vCenter Server n Platform Services
number during the vCenter Server
n Platform Services Controller to
and Platform Services Controller
Controller vCenter Server
installations on Windows.

5480 TCP Appliance Management Interface Appliance No

Open endpoint serving all HTTPS, deployments of
XMLRPS and JSON-RPC requests over n vCenter Server
HTTPS. n Platform Services
Controller

6500 TCP/UDP ESXi Dump Collector port Windows installations No

and appliance
Important You can change this port
deployments of
number during the vCenter Server
vCenter Server
installations on Windows.

6501 TCP Auto Deploy service Windows installations No

and appliance
Important You can change this port
deployments of
number during the vCenter Server
vCenter Server
installations on Windows.

6502 TCP Auto Deploy management Windows installations No

and appliance
Important You can change this port
deployments of
number during the vCenter Server
vCenter Server
installations on Windows.

7080, TCP Secure Token Service Windows installations No

12721 and appliance
Note Internal ports
deployments of
Platform Services
Controller

7081 TCP VMware Platform Services Controller Windows installations No

Web Client and appliance
deployments of
Note Internal port
Platform Services
Controller

7475, TCP VMware vSphere Authentication Appliance Platform Services

7476 Proxy deployments of Controller to vCenter
vCenter Server Server

8200, TCP Appliance management Appliance No

8201, deployments of
Note Internal ports
8300, n vCenter Server
8301 n Platform Services
Controller

VMware, Inc. 37
vCenter Server Installation and Setup

Table 2-3. Ports Required for Communication Between Components (continued)

Used for Node-to-
Port Protocol Description Required for Node Communication

8084 TCP vSphere Update Manager SOAP port Appliance No

The port used by vSphere Update deployments of
Manager client plug-in to connect to vCenter Server
the vSphere Update Manager SOAP
server.

9084 TCP vSphere Update Manager Web Server Appliance No

Port deployments of
The HTTP port used by ESXi hosts to vCenter Server
access host patch files from vSphere
Update Manager server.

9087 TCP vSphere Update Manager Web SSL Appliance No

Port deployments of
The HTTPS port used by vSphere vCenter Server
Update Manager client plug-in to
upload host upgrade files to vSphere
Update Manager server.

9443 TCP vSphere Client HTTPS Windows installations No

and appliance
deployments of
vCenter Server

To configure the vCenter Server system to use a different port to receive vSphere Client data,
see the vCenter Server and Host Management documentation.

For more information about firewall configuration, see the vSphere Security documentation.

DNS Requirements for the vCenter Server Appliance and Platform

Services Controller Appliance
When you deploy the vCenter Server Appliance or Platform Services Controller appliance, similar
to any network server, you can assign a fixed IP address and an FQDN that is resolvable by a
DNS server so that clients can reliably access the service.

When you deploy the vCenter Server Appliance or Platform Services Controller appliance with a
static IP address, you ensure that in case of system restart, the IP address of the appliance
remains the same.

Before you deploy the vCenter Server Appliance or Platform Services Controller appliance with a
static IP address, you must verify that this IP address has a valid internal domain name system
(DNS) registration.

When you deploy the vCenter Server Appliance, the installation of the Web server component
that supports the vSphere Web Client fails if the installer cannot look up the fully qualified domain
name (FQDN) for the appliance from its IP address. Reverse lookup is implemented using PTR
records.

VMware, Inc. 38
vCenter Server Installation and Setup

If you plan to use an FQDN for the appliance system name, you must verify that the FQDN is
resolvable by a DNS server.

You can use the nslookup command to verify that the DNS reverse lookup service returns an
FQDN when queried with the IP address and to verify that the FQDN is resolvable.

nslookup -nosearch -nodefname FQDN_or_IP_address

If you use DHCP instead of a static IP address for the vCenter Server Appliance or Platform
Services Controller appliance, verify that the appliance name is updated in the domain name
service (DNS). If you can ping the appliance name, the name is updated in DNS.

Ensure that the ESXi host management interface has a valid DNS resolution from the vCenter
Server and all vSphere Web Client instances. Ensure that the vCenter Server has a valid DNS
resolution from all ESXi hosts and all vSphere Web Clients.

vSphere Client Software Requirements

Use of the vSphere Client requires a supported Web browser.

VMware has tested and supports the following guest operating systems and browser versions
for the vSphere Client.

Table 2-4. Supported Guest Operating Systems and Browser Versions for the vSphere Client.
Operating system Browser

Windows 32-bit and 64-bit Microsoft Internet Explorer 11 and later.

Mozilla Firefox: 56 and later.
Google Chrome: 62 and later.

Mac OS Mozilla Firefox: 56 and later.

Google Chrome: 62 and later.

Later versions of these browsers are likely to work, but have not been tested.

Preparing for Deployment of the vCenter Server Appliance

and Platform Services Controller Appliance
Before you deploy the vCenter Server Appliance or Platform Services Controller appliance, you
must download the vCenter Server Appliance installer ISO file and mount it to a network virtual
machine or physical server from which you want to perform the deployment.

The machine from which you deploy the appliance must run on a Windows, Linux, or Mac
operating system that meets the operating system requirements. See System Requirements for
the vCenter Server Appliance Installer.

System Requirements for the vCenter Server Appliance Installer

You can run the vCenter Server Appliance GUI or CLI installer from a network client machine that
is running on a Windows, Linux, or Mac operating system of a supported version.

VMware, Inc. 39
vCenter Server Installation and Setup

To ensure optimal performance of the GUI and CLI installers, use a client machine that meets the
minimum hardware requirements.

Table 2-5. System Requirements for the GUI and CLI Installers
Operating System Supported Versions Minimum Hardware Configuration for Optimal Performance

Windows n Windows 7, 8, 8.1, 4 GB RAM, 2 CPU having 4 cores with 2.3 GHz, 32 GB hard disk, 1 NIC
10
n Windows 2012 x64
bit
n Windows 2012 R2
x64 bit
n Windows 2016 x64
bit

Linux n SUSE 12 4 GB RAM, 1 CPU having 2 cores with 2.3 GHz, 16 GB hard disk, 1 NIC
n Ubuntu 14.04
Note The CLI installer requires 64-bit OS.

Mac n macOS v10.9, 10.10, 8 GB RAM, 1 CPU having 4 cores with 2.4 GHz, 150 GB hard disk, 1 NIC
10.11
n macOS Sierra

Note For client machines that run on Mac 10.11, concurrent GUI deployments of multiple
appliances are unsupported. You must deploy the appliances in a sequence.

Note Visual C++ redistributable libraries need to be installed to run the CLI installer on versions
of Windows older than Windows 10. The Microsoft installers for these libraries are located in the
vcsa-cli-installer/win32/vcredist directory.

Note Deploying the vCenter Server Appliance with the GUI requires a minimum resolution of
1024x768 to properly display. Lower resolutions can truncate the UI elements.

Download and Mount the vCenter Server Appliance Installer

VMware releases the vCenter Server Appliance ISO image, which contains GUI and CLI installers
for the vCenter Server Appliance and Platform Services Controller appliance.

With the GUI and CLI executable files that are included in the vCenter Server Appliance installer,
you can:

n Deploy the vCenter Server Appliance and Platform Services Controller appliance.

n Upgrade the vCenter Server Appliance and Platform Services Controller appliance.

n Migrate Windows installations of vCenter Server, vCenter Single Sign-On, and Platform
Services Controller to the vCenter Server Appliance and Platform Services Controller
appliance.

n Restore a vCenter Server Appliance from a file-based backup.

VMware, Inc. 40
vCenter Server Installation and Setup

Prerequisites

n Create a My VMware account at https://my.vmware.com/web/vmware/.

n Verify that your client machine meets the system requirements for the vCenter Server
Appliance installer. See System Requirements for the vCenter Server Appliance Installer.

Procedure

1 From the VMware Web site at https://my.vmware.com/web/vmware/downloads, download

the vCenter Server Appliance ISO image.

VMware-VCSA-all-version_number-build_number.iso

2 Confirm that the md5sum is correct.

See the VMware Web site topic Using MD5 Checksums at http://www.vmware.com/
download/md5.html.

3 Mount or extract the ISO image to the client machine from which you want to deploy,
upgrade, migrate, or restore the appliance.

Note ISO mounting or extracting software that does not allow more than eight directory
levels, for example, MagicISO Maker on Windows, is unsupported.

For Linux OS and Mac OS, Archive Manager is unsupported.

For Mac OS, you can use DiskImageMounter.

For Ubuntu 14.04, you can use Disk Image Mounter.
For SUSE 12 OS, you can use the terminal.

$ sudo mkdir mount_dir

$ sudo mount -o loop VMware-vCSA-all-version_number-build_number.iso mount_dir

What to do next

Open the readme.txt file and review the information about the other files and directories in the
vCenter Server Appliance ISO image.

Synchronizing Clocks on the vSphere Network

Verify that all components on the vSphere network have their clocks synchronized. If the clocks
on the physical machines in your vSphere network are not synchronized, SSL certificates and
SAML Tokens, which are time-sensitive, might not be recognized as valid in communications
between network machines.

Unsynchronized clocks can result in authentication problems, which can cause the installation to
fail or prevent the vCenter Server Appliance vmware-vpxd service from starting.

VMware, Inc. 41
vCenter Server Installation and Setup

Time inconsistencies in vSphere can cause firstboot to fail at different services depending on
where in the environment time is not accurate and when the time is synchronized. Problems most
commonly occur when the target ESXi host for the destination vCenter Server Appliance is not
synchronized with NTP. Similarly, issues can arise if the destination vCenter Server Appliance
migrates to an ESXi host set to a different time due to fully automated DRS.

To avoid time synchronization issues, ensure that the following is correct before installing,
migrating, or upgrading a vCenter Server Appliance.

n The target ESXi host where the destination vCenter Server Appliance is to be deployed is
synchronized to NTP.

n The ESXi host running the source vCenter Server Appliance is synchronized to NTP.

n When upgrading or migrating, if the vCenter Server Appliance is connected to an external

Platform Services Controller, ensure the ESXi host running the external Platform Services
Controller is synchronized to NTP.

n If you are upgrading or migrating, verify that the source vCenter Server or vCenter Server
Appliance and external Platform Services Controller have the correct time.

Verify that any Windows host machine on which vCenter Server runs is synchronized with the
Network Time Server (NTP) server. See Knowledge Base article KB 1318.

To synchronize ESXi clocks with an NTP server, you can use the VMware Host Client. For
information about editing the time configuration of an ESXi host, see vSphere Single Host
Management.

To learn how to change time synchronization settings for vCenter Server Appliance, see
"Configuring Time Synchronization Settings in the vCenter Server Appliance" in vCenter Server
Appliance Configuration.

To learn how to edit time configuration for a host, see "Edit Time Configuration for a Host" in
vCenter Server and Host Management.

System Clock Synchronization Between the Client and Server

To establish a secure TLS connection to a Platform Services Controller or vCenter Server (the
server), the system where you are running the CLI installer (the client) must not have its system
clock slower or faster than the server's system clock by an acceptable limit (tolerance).

See Table 2-6. Client Clock Tolerance for specific values for each deployment scenario.

Note The client clock values are applicable only for vCenter Server 6.7.

VMware, Inc. 42
vCenter Server Installation and Setup

Table 2-6. Client Clock Tolerance

Deployment Scenario Clock Tolerance Connection Notes

Linking one Platform Services Clock tolerance for the client and the The CLI installer must make a secure
Controller with another Platform external Platform Services Controller connection to a Platform Services
Services Controller must not exceed 10 minutes Controller.

Linking a vCenter Server with an Clock tolerance for the client and The CLI installer must make a secure
external Platform Services Controller external Platform Services Controller connection to a Platform Services
must not exceed 10 minutes. Controller.

Linking one vCenter Server with an When deploying the second vCenter
embedded Platform Services Server with embedded Platform
Controller with another vCenter Server Services Controller, the clock
with an embedded Platform Services tolerance for the client and the first
Controller vCenter Server with embedded
Platform Services Controller must not
exceed 10 minutes.

Installing a vCenter Server Appliance The maximum clock tolerance

using a container vCenter Server between the client and the container
vCenter Server with a *._on_vc.json vCenter Server is 8 hours 20 minutes.
template.

Prerequisites for Deploying the vCenter Server Appliance or

Platform Services Controller Appliance
To ensure successful deployment of the vCenter Server Appliance or Platform Services Controller
appliance, you must perform some required tasks and pre-checks before running the installer.

General Prerequisites
n Download and Mount the vCenter Server Appliance Installer.

n For topologies with external Platform Services Controller instances, verify that you deploy the
different nodes with time synchronization between each other. All vCenter Server instances,
Platform Services Controller instances, and third-party load balancers in the vCenter Single
Sign-On domain must be time synchronized. See Synchronizing Clocks on the vSphere
Network.

Target System Prerequisites

n Verify that your system meets the minimum software and hardware requirements. See
System Requirements for the vCenter Server Appliance and Platform Services Controller
Appliance.

n If you want to deploy the appliance on an ESXi host, verify that the ESXi host is not in
lockdown or maintenance mode and not part of a fully automated DRS cluster.

n If you want to deploy the appliance on a DRS cluster of the inventory of a vCenter Server
instance, verify that the cluster contains at least one ESXi host that is not in lockdown or
maintenance mode.

VMware, Inc. 43
vCenter Server Installation and Setup

n If you plan to use NTP servers for time synchronization, verify that the NTP servers are
running and that the time between the NTP servers and the target server on which you want
to deploy the appliance is synchronized.

vCenter Enhanced Linked Mode Prerequisites

When deploying a new vCenter Server as part of an Enhanced Linked Mode deployment, create
an image-based backup of the existing vCenter Server nodes in your environment. You can use
the backup as a precaution in case there is a failure during the deployment process.

If the deployment fails, delete the newly deployed vCenter Server appliance, and restore the
vCenter Server nodes from their respective image-based backups. You must restore all the
nodes in the environment from their image-based backups. Failing to do so can cause the
replication partners to be out of synchronization with the restored node.

n To learn more about creating vCenter Enhanced Linked Mode deployments, see vCenter
Enhanced Linked Mode.

n To learn about image-based backs, see Chapter 5 Image-Based Backup and Restore of a
vCenter Server Environment.

Network Prerequisites
If you plan to assign a static IP address and an FQDN as a system name in the network settings
of the appliance, verify that you have configured the forward and reverse DNS records for the IP
address.

GUI Deployment of the vCenter Server Appliance and

Platform Services Controller Appliance
You can use the GUI installer to perform an interactive deployment of a vCenter Server Appliance
with an embedded Platform Services Controller, a Platform Services Controller appliance, or a
vCenter Server Appliance with an external Platform Services Controller.

When you perform the GUI deployment, you download the vCenter Server Appliance installer on
a network client machine, run the deployment wizard from the client machine, and provide the
inputs that are required for the appliance deployment and setup.

The GUI deployment process includes a series of two stages.

VMware, Inc. 44
vCenter Server Installation and Setup

Figure 2-1. Stage 1 - OVA Deployment

The first stage walks you through the deployment wizard to choose the deployment type and
appliance settings. This stage completes the deployment of the OVA file on the target server
with the deployment type and appliance settings that you provide.

As an alternative to performing the first stage of the deployment with the GUI installer, you can
deploy the OVA file of the vCenter Server Appliance or Platform Services Controller appliance by
using the vSphere Client or VMware Host Client. After the OVA deployment, you must log in to
the appliance management interface of the newly deployed appliance to proceed with the
second stage of the deployment process. See "Deploy an OVF or OVA Template" in vSphere
Virtual Machine Administration for information about deploying an OVA file using the vSphere
Client.

Figure 2-2. Stage 2 - Appliance Setup

The second stage walks you through the setup wizard to configure the appliance time
synchronization and vCenter Single Sign-On. This stage completes the initial setup and starts the
services of the newly deployed appliance.

As an alternative to performing the second stage of the deployment with the GUI installer, you
can log in to the Appliance Management Interface of the newly deployed appliance, https://
FQDN_or_IP_address:5480.

Required Information for Deploying a vCenter Server Appliance or

Platform Services Controller Appliance
When you use the GUI method to deploy a vCenter Server Appliance with an embedded
Platform Services Controller, a Platform Services Controller appliance, or a vCenter Server
Appliance with an external Platform Services Controller, the wizard prompts you for deployment
and setup information. It is a best practice to keep a record of the values that you enter in case
you must reinstall the product.

You can use this worksheet to record the information that you need for deploying a vCenter
Server Appliance with an embedded Platform Services Controller, a Platform Services Controller
appliance, or a vCenter Server Appliance with an external Platform Services Controller.

VMware, Inc. 45
vCenter Server Installation and Setup

Table 2-7. Required Information During Stage 1 of the GUI Deployment Process
Required for Deployment of Required Information Default Your Entry

All deployment types FQDN or IP address of the target -

server on which you want to deploy
the appliance.
The target server can be either an
ESXi host or a vCenter Server
instance.

HTTPS port of the target server 443

User name with administrative -

privileges on the target server
n If your target server is an ESXi
host, use root.
n If your target server is a
vCenter Server instance, use
user_name@your_domain_nam
e, for example,
[email protected].

Password of the user with -

administrative privileges on the
target server

All deployment types Data center from the vCenter -

Only if your target server is a Server inventory on which you want
vCenter Server instance to deploy the appliance
Optionally you can provide a data
center folder.

ESXi host or DRS cluster from the -

data center inventory on which you
want to deploy the appliance

All deployment types VM name for the appliance VMware vCenter

n Must not contain a percent sign Server Appliance
(%), backslash (\), or forward
slash (/)
n Must be no more than 80
characters in length

VMware, Inc. 46
vCenter Server Installation and Setup

Table 2-7. Required Information During Stage 1 of the GUI Deployment Process (continued)
Required for Deployment of Required Information Default Your Entry

All deployment types Password for the root user of the -

appliance operating system
n Must contain only lower ASCII
characters without spaces.
n Must be at least 8 characters,
but no more than 20 characters
in length
n Must contain at least one
uppercase letter
n Must contain at least one
lowercase letter
n Must contain at least one
number
n Must contain at least one
special character, for example,
a dollar sign ($), hash key (#), at
sign (@), period (.), or
exclamation mark (!)

VMware, Inc. 47
vCenter Server Installation and Setup

Table 2-7. Required Information During Stage 1 of the GUI Deployment Process (continued)
Required for Deployment of Required Information Default Your Entry

n vCenter Server Appliance Deployment size of the vCenter Tiny

with an embedded Server Appliance for your vSphere
Platform Services environment
Controller n Tiny
n vCenter Server Appliance
Deploys an appliance with 2
with an external Platform
CPUs and 10 GB of memory.
Services Controller
Suitable for environments with
up to 10 hosts or 100 virtual
machines.
n Small

Deploys an appliance with 4

CPUs and 16 GB of memory.

Suitable for environments with

up to 100 hosts or 1,000 virtual
machines.
n Medium

Deploys an appliance with 8

CPUs and 24 GB of memory.

Suitable for environments with

up to 400 hosts or 4,000 virtual
machines.
n Large

Deploys an appliance with 16

CPUs and 32 GB of memory.

Suitable for environments with

up to 1,000 hosts or 10,000
virtual machines.
n X-Large

Deploys an appliance with 24

CPUs and 48 GB of memory.

Suitable for environments with

up to 2,000 hosts or 35,000
virtual machines.

VMware, Inc. 48
vCenter Server Installation and Setup

Table 2-7. Required Information During Stage 1 of the GUI Deployment Process (continued)
Required for Deployment of Required Information Default Your Entry

n vCenter Server Appliance Storage size of the vCenter Server Default

with an embedded Appliance for your vSphere
Platform Services environment
Controller Increase the default storage size if
n vCenter Server Appliance you want larger volume for SEAT
with an external Platform data (stats, events, alarms, and
Services Controller tasks).
n Default

For tiny deployment size,

deploys the appliance with 300
GB of storage.

For small deployment size,

deploys the appliance with 340
GB of storage.

For medium deployment size,

deploys the appliance with 525
GB of storage.

For large deployment size,

deploys the appliance with 740
GB of storage.

For x-large deployment size,

deploys the appliance with 1180
GB of storage.
n Large

For tiny deployment size,

deploys the appliance with 825
GB of storage.

For small deployment size,

deploys the appliance with 870
GB of storage.

For medium deployment size,

deploys the appliance with 1025
GB of storage.

For large deployment size,

deploys the appliance with 1090
GB of storage.

For x-large deployment size,

deploys the appliance with 1230
GB of storage.
n X-Large

For tiny deployment size,

deploys the appliance with 1700
GB of storage.

VMware, Inc. 49
vCenter Server Installation and Setup

Table 2-7. Required Information During Stage 1 of the GUI Deployment Process (continued)
Required for Deployment of Required Information Default Your Entry

For small deployment size,

deploys the appliance with 1750
GB of storage.

For medium deployment size,

deploys the appliance with 1905
GB of storage.

For large deployment size,

deploys the appliance with 1970
GB of storage.

For x-large deployment size,

deploys the appliance with 2110
GB of storage.

All deployment types Name of the datastore on which -

you want to store the configuration
files and virtual disks of the
appliance

Note The installer displays a list of

datastores that are accessible from
your target server.

Enable or disable Thin Disk Mode Disabled

All deployment types Name of the network to which to -

connect the appliance

Note The installer displays a drop-

down menu with networks that
depend on the network settings of
your target server. If you are
deploying the appliance directly on
an ESXi host, non-ephemeral
distributed virtual port groups are
not supported and are not
displayed in the drop-down menu.

The network must be accessible

from the client machine from which
you perform the deployment.

IP version for the appliance address IPv4

Can be either IPv4 or IPv6.

IP assignment for the appliance static

address
Can be either static or DHCP.

All deployment types FQDN -

Only if you use a static vCenter Server uses FQDN or IP
assignment address as the system name.

IP address -

VMware, Inc. 50
vCenter Server Installation and Setup

Table 2-7. Required Information During Stage 1 of the GUI Deployment Process (continued)
Required for Deployment of Required Information Default Your Entry

For IPv4 networks, you can use -

either a subnet mask or a network
prefix. Subnet mask uses a dot
decimal notation (for example,
255.255.255.0). An IPv4 network
prefix is an integer between 0 and
32.
For IPv6 networks, you must use a
network prefix. An IPv6 network
prefix is an integer between 0 and
128 .

Default gateway -

DNS servers separated by commas -

All deployment types System name (FQDN) -

Only if you use a DHCP
assignment with IPv4 version
and a DDNS server is available
in your environment.

Table 2-8. Required Information During Stage 2 of the GUI Deployment Process
Required for Required Information Default Your Entry

All deployment types Time synchronization settings Synchronize time

You can synchronize the time of the with NTP servers
appliance either with the time of the
ESXi host or with one or more NTP
servers.
If you want to use more than one
NTP servers, you must provide the
IP addresses or FQDNs of the NTP
servers as a comma-separated list.

Enable or disable SSH access Disabled

Note vCenter Server Appliance

high availability requires remote
SSH access to the appliance.

n vCenter Server Appliance Name for the new vCenter Single -

with an embedded Sign-On domain
Platform Services For example, vsphere.local.
Controller
n Platform Services
Controller appliance as the
first instance in a new
domain

VMware, Inc. 51
vCenter Server Installation and Setup

Table 2-8. Required Information During Stage 2 of the GUI Deployment Process (continued)
Required for Required Information Default Your Entry

Password for the administrator -

account,
administrator@your_domain_name
n Must be at least 8 characters,
but no more than 20 characters
in length
n Must contain at least one
uppercase letter
n Must contain at least one
lowercase letter
n Must contain at least one
number
n Must contain at least one
special character, such as
ampersand (&), hash key (#),
and percent sign (%)

n vCenter Server Appliance FQDN or IP address of the Platform -

with an external Platform Services Controller instance that
Services Controller you want to join
n Platform Services You must join a Platform Services
Controller appliance as a Controller instance of the same
subsequent instance in an version.
existing domain
HTTPS port of the Platform 443
Services Controller instance

vCenter Single Sign On domain -

name of the Platform Services
Controller instance
For example, vsphere.local.

Password of the vCenter Single -

Sign On administrator user for the
domain

vCenter Single Sign-On site name -

You can join an existing site or
create a new site.

n vCenter Server Appliance Join or do not participate in the Join the CEIP
with an embedded VMware Customer Experience
Platform Services Improvement Program (CEIP)
Controller For information about the CEIP, see
n Platform Services the Configuring Customer
Controller appliance Experience Improvement Program
section in vCenter Server and Host
Management.

VMware, Inc. 52
vCenter Server Installation and Setup

Deploy the vCenter Server Appliance with an Embedded Platform

Services Controller by Using the GUI
You can use the GUI installer to perform an interactive deployment of a vCenter Server Appliance
with an embedded Platform Services Controller. You must run the GUI deployment from a
Windows, Linux, or Mac machine that is in the network on which you want to deploy the
appliance.

Figure 2-3. Deployment Workflow of a vCenter Server Appliance with an Embedded Platform
Services Controller

Start the deployment

Stage 1 - Deploy the OVA file as

a vCenter Server Appliance
with an embedded Platform
Services Controller

Stage 2 - Set up the newly deployed

vCenter Server Appliance
with an embedded
Platform Services Controller

End of the deployment

Prerequisites

n See Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance.

n See Required Information for Deploying a vCenter Server Appliance or Platform Services
Controller Appliance.

Procedure

1 Stage 1 - Deploy the OVA File as a vCenter Server Appliance with an Embedded Platform
Services Controller
With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a vCenter Server Appliance with an embedded
Platform Services Controller.

VMware, Inc. 53
vCenter Server Installation and Setup

2 Stage 2 - Set up the Newly Deployed vCenter Server Appliance with an Embedded Platform
Services Controller
When the OVA deployment finishes, you are redirected to stage 2 of the deployment
process to set up and start the services of the newly deployed vCenter Server Appliance
with an embedded Platform Services Controller.

Stage 1 - Deploy the OVA File as a vCenter Server Appliance with an Embedded
Platform Services Controller
With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a vCenter Server Appliance with an embedded Platform
Services Controller.

Procedure

1 In the vCenter Server Appliance installer, navigate to the vcsa-ui-installer directory, go to

the subdirectory for your operating system, and run the installer executable file.

n For Windows OS, go to the win32 subdirectory, and run the installer.exe file.

n For Linux OS, go to the lin64 subdirectory, and run the installer file.

n For Mac OS, go to the mac subdirectory, and run the Installer.app file.

2 On the Home page, click Install to start the deployment wizard.

3 Review the Introduction page to understand the deployment process and click Next.

4 Read and accept the license agreement, and click Next.

5 On the Select deployment type page, select vCenter Server with an Embedded Platform
Services Controller and click Next.

This option deploys an appliance in which both the Platform Services Controller and vCenter
Server are installed.

VMware, Inc. 54
vCenter Server Installation and Setup

6 Connect to the target server on which you want to deploy the vCenter Server Appliance.

Option Steps

You can connect to an 1 Enter the FQDN or IP address of the ESXi host.
ESXi host on which to 2 Enter the HTTPS port of the ESXi host.
deploy the appliance. 3 Enter the user name and password of a user with administrative privileges on the ESXi
host, for example, the root user.
4 Click Next.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate
that is installed on the target ESXi host, and click Yes to accept the certificate
thumbprint.

You can connect to a 1 Enter the FQDN or IP address of the vCenter Server instance.
vCenter Server 2 Enter the HTTPS port of the vCenter Server instance.
instance and browse 3 Enter the user name and password of user with vCenter Single Sign-On administrative
the inventory to select privileges on the vCenter Server instance, for example, the
an ESXi host or DRS administrator@your_domain_name user.
cluster on which to
4 Click Next.
deploy the appliance.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate
that is installed on the target vCenter Server instance, and click Yes to accept the
certificate thumbprint.
6 Select the data center or data center folder that contains the ESXi host or DRS cluster
on which you want to deploy the appliance, and click Next

Note You must select a data center or data center folder that contains at least one
ESXi host that is not in lockdown or maintenance mode.
7 Select the ESXi host or DRS cluster on which you want to deploy the appliance, and
click Next.

7 On the Set up appliance VM page, enter a name for the vCenter Server Appliance, set the
password for the root user, and click Next.

The appliance name must not contain a percent sign (%), backslash (\), or forward slash (/)
and must be no more than 80 characters in length.

The password must contain only lower ASCII characters without spaces, at least eight
characters, a number, uppercase and lowercase letters, and a special character, for example,
an exclamation mark (!), hash key (#), at sign (@), or brackets (()).

8 Select the deployment size for the vCenter Server Appliance for your vSphere inventory.

Deployment Size Option Description

Tiny Deploys an appliance with 2 CPUs and 10 GB of memory.

Suitable for environments with up to 10 hosts or 100 virtual machines

Small Deploys an appliance with 4 CPUs and 16 GB of memory.

Suitable for environments with up to 100 hosts or 1,000 virtual machines

Medium Deploys an appliance with 8 CPUs and 24 GB of memory.

Suitable for environments with up to 400 hosts or 4,000 virtual machines

VMware, Inc. 55
vCenter Server Installation and Setup

Deployment Size Option Description

Large Deploys an appliance with 16 CPUs and 32 GB of memory.

Suitable for environments with up to 1,000 hosts or 10,000 virtual machines

X-Large Deploys an appliance with 24 CPUs and 48 GB of memory.

Suitable for environments with up to 2,000 hosts or 35,000 virtual machines

9 Select the storage size for the vCenter Server Appliance, and click Next.

Storage Description for Description for Description for Description for Description for X-
Size Tiny Deployment Small Deployment Medium Large Large
Option Size Size Deployment Size Deployment Size Deployment Size

Default Deploys an Deploys an Deploys an Deploys an Deploys an

appliance with appliance with appliance with 525 appliance with appliance with
300 GB of 340 GB of GB of storage. 740 GB of 1180 GB of
storage. storage. storage. storage.

Large Deploys an Deploys an Deploys an Deploys an Deploys an

appliance with 825 appliance with appliance with appliance with appliance with
GB of storage. 870 GB of 1025 GB of 1090 GB of 1230 GB of
storage. storage. storage. storage.

X-Large Deploys an Deploys an Deploys an Deploys an Deploys an

appliance with appliance with appliance with appliance with appliance with
1700 GB of 1750 GB of 1905 GB of 1970 GB of 2110 GB of
storage. storage. storage. storage. storage.

10 From the list of available datastores, select the location where all the virtual machine
configuration files and virtual disks will be stored and, optionally, enable thin provisioning by
selecting Enable Thin Disk Mode. NFS datastores are thin provisioned by default.

11 On the Configure network settings page, set up the network settings.

The IP address or the FQDN of the appliance is used as a system name. It is recommended to
use an FQDN. However, if you want to use an IP address, use static IP address allocation for
the appliance, because IP addresses allocated by DHCP might change.

Option Action

Network Select the network to which to connect the appliance.

The networks displayed in the drop-down menu depend on the network
settings of the target server. If you are deploying the appliance directly on
an ESXi host, non-ephemeral distributed virtual port groups are not
supported and are not displayed in the drop-down menu.

IP version Select the version for the appliance IP address.

You can select either IPv4 or IPv6.

VMware, Inc. 56
vCenter Server Installation and Setup

Option Action

IP assignment Select how to allocate the IP address of the appliance.

n static

The wizard prompts you to enter the IP address and network settings.

Note Avoid using an IP address as a system name. If you use an IP

address as a system name, you cannot change the IP address and
update the DNS settings after deployment.
n DHCP

A DHCP server is used to allocate the IP address. Select this option only
if a DHCP server is available in your environment.

If there is an enabled DDNS in your environment, you can enter a

preferred fully qualified domain name (FQDN) for the appliance.

Common Ports You can customize the HTTP and HTTPS ports (optional).
If specifying a custom HTTP and HTTPS port number, ensure that you do not
use a port number already in use by vCenter Server, or the default HTTP
and HTTPS ports of 80 and 443.

12 On the Ready to complete stage 1 page, review the deployment settings for the vCenter
Server Appliance and click Finish to start the OVA deployment process.

13 Wait for the OVA deployment to finish, and click Continue to proceed with stage 2 of the
deployment process to set up and start the services of the newly deployed appliance.

Note If you exit the wizard by clicking Close, you must log in to the vCenter Server
Appliance Management Interface to set up and start the services.

Results

The newly deployed vCenter Server Appliance with an embedded Platform Services Controller is
running on the target server but the services are not started.

Stage 2 - Set up the Newly Deployed vCenter Server Appliance with an

Embedded Platform Services Controller
When the OVA deployment finishes, you are redirected to stage 2 of the deployment process to
set up and start the services of the newly deployed vCenter Server Appliance with an embedded
Platform Services Controller.

Procedure

1 Review the introduction to stage 2 of the deployment process and click Next.

VMware, Inc. 57
vCenter Server Installation and Setup

2 Configure the time settings in the appliance, optionally enable remote SSH access to the
appliance, and click Next.

Option Description

Synchronize time with the ESXi host Enables periodic time synchronization, and VMware Tools sets the time of
the guest operating system to be the same as the time of the ESXi host.

Synchronize time with NTP servers Uses a Network Time Protocol server for synchronizing the time. If you
select this option, you must enter the names or IP addresses of the NTP
servers separated by commas.

3 Create a new vCenter Single Sign-On domain or join an existing domain.

Option Description

Create a new Single Sign-On domain Creates a new vCenter Single Sign-On domain.
a Enter the domain name, for example vsphere.local.
b Set the password for the vCenter Single Sign-On administrator account.

This is the password for the user administrator@your_domain_name.

c Confirm the administrator password, and click Next.

Join an existing vCenter Single Sign- Joins a new vCenter Single Sign-On server to a vCenter Single Sign-On
On domain domain in an existing Platform Services Controller. You must provide the
information about the vCenter Single Sign-On server to which you join the
new vCenter Single Sign-On server.
a Enter the fully qualified domain name (FQDN) or IP address of the
Platform Services Controller that contains the vCenter Single Sign-On
server to join.
b Enter the HTTPS port to use for communication with the Platform
Services Controller.
c Enter the domain name for the vCenter Single Sign-On you are joining,
for example vsphere.local.
d Enter the password of the vCenter Single Sign-On administrator account.
e Click Next.

4 Review the VMware Customer Experience Improvement Program (CEIP) page and choose if
you want to join the program.

For information about the CEIP, see the Configuring Customer Experience Improvement
Program section in vCenter Server and Host Management.

5 On the Ready to complete page, review the configuration settings for the vCenter Server
Appliance, click Finish, and click OK to complete stage 2 of the deployment process and set
up the appliance.

6 (Optional) After the initial setup finishes, enter the URL from the browser with https://
vcenter_server_appliance_fqdn/ui or https://vcenter_server_appliance_fqdn/vsphere-
client to go to the vSphere Web Client and log in to the vCenter Server instance in the
vCenter Server Appliance, or click the https://vcenter_server_appliance_fqdn:443 to go the
vCenter Server Appliance Getting Started page.

VMware, Inc. 58
vCenter Server Installation and Setup

7 Click Close to exit the wizard.

You are redirected to the vCenter Server Appliance Getting Started page.

What to do next

You can configure high availability for the vCenter Server Appliance. For information about
providing vCenter Server Appliance high availability, see vSphere Availability.

Deploy a Platform Services Controller Appliance by Using the GUI

You can use the GUI installer to perform an interactive deployment of a Platform Services
Controller appliance as the first instance in a new vCenter Single Sign-On domain or as a
replication partner in an existing vCenter Single Sign-On domain. You must run the GUI
deployment from a Windows, Linux, or Mac machine that is in the network on which you want to
deploy the appliance.

Important You must deploy the replicating Platform Services Controller instances in a sequence.

Figure 2-4. Deployment Workflow of a Platform Services Controller Appliance

Start the deployment

Stage 1 - Deploy the OVA file

as a Platform Services
Controller appliance

Stage 2 - Set up the

newly deployed Platform
Services Controller appliance

End of the deployment

Prerequisites

n See Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance.

VMware, Inc. 59
vCenter Server Installation and Setup

n See Required Information for Deploying a vCenter Server Appliance or Platform Services
Controller Appliance.

Procedure

1 Stage 1 - Deploy the OVA File as a Platform Services Controller Appliance

With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a Platform Services Controller appliance.

2 Stage 2 - Set up the Newly Deployed Platform Services Controller Appliance

When the OVA deployment finishes, you are redirected to stage 2 of the deployment
process to set up and start the services of the newly deployed Platform Services Controller
appliance.

Stage 1 - Deploy the OVA File as a Platform Services Controller Appliance

With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a Platform Services Controller appliance.

Procedure

1 In the vCenter Server Appliance installer, navigate to the vcsa-ui-installer directory, go to

the subdirectory for your operating system, and run the installer executable file.

n For Windows OS, go to the win32 subdirectory, and run the installer.exe file.

n For Linux OS, go to the lin64 subdirectory, and run the installer file.

n For Mac OS, go to the mac subdirectory, and run the Installer.app file.

2 On the Home page, click Install to start the deployment wizard.

3 Review the Introduction page to understand the deployment process and click Next.

4 Read and accept the license agreement, and click Next.

5 On the Select a deployment type page, select Platform Services Controller and click Next.

VMware, Inc. 60
vCenter Server Installation and Setup

6 Connect to the target server on which you want to deploy the Platform Services Controller
appliance and click Next.

Option Steps

7 On the Set up appliance VM page, enter a name for the Platform Services Controller
appliance, set the password for the root user, and click Next.

The appliance name must not contain a percent sign (%), backslash (\), or forward slash (/)
and must be no more than 80 characters in length.

8 From the list of available datastores, select the location where all the virtual machine
configuration files and virtual disks will be stored and, optionally, enable thin provisioning by
selecting Enable Thin Disk Mode. NFS datastores are thin provisioned by default.

VMware, Inc. 61
vCenter Server Installation and Setup

9 On the Configure network settings page, set up the network settings.

Option Action

Network Select the network to which to connect the appliance.

IP version Select the version for the appliance IP address.

You can select either IPv4 or IPv6.

IP assignment Select how to allocate the IP address of the appliance.

n static

The wizard prompts you to enter the IP address and network settings.

Note Avoid using an IP address as a system name. If you use an IP

address as a system name, you cannot change the IP address and
update the DNS settings after deployment.
n DHCP

A DHCP server is used to allocate the IP address. Select this option only
if a DHCP server is available in your environment.

If there is an enabled DDNS in your environment, you can enter a

preferred fully qualified domain name (FQDN) for the appliance.

10 On the Ready to complete stage 1 page, review the deployment settings for the Platform
Services Controller appliance and click Finish to start the OVA deployment process.

11 Wait for the OVA deployment to finish, and click Continue to proceed with stage 2 of the
deployment process to set up and start the services of the newly deployed appliance.

Note If you exit the wizard by clicking Close, you must log in to the Platform Services
Controller Appliance Management Interface to set up and start the services.

Results

The newly deployed Platform Services Controller appliance is running on the target server but
the services are not started.

Stage 2 - Set up the Newly Deployed Platform Services Controller Appliance

When the OVA deployment finishes, you are redirected to stage 2 of the deployment process to
set up and start the services of the newly deployed Platform Services Controller appliance.

VMware, Inc. 62
vCenter Server Installation and Setup

Procedure

1 Review the introduction to stage 2 of the deployment process and click Next.

2 Configure the time settings in the appliance, optionally enable remote SSH access to the
appliance, and click Next.

Option Description

Synchronize time with the ESXi host Enables periodic time synchronization, and VMware Tools sets the time of
the guest operating system to be the same as the time of the ESXi host.

3 Create a new vCenter Single Sign-On domain or join an existing domain.

Option Description

Create a new Single Sign-On domain Creates a vCenter Single Sign-On domain.
a Enter the domain name, for example vsphere.local.
b Set the password for the vCenter Single Sign-On administrator account.

This is the password for the user administrator@your_domain_name.

c Click Next.

Join an existing vCenter Single Sign- Joins the Platform Services Controller appliance to an existing vCenter
On domain Single Sign-On domain as a replication partner of an existing Platform
Services Controller instance. You must provide the information about the
partner Platform Services Controller instance that you want to join.
a Enter the fully qualified domain name (FQDN) or IP address of the
partner Platform Services Controller instance.
b Enter the HTTPS port of the partner Platform Services Controller
instance.
c Enter the vCenter Single Sign-On domain name of the partner Platform
Services Controller instance.
d Enter the password of the vCenter Single Sign-On administrator user.
e Click Next.
f Select whether to create or join an existing vCenter Single Sign-On site.

4 Review the VMware Customer Experience Improvement Program (CEIP) page and choose if
you want to join the program.

For information about the CEIP, see the Configuring Customer Experience Improvement
Program section in vCenter Server and Host Management.

5 On the Ready to complete page, review the configuration settings for the Platform Services
Controller appliance, click Finish, and click OK to complete stage 2 of the deployment
process and set up the appliance.

VMware, Inc. 63
vCenter Server Installation and Setup

6 (Optional) After the initial setup finishes, click the https://

platform_services_controller_fqdn/psc to go to the Platform Services Controller Web
interface, or click the https://platform_services_controller_fqdn:443 to go the Platform
Services Controller Getting Started page.

7 Click Close to exit the wizard.

You are redirected to the Platform Services Controller Getting Started page.

Results

If you joined the new Platform Services Controller appliance to an existing vCenter Single Sign-On
domain, the appliance replicates infrastructure data with the other Platform Services Controller
instances within the domain.

What to do next

n You can deploy a vCenter Server Appliance with an external Platform Services Controller and
register it with the newly deployed Platform Services Controller appliance.

n You can deploy one or more Platform Services Controller instances joining the same vCenter
Single Sign-On domain to replicate infrastructure data and distribute the load.

Deploy the vCenter Server Appliance with an External Platform

Services Controller by Using the GUI
You can use the GUI installer to perform an interactive deployment of a vCenter Server Appliance
and register it with an existing external Platform Services Controller instance. You must run the
GUI deployment from a Windows, Linux, or Mac machine that is in the network on which you
want to deploy the appliance.

VMware, Inc. 64
vCenter Server Installation and Setup

Figure 2-5. Deployment Workflow of a vCenter Server Appliance with an External Platform
Services Controller

Start the deployment

Stage 1 - Deploy the OVA file

as a vCenter Server Appliance
with an external Platform
Services Controller

Stage 2 - Set up the newly

deployed vCenter Server Appliance
with an external Platform
Services Controller

End of the deployment

Prerequisites

n See Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance.

n See Required Information for Deploying a vCenter Server Appliance or Platform Services
Controller Appliance.

n Verify that you have installed or deployed the Platform Services Controller instance with
which you plan to register the vCenter Server Appliance.

Procedure

1 Stage 1 - Deploy the OVA File as a vCenter Server Appliance With an External Platform
Services Controller
With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a vCenter Server Appliance with an external Platform
Services Controller.

2 Stage 2 - Set up the Newly Deployed vCenter Server Appliance With an External Platform
Services Controller
When the OVA deployment finishes, you are redirected to stage 2 of the deployment
process to set up and start the services of the newly deployed vCenter Server Appliance
with an external Platform Services Controller.

VMware, Inc. 65
vCenter Server Installation and Setup

Stage 1 - Deploy the OVA File as a vCenter Server Appliance With an External
Platform Services Controller
With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a vCenter Server Appliance with an external Platform
Services Controller.

Procedure

1 In the vCenter Server Appliance installer, navigate to the vcsa-ui-installer directory, go to

the subdirectory for your operating system, and run the installer executable file.

n For Windows OS, go to the win32 subdirectory, and run the installer.exe file.

n For Linux OS, go to the lin64 subdirectory, and run the installer file.

n For Mac OS, go to the mac subdirectory, and run the Installer.app file.

2 On the Home page, click Install to start the deployment wizard.

3 Review the Introduction page to understand the deployment process and click Next.

4 Read and accept the license agreement, and click Next.

5 On the Select deployment type page, select vCenter Server (Requires External Platform
Services Controller) and click Next.

VMware, Inc. 66
vCenter Server Installation and Setup

6 Connect to the target server on which you want to deploy the vCenter Server Appliance.

Option Steps

7 On the Set up appliance VM page, enter a name for the vCenter Server Appliance, set the
password for the root user, and click Next.

The appliance name must not contain a percent sign (%), backslash (\), or forward slash (/)
and must be no more than 80 characters in length.

8 Select the deployment size for the vCenter Server Appliance for your vSphere inventory.

Deployment Size Option Description

Tiny Deploys an appliance with 2 CPUs and 10 GB of memory.

Suitable for environments with up to 10 hosts or 100 virtual machines

Small Deploys an appliance with 4 CPUs and 16 GB of memory.

Suitable for environments with up to 100 hosts or 1,000 virtual machines

Medium Deploys an appliance with 8 CPUs and 24 GB of memory.

Suitable for environments with up to 400 hosts or 4,000 virtual machines

VMware, Inc. 67
vCenter Server Installation and Setup

Deployment Size Option Description

Large Deploys an appliance with 16 CPUs and 32 GB of memory.

Suitable for environments with up to 1,000 hosts or 10,000 virtual machines

X-Large Deploys an appliance with 24 CPUs and 48 GB of memory.

Suitable for environments with up to 2,000 hosts or 35,000 virtual machines

9 Select the storage size for the vCenter Server Appliance, and click Next.

Default Deploys an Deploys an Deploys an Deploys an Deploys an

appliance with appliance with appliance with 525 appliance with appliance with
300 GB of 340 GB of GB of storage. 740 GB of 1180 GB of
storage. storage. storage. storage.

Large Deploys an Deploys an Deploys an Deploys an Deploys an

appliance with 825 appliance with appliance with appliance with appliance with
GB of storage. 870 GB of 1025 GB of 1090 GB of 1230 GB of
storage. storage. storage. storage.

X-Large Deploys an Deploys an Deploys an Deploys an Deploys an

appliance with appliance with appliance with appliance with appliance with
1700 GB of 1750 GB of 1905 GB of 1970 GB of 2110 GB of
storage. storage. storage. storage. storage.

11 On the Configure network settings page, set up the network settings.

Option Action

Network Select the network to which to connect the appliance.

IP version Select the version for the appliance IP address.

You can select either IPv4 or IPv6.

VMware, Inc. 68
vCenter Server Installation and Setup

Option Action

IP assignment Select how to allocate the IP address of the appliance.

n static

The wizard prompts you to enter the IP address and network settings.

Note Avoid using an IP address as a system name. If you use an IP

address as a system name, you cannot change the IP address and
update the DNS settings after deployment.
n DHCP

A DHCP server is used to allocate the IP address. Select this option only
if a DHCP server is available in your environment.

If there is an enabled DDNS in your environment, you can enter a

preferred fully qualified domain name (FQDN) for the appliance.

12 On the Ready to complete stage 1 page, review the deployment settings for the vCenter
Server Appliance and click Finish to start the OVA deployment process.

13 Wait for the OVA deployment to finish, and click Continue to proceed with stage 2 of the
deployment process to set up and start the services of the newly deployed appliance.

Note If you exit the wizard by clicking Close, you must log in to the vCenter Server
Appliance Management Interface to set up and start the services.

Results

The newly deployed vCenter Server Appliance with an external Platform Services Controller is
running on the target server but the services are not started.

Stage 2 - Set up the Newly Deployed vCenter Server Appliance With an External
Platform Services Controller
When the OVA deployment finishes, you are redirected to stage 2 of the deployment process to
set up and start the services of the newly deployed vCenter Server Appliance with an external
Platform Services Controller.

Procedure

1 Review the introduction to stage 2 of the deployment process and click Next.

VMware, Inc. 69
vCenter Server Installation and Setup

2 Configure the time settings in the appliance, optionally enable remote SSH access to the
appliance, and click Next.

Option Description

Synchronize time with the ESXi host Enables periodic time synchronization, and VMware Tools sets the time of
the guest operating system to be the same as the time of the ESXi host.

3 Provide the FQDN or IP address of the Platform Services Controller instance with which you
want to register the vCenter Server Appliance, enter the vCenter Single Sign-On HTTPS port,
domain name, and administrator password, and click Next.

If the Platform Services Controller instance is a Windows installation, provide the system
name of the host machine on which the Platform Services Controller is running.

4 On the Ready to complete page, review the configuration settings for the vCenter Server
Appliance, click Finish, and click OK to complete stage 2 of the deployment process and set
up the appliance.

5 (Optional) After the initial setup finishes, enter the URL from the browser with https://
vcenter_server_appliance_fqdn/ui or https://vcenter_server_appliance_fqdn/vsphere-
client to go to the vSphere Web Client and log in to the vCenter Server instance in the
vCenter Server Appliance, or click the https://vcenter_server_appliance_fqdn:443 to go the
vCenter Server Appliance Getting Started page.

6 Click Close to exit the wizard.

You are redirected to the vCenter Server Appliance Getting Started page.

Results

The newly deployed vCenter Server Appliance joined the vCenter Single Sign-On domain and site
of the Platform Services Controller instance with which you registered the appliance.

What to do next

You can configure high availability for the vCenter Server Appliance. For information about
providing vCenter Server Appliance high availability, see vSphere Availability.

CLI Deployment of the vCenter Server Appliance and

Platform Services Controller Appliance
You can use the CLI installer to perform a silent deployment of a vCenter Server Appliance or
Platform Services Controller appliance on an ESXi host or vCenter Server instance.

VMware, Inc. 70
vCenter Server Installation and Setup

The CLI deployment process includes downloading the vCenter Server Appliance installer on a
network virtual machine or physical server from which you want to perform the deployment,
preparing a JSON configuration file with the deployment information, and running the
deployment command.

Important The user name that you use to log in to the machine from which you want to run the
CLI installer, the path to the vCenter Server Appliance installer, the path to your JSON
configuration file, and the string values in your JSON configuration file, including the passwords,
must contain only ASCII characters. Extended ASCII and non-ASCII characters are unsupported.

The vCenter Server Appliance ISO file contains templates of JSON files that contain the minimum
configuration parameters that are required for deploying the vCenter Server Appliance or
Platform Services Controller appliance. For information about preparing JSON templates for CLI
deployment, see Prepare Your JSON Configuration File for CLI Deployment.

Prepare Your JSON Configuration File for CLI Deployment

Before you run the CLI installer to deploy a vCenter Server Appliance or Platform Services
Controller appliance, you must prepare a JSON file with configuration parameters and their
values for your deployment specification.

The vCenter Server Appliance installer contains JSON templates for all deployment types. For
information about the templates, see JSON Templates for CLI Deployment of the vCenter Server
Appliance and Platform Services Controller Appliance.

You can deploy an appliance with minimum configurations by setting values to the configuration
parameters in the JSON template for your specification. You can edit the preset values, remove
configuration parameters, and add configuration parameters for custom configurations.

For a complete list of the configuration parameters and their descriptions, navigate to the
installer subdirectory for your operating system and run the vcsa-deploy install --template-
help command or see Deployment Configuration Parameters.

Prerequisites

n You must be familiar with the JSON syntax.

n Download and Mount the vCenter Server Appliance Installer.

VMware, Inc. 71
vCenter Server Installation and Setup

Procedure

1 In the vCenter Server Appliance installer, navigate to the vcsa-cli-installer directory, and
open the templates subfolder.

2 Copy the deployment templates from the install subfolder to your workspace.

Important The path to the JSON configuration files must contain only ASCII characters.
Extended ASCII and non-ASCII characters are unsupported.

3 In a text editor, open the template file for your specification.

To ensure the correct syntax of your JSON configuration file, use a JSON editor.

4 Fill in the values for the required configuration parameters and, optionally, enter additional
parameters and their values.

For example, if you want to use an IPv4 DHCP assignment for the network of the appliance, in
the network subsection of the template, change the value of the mode parameter to dhcp and
remove the default configuration parameters that are for a static assignment.

"network": {
"ip_family": "ipv4",
"mode": "dhcp"
},

Important The string values, including the passwords, must contain only ASCII characters.
Extended ASCII and non-ASCII characters are unsupported.

To set a value that contains a backslash (\) or quotation mark (") character, you must precede
the character with the backslash (\) character. For example, "password":"my\"password" sets
the password my"password, "image":"G:\\vcsa\\VMware-vCenter-Server-Appliance-6.7.0.XXXX-
YYYYYYY_OVF10.ova" sets the path G:\vcsa\VMware-vCenter-Server-Appliance-6.7.0.XXXX-
YYYYYYY_OVF10.ova.

The Boolean values must contain only lowercase characters, that is, a value can be either true
or false. For example, "ssh_enable":false.

5 (Optional) Use a JSON editor of your choice to validate the JSON file.

6 Save in UTF-8 format and close the file.

What to do next

You can create and save additional templates if needed for your deployment specification.

JSON Templates for CLI Deployment of the vCenter Server Appliance and
Platform Services Controller Appliance
The vCenter Server Appliance installer contains JSON templates that are located in the vcsa-
cli-installer/templates directory. In the install subfolder, you can find eight JSON
templates with the minimum configuration parameters for all deployment types.

VMware, Inc. 72
vCenter Server Installation and Setup

For each deployment type, there is one template for deploying the appliance on an ESXi host
and another template for deploying the appliance on a vCenter Server instance.

Table 2-9. Deployment JSON Templates Included in the vCenter Server Appliance Installer
Location Template Description

vcsa-cli-installer\templates embedded_vCSA_on_ESXi.json Contains the minimum configuration

\install parameters that are required for
deployment of a vCenter Server
Appliance with an embedded Platform
Services Controller on an ESXi host.

embedded_vCSA_on_VC.json Contains the minimum configuration

parameters that are required for
deployment of a vCenter Server
Appliance with an embedded Platform
Services Controller on a vCenter
Server instance.

embedded_vCSA_replication_on_ESX Contains the minimum configuration

i.json parameters that are required for
deployment of a vCenter Server
Appliance with an embedded Platform
Services Controller as a replication
partner to another embedded vCenter
Server Appliance on an ESXi host.

embedded_vCSA_replication_on_VC. Contains the minimum configuration

json parameters that are required for
deployment of a vCenter Server
Appliance with an embedded Platform
Services Controller as a replication
partner to another embedded vCenter
Server Appliance on a vCenter Server
instance.

PSC_first_instance_on_ESXi.json Contains the minimum configuration

parameters that are required for
deployment of a Platform Services
Controller appliance as the first
instance in a new vCenter Single Sign-
On domain on an ESXi host.

PSC_first_instance_on_VC.json Contains the minimum configuration

parameters that are required for
deployment of a Platform Services
Controller appliance as the first
instance in a new vCenter Single Sign-
On domain on a vCenter Server
instance.

PSC_replication_on_ESXi.json Contains the minimum configuration

parameters that are required for
deployment of a Platform Services
Controller appliance joining an existing
vCenter Single Sign-On domain on an
ESXi host.

VMware, Inc. 73
vCenter Server Installation and Setup

Table 2-9. Deployment JSON Templates Included in the vCenter Server Appliance Installer
(continued)
Location Template Description

PSC_replication_on_VC.json Contains the minimum configuration

parameters that are required for
deployment of a Platform Services
Controller appliance joining an existing
vCenter Single Sign-On domain on a
vCenter Server instance.

vCSA_on_ESXi.json Contains the minimum configuration

parameters that are required for
deployment of a vCenter Server
Appliance with an external Platform
Services Controller on an ESXi host.

vCSA_on_VC.json Contains the minimum configuration

parameters that are required for
deployment of a vCenter Server
Appliance with an external Platform
Services Controller on a vCenter
Server instance.

Deployment Configuration Parameters

When you prepare your JSON configuration files for CLI deployment, you must set parameters
and values to provide input data for the deployment of a vCenter Server Appliance or Platform
Services Controller appliance.

Sections and Subsections of Configuration Parameters in the JSON Deployment Files

The configuration parameters in the JSON configuration files for CLI upgrade are organized in
sections and subsections.

Table 2-10. Sections and Subsections of Configuration Parameters in the JSON Deployment Files
Subsecti
Section on Description

new_vcsa - describes the esxi Use only if you want to deploy the appliance directly on an ESXi host.
appliance that you want to Contains the configuration parameters that describe the target ESXi host. See
deploy Table 2-11. Configuration Parameters in the new_vcsa Section, esxi Subsection.

Note You must fill in either the esxi or the vc subsection.

vc Use only if you want to deploy the appliance on the inventory of a vCenter
Server instance.
Contains the configuration parameters that describe the target ESXi host or
DRS cluster from the vCenter Server inventory. See Table 2-12. Configuration
Parameters in the new_vcsa Section, vc Subsection.

Note You must fill in either the vc or the esxi subsection.

appliance Contains the configuration parameters that describe the appliance. See Table
2-13. Configuration Parameters in the new_vcsa Section, appliance Subsection.

VMware, Inc. 74
vCenter Server Installation and Setup

Table 2-10. Sections and Subsections of Configuration Parameters in the JSON Deployment Files
(continued)
Subsecti
Section on Description

network Contains the configuration parameters that describe the network settings for
the appliance. See Table 2-14. Configuration Parameters in the new_vcsa
Section, network Subsection.

os Contains the configuration parameters that describe the operating system

settings for the appliance. See Table 2-15. Configuration Parameters in the
new_vcsa Section, os Subsection.

sso Contains the configuration parameters that describe the vCenter Single Sign-On
settings for the appliance. See Table 2-16. Configuration Parameters in the
new_vcsa Section, sso Subsection.

ovftool_a Optional subsection for adding arbitrary arguments and their values to the OVF
rguments Tool command that the installer generates.

Important The vCenter Server Appliance installer does not validate the
configuration parameters in the ovftool_arguments subsection. If you set
arguments that the OVF Tool does not recognize, the deployment might fail.

ceip - describes joining the settings Contains only the ceip_enabled configuration parameter to join or not to join the
VMware Customer VMware Customer Experience Improvement Program (CEIP). See Table 2-17.
Experience Improvement Configuration Parameters in the ceip Section, settings Subsection.
Program (CEIP) Required only if you are deploying a vCenter Server Appliance with an
embedded Platform Services Controller or a Platform Services Controller
appliance.

Note If set to true, you must run the CLI deployment command with the --
acknowledge-ceip argument.

For information about the CEIP, see the Configuring Customer Experience
Improvement Program section in vCenter Server and Host Management.

Important The string values, including the passwords, must contain only ASCII characters.
Extended ASCII and non-ASCII characters are unsupported.

To set a value that contains a backslash (\) or quotation mark (") character, you must precede the
character with the backslash (\) character. For example, "password":"my\"password" sets the
password my"password, "image":"G:\\vcsa\\VMware-vCenter-Server-Appliance-6.7.0.XXXX-
YYYYYYY_OVF10.ova" sets the path G:\vcsa\VMware-vCenter-Server-Appliance-6.7.0.XXXX-
YYYYYYY_OVF10.ova.

The Boolean values must contain only lowercase characters. Can be either true or false. For
example, "ssh_enable":false.

VMware, Inc. 75
vCenter Server Installation and Setup

Configuration Parameters in the new_vcsa Section

Table 2-11. Configuration Parameters in the new_vcsa Section, esxi Subsection
Name Type Description

hostname string The IP address or FQDN of the target ESXi host on which you want to deploy
the appliance.

username string A user name with administrative privileges on the target ESXi host, for example,
root.

password string The password of the user with administrative privileges on the target ESXi host.

deployment_network string The name of the network to which to connect the appliance.

Note The network must be accessible from the target ESXi host.

Ignored if the target ESXi host has only one network.

datastore string The name of the datastore that you want to store all virtual machine
configuration files and virtual disks of the appliance.

Note The datastore must be accessible from the ESXi host.

The datastore must have enough free space.

port integer The HTTPS reverse proxy port of the target ESXi host.
The default port is 443. Use only if the target ESXi host uses a custom HTTPS
reverse proxy port.

Table 2-12. Configuration Parameters in the new_vcsa Section, vc Subsection

Name Type Description

hostname string The IP address or FQDN of the target vCenter Server instance on which you
want to deploy the appliance.

username string vCenter Single Sign-On administrator user name on the target vCenter Server
instance, for example, [email protected].

password string The password of the vCenter Single Sign-On administrator user on the target
vCenter Server instance.

deployment_network string The name of the network to which to connect the appliance.

Note The network must be accessible from the target ESXi host or DRS cluster
on which you want to deploy the appliance.

Ignored if the target ESXi host or DRS cluster has only one network.

VMware, Inc. 76
vCenter Server Installation and Setup

Table 2-12. Configuration Parameters in the new_vcsa Section, vc Subsection (continued)

Name Type Description

datacenter string or The vCenter Server datacenter that contains the target ESXi host or DRS cluster
array on which you want to deploy the appliance.
If the datacenter is located in a folder or a structure of folders, the value must
be either a comma-separated list of strings or a comma-separated list as a
single string. For example,

["parent_folder", "child_folder", "datacenter_name"]

"parent_folder, child_folder, datacenter_name"

Note The value is case-sensitive.

datastore string The name of the datastore that you want to store all virtual machine
configuration files and virtual disks of the appliance.

Note The datastore must be accessible from the target ESXi host or DRS
cluster.

The datastore must have at least 15 GB of free space.

port integer The HTTPS reverse proxy port of the target vCenter Server instance.
The default port is 443. Use only if the target vCenter Server instance uses a
custom HTTPS reverse proxy port.

target string or The target ESXi host or DRS cluster on which you want to deploy the appliance.
array
Important You must provide the name that is displayed in the vCenter Server
inventory. For example, if the name of the target ESXi host is an IP address in
the vCenter Server inventory, you cannot provide an FQDN.

If the target ESXi host or DRS cluster is located in a folder or a structure of

folders, the value must be a comma-separated list of strings or a comma-
separated list as a single string. For example,

["parent_folder", "child_folder", "esxi-host.domain.com"]

"parent_folder, child_folder, esxi-host.domain.com"

If the target ESXi host is part of a cluster, use a comma-separated list of strings
or a comma-separated list as a single string to provide the path. For example,

["cluster_name", "esxi-host.domain.com"]

"cluster_name, esxi-host.domain.com"

Note The value is case-sensitive.

vm_folder string Optional. The name of the VM folder to which to add the appliance.

VMware, Inc. 77
vCenter Server Installation and Setup

Table 2-13. Configuration Parameters in the new_vcsa Section, appliance Subsection

Name Type Description

thin_disk_mode Boolean Set to true to deploy the appliance with thin virtual disks.

deployment_option string The size of the appliance.

n Set to tiny if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 10 hosts and 100 virtual
machines with the default storage size.

Deploys an appliance with 2 CPUs, 10 GB of memory, and 250 GB of

storage.
n Set to tiny-lstorage if you want to deploy a vCenter Server Appliance with
an embedded Platform Services Controller for up to 10 hosts and 100 virtual
machines with the large storage size.

Deploys an appliance with 2 CPUs, 10 GB of memory, and 775 GB of

storage.
n Set to tiny-xlstorage if you want to deploy a vCenter Server Appliance with
an embedded Platform Services Controller for up to 10 hosts and 100 virtual
machines with the x-large storage size.

Deploys an appliance with 2 CPUs, 10 GB of memory, and 1650 GB of

storage.
n Set to small if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 100 hosts and 1,000
virtual machines with the default storage size.

Deploys an appliance with 4 CPUs, 16 GB of memory, and 290 GB of

storage.
n Set to small-lstorage if you want to deploy a vCenter Server Appliance with
an embedded Platform Services Controller for up to 100 hosts and 1,000
virtual machines with the large storage size.

Deploys an appliance with 4 CPUs, 16 GB of memory, and 820 GB of

storage.
n Set to small-xlstorage if you want to deploy a vCenter Server Appliance
with an embedded Platform Services Controller for up to 100 hosts and
1,000 virtual machines with the x-large storage size.

Deploys an appliance with 4 CPUs, 16 GB of memory, and 1700 GB of

storage.
n Set to medium if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 400 hosts and 4,000
virtual machines with the default storage size.

Deploys an appliance with 8 CPUs, 24 GB of memory, and 425 GB of

storage.
n Set to medium-lstorage if you want to deploy a vCenter Server Appliance
with an embedded Platform Services Controller for up to 400 hosts and
4,000 virtual machines with the large storage size.

Deploys an appliance with 8 CPUs, 24 GB of memory, and 925 GB of

storage.
n Set to medium-xlstorage if you want to deploy a vCenter Server Appliance
with an embedded Platform Services Controller for up to 400 hosts and
4,000 virtual machines with the x-large storage size.

VMware, Inc. 78
vCenter Server Installation and Setup

Table 2-13. Configuration Parameters in the new_vcsa Section, appliance Subsection (continued)
Name Type Description

Deploys an appliance with 8 CPUs, 24 GB of memory, and 1805 GB of

storage.
n Set to large if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 1,000 hosts and 10,000
virtual machines with the default storage size.

Deploys an appliance with 16 CPUs, 32 GB of memory, and 640 GB of

storage.
n Set to large-lstorage if you want to deploy a vCenter Server Appliance with
an embedded Platform Services Controller for up to 1,000 hosts and 10,000
virtual machines with the large storage size.

Deploys an appliance with 16 CPUs, 32 GB of memory, and 990 GB of

storage.
n Set to large-xlstorage if you want to deploy a vCenter Server Appliance
with an embedded Platform Services Controller for up to 1,000 hosts and
10,000 virtual machines with the x-large storage size.

Deploys an appliance with 16 CPUs, 32 GB of memory, and 1870 GB of

storage.
n Set to xlarge if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 2,000 hosts and 35,000
virtual machines with the default storage size.

Deploys an appliance with 24 CPUs, 48 GB of memory, and 980 GB of

storage.
n Set to xlarge-lstorage if you want to deploy a vCenter Server Appliance
with an embedded Platform Services Controller for up to 2,000 hosts and
35,000 virtual machines with the large storage size.

Deploys an appliance with 24 CPUs, 48 GB of memory, and 1030 GB of

storage.
n Set to xlarge-xlstorage if you want to deploy a vCenter Server Appliance
with an embedded Platform Services Controller for up to 2,000 hosts and
35,000 virtual machines with the x-large storage size.

Deploys an appliance with 24 CPUs, 48 GB of memory, and 1910 GB of

storage.
n Set to management-tiny if you want to deploy a vCenter Server Appliance
with an external Platform Services Controller for up to 10 hosts and 100
virtual machines with the default storage size.

Deploys an appliance with 2 CPUs, 10 GB of memory, and 250 GB of

storage.
n Set to management-tiny-lstorage if you want to deploy a vCenter Server
Appliance with an external Platform Services Controller for up to 10 hosts
and 100 virtual machines with the large storage size.

Deploys an appliance with 2 CPUs, 10 GB of memory, and 775 GB of

storage.
n Set to management-tiny-xlstorage if you want to deploy a vCenter Server
Appliance with an external Platform Services Controller for up to 10 hosts
and 100 virtual machines with the x-large storage size.

VMware, Inc. 79
vCenter Server Installation and Setup

Table 2-13. Configuration Parameters in the new_vcsa Section, appliance Subsection (continued)
Name Type Description

Deploys an appliance with 2 CPUs, 10 GB of memory, and 1650 GB of

storage.
n Set to management-small if you want to deploy a vCenter Server Appliance
with an external Platform Services Controller for up to 100 hosts and 1,000
virtual machines with the default storage size.

Deploys an appliance with 4 CPUs, 16 GB of memory, and 290 GB of

storage.
n Set to management-small-lstorage if you want to deploy a vCenter Server
Appliance with an external Platform Services Controller for up to 100 hosts
and 1,000 virtual machines with the large storage size.

Deploys an appliance with 4 CPUs, 16 GB of memory, and 820 GB of

storage.
n Set to management-small-xlstorage if you want to deploy a vCenter Server
Appliance with an external Platform Services Controller for up to 100 hosts
and 1,000 virtual machines with the x-large storage size.

Deploys an appliance with 4 CPUs, 16 GB of memory, and 1700 GB of

storage.
n Set to management-medium if you want to deploy a vCenter Server Appliance
with an external Platform Services Controller for up to 400 hosts and 4,000
virtual machines with the default storage size.

Deploys an appliance with 8 CPUs, 24 GB of memory, and 425 GB of

storage.
n Set to management-medium-lstorage if you want to deploy a vCenter Server
Appliance with an external Platform Services Controller for up to 400 hosts
and 4,000 virtual machines with the large storage size.

Deploys an appliance with 8 CPUs, 24 GB of memory, and 925 GB of

storage.
n Set to management-medium-xlstorage if you want to deploy a vCenter Server
Appliance with an external Platform Services Controller for up to 400 hosts
and 4,000 virtual machines with the x-large storage size.

Deploys an appliance with 8 CPUs, 24 GB of memory, and 1805 GB of

storage.
n Set to management-large if you want to deploy a vCenter Server Appliance
with an external Platform Services Controller for up to 1,000 hosts and
10,000 virtual machines with the default storage size.

Deploys an appliance with 16 CPUs, 32 GB of memory, and 640 GB of

storage.
n Set to management-large-lstorage if you want to deploy a vCenter Server
Appliance with an external Platform Services Controller for up to 1,000
hosts and 10,000 virtual machines with the large storage size.

Deploys an appliance with 16 CPUs, 32 GB of memory, and 990 GB of

storage.
n Set to management-large-xlstorage if you want to deploy a vCenter Server
Appliance with an external Platform Services Controller for up to 1,000
hosts and 10,000 virtual machines with the x-large storage size.

VMware, Inc. 80
vCenter Server Installation and Setup

Table 2-13. Configuration Parameters in the new_vcsa Section, appliance Subsection (continued)
Name Type Description

Deploys an appliance with 16 CPUs, 32 GB of memory, and 1870 GB of

storage.
n Set to management-xlarge if you want to deploy a vCenter Server Appliance
with an external Platform Services Controller for up to 2,000 hosts and
35,000 virtual machines with the default storage size.

Deploys an appliance with 24 CPUs, 48 GB of memory, and 980 GB of

storage.
n Set to management-xlarge-lstorage if you want to deploy a vCenter Server
Appliance with an external Platform Services Controller for up to 2,000
hosts and 35,000 virtual machines with the large storage size.

Deploys an appliance with 24 CPUs, 48 GB of memory, and 1030 GB of

storage.
n Set to management-xlarge-xlstorage if you want to deploy a vCenter Server
Appliance with an external Platform Services Controller for up to 2,000
hosts and 35,000 virtual machines with the x-large storage size.

Deploys an appliance with 24 CPUs, 48 GB of memory, and 1910 GB of

storage.
n Set to infrastructure if you want to deploy a Platform Services Controller
appliance.

Deploys an appliance with 2 CPUs, 4 GB of memory, and 60 GB of storage.

image string Optional. A local file path or URL to the vCenter Server Appliance installation
package.
By default the installer uses the installation package that is included in the ISO
file, in the vcsa folder.

name string The VM name for the appliance.

Must contain only ASCII characters except a percent sign (%), backslash (\), or
forward slash (/) and must be no more than 80 characters in length.

ovftool_path string Optional. A local file path to the OVF Tool executable file.
By default the installer uses the OVF Tool instance that is included in the ISO
file, in the vcsa/ovftool folder.

Table 2-14. Configuration Parameters in the new_vcsa Section, network Subsection

Name Type Description

ip_family string IP version for the network of the appliance.

Set to ipv4 or ipv6.

mode string IP assignment for the network of the appliance.

Set to static or dhcp.

VMware, Inc. 81
vCenter Server Installation and Setup

Table 2-14. Configuration Parameters in the new_vcsa Section, network Subsection (continued)
Name Type Description

ip string IP address for the appliance.

Required only if you use static assignment, that is, if you set the mode parameter
to static.
You must set an IPv4 or IPv6 address that corresponds to the network IP
version, that is, to the value of the ip.family parameter.
An IPv4 address must comply with the RFC 790 guidelines.
An IPv6 address must comply with the RFC 2373 guidelines.

dns_servers string or IP addresses of one or more DNS servers.

array To set more than one DNS server, use a comma-separated list of strings or a
comma-separated list as a single string to provide the path. For example,

["x.y.z.a", "x.y.z.b"]

"x.y.z.a, x.y.z.b"

Required only if you use static assignment, that is, if you set the mode parameter
to static.

prefix string Network prefix length.

Use only if the mode parameter is set to static. Remove if the mode parameter is
set to dhcp.
The network prefix length is the number of bits that are set in the subnet mask.
For example, if the subnet mask is 255.255.255.0, there are 24 bits in the binary
version of the prefix length, so the network prefix length is 24.
For IPv4 version, the value must be between 0 and 32.
For IPv6 version, the value must be between 0 and 128.

gateway string IP address of the default gateway.

For IPv6 version, the value can be default.

VMware, Inc. 82
vCenter Server Installation and Setup

Table 2-14. Configuration Parameters in the new_vcsa Section, network Subsection (continued)
Name Type Description

ports string (Optional) Port numbers that the vCenter Server Appliance uses for direct HTTP
connections. By default, port 80 redirects requests to HTTPS port 443. You can
customize the vCenter Server HTTP and HTTPS ports. If specifying a custom
HTTP and HTTPS port number, ensure that you do not use a port already in use
by vCenter Server, or the default HTTP and HTTPS ports of 80 and 443.
The options to specify a custom port are: "rhttpproxy.ext.port1":"port_number"
for the HTTP port, and "rhttpproxy.ext.port2:"port_number" for the HTTPS port.
The following example specifies ports 81 and 444 for the HTTP and HTTPS
ports:

ports: {"rhttpproxy.ext.port1":"81", "rhttpproxy.ext.port2":"444"}

For more information on ports in use by vCenter Server, see Required Ports for
vCenter Server and Platform Services Controller .

system_name string Primary network identity.

Can be an IP address or FQDN, preferably FQDN.
You cannot change the value of this parameter after the deployment.
The FQDN and dotted-decimal numbers must comply with the RFC 1123
guidelines.

Table 2-15. Configuration Parameters in the new_vcsa Section, os Subsection

Name Type Description

password string The password for the root user of the appliance operating system.
The password must contain between 8 and 20 characters, at least one
uppercase letter, at least one lowercase letter, at least one number, and at least
one special character, for example, a dollar sign ($), hash key (#), at sign (@),
period (.), or exclamation mark (!). All characters must be lower ASCII characters
without spaces.

ntp_servers string or Optional. Host names or IP addresses of one or more NTP servers for time
array synchronization.
To set more than one NTP server, use a comma-separated list of strings or a
comma-separated list as a single string to provide the path. For example,

["x.y.z.a", "x.y.z.b"]

"x.y.z.a, x.y.z.b"

ssh_enable Boolean Set to true to enable SSH administrator login to the appliance.

Note vCenter Server Appliance high availability requires remote SSH access to
the appliance.

time_tools_sync Boolean Optional. Set to true to deploy the appliance with the VMware Tools time
synchronization. VMware Tools synchronizes the time of the appliance with the
time of the ESxi host.
Ignored if you set NTP servers for time synchronization, that is, if you set the
ntp.servers parameter.

VMware, Inc. 83
vCenter Server Installation and Setup

Table 2-16. Configuration Parameters in the new_vcsa Section, sso Subsection

Name Type Description

password string Password of the vCenter Single Sign-On administrator user,

administrator@your_domain_name.
n If you are deploying a vCenter Server Appliance with an embedded
Platform Services Controller or a Platform Services Controller appliance as
the first instance in a new vCenter Single Sign-On domain, you must set the
password for the vCenter Single Sign-On administrator user.

The password must contain between 8 and 20 characters, at least one

uppercase letter, at least one lowercase letter, at least one number, and at
least one special character, for example, a dollar sign ($), hash key (#), at
sign (@), period (.), or exclamation mark (!). All characters must be ASCII
characters.
n If you are deploying a Platform Services Controller appliance as a replication
partner in an existing vCenter Single Sign-On domain, you must provide the
password of the vCenter Single Sign-On administrator user of the partner
Platform Services Controller.
n If you are deploying a vCenter Server Appliance with an external Platform
Services Controller, you must provide the password of the vCenter Single
Sign-On administrator user of the external Platform Services Controller.

domain_name string vCenter Single Sign-On domain name, for example, vsphere.local.
n If you are deploying a vCenter Server Appliance with an embedded
Platform Services Controller or a Platform Services Controller appliance as
the first instance in a new vCenter Single Sign-On domain, you must set the
name for the new vCenter Single Sign-On domain.
n If you are deploying a vCenter Server Appliance with an external Platform
Services Controller or a Platform Services Controller appliance as a
replication partner in an existing vCenter Single Sign-On domain, you must
provide the name of the existing vCenter Single Sign-On domain.

first_instance Boolean Required only if you are deploying a Platform Services Controller appliance.
The default value is true.
Set to false if you want to join the Platform Services Controller appliance to an
existing vCenter Single Sign-On domain.
Joined Platform Services Controller instances replicate their infrastructure data
and enable Enhanced Linked Mode. For information about managing the
Platform Services Controller services, see Platform Services Controller
Administration.

platform_services_controll string The system name of the external Platform Services Controller.
er Required only if you are deploying a vCenter Server Appliance with an external
Platform Services Controller.

replication_partner_hostna string The system name of the partner Platform Services Controller.
me Required only if you are deploying a Platform Services Controller appliance as a
replication partner in an existing vCenter Single Sign-On domain.

VMware, Inc. 84
vCenter Server Installation and Setup

Table 2-16. Configuration Parameters in the new_vcsa Section, sso Subsection (continued)
Name Type Description

sso_port integer The HTTPS reverse proxy port of the partner Platform Services Controller.
The default port is 443. Use only if you the partner Platform Services Controller
uses a custom HTTPS reverse proxy port.

site_name string vCenter Single Sign-On name.

Required only if you are deploying an embedded Platform Services Controller
appliance.

Note When setting up enhanced linked mode support for vCenter Server
Appliance deployments with an embedded Platform Services Controller, use
Default-First-Site as the site name for the first instance.

Configuration Parameters in the ceip Section

Table 2-17. Configuration Parameters in the ceip Section, settings Subsection
Name Type Description

ceip_enabled Boolean Set to true to join the CEIP for this appliance.

Deploy a vCenter Server Appliance or Platform Services Controller

Appliance by Using the CLI
You can use the CLI installer to perform an unattended deployment of a vCenter Server
Appliance or Platform Services Controller appliance. You must run the CLI deployment from a
Windows, Linux, or Mac machine that is in the network on which you want to deploy the
appliance.

Prerequisites

n See Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance.

n Prepare Your JSON Configuration File for CLI Deployment.

n Review Syntax of the CLI Deployment Command.

n Verify that the user name with which you are logged in to your client machine, the path to the
vCenter Server Appliance installer, the path to your JSON configuration file, and the string
values in your JSON configuration file contain only ASCII characters. Extended ASCII and non-
ASCII characters are unsupported.

n The Visual C++ redistributable libraries version 14.0 or newer needs to be installed to run this
utility on versions of Windows older than Windows 10. The Microsoft installers for these
libraries are located in the vcsa-cli-installer/win32/vcredist directory.

VMware, Inc. 85
vCenter Server Installation and Setup

Procedure

1 Navigate to the vcsa-cli-installer subdirectory for your operating system.

n If you are running the deployment on Windows OS, navigate to the vcsa-cli-installer
\win32 directory.

n If you are running the deployment on Linux OS, navigate to the vcsa-cli-installer/
lin64 directory.

n If you are running the deployment on Mac OS, navigate to the vcsa-cli-installer/mac
directory.

2 (Optional) Run a pre-deployment check without deploying the appliance to verify that you
prepared the deployment template correctly.

vcsa-deploy install --precheck-only path_to_the_json_file

3 Run the deployment command.

vcsa-deploy install --accept-eula --acknowledge-ceip optional_arguments path_to_the_json_file

Use optional_arguments to enter space-separated arguments to set additional execution

parameters of the deployment command.
For example, you can set the location of the log and other output files that the installer
generates.

vcsa-deploy install --accept-eula --acknowledge-ceip --log-dir=path_to_the_location

path_to_the_json_file

Syntax of the CLI Deployment Command

You can use command arguments to set the execution parameters of the deployment command.

You can add a space-separated list of arguments to the CLI deployment command.

vcsa-deploy install path_to_the_json_file list_of_arguments

Argument Description

--accept-eula Accepts the end-user license agreement.

Required for executing the deployment command.

--acknowledge-ceip Confirms your acknowledgement of your VMware

Customer Experience Improvement Program (CEIP)
participation.
Required if the ceip.enabled parameter is set to true in the
JSON deployment template.

-v, --verbose Adds debug information to the console output.

-t, --terse Hides the console output. Displays only warning and error
messages.

VMware, Inc. 86
vCenter Server Installation and Setup

Argument Description

--log-dir LOG_DIR Sets the location of the log and other output files.

--skip-ovftool-verification Performs basic verification of the configuration parameters

in the JSON file and deploys the appliance. Does not
perform verification of the OVF Tool parameters.

--no-esx-ssl-verify Skips the SSL verification for ESXi connections.

Important Avoid using this option because it might cause

problems during deployment or after deployment because
of not validated identity of the target ESXi host.

--no-ssl-certificate-verification Skips security certificate verification for all server

connections.

--operation-id OPERATION_ID Provides an operation ID to track installation activities.

--pause-on-warnings Pauses and waits for acknowledgment of warnings.

--verify-template-only Performs basic template verification of the configuration

parameters in the JSON file. Does not deploy the
appliance.

--precheck-only Performs only the basic template verification and OVF Tool
parameter verification. Does not deploy the appliance.

--sso-ssl-thumbprint SSL-SHA1-THUMBPRINT Validates server certificate against the supplied SHA1

thumbprint.

-h, --help Displays the help message for the vcsa-deploy install
command.

--template-help Displays the help message for the use of configuration

parameters in the JSON deployment file.

After the execution finishes, you can get the exit code of the command.

Exit Code Description

0 Command ran successfully

1 Runtime error

2 Validation error

3 Template error

Deploy Multiple vCenter Server Appliances or Platform Services

Controller Appliances Using the CLI
You can deploy multiple instances of the vCenter Server Appliance or the Platform Services
Controller concurrently (in batch mode) using the CLI installer.

VMware, Inc. 87
vCenter Server Installation and Setup

To deploy multiple instances concurrently, create JSON templates for all the vCenter Server
Applianceand Platform Services Controller instances in your deployment. The CLI installer
assesses the topology of the deployment using the JSON templates, and determines the order.
For this reason, the JSON templates must use static IP addresses for all vCenter Server and
Platform Services Controller instances in the deployment that are dependant upon one another.
For example, you can install two vCenter Server instances which share a common external
Platform Services Controller instance.

Important The JSON templates you create for each appliance must use a static IP address to
resolve the network addresses of other appliances in the deployment upon which they have a
dependency.

To perform the batch deployment, place the JSON templates defining your deployment in a
single directory. When invoked, the CLI installer deploys your existing deployment using the
topology defined in the JSON templates.

Procedure

1 In your workspace, create a folder to contain the JSON files for batch deployment. For
example, MyWorkspace/BatchDeploy.

2 Prepare each JSON configuration file and copy the file to your batch deployment folder. See
Prepare Your JSON Configuration File for CLI Deployment for instructions on configuring the
JSON files.

3 Navigate to the vcsa-cli-installer subdirectory for your operating system.

n If you are running the deployment on Windows OS, navigate to the vcsa-cli-installer
\win32 directory.

n If you are running the deployment on Linux OS, navigate to the vcsa-cli-installer/
lin64 directory.

n If you are running the deployment on Mac OS, navigate to the vcsa-cli-installer/mac
directory.

4 (Optional) Run a pre-deployment check without deploying the appliance to verify that you
prepared the deployment template correctly. For example:

vcsa-deploy install --precheck-only MyWorkspace/BatchDeploy

5 Run the deployment command. For example,

vcsa-deploy install --accept-eula --acknowledge-ceip optional_arguments MyWorkspace/BatchDeploy

Use optional_arguments to enter space-separated arguments to set additional execution

parameters of the deployment command.

VMware, Inc. 88
vCenter Server Installation and Setup

For example, you can set the location of the log and other output files that the installer
generates.

vcsa-deploy install --accept-eula --acknowledge-ceip --log-dir=path_to_the_location MyWorkspace/

BatchDeploy

VMware, Inc. 89
Installing vCenter Server and
Platform Services Controller on
Windows
3
You can install vCenter Server with an embedded or external Platform Services Controller on a
Microsoft Windows virtual machine or physical server to manage your vSphere environment.

Note vCenter Server for Windows is deprecated in this release of vSphere and will not be
available in future releases. To ensure continuous support, deploy a new vCenter Server
Appliance or migrate current vCenter Server for Windows installations to vCenter Server
Appliance deployments.

Before you install vCenter Server, download the installer ISO file and mount it to the Windows
host machine on which you want to perform the installation, and then start the installation wizard.

Windows installations of vCenter Server can use either the embedded PostreSQL database or an
external database. Before installing vCenter Server that uses an external database, you must
prepare your database. See Preparing vCenter Server Databases for Install.

For information about the vCenter Server requirements, see vCenter Server for Windows
Requirements.

For information about the inputs that are required during the installation of vCenter Server, see
Required Information for Installing vCenter Server or Platform Services Controller on Windows.

Important For topologies with external Platform Services Controller instances, you must install
the replicating Platform Services Controller instances in a sequence. After the successful
deployment of all Platform Services Controller instances in the domain, you can perform
concurrent installations of multiple vCenter Server instances that point to a common external
Platform Services Controller instance.

After you install vCenter Server, only the user administrator@your_domain_name has the
privileges to log in to the vCenter Server system.

The administrator@your_domain_name user can perform the following tasks:

n Add an identity source in which additional users and groups are defined in vCenter Single
Sign-On.

n Assign roles to users and groups to give them privileges.

VMware, Inc. 90
vCenter Server Installation and Setup

For information about adding identity sources and giving permissions to the users and groups,
see Platform Services Controller Administration.

Starting with vSphere 6.5, vCenter Server supports mixed IPv4 and IPv6 environment. If you want
to set up the vCenter Server instance to use an IPv6 address version, use the fully qualified
domain name (FQDN) or host name of the host machine. To set up an IPv4 address, the best
practice is to use the FQDN or host name of the host machine, because the IP address can
change if assigned by DHCP.

This chapter includes the following topics:

n vCenter Server for Windows Requirements

n Preparing for Installing vCenter Server and Platform Services Controller on Windows

n Required Information for Installing vCenter Server or Platform Services Controller on

Windows

n Installing vCenter Server and Platform Services Controller on Windows

vCenter Server for Windows Requirements

To install vCenter Server on a Windows virtual machine or physical server, your system must
meet specific hardware and software requirements.

n Synchronize the clocks of the virtual machines on which you plan to install vCenter Server
and the Platform Services Controller. See Synchronizing Clocks on the vSphere Network.

n Verify that the DNS name of the virtual machine or physical server matches the actual full
computer name.

n Verify that the host name of the virtual machine or physical server on which you are installing
vCenter Server complies with RFC 1123 guidelines.

n Verify that the system on which you are installing vCenter Server is not an Active Directory
domain controller.

n If you plan to use a user account other than the Local System account in which to run your
vCenter Server service, verify that the user account has the following permissions:

n Member of the Administrators group

n Log on as a service

n Act as part of the operating system (if the user is a domain user)

Note Starting with vSphere 6.5, the vCenter Server services run as child processes of the
VMware Service Lifecycle Manager service.

VMware, Inc. 91
vCenter Server Installation and Setup

n Verify that the local policy of the virtual machine or physical server on which you are
installing vCenter Server allows assigning Log on as a batch job rights to new local users.

Note Starting with vSphere 6.5, some vCenter Server processes use separate local users
that are automatically created and added to the local security policy Log on as a batch job.
Such new local users are cm, content-library, eam, imagebuilder, mbcs, netdumper,
perfcharts, rbd, vapiEndpoint, vmware-vpostgres, vsan-health, vsm, vsphere-client, and
vsphere-ui.

n If the system that you use for your vCenter Server installation belongs to a workgroup rather
than a domain, not all functionality is available to vCenter Server. If assigned to a workgroup,
the vCenter Server system is not able to discover all domains and systems available on the
network when using some features. Your host machine must be connected to a domain if you
want to add Active Directory identity sources after the installation.

n Verify that the LOCAL SERVICE account has read permission on the folder in which vCenter
Server is installed and on the HKLM registry.

n Verify that the connection between the virtual machine or physical server and the domain
controller is working.

Pre-Install Checks for vCenter Server and Platform Services

Controller on Windows
When you install or upgrade vCenter Server and Platform Services Controller on Windows, the
installer does a pre-check, for example, to verify that enough space is available on the virtual
machine or physical server where you are installing or upgrading vCenter Server, and verifies that
the external database, if any, can be successfully accessed.

When you install Platform Services Controller as an embedded or external instance, vCenter
Single Sign-On is installed as part of Platform Services Controller. During the installation of an
external Platform Services Controller, the installer provides you with the option to join an existing
vCenter Single Sign-On server domain. During the installation of vCenter Server with an external
Platform Services Controller, the installer prompts you to join an existing vCenter Single Sign-On
server domain. When you provide the information about the vCenter Single Sign-On service, the
installer uses the administrator account to check the host name and password, to verify that the
details of the vCenter Single Sign-On server you provided can be authenticated before
proceeding with the installation process.

The pre-install checker performs checks for the following aspects of the environment:

n Windows version

n Minimum processor requirements

n Minimum memory requirements

n Minimum disk space requirements

n Permissions on the selected install and data directory

VMware, Inc. 92
vCenter Server Installation and Setup

n Internal and external port availability

n External database version

n External database connectivity

n Administrator privileges on the Windows machine

n Any credentials that you enter

Additionally, the pre-install checker verifies if Universal C Runtime is installed. This is a Microsoft
Windows operating system component that enables CRT functionality on the Windows OS. If
Universal C Runtime is not installed, you receive an error message.

For information about the minimum storage requirements, see Storage Requirements for vCenter
Server and Platform Services Controller on Windows . For information about the minimum
hardware requirements, see Hardware Requirements for vCenter Server and Platform Services
Controller on Windows .

Hardware Requirements for vCenter Server and Platform Services

Controller on Windows
When you install vCenter Server or Platform Services Controller on a virtual machine or physical
server running Microsoft Windows, your system must meet specific hardware requirements.

You can install vCenter Server and the Platform Services Controller on the same virtual machine
or physical server or on different virtual machines or physical servers. When you install vCenter
Server with an embedded Platform Services Controller, you install vCenter Server and the
Platform Services Controller on the same virtual machine or physical server. When you install the
vCenter Server with an external Platform Services Controller, first install the Platform Services
Controller that contains all of the required services on one virtual machine or physical server, and
then install vCenter Server and the vCenter Server components on another virtual machine or
physical server.

Note Installing vCenter Server on a network drive or USB flash drive is not supported.

VMware, Inc. 93
vCenter Server Installation and Setup

Table 3-1. Minimum Recommended Hardware Requirements for Installing vCenter Server and
Platform Services Controller on Windows
vCenter
Server with vCenter
vCenter vCenter an Server with
Server with Server with Embedded an
an an or External Embedded
Embedded Embedded Platform or External vCenter Server
or External or External Services Platform with an
Platform Platform Controller Services Embedded or
Services Services for a Controller External Platform
Controller Controller Medium for a Large Services
for a Tiny for a Small Environmen Environmen Controller for X-
Environmen Environmen t (up to 400 t (up to Large
t (up to 10 t (up to 100 Hosts, 1,000 Hosts, Environment (up
Hosts, 100 Hosts, 1000 4,000 10,000 to 2,000 Hosts,
Platform Services Virtual Virtual Virtual Virtual 35,000 Virtual
Controller Machines) Machines) Machines) Machines) Machines)

Number of 2 2 4 8 16 24
CPUs

Memory 4 GB RAM 10 GB RAM 16 GB RAM 24 GB RAM 32 GB RAM 48 GB RAM

Note If you want to add an ESXi host with more than 512 LUNs and 2,048 paths to the vCenter
Server inventory, your vCenter Server instance must be suitable for a large or x-large
environment.

For the hardware requirements of your database, see the database documentation. The
database requirements are in addition to the vCenter Server requirements if the database and
vCenter Server run on the same machine.

Storage Requirements for vCenter Server and Platform Services

Controller on Windows
When you install vCenter Server, your system must meet minimum storage requirements.

The storage requirements per folder depend on the deployment model that you decide to install.
During installation, you can select a folder other than the default C:\Program Files\VMware
folder to install vCenter Server and the Platform Services Controller. You can also select a folder
other than the default C:\ProgramData\VMware\vCenterServer\ in which to store data.

Table 3-2. vCenter Server Minimum Storage Requirements Depending On the Deployment Model
vCenter Server with an vCenter Server with an
Embedded Platform External Platform Services External Platform Services
Default Folder Services Controller Controller Controller

Program Files 6 GB 6 GB 1 GB

ProgramData 8 GB 8 GB 2 GB

System folder (to cache the 3 GB 3 GB 1 GB

MSI installer)

VMware, Inc. 94
vCenter Server Installation and Setup

Software Requirements for vCenter Server and Platform Services

Controller on Windows
Verify that your operating system supports vCenter Server.

vCenter Server requires a 64-bit operating system, and the 64-bit system DSN is required for
vCenter Server to connect to the external database.

The earliest Windows Server version that vCenter Server supports is Windows Server 2008 SP2.
Your Windows Server must have the latest updates and patches installed. For a full list of
supported operating systems, see Knowledge Base article KB 2091273.

Prior to upgrading or migrating vCenter Server, you must install the Microsoft Update for
Universal C Runtime in Windows. See Update for Universal C Runtime in Windows.

Database Requirements for vCenter Server on Windows

vCenter Server requires a database to store and organize server data.

Each vCenter Server instance must have its own database. For environments with up to 20 hosts
and 200 virtual machines, you can use the bundled PostgreSQL database that the vCenter Server
installer can install and set up for you during the vCenter Server installation. A larger installation
requires a supported external database for the size of the environment.

During vCenter Server installation you must select to install the embedded database or point the
vCenter Server system to any existing supported database. vCenter Server supports Oracle and
Microsoft SQL Server databases.

For information about supported database server versions, see the VMware Product
Interoperability Matrix at http://www.vmware.com/resources/compatibility/sim/
interop_matrix.php.

Required Ports for vCenter Server and Platform Services Controller

VMware, Inc. 95
vCenter Server Installation and Setup

Note In Microsoft Windows Server 2008 and later, firewall is enabled by default.

Table 3-3. Ports Required for Communication Between Components

Used for Node-to-
Port Protocol Description Required for Node Communication

22 TCP System port for SSHD. Appliance No

deployments of
n vCenter Server
n Platform Services
Controller

53 DNS service Windows installations No

and appliance
deployments of
Platform Services
Controller

80 TCP vCenter Server requires port 80 for Windows installations No

Important You can only change this

port number during the vCenter
Server and Platform Services
Controller installation.

VMware, Inc. 96
vCenter Server Installation and Setup

Table 3-3. Ports Required for Communication Between Components (continued)

Used for Node-to-
Port Protocol Description Required for Node Communication

88 TCP Active Directory server. This port Windows installations No

Important You only can change this

port number during the vCenter
Server and Platform Services
Controller installation.

VMware, Inc. 97
vCenter Server Installation and Setup

Table 3-3. Ports Required for Communication Between Components (continued)

Used for Node-to-
Port Protocol Description Required for Node Communication

514 TCP/UDP vSphere Syslog Collector port for Windows installations No

vCenter Server on Windows and and appliance
vSphere Syslog Service port for deployments of
vCenter Server Appliance n vCenter Server

Important You can change this port n Platform Services

number during the vCenter Server Controller
and Platform Services Controller
installations on Windows.

Important You can change this port

number during the vCenter Server
installations on Windows.

Important You can change this port n Platform Services

number during the vCenter Server Controller
and Platform Services Controller
installations on Windows.

VMware, Inc. 98
vCenter Server Installation and Setup

Table 3-3. Ports Required for Communication Between Components (continued)

Used for Node-to-
Port Protocol Description Required for Node Communication

2015 TCP DNS management Windows installations Platform Services

and appliance Controller to Platform
deployments of Services Controller
Platform Services
Controller

2020 TCP/UDP Authentication framework Windows installations n vCenter Server to

5480 TCP Appliance Management Interface Appliance No

Open endpoint serving all HTTPS, deployments of
XMLRPS and JSON-RPC requests over n vCenter Server
HTTPS. n Platform Services
Controller

6500 TCP/UDP ESXi Dump Collector port Windows installations No

and appliance
Important You can change this port
deployments of
number during the vCenter Server
vCenter Server
installations on Windows.

6501 TCP Auto Deploy service Windows installations No

and appliance
Important You can change this port
deployments of
number during the vCenter Server
vCenter Server
installations on Windows.

VMware, Inc. 99
vCenter Server Installation and Setup

Table 3-3. Ports Required for Communication Between Components (continued)

Used for Node-to-
Port Protocol Description Required for Node Communication

6502 TCP Auto Deploy management Windows installations No

and appliance
Important You can change this port
deployments of
number during the vCenter Server
vCenter Server
installations on Windows.

7080, TCP Secure Token Service Windows installations No

12721 and appliance
Note Internal ports
deployments of
Platform Services
Controller

7081 TCP VMware Platform Services Controller Windows installations No

Web Client and appliance
deployments of
Note Internal port
Platform Services
Controller

7475, TCP VMware vSphere Authentication Appliance Platform Services

7476 Proxy deployments of Controller to vCenter
vCenter Server Server

8200, TCP Appliance management Appliance No

8201, deployments of
Note Internal ports
8300, n vCenter Server
8301 n Platform Services
Controller

8084 TCP vSphere Update Manager SOAP port Appliance No

The port used by vSphere Update deployments of
Manager client plug-in to connect to vCenter Server
the vSphere Update Manager SOAP
server.

9084 TCP vSphere Update Manager Web Server Appliance No

Port deployments of
The HTTP port used by ESXi hosts to vCenter Server
access host patch files from vSphere
Update Manager server.

9087 TCP vSphere Update Manager Web SSL Appliance No

Port deployments of
The HTTPS port used by vSphere vCenter Server
Update Manager client plug-in to
upload host upgrade files to vSphere
Update Manager server.

9443 TCP vSphere Client HTTPS Windows installations No

and appliance
deployments of
vCenter Server

VMware, Inc. 100

vCenter Server Installation and Setup

To configure the vCenter Server system to use a different port to receive vSphere Client data,
see the vCenter Server and Host Management documentation.

For more information about firewall configuration, see the vSphere Security documentation.

DNS Requirements for vCenter Server and Platform Services

Controller on Windows
You install or upgrade vCenter Server, like any other network server, on a host machine with a
fixed IP address and well-known DNS name, so that clients can reliably access the service.

Assign a static IP address and host name to the Windows server that will host the vCenter Server
system. This IP address must have a valid (internal) domain name system (DNS) registration.
When you install vCenter Server and the Platform Services Controller, you must provide the fully
qualified domain name (FQDN) or the static IP of the host machine on which you are performing
the install or upgrade. The recommendation is to use the FQDN.

Ensure that DNS reverse lookup returns an FQDN when queried with the IP address of the host
machine on which vCenter Server is installed. When you install or upgrade vCenter Server, the
installation or upgrade of the Web server component that supports the vSphere Web Client fails
if the installer cannot look up the fully qualified domain name of the vCenter Server host machine
from its IP address. Reverse lookup is implemented using PTR records.

If you plan to use an FQDN for the virtual machine or physical server, you must verify that the
FQDN is resolvable.

You can use the nslookup command to verify that the DNS reverse lookup service returns an
FQDN when queried with the IP address and to verify that the FQDN is resolvable.

nslookup -nosearch -nodefname FQDN_or_IP_address

If you use DHCP instead of a static IP address for vCenter Server, make sure that the vCenter
Server computer name is updated in the domain name service (DNS). If you can ping the
computer name, the name is updated in DNS.

vSphere Client Software Requirements

Use of the vSphere Client requires a supported Web browser.

VMware has tested and supports the following guest operating systems and browser versions
for the vSphere Client.

VMware, Inc. 101

vCenter Server Installation and Setup

Table 3-4. Supported Guest Operating Systems and Browser Versions for the vSphere Client.
Operating system Browser

Windows 32-bit and 64-bit Microsoft Internet Explorer 11 and later.

Mozilla Firefox: 56 and later.
Google Chrome: 62 and later.

Mac OS Mozilla Firefox: 56 and later.

Google Chrome: 62 and later.

Later versions of these browsers are likely to work, but have not been tested.

Preparing for Installing vCenter Server and Platform

Services Controller on Windows
Before you install vCenter Server or Platform Services Controller, you must download the
vCenter Server installer ISO file and mount it to the Windows virtual machine or physical server
on which you want to install vCenter Server or Platform Services Controller.

If you plan to use an external vCenter Server database, before you install vCenter Server, you
must set up the database.

Download the vCenter Server Installer for Windows

Download the .iso installer for vCenter Server for Windows and the associated vCenter Server
components and support tools.

Prerequisites

Create a My VMware account at https://my.vmware.com/web/vmware/.

Procedure

1 Download the vCenter Server installer from the VMware Web site at https://
my.vmware.com/web/vmware/downloads.

vCenter Server is part of VMware vCloud Suite and VMware vSphere, listed under Datacenter
& Cloud Infrastructure.

2 VMware provides a SHA-1 hash, a SHA-256 hash, or an MD5 message digest for software
downloads. To confirm file integrity, use a SHA-1, SHA-256, and/or a MD5 utility on your
computer to calculate your own hash for files downloaded from the VMware web site.

See the VMware Web site topic Using Cryptographic Hashes at https://www.vmware.com/
download/cryptographichashes.html.

3 Mount the ISO image to the Windows virtual machine or physical server on which you want to
install vCenter Server for Windows.

VMware, Inc. 102

vCenter Server Installation and Setup

Preparing vCenter Server Databases for Install

vCenter Server requires a database to store and organize server data. For vCenter Server on
Windows, you can either use the bundled PostgreSQL database that can be installed and
configured together with vCenter Server, or you can set up an external database prior to
installing vCenter Server.

vCenter Server for Windows supports Oracle and Microsoft SQL Server as external databases.

You can configure an external database manually or by using a script. In addition, the data source
name user must have a specific list of permissions.

The database passwords are stored in clear text on the Windows virtual machine or physical host
on which you install vCenter Server and in the vCenter Server Appliance. The files containing the
passwords are protected by using the operating system protection, that is, you must be a
Windows local administrator or a Linux root user to access and read these files.

vCenter Server instances cannot share the same database schema. Multiple vCenter Server
databases can reside on the same database server, or they can be separated across multiple
database servers. For Oracle databases, which have the concept of schema objects, you can run
multiple vCenter Server instances in a single database server if you have a different schema
owner for each vCenter Server instance. You can also use a dedicated Oracle database server for
each vCenter Server instance.

You cannot install vCenter Server and point to an older external vCenter Server database. You
can upgrade the old vCenter Server database to the latest version only by upgrading the vCenter
Server instance connected to that database. For information about upgrading vCenter Server,
see vSphere Upgrade.

vCenter Server Database Configuration Notes

After you select a supported database type, make sure you understand any special configuration
requirements.

Table 3-5. Configuration Notes for Databases Supported with vCenter Server is not a complete
list of databases supported with vCenter Server for Windows. For information about specific
database versions and service pack configurations supported with vCenter Server, see the
VMware Product Interoperability Matrixes. Only special database configuration notes not listed in
the Product Interoperability Matrixes are provided in Table 3-5. Configuration Notes for
Databases Supported with vCenter Server.

vCenter Server databases require a UTF code set.

Contact your DBA for the appropriate database credentials.

VMware, Inc. 103

vCenter Server Installation and Setup

Table 3-5. Configuration Notes for Databases Supported with vCenter Server
Database Type Configuration Notes

Embedded PostgreSQL For vCenter Server 6.7, the bundled PostgreSQL database is suitable for environments with
up to 20 hosts and 200 virtual machines.

Important If you use the embedded PostgreSQL database, uninstalling vCenter Server on
Windows, uninstalls the embedded database, and all data is lost.

Microsoft SQL Server 2012 Ensure that the machine has a valid ODBC DSN entry.
SP3

Microsoft SQL Server 2014 Ensure that the machine has a valid ODBC DSN entry.
SP2

Oracle 11g and Oracle 12c Ensure that the machine has a valid ODBC DSN entry.
After you complete the vCenter Server installation, apply the latest patch to the Oracle
client and server.

Configure Microsoft SQL Server Databases

To use a Microsoft SQL database for your vCenter Server repository, configure your database to
work with vCenter Server.

You can install and configure the Microsoft SQL Server database on the same machine on which
you plan to install vCenter Server. You can install and configure the Microsoft SQL Server
database on a separate machine.

Procedure

1 Prepare the vCenter Server SQL Server Database

You first create a database and user for vCenter Server. Then you assign permissions to the
vCenter Server database user either by using the existing dbo schema and dbo_owner role
or by creating custom database schema and roles.

2 (Optional) Use a Script to Create Microsoft SQL Server Database Objects Manually
This topic describes how to create database objects manually instead of letting the vCenter
Server installer create the data objects automatically.

3 Configure a SQL Server ODBC Connection

After you create and configure a SQL Server database and user for vCenter Server, you
must create a 64-bit DSN on the machine on which you plan to install vCenter Server. During
the vCenter Server installation, you use the DSN to establish a connection between vCenter
Server and the database.

4 Configure Microsoft SQL Server TCP/IP for JDBC

If the Microsoft SQL Server database has TCP/IP disabled and the dynamic ports are not set,
the JDBC connection remains closed. The closed connection causes the vCenter Server
statistics to malfunction. You can configure the server TCP/IP for JDBC.

VMware, Inc. 104

vCenter Server Installation and Setup

Prepare the vCenter Server SQL Server Database

Prerequisites

Log in to the Microsoft SQL Server Management Studio as the sysadmin (SA) or a user account
with sysadmin privileges.
Prepare the vCenter Server Database by Using the dbo Schema and the db_owner Database
Role
The simplest way to assign permissions for a vCenter Server database user is through the
database role db_owner.

You must first create a database and user for vCenter Server. Then you can use the existing
dbo_owner database role and let the vCenter Server installer create the default dbo schema that
assigns database user permissions to that role. You must also enable database monitoring for the
user before you install vCenter Server. See Database Permission Requirements for vCenter
Server.

To perform the following procedure, you can either use the graphical user interface or run
scripts. The vCenter Server installer package contains example scripts in the vCenter-Server
\dbschema\DB_and_schema_creation_scripts_PostgreSQL.txt file.

Procedure

1 Create a database and user for vCenter Server.

a In the master database, create a database for vCenter Server.

b Create a database user for vCenter Server and map it to the vCenter Server and msdb
databases.
For example, to create the database VCDB and user vpxuser, you can run the following
script:

use master
go
CREATE DATABASE VCDB ON PRIMARY
(NAME = N'vcdb', FILENAME = N'C:\database_path\VCDB.mdf', SIZE = 10MB, FILEGROWTH = 10% )
LOG ON
(NAME = N'vcdb_log', FILENAME = N'C:\database_path\VCDB.ldf', SIZE = 1000KB, FILEGROWTH = 10%)
COLLATE SQL_Latin1_General_CP1_CI_AS
go
use VCDB
go
CREATE LOGIN vpxuser WITH PASSWORD=N'vpxuser!0', DEFAULT_DATABASE=VCDB,
DEFAULT_LANGUAGE=us_english, CHECK_POLICY=OFF
go
CREATE USER vpxuser for LOGIN vpxuser
go

VMware, Inc. 105

vCenter Server Installation and Setup

use MSDB
go
CREATE USER vpxuser for LOGIN vpxuser
go

You now have a Microsoft SQL Server database that you can use with vCenter Server.

2 Assign the db_owner role to the vCenter Server database user on both the vCenter Server
and msdb databases.

For example, to assign the db_owner role to the vpxuser user, you can run the following
script:

use VCDB
go
sp_addrolemember @rolename = 'db_owner', @membername = 'vpxuser'
go
use MSDB
go
sp_addrolemember @rolename = 'db_owner', @membername = 'vpxuser'
go

3 Enable database monitoring for the vCenter Server database user.

For example, to grant database disk size monitoring permissions to the vpxuser user, you can
run the following script:

use master
go
grant VIEW SERVER STATE to vpxuser
go
GRANT VIEW ANY DEFINITION TO vpxuser
go

Results

When you install vCenter Server, the installer uses the default dbo schema to assign permissions
to the db_owner role.
Prepare the vCenter Server Database by Creating Custom Database Schema and Roles
As an alternative to using the db_owner database role, experienced database administrators can
set permissions by creating database schema and roles manually, which ensures greater control
over database permissions.

You must first create a database and user for vCenter Server. Then you can create a custom
schema and new database roles for the database user. You must also enable database
monitoring for the user before you install vCenter Server. See Database Permission Requirements
for vCenter Server.

VMware, Inc. 106

vCenter Server Installation and Setup

Procedure

1 Create a database and user for vCenter Server.

a In the master database, create a database for vCenter Server.

b Create a database user for vCenter Server and map it to the vCenter Server and msdb
databases.
For example, to create the database VCDB and user vpxuser, you can run the following
script:

You now have a Microsoft SQL Server database that you can use with vCenter Server.

2 In the vCenter Server database, create a database schema and assign it to the vCenter
Server database user.

For example, to create the schema VMW in VCDB and assign it to the vpxuser user, you can
run the following script:

use VCDB
CREATE SCHEMA VMW
go
ALTER USER vpxuser WITH DEFAULT_SCHEMA =VMW

3 In the vCenter Server database, create and grant privileges to the VC_ADMIN_ROLE and
VC_USER_ROLE database roles and assign them to the vCenter Server database user.

For example, to create the roles in VCDB and assign them to the vpxuser user, you can run
the following script:

use VCDB
go
if not exists (SELECT name FROM sysusers WHERE issqlrole=1 AND name = 'VC_ADMIN_ROLE')
CREATE ROLE VC_ADMIN_ROLE;

VMware, Inc. 107

vCenter Server Installation and Setup

GRANT ALTER ON SCHEMA :: VMW to VC_ADMIN_ROLE;

GRANT REFERENCES ON SCHEMA :: VMW to VC_ADMIN_ROLE;
GRANT INSERT ON SCHEMA :: VMW to VC_ADMIN_ROLE;

GRANT CREATE TABLE to VC_ADMIN_ROLE;

GRANT CREATE VIEW to VC_ADMIN_ROLE;
GRANT CREATE Procedure to VC_ADMIN_ROLE;

if not exists (SELECT name FROM sysusers WHERE issqlrole=1 AND name = 'VC_USER_ROLE')
CREATE ROLE VC_USER_ROLE
go
GRANT SELECT ON SCHEMA :: VMW to VC_USER_ROLE
go
GRANT INSERT ON SCHEMA :: VMW to VC_USER_ROLE
go
GRANT DELETE ON SCHEMA :: VMW to VC_USER_ROLE
go
GRANT UPDATE ON SCHEMA :: VMW to VC_USER_ROLE
go
GRANT EXECUTE ON SCHEMA :: VMW to VC_USER_ROLE
go
sp_addrolemember VC_USER_ROLE , vpxuser
go
sp_addrolemember VC_ADMIN_ROLE , vpxuser
go

4 In the msdb database, create and grant privileges to the VC_ADMIN_ROLE database role and
assign it to the vCenter Server database user.

For example, to create the roles and assign them to the vpxuser user, you can run the
following script:

use MSDB
go
if not exists (SELECT name FROM sysusers WHERE issqlrole=1 AND name = 'VC_ADMIN_ROLE')
CREATE ROLE VC_ADMIN_ROLE;
go
GRANT SELECT on msdb.dbo.syscategories to VC_ADMIN_ROLE
go
GRANT SELECT on msdb.dbo.sysjobsteps to VC_ADMIN_ROLE
go
GRANT SELECT ON msdb.dbo.sysjobs to VC_ADMIN_ROLE
go
GRANT SELECT ON msdb.dbo.sysjobs_view to VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_add_job TO VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_delete_job TO VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_add_jobstep TO VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_update_job TO VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_add_jobserver TO VC_ADMIN_ROLE
go

VMware, Inc. 108

vCenter Server Installation and Setup

GRANT EXECUTE ON msdb.dbo.sp_add_jobschedule TO VC_ADMIN_ROLE

go
GRANT EXECUTE ON msdb.dbo.sp_add_category TO VC_ADMIN_ROLE
go
sp_addrolemember VC_ADMIN_ROLE , vpxuser
go

Note The VC_ADMIN_ROLE role in the msdb database is required only during installation
and upgrade of vCenter Server. After the installation or upgrade, you can revoke the role and
leave it as inactive for future upgrades, or you can remove it for increased security.

5 Enable database monitoring for the vCenter Server database user.

For example, to grant database disk size monitoring permissions to the vpxuser user, you can
run the following script:

use master
go
grant VIEW SERVER STATE to vpxuser
go
GRANT VIEW ANY DEFINITION TO vpxuser
go

Use a Script to Create Microsoft SQL Server Database Objects Manually

This topic describes how to create database objects manually instead of letting the vCenter
Server installer create the data objects automatically.

Procedure

1 Log in to a Microsoft SQL Server Management Studio session with the vCenter Server
database user account that you created on the vCenter Server and msdb databases.

2 In the vCenter Server installation package, locate the dbschema scripts in the vCenter-
Server/dbschema directory.

3 Open the VCDB_mssql.SQL and the TopN_DB_mssql.sql files by using Microsoft SQL Server
Management Studio and replace all occurrences of $schema with your schema name.

4 Open the VCDB_views_mssql.sql file by using Microsoft SQL Server Management Studio and
after each occurrence of ;, insert a new line and write go.

5 Run the scripts in a sequence on the database.

The DBO user must own the objects created by these scripts. Open the scripts one at a time
in Microsoft SQL Server Management Studio and press F5 to execute each script in the
following order:

a VCDB_mssql.SQL

b insert_stats_proc_mssql.sql

c load_stats_proc_mssql.sql

VMware, Inc. 109

vCenter Server Installation and Setup

d purge_stat2_proc_mssql.sql

e purge_stat3_proc_mssql.sql

f purge_usage_stats_proc_mssql.sql

g stats_rollup1_proc_mssql.sql

h stats_rollup2_proc_mssql.sql

i stats_rollup3_proc_mssql.sql

j cleanup_events_mssql.sql

k delete_stats_proc_mssql.sql

l upsert_last_event_proc_mssql.sql

m load_usage_stats_proc_mssql.sql

n TopN_DB_mssql.sql

o calc_topn1_proc_mssql.sql

p calc_topn2_proc_mssql.sql

q calc_topn3_proc_mssql.sql

r calc_topn4_proc_mssql.sql

s clear_topn1_proc_mssql.sql

t clear_topn2_proc_mssql.sql

u clear_topn3_proc_mssql.sql

v clear_topn4_proc_mssql.sql

w rule_topn1_proc_mssql.sql

x rule_topn2_proc_mssql.sql

y rule_topn3_proc_mssql.sql

z rule_topn4_proc_mssql.sql

aa process_license_snapshot_mssql.sql

ab l_stats_rollup3_proc_mssql.sql

ac l_purge_stat2_proc_mssql.sql

ad l_purge_stat3_proc_mssql.sql

ae l_stats_rollup1_proc_mssql.sql

af l_stats_rollup2_proc_mssql.sql

ag VCDB_views_mssql.sql

VMware, Inc. 110

vCenter Server Installation and Setup

6 (Optional) Run the scripts to enable database health monitoring.

a job_dbm_performance_data_mssql.sql

b process_performance_data_mssql.sql

7 For all supported editions of Microsoft SQL Server except Microsoft SQL Server Express, run
the scripts to set up scheduled jobs on the database.

These scripts ensure that the SQL Server Agent service is running.
a job_schedule1_mssql.sql

b job_schedule2_mssql.sql

c job_schedule3_mssql.sql

d job_cleanup_events_mssql.sql

e job_topn_past_day_mssql.sql

f job_topn_past_week_mssql.sql

g job_topn_past_month_mssql.sql

h job_topn_past_year_mssql.sql

8 For all the procedures you created in Step 5, grant the execute privilege to the vCenter
Server database user in the vCenter Server database.

For example, to grant execute privilege for the procedures to the vpxuser user, you can run
the following script.

grant execute on insert_stats_proc to vpxuser

grant execute on purge_stat2_proc to vpxuser
grant execute on purge_stat3_proc to vpxuser
grant execute on purge_usage_stat_proc to vpxuser
grant execute on stats_rollup1_proc to vpxuser
grant execute on stats_rollup2_proc to vpxuser
grant execute on stats_rollup3_proc to vpxuser
grant execute on cleanup_events_tasks_proc to vpxuser
grant execute on delete_stats_proc to vpxuser
grant execute on upsert_last_event_proc to vpxuser
grant execute on load_usage_stats_proc to vpxuser
grant execute on load_stats_proc to vpxuser
grant execute on calc_topn1_proc to v
grant execute on calc_topn2_proc to vpxuser
grant execute on calc_topn3_proc to vpxuser
grant execute on calc_topn4_proc to vpxuser
grant execute on clear_topn1_proc to vpxuser
grant execute on clear_topn2_proc to vpxuser
grant execute on clear_topn3_proc to vpxuser
grant execute on clear_topn4_proc to vpxuser
grant execute on rule_topn1_proc to vpxuser
grant execute on rule_topn2_proc to vpxuser
grant execute on rule_topn3_proc to vpxuser
grant execute on rule_topn4_proc to vpxuser
grant execute on process_license_snapshot_proc to vpxuser

VMware, Inc. 111

vCenter Server Installation and Setup

grant execute on l_stats_rollup3_proc to vpxuser

grant execute on l_purge_stat2_proc to vpxuser
grant execute on l_purge_stat3_proc to vpxuser
grant execute on l_stats_rollup1_proc to vpxuser
grant execute on l_stats_rollup2_proc to vpxuser

If you ran the script process_performance_data_mssql.sql in Step 5, grant the following execute
privilege to the vCenter Server database.

grant execute on process_performance_data_proc to vpxuser

Results

You created the vCenter Server tables manually.

Note During the vCenter Server installation, when a database reinitialization warning message
appears, select Do not overwrite, leave my existing database in place and continue the
installation.

Configure a SQL Server ODBC Connection

After you create and configure a SQL Server database and user for vCenter Server, you must
create a 64-bit DSN on the machine on which you plan to install vCenter Server. During the
vCenter Server installation, you use the DSN to establish a connection between vCenter Server
and the database.

If you use SQL Server for vCenter Server, do not use the master or any other system database.

See your Microsoft SQL ODBC documentation for specific instructions for configuring the SQL
Server ODBC connection.

Prerequisites

Deploy SQL Native Client version 10 or 11.

Procedure

1 On the machine on which you plan to install vCenter Server, select Start > Administrative
Tools > Data Sources (ODBC).

2 On the System DSN tab, modify an existing or create a new SQL Server ODBC connection.

n To modify an existing SQL Server ODBC connection, select the connection from the
System Data Source list and click Configure.

Important The existing DSN must use SQL Native Client version 10 or 11.

n To create a new SQL Server ODBC connection, click Add, select SQL Native Client, and
click Finish .

3 In the Name text box, enter an ODBC data source name (DSN).

For example, VMware vCenter Server.

VMware, Inc. 112

vCenter Server Installation and Setup

4 (Optional) In the Description text box, enter an ODBC DSN description.

5 In the Server text box, enter the IP address or FQDN of the SQL Server and, if you want to
use a non-default port to access the SQL Server, enter a custom port separated by a comma.

For example, if the IP address of your SQL Server is 10.160.10.160 and you want to access the
server by using custom port 8347, enter 10.160.10.160,8347.

Note You cannot use a database server alias to create a DSN.

6 Select an authentication method.

n Integrate Windows authentication.

Additionally, you can also enter the Service Principal Name (SPN).

Important You cannot use this option if the vCenter Server service is running under the
Microsoft Windows built-in system account.

n SQL Server authentication.

Enter your SQL Server login name and password.

7 Select the database created for the vCenter Server system from the Change the default
database to menu.

8 Click Finish.

9 Test the data source by selecting Test Data Source and clicking OK from the ODBC
Microsoft SQL Server Setup menu.

10 Verify that the SQL Agent is running on your database server.

Configure Microsoft SQL Server TCP/IP for JDBC

If the Microsoft SQL Server database has TCP/IP disabled and the dynamic ports are not set, the
JDBC connection remains closed. The closed connection causes the vCenter Server statistics to
malfunction. You can configure the server TCP/IP for JDBC.

This task applies to remote Microsoft SQL Server database servers. You can skip this task if your
database is located on the same machine as vCenter Server.

Procedure

1 Select Start > All Programs > Microsoft SQL Server > Configuration Tool > SQL Server
Configuration Manager.

2 Select SQL Server Network Configuration > Protocols for Instance name.

3 Enable TCP/IP.

4 Open TCP/IP Properties.

VMware, Inc. 113

vCenter Server Installation and Setup

5 On the Protocol tab, make the following entries.

Enabled Yes

Listen All Yes

Keep Alive 30000

6 On the IP Addresses tab, make the following selections.

Active Yes

TCP Dynamic Ports 0

7 Restart the SQL Server service from SQL Server Configuration Manager > SQL Server
Services.

8 Start the SQL Server Browser service from SQL Server Configuration Manager > SQL Server
Services.

Configure Oracle Databases

To use an Oracle database for your vCenter Server repository, configure your database to work
with vCenter Server.

You can install and configure the Oracle database on the same machine on which you plan to
install vCenter Server. You can install and configure the Oracle database on a separate machine.

Procedure

1 Prepare the vCenter Server Oracle Database

To use an Oracle database with vCenter Server, you must create the database with certain
tablespaces and privileges, and the database user with certain permissions.

2 (Optional) Use a Script to Create the Oracle Database Schema

The vCenter Server installer creates the schema during installation. For experienced
database administrators who need more control over schema creation because of
environmental constraints, you can optionally use a script to create your database schema.

3 Create a Net Service Name

To configure an Oracle ODBC DSN, you must have a net service name for your database. On
the machine on which your Oracle database is running, you must create a net service name
for the vCenter Server tablespace.

4 Configure an Oracle ODBC Connection

After you create and configure an Oracle database and user for vCenter Server, you must
create a 64-bit DSN on the machine on which you plan to install vCenter Server. During the
vCenter Server installation, you use the DSN to establish a connection between vCenter
Server and the database.

VMware, Inc. 114

vCenter Server Installation and Setup

Prepare the vCenter Server Oracle Database

To use an Oracle database with vCenter Server, you must create the database with certain
tablespaces and privileges, and the database user with certain permissions.

You must first create a tablespace and user for vCenter Server. Then you grant permissions to
the database user. You must also enable database monitoring for the user before you install
vCenter Server. See Database Permission Requirements for vCenter Server.

Prerequisites

Log in to a SQL*Plus session with the system account.

Procedure

1 Create a tablespace for vCenter Server.

For example, to create the tablespace VPX, you can run the following script:

CREATE SMALLFILE TABLESPACE "VPX" DATAFILE 'C:\database_path\vpx01.dbf'

SIZE 1G AUTOEXTEND ON NEXT 10M MAXSIZE UNLIMITED LOGGING EXTENT MANAGEMENT LOCAL SEGMENT
SPACE MANAGEMENT AUTO;

2 Create a database user with the correct permissions for vCenter Server.

For example, to create the VPXADMIN user, you can run the following script:

CREATE USER "VPXADMIN" PROFILE "DEFAULT" IDENTIFIED BY "oracle" DEFAULT TABLESPACE "VPX" ACCOUNT
UNLOCK;
grant connect to VPXADMIN;
grant resource to VPXADMIN;
grant create view to VPXADMIN;
grant create sequence to VPXADMIN;
grant create table to VPXADMIN;
grant create materialized view to VPXADMIN;
grant execute on dbms_lock to VPXADMIN;
grant execute on dbms_job to VPXADMIN;
grant select on dba_lock to VPXADMIN;
grant select on dba_tablespaces to VPXADMIN;
grant select on dba_temp_files to VPXADMIN;
grant select on dba_data_files to VPXADMIN;
grant select on v_$session to VPXADMIN;
grant unlimited tablespace to VPXADMIN;

VMware, Inc. 115

vCenter Server Installation and Setup

By default, the RESOURCE role has the CREATE PROCEDURE, CREATE TABLE, and CREATE
SEQUENCE privileges assigned. If the RESOURCE role lacks these privileges, grant them to
the vCenter Server database user.

Note Instead of granting unlimited tablespace, you can set a specific tablespace quota. The
recommended quota is unlimited with a minimum of at least 500MB. To set an unlimited
quota, use the following command.

alter user "VPXADMIN" quota unlimited on "VPX";

If you set a limited quota, monitor the remaining available tablespace to avoid the following
error.

ORA-01536: space quota exceeded for tablespace 'tablespace'

You now have an Oracle database user for vCenter Server.

3 Enable database monitoring for the vCenter Server database user.

For example, to grant database disk size monitoring permissions to the VPXADMIN user, you
can run the following script:

grant select on v_$system_event to VPXADMIN;

grant select on v_$sysmetric_history to VPXADMIN;
grant select on v_$sysstat to VPXADMIN;
grant select on dba_data_files to VPXADMIN;
grant select on v_$loghist to VPXADMIN;

Use a Script to Create the Oracle Database Schema

The vCenter Server installer creates the schema during installation. For experienced database
administrators who need more control over schema creation because of environmental
constraints, you can optionally use a script to create your database schema.

Procedure

1 Open a SQL*Plus window with a user that has schema owner rights on the vCenter Server
database.

2 Locate the dbschema scripts in the vCenter Server installation package /installation
directory/vCenter-Server/dbschema directory.

3 In SQL*Plus, run the scripts in a sequence on the database.

a VCDB_oracle.SQL

b VCDB_views_oracle.SQL

c insert_stats_proc_oracle.sql

d load_stats_proc_oracle.sql

e purge_stat2_proc_oracle.sql

VMware, Inc. 116

vCenter Server Installation and Setup

f purge_stat3_proc_oracle.sql

g purge_usage_stats_proc_oracle.sql

h stats_rollup1_proc_oracle.sql

i stats_rollup2_proc_oracle.sql

j stats_rollup3_proc_oracle.sql

k cleanup_events_oracle.sql

l delete_stats_proc_oracle.sql

m load_usage_stats_proc_oracle.sql

n TopN_DB_oracle.sql

o calc_topn1_proc_oracle.sql

p calc_topn2_proc_oracle.sql

q calc_topn3_proc_oracle.sql

r calc_topn4_proc_oracle.sql

s clear_topn1_proc_oracle.sql

t clear_topn2_proc_oracle.sql

u clear_topn3_proc_oracle.sql

v clear_topn4_proc_oracle.sql

w rule_topn1_proc_oracle.sql

x rule_topn2_proc_oracle.sql

y rule_topn3_proc_oracle.sql

z rule_topn4_proc_oracle.sql

aa process_license_snapshot_oracle.sql

ab l_purge_stat2_proc_oracle.sql

ac l_purge_stat3_proc_oracle.sql

ad l_stats_rollup1_proc_oracle.sql

ae l_stats_rollup2_proc_oracle.sql

af l_stats_rollup3_proc_oracle.sql

4 (Optional) You can also run the following scripts to enable database health monitoring.

a job_dbm_performance_data_oracle.sql

b process_performance_data_oracle.sql

VMware, Inc. 117

vCenter Server Installation and Setup

5 For all supported editions of Oracle Server, run the scripts to set up scheduled jobs on the
database.

a job_schedule1_oracle.sql

b job_schedule2_oracle.sql

c job_schedule3_oracle.sql

d job_cleanup_events_oracle.sql

e job_topn_past_day_oracle.sql

f job_topn_past_week_oracle.sql

g job_topn_past_month_oracle.sql

h job_topn_past_year_oracle.sql

Results

You created the vCenter Server tables manually.

Note During the vCenter Server installation, when a database reinitialization warning message
appears, select Do not overwrite, leave my existing database in place and continue the
installation.

Create a Net Service Name

To configure an Oracle ODBC DSN, you must have a net service name for your database. On the
machine on which your Oracle database is running, you must create a net service name for the
vCenter Server tablespace.

Procedure

1 Use a text editor or the Net8 Configuration Assistant to open the tnsnames.ora file located in
the directory C:\Oracle\Oraxx\NETWORK\ADMIN, where xx is either 10g or 11g.

2 Add the following entry, where HOST is the managed host to which the client must connect.

VPX_TNS =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS=(PROTOCOL=TCP)(HOST=vpxd-Oracle)(PORT=1521))
)
(CONNECT_DATA =
(SERVICE_NAME = ORCL)
)
)

Configure an Oracle ODBC Connection

After you create and configure an Oracle database and user for vCenter Server, you must create
a 64-bit DSN on the machine on which you plan to install vCenter Server. During the vCenter

VMware, Inc. 118

vCenter Server Installation and Setup

Server installation, you use the DSN to establish a connection between vCenter Server and the
database.

Prerequisites

Install the Oracle Client 11.2.0.3 p16656151 (Patch 19) or later, 11.2.0.4, 12.1.0.1.12 or later, or 12.1.0.2.

Procedure

1 On the machine on which you plan to install vCenter Server, select Start > Administrative
Tools > Data Sources (ODBC).

2 On the System DSN tab, modify an existing or create a new Oracle ODBC connection.

n To modify an existing Oracle ODBC connection, select the connection from the System
Data Source list and click Configure.

n To create an Oracle ODBC connection, click Add, select the Oracle client, and click Finish.

3 In the Data Source Name text box, enter an ODBC data source name (DSN).

For example, VMware vCenter Server.

4 (Optional) In the Description text box, enter an ODBC DSN description.

5 In the TNS Service Name text box, enter the net service name for the database to which you
want to connect.

For example, VPX_TNS.

This is the net service name that you previously configured in the tnsnames.ora file that is
located in the NETWORK\ADMIN folder in the Oracle database installation location.

6 In the User ID text box, enter the database user name for vCenter Server.

For example, VPXADMIN.

7 Click Test Connection.

8 In the Password text box, enter the password of the database user and click OK.

If you configured the DNS correctly, the Connection successful message appears.

9 Click OK.

Database Permission Requirements for vCenter Server

vCenter Server requires a database. If you decide to use an external Oracle or Microsoft SQL
Server database, when you create the database, you must grant certain permissions to the
database user.

VMware, Inc. 119

vCenter Server Installation and Setup

Table 3-6. Microsoft SQL Database Permissions for vCenter Server

Permission Description

GRANT ALTER ON SCHEMA :: [VMW] TO Mandatory when you work with SQL Server custom
VC_ADMIN_ROLE schema.

GRANT REFERENCES ON SCHEMA :: [VMW] TO Mandatory when you work with SQL Server custom
VC_ADMIN_ROLE schema.

GRANT INSERT ON SCHEMA :: [VMW] TO Mandatory when you work with SQL Server custom
VC_ADMIN_ROLE schema.

GRANT CREATE TABLE TO VC_ADMIN_ROLE Necessary for creating a table.

GRANT CREATE VIEW TO VC_ADMIN_ROLE Necessary for creating a view.

GRANT CREATE PROCEDURE TO VC_ADMIN_ROLE Necessary for creating a stored procedure.

GRANT SELECT ON SCHEMA :: [VMW] TO Permissions that let you run SELECT, INSERT, DELETE,
VC_USER_ROLE UPDATE operations on tables which are part of the VMW
schema.
GRANT INSERT ON SCHEMA :: [VMW] TO
VC_USER_ROLE

GRANT DELETE ON SCHEMA :: [VMW] TO

VC_USER_ROLE

GRANT UPDATE ON SCHEMA :: [VMW] TO

VC_USER_ROLE

GRANT EXECUTE ON SCHEMA :: [VMW] TO Necessary for running a stored procedure in the db
VC_USER_ROLE schema.

GRANT SELECT ON msdb.dbo.syscategories TO Necessary for deploying SQL Server jobs.

VC_ADMIN_ROLE These permissions are mandatory only during installation
and upgrade and not required after deployment.
GRANT SELECT ON msdb.dbo.sysjobsteps TO
VC_ADMIN_ROLE

GRANT SELECT ON msdb.dbo.sysjobs TO

VC_ADMIN_ROLE

GRANT SELECT ON msdb.dbo.syssessions TO

VC_ADMIN_ROLE

GRANT SELECT ON msdb.dbo.sysjobactivity TO

VC_ADMIN_ROLE

GRANT EXECUTE ON msdb.dbo.sp_add_job TO

VC_ADMIN_ROLE

GRANT EXECUTE ON msdb.dbo.sp_delete_job TO

VC_ADMIN_ROLE

GRANT EXECUTE ON msdb.dbo.sp_add_jobstep TO

VC_ADMIN_ROLE

GRANT EXECUTE ON msdb.dbo.sp_update_job TO

VC_ADMIN_ROLE

GRANT EXECUTE ON msdb.dbo.sp_add_jobserver TO

VC_ADMIN_ROLE

GRANT EXECUTE ON msdb.dbo.sp_add_jobschedule TO

VC_ADMIN_ROLE

VMware, Inc. 120

vCenter Server Installation and Setup

Table 3-6. Microsoft SQL Database Permissions for vCenter Server (continued)
Permission Description

GRANT EXECUTE ON msdb.dbo.sp_add_category TO

VC_ADMIN_ROLE

GRANT VIEW SERVER STATE TO [vpxuser] Provides access to SQL Server DMV views and sp_lock
execution.

GRANT VIEW ANY DEFINITION TO [vpxuser] Necessary for providing the user with the privileges to see
metadata for SQL Server objects.

Table 3-7. Oracle Database Permissions for vCenter Server

Permission Description

GRANT CONNECT TO VPXADMIN Necessary for connecting to the Oracle database.

GRANT RESOURCE TO VPXADMIN Necessary for creating a trigger, sequence, type,

procedure, and so on.
By default, the RESOURCE role has the CREATE
PROCEDURE, CREATE TABLE, and CREATE SEQUENCE
privileges assigned. If the RESOURCE role lacks these
privileges, grant them to the vCenter Server database user.

GRANT CREATE VIEW TO VPXADMIN Necessary for creating a view.

GRANT CREATE SEQUENCE TO VPXADMIN Necessary for creating a sequence.

GRANT CREATE TABLE TO VPXADMIN Necessary for creating a table.

GRANT CREATE MATERIALIZED VIEW TO VPXADMIN Necessary for creating a materialized view.

GRANT EXECUTE ON dbms_lock TO VPXADMIN Necessary for guaranteeing that the vCenter Server
database is used by a single vCenter Server instance.

GRANT EXECUTE ON dbms_job TO VPXADMIN Necessary during installation or upgrade for scheduling
and managing the SQL jobs.
This permission is not required after deployment.

GRANT SELECT ON dba_lock TO VPXADMIN Necessary for determining existing locks on the vCenter
Server database.

GRANT SELECT ON dba_tablespaces TO VPXADMIN Necessary during upgrade for determining the required
disk space.
This permission is not required after deployment.

GRANT SELECT ON dba_temp_files TO VPXADMIN Necessary during upgrade for determining the required
disk space.
This permission is not required after deployment.

GRANT SELECT ON dba_data_files TO VPXADMIN Necessary for monitoring the free space while vCenter
Server is working.

GRANT SELECT ON v_$session TO VPXADMIN View used to determine existing locks on the vCenter
Server database.

GRANT UNLIMITED TABLESPACE TO VPXADMIN Necessary for granting unlimited tablespace permissions to
the vCenter Server database user.

GRANT SELECT ON v_$system_event TO VPXADMIN Necessary for checking log file switches.

GRANT SELECT ON v_$sysmetric_history TO VPXADMIN Necessary for checking the CPU utilization.

VMware, Inc. 121

vCenter Server Installation and Setup

Table 3-7. Oracle Database Permissions for vCenter Server (continued)

Permission Description

GRANT SELECT ON v_$sysstat TO VPXADMIN Necessary for determining the Buffer Cache Hit Ratio.

GRANT SELECT ON dba_data_files TO VPXADMIN Necessary for determining the tablespace utilization.

GRANT SELECT ON v_$loghist TO VPXADMIN Necessary for checking the checkpoint frequency.

The privileges on the master database are used to monitor the vCenter Server database. So that,
for example, if a certain threshold is reached you can see an alert.

Verify That vCenter Server Can Communicate with the Local Database
If your database is on the same machine on which vCenter Server is to be installed, and you
changed the machine name, verify the configuration. Make sure that the vCenter Server DSN is
configured to communicate with the new name of the machine.

Changing the vCenter Server computer name impacts database communication if the database
server is on the same computer with vCenter Server. If you changed the machine name, you can
verify that communication remains intact.

If your database is remote, you can skip this procedure. The name change has no effect on
communication with remote databases.

After you rename the server, verify with your database administrator or the database vendor
that all components of the database are working.

Prerequisites

n Make sure that the database server is running.

n Make sure that the vCenter Server computer name is updated in the domain name service
(DNS).

Procedure

1 Update the data source information, as needed.

2 To test this condition, ping the computer name.

For example, if the computer name is host-1.company.com, run the following command at the
Windows command prompt:

ping host-1.company.com

If you can ping the computer name, the name is updated in DNS.

Results

vCenter Server communication is confirmed. You can continue to prepare other components of
your environment.

VMware, Inc. 122

vCenter Server Installation and Setup

Maintaining a vCenter Server Database

After your vCenter Server database instance and vCenter Server are installed and operational,
perform standard database maintenance processes.

The standard database maintenance processes include the following:

n Monitoring the growth of the log file and compacting the database log file, as needed.

n Scheduling regular backups of the database.

n Backing up the database before any vCenter Server upgrade.

See your database vendor's documentation for specific maintenance procedures and support.

Synchronizing Clocks on the vSphere Network

Unsynchronized clocks can result in authentication problems, which can cause the installation to
fail or prevent the vCenter Server Appliance vmware-vpxd service from starting.

To avoid time synchronization issues, ensure that the following is correct before installing,
migrating, or upgrading a vCenter Server Appliance.

n The target ESXi host where the destination vCenter Server Appliance is to be deployed is
synchronized to NTP.

n The ESXi host running the source vCenter Server Appliance is synchronized to NTP.

n When upgrading or migrating, if the vCenter Server Appliance is connected to an external

Platform Services Controller, ensure the ESXi host running the external Platform Services
Controller is synchronized to NTP.

n If you are upgrading or migrating, verify that the source vCenter Server or vCenter Server
Appliance and external Platform Services Controller have the correct time.

Verify that any Windows host machine on which vCenter Server runs is synchronized with the
Network Time Server (NTP) server. See Knowledge Base article KB 1318.

To synchronize ESXi clocks with an NTP server, you can use the VMware Host Client. For
information about editing the time configuration of an ESXi host, see vSphere Single Host
Management.

VMware, Inc. 123

vCenter Server Installation and Setup

To learn how to edit time configuration for a host, see "Edit Time Configuration for a Host" in
vCenter Server and Host Management.

Using a User Account for Running vCenter Server

You can use the Microsoft Windows built-in system account or a user account to run vCenter
Server. With a user account, you can enable Windows authentication for SQL Server, and it
provides more security.

The user account must be an administrator on the local machine. In the installation wizard, you
specify the account name as DomainName\Username. You must configure the SQL Server
database to allow the domain account access to SQL Server.

The Microsoft Windows built-in system account has more permissions and rights on the server
than the vCenter Server system needs, which can contribute to security problems.

Important If the vCenter Server service is running under the Microsoft Windows built-in system
account, when using Microsoft SQL Server, vCenter Server supports only DSNs with SQL Server
authentication.

For SQL Server DSNs configured with Windows authentication, use the same user account for
the VMware VirtualCenter Management Webservices service and the DSN user.

If you do not plan to use Microsoft Windows authentication for SQL Server or you are using an
Oracle database, you might still want to set up a local user account for the vCenter Server
system. The only requirement is that the user account is an administrator on the local machine
and the account must be granted the Log on as a service privilege.

Note Starting with vSphere 6.5, the vCenter Server services are not standalone services under
Windows SCM, instead they run as child processes of the VMware Service Lifecycle Manager
service.

Installing vCenter Server on IPv6 Machines

Starting with vSphere 6.5, vCenter Server supports mixed IPv4 and IPv6 environments.

You can connect vCenter Server with an IPv4 address to vCenter Server with an IPv6 address.
When you install vCenter Server with an IPv6 address, use the fully qualified domain name
(FQDN) or host name of the machine on which you install vCenter Server. When you install
vCenter Server with an IPv4 address, the best practice is to use the fully qualified domain name
(FQDN) or host name of the machine on which you install vCenter Server, because the IP address
can change if assigned by DHCP.

VMware, Inc. 124

vCenter Server Installation and Setup

Running the vCenter Server Installer from a Network Drive

You can run the vCenter Server installer from a network drive, but you cannot install the software
on a network drive.

In Windows, you can run the installers from the network drive and install the software on the
local machine.

Required Information for Installing vCenter Server or

Platform Services Controller on Windows
When you install vCenter Server with an embedded Platform Services Controller, Platform
Services Controller, or vCenter Server with an external Platform Services Controller, the wizard
prompts you for the installation information. It is a best practice to keep a record of the values
that you entered in case you must reinstall the product.

You can use this worksheet to record the information that you need for the installation of vCenter
Server with an embedded Platform Services Controller, Platform Services Controller, or vCenter
Server with an external Platform Services Controller.

Table 3-8. Required Information for Installing vCenter Server or Platform Services Controller on
Windows
Required for Required Information Default Your Entry

All deployment types System name of the local system -

A system name to use for managing the local system.
The system name must be an FQDN. If a DNS is not
available, provide a static IP address.

n vCenter Server with an Name for the new vCenter Single Sign-On domain vsphere.loc
embedded Platform al
Services Controller
User name administrat You cannot change
n Platform Services
or the default user
Controller as the first
name during
instance in a new
installation.
domain
Password for the vCenter Single Sign-On administrator -
account
The password must be at least 8 characters, but no
more than 20 characters in length.
The password must conform to the following
requirements:
n Must contain at least one uppercase letter.
n Must contain at least one lowercase letter.
n Must contain at least one number.
n Must contain at least one special character, such
as ampersand (&), hash key (#), and percent sign
(%).

Site name Default-

A name for the vCenter Single Sign-On site. First-Site

VMware, Inc. 125

vCenter Server Installation and Setup

Table 3-8. Required Information for Installing vCenter Server or Platform Services Controller on
Windows (continued)
Required for Required Information Default Your Entry

n vCenter Server with an FQDN or IP address of the Platform Services -

external Platform Controller instance that you want to join
Services Controller You must join a Platform Services Controller instance
n Platform Services of the same version.
Controller as a
HTTPS port of the Platform Services Controller 443
subsequent instance in
instance
an existing domain
Password of the vCenter Single Sign On administrator -
user for the domain

vCenter Single Sign-On site name -

You can join an existing site or create a new site.

n vCenter Server with an vCenter Server service account information Windows

embedded Platform Can be the Windows local system account or a user local
Services Controller service account. system
n vCenter Server with an account
Note Starting with vSphere 6.5, the vCenter Server
external Platform
services run as child processes of the VMware Service
Services Controller
Lifecycle Manager service.

Account user name -

Only if you use a user service account

Account password -
Only if you use a user service account

n vCenter Server with an vCenter Server database embedded

embedded Platform Can be the embedded VMware Postgres database or Postgres
Services Controller an existing external database database
n vCenter Server with an
Data source name (DSN) -
external Platform
Services Controller Only if you use an existing external database. Leading
and trailing spaces are not supported. Remove spaces
from the beginning or end of the DSN.

Database user name -

Only if you use an existing external database. Non-
ASCII characters are not supported.

Database password -
Only if you use an existing external database.

All deployment types HTTP port 80

HTTPS port 443

Syslog Service port 514

Syslog Service TLS port 1514

VMware, Inc. 126

vCenter Server Installation and Setup

Table 3-8. Required Information for Installing vCenter Server or Platform Services Controller on
Windows (continued)
Required for Required Information Default Your Entry

n vCenter Server with an Secure Token Service port 7444

embedded Platform
Services Controller
n Platform Services
Controller

n vCenter Server with an Auto Deploy Management port 6502

embedded Platform
Auto Deploy Service port 6501
Services Controller
n vCenter Server with an ESXi Dump Collector port 6500
external Platform
ESXi Heartbeat port 902
Services Controller
vSphere Web Client port 9443

All deployment types Destination folder n The

n The folder in which to install vCenter Server or default
Platform Services Controller installat
ion
n The folder in which to store data for vCenter
folder
Server or Platform Services Controller
is
The installation paths cannot contain non-ASCII
C:\Pro
characters, commas (,), periods (.), exclamation points
gram
(!), pound signs (#), at signs (@), or percentage signs
Files
(%).
\VMwar
e.
n The
default
folder
for data
storage
is
C:\Pro
gramDa
ta
\VMwar
e.

n vCenter Server with an Join or do not participate in the VMware Customer Join the
embedded Platform Experience Improvement Program (CEIP) CEIP
Services Controller For information about the CEIP, see the Configuring
n Platform Services Customer Experience Improvement Program section in
Controller vCenter Server and Host Management.

Installing vCenter Server and Platform Services Controller

on Windows
You can install vCenter Server with an embedded Platform Services Controller, Platform Services
Controller, or vCenter Server with an external Platform Services Controller on a Windows virtual
or physical machine.

VMware, Inc. 127

vCenter Server Installation and Setup

You download the vCenter Server installer ISO file, mount it to the Windows host machine on
which you want to perform the installation, start the installation wizard, and provide the inputs
that required for the installation and setup.

Before installing vCenter Server that uses an external database, you must prepare your
database. See Preparing vCenter Server Databases for Install.

Install vCenter Server with an Embedded Platform Services

Controller on Windows
You can deploy vCenter Server, the vCenter Server components, and the Platform Services
Controller on one virtual machine or physical server.

After you deploy vCenter Server with an embedded Platform Services Controller, you can
reconfigure your topology and switch to vCenter Server with an external Platform Services
Controller. This is a one-way process after which you cannot switch back to vCenter Server with
an embedded Platform Services Controller. You can repoint the vCenter Server instance only to
an external Platform Services Controller that is configured to replicate the infrastructure data
within the same domain.

Figure 3-1. vCenter Server with an Embedded Platform Services Controller

Virtual Machine or Physical Server

Platform Services
Controller

vCenter Server

Prerequisites

n Verify that your system meets the minimum software and hardware requirements. See
vCenter Server for Windows Requirements.

n Download the vCenter Server Installer for Windows.

n If you want to use the vSphere Web Client on the host machine on which you install vCenter
Server, verify that Adobe Flash Player version 11.9 or later is installed on the system.

Procedure

1 In the software installer directory, double-click the autorun.exe file to start the installer.

2 Select vCenter Server for Windows and click Install.

VMware, Inc. 128

vCenter Server Installation and Setup

3 Follow the prompts of the installation wizard to review the welcome page and accept the
license agreement.

4 Select vCenter Server and Embedded Platform Services Controller, and click Next.

5 Enter the system network name, preferably an FQDN, and click Next.

You can also enter an IP address. If you enter an IP address, provide a static IP address.

Important Make sure the FQDN or IP address that you provide does not change. The
system name cannot be changed after deployment. If the system name changes, you must
uninstall vCenter Server and install it again.

6 Set up the new vCenter Single Sign-On domain and click Next.

a Enter the domain name, for example vsphere.local.

b Set the password for the vCenter Single Sign-On administrator account.

This is the password for the user administrator@your_domain_name. After installation,

you can log in to vCenter Single Sign-On and to vCenter Server as
adminstrator@your_domain_name.

7 Select the vCenter Server service account and click Next.

Note Starting with vSphere 6.5, the vCenter Server services are not standalone services
under Windows SCM, instead they run as child processes of the VMware Service Lifecycle
Manager service.

Option Description

Use Windows Local System Account The vCenter Server service runs in the Windows Local System account.
This option prevents you from connecting to an external database by using
Windows integrated authentication.

Specify a user service account The vCenter Server service runs in an administrative user account with a
user name and password that you provide.

Important The user credentials that you provide must be of a user who is in
the local administrator group and who has the Log on as a service privilege.

8 Select the type of database that you want to use and click Next.

Option Description

Use an embedded database vCenter Server uses the embedded PostgreSQL database. This database is
(PostgreSQL) suitable for small scale deployments.

Use an external database vCenter Server uses an existing external database.

a Select your database from the list of available DSNs.
b Type the user name and the password for the DSN.
If your database uses Windows NT authentication, the user name and
password text boxes are disabled.

VMware, Inc. 129

vCenter Server Installation and Setup

9 For each component, accept the default port numbers, or if another service is using the
defaults, enter alternative ports, and click Next.

Make sure that ports 80 and 443 are free and dedicated, so that vCenter Single Sign-On can
use these ports. Otherwise, use custom ports during installation.

10 (Optional) Change the default destination folders and click Next.

Important Do not use folders that end with an exclamation mark (!).

11 Review the VMware Customer Experience Improvement Program (CEIP) page and choose if
you want to join the program.

For information about the CEIP, see the Configuring Customer Experience Improvement
Program section in vCenter Server and Host Management.

12 Click Next.

13 Review the summary of the installation settings and click Install to start the installation.

14 (Optional) After the installation finishes, click Launch vSphere Client to start the vSphere
Client and log in to vCenter Server.

15 Click Finish to close the installer.

Results

vCenter Server, the vCenter Server components, and the Platform Services Controller are
installed.

Install a Platform Services Controller on Windows

Before installing vCenter Server with an external Platform Services Controller, you install a
Platform Services Controller. The Platform Services Controller contains the common services,
such as vCenter Single Sign-On and the License service, which can be shared across several
vCenter Server instances.

You can install many Platform Services Controllers of the same version and join them as
replicating partners in the same vCenter Single Sign-On domain. Concurrent installations of
replicating Platform Services Controllers are not supported. You must install the Platform Services
Controllers in the domain in a sequence.

Important If you want to replace the VMCA-signed certificate with a CA-signed certificate, install
the Platform Services Controller first, and then include VMCA in the certificate chain and generate
new certificates from VMCA that are signed by the whole chain. You can then install vCenter
Server. For information about managing vCenter Server certificates, see Platform Services
Controller Administration.

Prerequisites

n Verify that your system meets the minimum software and hardware requirements. See
vCenter Server for Windows Requirements.

VMware, Inc. 130

vCenter Server Installation and Setup

n Download the vCenter Server Installer for Windows.

Procedure

1 In the software installer directory, double-click the autorun.exe file to start the installer.

2 Select vCenter Server for Windows and click Install.

3 Follow the prompts of the installation wizard to review the welcome page and accept the
license agreement.

4 Select Platform Services Controller and click Next.

5 Enter the system name, preferably an FQDN, and click Next.

You can also enter an IP address. If you enter an IP address, provide a static IP address.

Important When you provide an FQDN or an IP address as the system name of the Platform
Services Controller, make sure that the FQDN or IP address does not change. If the FQDN or
IP address of the host machine changes, you have to reinstall the Platform Services Controller
and the vCenter Server instances registered with it. The FQDN or IP address of the Platform
Services Controller is used to generate an SSL certificate for the Platform Services Controller
host machine.

6 Create a new vCenter Single Sign-On domain or join an existing domain.

Option Description

This is the password for the user administrator@your_domain_name.

c Confirm the administrator password, and click Next.

7 Click Next.

VMware, Inc. 131

vCenter Server Installation and Setup

8 For each component, accept the default port numbers, or if another service is using the
defaults, enter alternative ports, and click Next.

Make sure that ports 80 and 443 are free and dedicated, so that vCenter Single Sign-On can
use these ports. Otherwise, use custom ports during installation.

9 (Optional) Change the default destination folders and click Next.

Important Do not use folders that end with an exclamation mark (!).

10 Review the VMware Customer Experience Improvement Program (CEIP) page and choose if
you want to join the program.

For information about the CEIP, see the Configuring Customer Experience Improvement
Program section in vCenter Server and Host Management.

11 Review the summary of the installation settings and click Install to start the installation.

12 After the installation completes, click Finish to close the i nstaller.

Results

The Platform Services Controller is installed.

What to do next

Install vCenter Server on another Windows virtual machine or physical server and register
vCenter Server and the vCenter Server components to the Platform Services Controller.

Install vCenter Server with an External Platform Services Controller

on Windows
After you install a Platform Services Controller on a Windows host machine, or deploy a Platform
Services Controller appliance, you can install vCenter Server and the vCenter Server components
and connect the vCenter Server instance to the deployed Platform Services Controller.

Prerequisites

n Verify that your system meets the minimum software and hardware requirements. See
vCenter Server for Windows Requirements.

n Download the vCenter Server Installer for Windows.

n If you want to use the vSphere Web Client on the host machine on which you install vCenter
Server, verify that Adobe Flash Player version 11.9 or later is installed on the system.

Procedure

1 In the software installer directory, double-click the autorun.exe file to start the installer.

2 Select vCenter Server for Windows and click Install.

3 Follow the prompts of the installation wizard to review the welcome page and accept the
license agreement.

VMware, Inc. 132

vCenter Server Installation and Setup

4 Select vCenter Server and click Next.

5 Enter the system network name, preferably a static IP address, and click Next.

Important The name that you type is encoded in the SSL certificate of the system. The
components communicate with each other by using this name. The system name must be
either a static IP address or a fully qualified domain name (FQDN). Make sure that the system
name does not change. You cannot change the system name after the installation completes.

6 Provide the system name of the Platform Services Controller that you already installed or
deployed, the HTTPS port to use for communication with the vCenter Single Sign-On server,
as well as the vCenter Single Sign-On password, and click Next.

Important Make sure that you use either the IP address or the FQDN that you provided
during the installation of the Platform Services Controller. If you provided the FQDN as a
system name of the Platform Services Controller, you cannot use an IP address, and the
reverse. When a service from vCenter Server connects to a service running in the Platform
Services Controller, the certificate is verified. If the IP address or FQDN changes, the
verification fails and vCenter Server cannot connect to the Platform Services Controller.

7 Approve the certificate provided by the remote machine.

8 Select the vCenter Server service account and click Next.

Note Starting with vSphere 6.5, the vCenter Server services are not standalone services
under Windows SCM, instead they run as child processes of the VMware Service Lifecycle
Manager service.

Option Description

Specify a user service account The vCenter Server service runs in an administrative user account with a
user name and password that you provide.

Important The user credentials that you provide must be of a user who is in
the local administrator group and who has the Log on as a service privilege.

VMware, Inc. 133

vCenter Server Installation and Setup

9 Select the type of database that you want to use and click Next.

Option Description

Use an embedded database vCenter Server uses the embedded PostgreSQL database. This database is
(PostgreSQL) suitable for small scale deployments.

Use an external database vCenter Server uses an existing external database.

10 For each component, accept the default port numbers, or if another service is using the
defaults, enter alternative ports, and click Next.

11 (Optional) Change the default destination folders and click Next.

Important Do not use folders that end with an exclamation mark (!).

12 Review the summary of the installation settings and click Install to start the installation.

13 (Optional) After the installation finishes, click Launch vSphere Client to start the vSphere
Client and log in to vCenter Server.

14 Click Finish to close the installer.

Results

vCenter Server is installed in evaluation mode. You can activate vCenter Server by using the
vSphere Web Client. For information about activating vCenter Server, see vCenter Server and
Host Management.

Installing vCenter Server in an Environment with Multiple NICs on

Windows
If you want to install vCenter Server with an external Platform Services Controller in an
environment with multiple NICs, you must keep a record of the IP addresses or FQDNs that you
use as system network names.

For example, if you want to install a Platform Services Controller on one virtual machine and
vCenter Server on another virtual machine and each virtual machine has two NICs, you can use
the following workflow:

1 Install a Platform Services Controller on one of the virtual machines and use one of its IP
addresses or FQDNs as a system network name.

2 On the other virtual machine, start the installation of vCenter Server and use one of its IP
addresses or FQDNs as a system network name.

3 When prompted to provide the system network name of the Platform Services Controller,
enter the IP address or FQDN that you entered during the installation of the Platform Services
Controller.

VMware, Inc. 134

vCenter Server Installation and Setup

If you enter the other IP address or FQDN of the Platform Services Controller, you receive an
error message.

4 After the installation completes, you can log in to the vSphere Client by using either of the
NIC IP addresses or FQDNs of vCenter Server.

VMware, Inc. 135

File-Based Backup and Restore of
vCenter Server Appliance 4
The vCenter Server Appliance supports a file-based backup and restore mechanism that helps
you to recover your environment after failures.

In vSphere 6.7, you can use the vCenter Server Appliance Management Interface to create a file-
based backup of the vCenter Server Appliance and Platform Services Controller appliance. After
you create the backup, you can restore it by using the GUI installer of the appliance.

You use the vCenter Server Appliance Management Interface to perform a file-based backup of
the vCenter Server core configuration, inventory, and historical data of your choice. The backed-
up data is streamed over FTP, FTPS, HTTP, HTTPS, NFS, SCP or SMB to a remote system. The
backup is not stored on the vCenter Server Appliance.

You can perform a file-based restore only for a vCenter Server Appliance that you have
previously backed up by using the vCenter Server Appliance Management Interface. You can
perform such restore operation by using the GUI installer of the vCenter Server Appliance. The
process consists of deploying a new vCenter Server Appliance and copying the data from the
file-based backup to the new appliance.

You can also perform a restore operation by deploying a new vCenter Server Appliance and
using the vCenter Server Appliance management interface to copy the data from the file-based
backup to the new appliance.

Important If you back up a vCenter Server Appliance High Availability cluster, the backup
operation only backs up the primary vCenter Server instance. Before restoring a vCenter Server
Appliance High Availability cluster, you must power off the active, passive, and witness nodes.
The restore operation restores the vCenter Server in non-vCenter Server High Availability mode.
You must reconstruct the cluster after the restore operation completes successfully.

This chapter includes the following topics:

n Considerations and Limitations for File-Based Backup and Restore

n Schedule a File-Based Backup

n Manually Back up a vCenter Server Appliance by Using the vCenter Server Appliance
Management Interface

n Restore a vCenter Server Appliance from a File-Based Backup

VMware, Inc. 136

vCenter Server Installation and Setup

Considerations and Limitations for File-Based Backup and

Restore
When you backup or restore a vCenter Server environment, take into account these
considerations and limitation.

Protocols
The following considerations apply to file-based backup and restore protocols:

n FTP and HTTP are not secure protocols

n Backup servers must support minimum of 10 simultaneous connections for each vCenter
Server Appliance

n You must have write permissions for upload and read permissions for download

n Only explicit mode is supported for FTPS

n If you use HTTP or HTTPS, you must enable WebDAV on the backup Web server

n You can use only FTP, FTPS, HTTP, or HTTPS to transmit data through an HTTP proxy server

n You can use IPv4 and IPv6 URLs in file-based backup and restore of a vCenter Server
Appliance. Mixed mode of IP versions between the backup server and the vCenter Server
Appliance is unsupported.

n The vCenter Server Appliance GUI installer does not support restore from a backup with NFS
or SMB protocol. To perform a restore from an NFS or SMB protocol, use the vCenter Server
Appliance Management API.

n If you use the SCP protocol to configure a file-based backup, you must use a Linux backup
server. If you try use SCP on your vCenter Server system, and your target server is on
Windows, the operation might fail with an error similar to (!) SCP location is invalid.

Configuration
After a restore, the following configurations revert to the state when the backup was taken.

n Virtual machine resource settings

n Resource pool hierarchy and setting

n Cluster-host membership

n DRS configuration and rules

Storage DRS
If the configuration changes, the following might change after a restore.

n Datastore Cluster configuration

n Datastore Cluster membership

VMware, Inc. 137

vCenter Server Installation and Setup

n Datastore I/O Resource Management (Storage I/O Control) settings

n Datastore-Datacenter membership

n Host-Datastore membership

Distributed Power Management

If you put a host into standby mode after a backup, the vCenter Server might force the host to
exit standby mode when you restore to the backup.

Distributed Virtual Switch

If you use a distributed virtual switch, you are advised to export separately the distributed virtual
switch configuration before you restore to a backup. You can import the configuration after the
restore. If you omit this consideration, you may lose the changes made to a distributed virtual
switch after the backup. For detailed steps, see the VMware knowledge base article at http://
kb.vmware.com/kb/2034602.

Content Libraries
If you delete libraries or items after a backup, you cannot access or use these libraries or items
after the restore. You can only delete such libraries or items. A warning message notifies you that
there are missing files or folders in the storage backup.

If you create new items or item files after the backup, the Content Library Service has no record
of the new items or files after the restore operation. A warning notifies you that extra folders or
files were found on the storage backup.

If you create new libraries after the backup, the Content Library Service has no record of the new
libraries after restore. The library content exists on the storage backing, but no warning is
displayed. You must manually clean the new libraries.

Virtual Machine Life Cycle Operations

n Restoring vCenter Server from a backup that was taken during in-flight relocation operations
in the vCenter Server instance.

After you restore vCenter Server, the vCenter Server view of the virtual machines might be
out of sync with the ESXi view of the virtual machines. This is also true if you performed the
backup during in-flight operations on vCenter Server. If virtual machines disappear after you
restore vCenter Server, you can refer to the following cases.

a The missing virtual machine is located on the destination ESXi host and is registered with
the destination ESXi host, but it is either an orphan or not in the vCenter Server inventory.
You must manually add the virtual machine to the vCenter Server inventory.

b The missing virtual machine is located on the destination ESXi host, but it is not registered
with the destination ESXi host and it is not in the vCenter Server inventory. You must
manually register the virtual machine to the ESXi host and add the virtual machine back to
the vCenter Server inventory.

VMware, Inc. 138

vCenter Server Installation and Setup

c The missing virtual machine is located on the destination ESXi host, but it is not registered
with the destination ESXi host. In the vCenter Server instance, the missing virtual machine
is marked as orphaned. You must remove the virtual machine from the vCenter Server
inventory and add it again.

n Restoring vCenter Server from a backup that has an out-of-date linked clone virtual machine
layout.

If you create a linked clone virtual machine after the backup and you restore vCenter Server
from the old backup, then after the restore, the vCenter Server does not know about the new
linked clone virtual machine until vCenter Server discovers the new linked clone virtual
machine. If you remove all existing virtual machines before the new linked clone virtual
machine is discovered, then the removal of existing virtual machines corrupts the new linked
clone due to missing disks. In order to avoid this, you must wait until all linked clone virtual
machines are discovered by the vCenter Server before you remove virtual machines.

n Restoring vCenter Server from a backup that was taken during virtual machine registration.

If you are registering a virtual machine during the backup and you restore vCenter Server
from the old backup, then after the restore, the virtual machine is marked as orphaned in the
vCenter Server instance. You must manually add the virtual machine to the vCenter Server
inventory.

vSphere High Availability

Restoring vCenter Server from a backup might cause it to rollback to older version for the
vSphere HA cluster state (HostList, ClusterConfiguration, VM protection state) while the hosts in
the cluster have the latest version for the cluster state. You need to make sure the vSphere HA
cluster state stays the same during restore and backup operations. Otherwise, the following
problems might occur.

n If hosts are added or removed to or from the vSphere HA cluster after backup and before
vCenter Server restore, virtual machines could potentially failover to hosts not being
managed by the vCenter Server but are still part of the HA cluster.

n Protection state for new virtual machines is not updated on the vSphere HA agents on the
hosts that are part of the vSphere HA cluster. As a result, virtual machines are not protected
or unprotected.

n New cluster configuration state is not updated on the vSphere HA agents on the hosts that
are part of the vSphere HA cluster.

vCenter High Availability

Restoring vCenter Server requires vCenter HA to be reconfigured.

VMware, Inc. 139

vCenter Server Installation and Setup

Storage Policy Based Management

Restoring vCenter Server from a backup can lead to the following inconsistencies related to
storage policies, storage providers, and virtual machines.

n Registered storage providers after backup are lost.

n Unregistered storage providers after backup re-appear and might show different provider
status.

n Changes, such as create, delete, or update, performed on storage policies after backup are
lost.

n Changes, such as create, delete, or update, performed on storage policy components after
backup are lost.

n Default policy configuration changes for datastores performed after backup are lost.

n Changes in the storage policy association of the virtual machine and its disks, and in their
policy compliance might occur.

Virtual Storage Area Network

Restoring vCenter Server from a backup might cause inconsistencies in the vSAN. For information
on how to check vSAN health, see Administering VMware vSAN.

Patching
Restoring vCenter Server from a backup might result in missing security patches. You must apply
them again after the restore is complete. For information on patching the vCenter Server
Appliance, see vSphere Upgrade.

Schedule a File-Based Backup

You can schedule file-based backups in vSphere 6.7. You can set up a schedule that is used to
perform periodic backups.

The schedule can be set up with information about the backup location, recurrence, and
retention for the backups.

You can only set up one schedule at a time.

Prerequisites

n You must have a FTP, FTPS, HTTP, HTTPS, NFS, SCP or SMB server up and running with
sufficient disk space to store the backup.

Procedure

1 In a Web browser, go to the vCenter Server Appliance Management Interface, https://

appliance-IP-address-or-FQDN:5480.

2 Log in as root.

VMware, Inc. 140

vCenter Server Installation and Setup

3 In the vCenter Server Appliance Management Interface, click Backup.

4 Click Configure to set up a backup schedule.

5 Enter the backup location details.

Option Description

Backup location Enter the backup location, including the protocol to use to connect to your
backup server, the port, the server address, and backup folder to store the
backup files.
Use one of the following protocols: FTP, FTPS, HTTP, HTTPS, NFS, SCP or
SMB.
For FTP, FTPS, HTTP, or HTTPS the path is relative to the home directory
configured for the service.

Backup server credentials Enter a user name and password of a user with write privileges on the
backup server.

6 Set the schedule recurrence and time for the backup.

The recurrence can be set daily, weekly, or you can customize the schedule to run the
backup on a specific day or days of the week. You can specify the time of day to run the
backup. The default time is 11:59pm.

7 (Optional) Enter an Encryption Password if you want to encrypt your backup file.

If you select to encrypt the backup data, you must use the encryption password for the
restore procedure.

8 Select Retain all backups or enter the number of backups to retain.

The retention information provides the number of backups to retain for a given vCenter
Server.

9 (Optional) Select Stats, Events, and Tasks to back up additional historical data from the
database.

10 Click Create.

The backup schedule information is populated in the Backup page.

Results

The complete and in progress backups are listed under Activity.

What to do next

You can perform an immediate backup with the existing schedule information by selecting Use
backup location and user name from backup schedule from the backup schedule on the Backup
Now dialog box.

VMware, Inc. 141

vCenter Server Installation and Setup

Manually Back up a vCenter Server Appliance by Using the

vCenter Server Appliance Management Interface
You can use the vCenter Server Appliance Management Interface to back up the vCenter Server
instance. You can select whether to include historical data, such as stats, events, and tasks, in the
backup file.

Note The backup operation for a vCenter High Availability cluster, backs up only the active
node.

Prerequisites

n You must have an FTP, FTPS, HTTP, HTTPS, NFS, SCP or SMB server up and running with
sufficient disk space to store the backup.

Procedure

1 In a Web browser, go to the vCenter Server Appliance Management Interface, https://

appliance-IP-address-or-FQDN:5480.

2 Log in as root.

3 In the vCenter Server Appliance Management Interface, click Backup.

The table under Activity displays the most current backup version taken of the vCenter
Server.

4 Click Backup Now.

The Backup Appliance wizard opens.

5 (Optional) Select Use backup location and user name from backup schedule to use the
information from a scheduled backup.

6 Enter the backup location details.

Option Description

Backup server credentials Enter a user name and password of a user with write privileges on the
backup server.

Note Username and password should only contain ASCII characters.

VMware, Inc. 142

vCenter Server Installation and Setup

7 (Optional) Enter an Encryption Password if you want to encrypt your backup file.

If you select to encrypt the backup data, you must use the encryption password for the
restore procedure.

8 (Optional) Select Stats, Events, and Tasks to back up additional historical data from the
database.

9 (Optional) In the Description text box, enter a description of the backup.

10 Click Start to begin the backup process.

Results

The complete and in progress backups are listed under Activity.

Restore a vCenter Server Appliance from a File-Based

Backup
You can use the vCenter Server Appliance GUI installer to restore a vCenter Server Appliance to
an ESXi host or a vCenter Server instance. The restore procedure has two stages. The first stage
deploys a new vCenter Server Appliance. The second stage populates the newly deployed
vCenter Server Appliance with the data stored in the file-based backup.

Note The vCenter Server Appliance GUI installer does not support restore from a backup with
NFS or SMB protocol. To perform a restore from an NFS or SMB protocol, use the vCenter Server
Appliance Management API.

VMware, Inc. 143

vCenter Server Installation and Setup

Figure 4-1. vCenter Server Appliance Restore Workflow

Perform a file-based restore of a Platform Services Controller only when the last Platform
Services Controller in the domain fails. If there are other Platform Services Controller instances in
the same vCenter Single Sign-On domain, deploy a new Platform Services Controller instance and
join it to the existing Single Sign-On domain.

VMware, Inc. 144

vCenter Server Installation and Setup

Figure 4-2. Platform Services Controller Appliance Restore Workflow

Prerequisites

n Verify that your system meets the minimum software and hardware requirements. See
System Requirements for the vCenter Server Appliance and Platform Services Controller
Appliance.

VMware, Inc. 145

vCenter Server Installation and Setup

n If the vCenter Server instance is part of a vCenter High Availability cluster, you must power
off the active, passive, and witness nodes of the cluster before restoring the vCenter Server.

Procedure

1 Stage 1 - Deploy a New Appliance

In stage 1 of the restore process, you deploy the OVA file, which is included in the vCenter
Server Appliance GUI installer.

2 Stage 2 - Transfer Data to the Newly Deployed Appliance

After the OVA deployment finishes, you are redirected to stage 2 of the restore process in
which the data from the backup location is copied to the newly deployed vCenter Server
Appliance.

Stage 1 - Deploy a New Appliance

In stage 1 of the restore process, you deploy the OVA file, which is included in the vCenter Server
Appliance GUI installer.

As an alternative to performing the first stage of the restore with the GUI installer, you can
deploy the OVA file of the new vCenter Server Appliance or Platform Services Controller
appliance by using the vSphere Client. After the OVA deployment, you must log in to the
appliance management interface of the newly deployed appliance to proceed with the second
stage of the restore process. See "Deploy an OVF or OVA Template" in vSphere Virtual Machine
Administration for information about deploying an OVA file using the vSphere Client.

Prerequisites

n Download and mount the vCenter Server Appliance installer. See Download and Mount the
vCenter Server Appliance Installer.

Note If you are restoring a backup from a product that has a vCenter Server product patch
applied, you must download the ISO of that particular patch. See https://my.vmware.com/
group/vmware/patch to search for the vCenter Server product patch. If you cannot locate
the patch, search the VMware patch portal at http://www.vmware.com/patchmgr/
download.portal.

n If you plan to restore the vCenter Server Appliance on an ESXi host, verify that the target
ESXi host is not in lockdown or maintenance mode.

n If you plan to restore the vCenter Server Appliance on a DRS cluster of a vCenter Server
inventory, verify that the cluster contains at least one ESXi host that is not in lockdown or
maintenance mode.

n If you plan to assign a static IP address to the appliance, verify that you have configured the
forward and reverse DNS records for the IP address.

n If you are attempting to restore a vCenter Server instance that is still running, power off the
backed up vCenter Server before you start the restore operation.

VMware, Inc. 146

vCenter Server Installation and Setup

Procedure

1 In the vCenter Server Appliance installer, navigate to the vcsa-ui-installer directory, go to

the subdirectory for your operating system, and run the installer executable file.

n For Windows OS, go to the win32 subdirectory, and run the installer.exe file.

n For Linux OS, go to the lin64 subdirectory, and run the installer file.

n For Mac OS, go to the mac subdirectory, and run the Installer.app file.

2 On the Home page, click Restore.

3 Review the Introduction page to understand the restore process and click Next.

4 Read and accept the license agreement, and click Next.

5 On the Enter backup details page, enter the details of the backup file that you want to
restore, and click Next.

Option Description

Backup location Enter the server address and backup folder where the backup files are
stored. Specify the protocol to use to retrieve the backup from your backup
server. You can select HTTPS, HTTP, FTPS, FTP, or SCP.
You can also enter the IP address or hostname of the backup server and
browse for the location of the backup folder.

Note If you enter the incorrect version of a backup, a warning provides the
information required to download the correct version.

User name Enter the user name of a user with read privileges on the backup server.

Password Enter the password of the user with read privileges on the backup server.

6 Review the backup information, and click Next.

VMware, Inc. 147

vCenter Server Installation and Setup

7 Connect to the ESXi host or vCenter Server on which you want to deploy the vCenter Server
Appliance to use for the restore operation.

Option Steps

You can connect to an 1 Enter the FQDN or IP address of the ESXi host.
ESXi host on which to 2 Enter the HTTPS port of the ESXi host.
deploy the appliance to 3 Enter the user name and password of a user with administrative privileges on the
use for the restore ESXi host, for example, the root user.
operation.
4 Click Next.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate
that is installed on the target ESXi host, and click Yes to accept the certificate
thumbprint.

You can connect to a 1 Enter the FQDN or IP address of the vCenter Server instance.
vCenter Server instance 2 Enter the HTTPS port of the vCenter Server instance.
and browse the 3 Enter the user name and password of user with vCenter Single Sign-On
inventory to select an administrative privileges on the vCenter Server instance, for example, the
ESXi host or DRS cluster administrator@your_domain_name user.
on which to deploy the
4 Click Next.
appliance to use for the
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate
restore operation.
that is installed on the target vCenter Server instance, and click Yes to accept the
certificate thumbprint.
6 Select the data center or data center folder that contains the ESXi host or DRS
cluster on which you want to deploy the appliance, and click Next.

8 Accept the certificate warning.

9 Enter a name for the vCenter Server Appliance, set up the password for the root user, and
click Next.

10 Select the deployment size for the new vCenter Server Appliance depending on the size of
your vSphere inventory.

Deployment Size Option Description

Tiny Deploys an appliance with 2 CPUs and 10 GB of memory.

Suitable for environments with up to 10 hosts or 100 virtual machines

Small Deploys an appliance with 4 CPUs and 16 GB of memory.

Suitable for environments with up to 100 hosts or 1,000 virtual machines

Medium Deploys an appliance with 8 CPUs and 24 GB of memory.

Suitable for environments with up to 400 hosts or 4,000 virtual machines

Large Deploys an appliance with 16 CPUs and 32 GB of memory.

Suitable for environments with up to 1,000 hosts or 10,000 virtual machines

X-Large Deploys an appliance with 24 CPUs and 48 GB of memory.

Suitable for environments with up to 2,000 hosts or 35,000 virtual machines

VMware, Inc. 148

vCenter Server Installation and Setup

11 Select the storage size for the new vCenter Server Appliance, and click Next.

Important You must consider the storage size of the appliance that you are restoring.

Default Deploys an Deploys an Deploys an Deploys an Deploys an

appliance with appliance with appliance with 525 appliance with appliance with
300 GB of 340 GB of GB of storage. 740 GB of 1180 GB of
storage. storage. storage. storage.

Large Deploys an Deploys an Deploys an Deploys an Deploys an

appliance with 825 appliance with appliance with appliance with appliance with
GB of storage. 870 GB of 1025 GB of 1090 GB of 1230 GB of
storage. storage. storage. storage.

X-Large Deploys an Deploys an Deploys an Deploys an Deploys an

appliance with appliance with appliance with appliance with appliance with
1700 GB of 1750 GB of 1905 GB of 1970 GB of 2110 GB of
storage. storage. storage. storage. storage.

12 From the list of available datastores, select the location where all the virtual machine
configuration files and virtual disks will be stored and, optionally, enable thin provisioning by
selecting Enable Thin Disk Mode.

13 On the Configure network settings page review the settings populated from the backup file
of the vCenter Server Appliance.

14 (Optional) Edit the network configuration to match the current network environment where
the vCenter Server Appliance is restored.

15 On the Ready to complete stage 1 page, review the deployment settings for the restored
vCenter Server Appliance and click Finish to start the OVA deployment process.

16 Wait for the OVA deployment to finish, and click Continue to proceed with stage 2 of the
restore process to transfer the data to the newly deployed appliance.

Note If you exit the wizard by clicking Close, you must log in to the vCenter Server
Appliance Management Interface to transfer the data.

Results

The newly deployed vCenter Server Appliance is running on the target server but the data is not
copied from the backup location.

Stage 2 - Transfer Data to the Newly Deployed Appliance

After the OVA deployment finishes, you are redirected to stage 2 of the restore process in which
the data from the backup location is copied to the newly deployed vCenter Server Appliance.

VMware, Inc. 149

vCenter Server Installation and Setup

Procedure

1 Review the introduction to stage 2 of the restore process and click Next.

2 Review the backup details and click Next.

3 If you are restoring a node with enhanced linked mode support for vCenter Server Appliance
with an embedded Platform Services Controller, you are asked to provide the Single Sign-On
credentials. Enter the Single Sign-On user name and password, then click Validate and
Recover.

4 On the Ready to complete page, review the details, click Finish, and click OK to complete
stage 2 of the restore process.

The restore process restarts the vCenter Server Appliance Management Service. You cannot
access the vCenter Server Appliance Management API during the restart.

Important If a restore operation of a vCenter Server Appliance or a Platform Services

Controller appliance VM results with a failure, you must power off and delete the partially
restored VM. After that you can try to restore the VM again.

5 (Optional) After the restore process finishes, click the https://

vcenter_server_appliance_fqdn/ui to go to the vSphere Clientand log in to the vCenter
Server instance in the vCenter Server Appliance, or click the https://
vcenter_server_appliance_fqdn:443 to go to the vCenter Server Appliance Getting Started
page.

6 Click Close to exit the wizard.

You are redirected to the vCenter Server Appliance Getting Started page.

7 If the backed up vCenter node is part of a vCenter High Availability cluster, the last needs to
be reconfigured after the restore operation completes successfully.

For information about how to perform backup and restore operations, see vSphere
Availability.

VMware, Inc. 150

Image-Based Backup and Restore
of a vCenter Server Environment 5
You can use a third-party product that is integrated with VMware vSphere Storage APIs - Data
Protection to back up and restore a virtual machine that contains vCenter Server, a vCenter
Server Appliance, or a Platform Services Controller.

You can perform a full image backup of a virtual machine that contains vCenter Server, a vCenter
Server Appliance, or a Platform Services Controller. The virtual machine must use a fully qualified
domain name (FQDN) with correct DNS resolution, or the hostname must be configured to be an
IP address. If the hostname is configured as an IP address, the IP address cannot be changed.

VMware vSphere Storage APIs - Data Protection is a data protection framework that enables
backup products to perform centralized, efficient, off-host LAN free backup of vSphere virtual
machines. For information about VMware vSphere Storage APIs - Data Protection, see the
VMware Web site. For information about the integration of backup products with VMware
vSphere Storage APIs - Data Protection, contact your backup vendor.

This chapter includes the following topics:

n Considerations and Limitations for Image-Based Backup and Restore

n Restore a vCenter Server Image-based Environment

Considerations and Limitations for Image-Based Backup and

Restore
When you restore a vCenter Server environment, take into account these considerations and
limitations.

Note Restoring a vCenter Server or Platform Services Controller instance with DHCP network
configuration results in changing its IP address. The changed IP address prevents some vCenter
Server services from starting properly. To start all vCenter Server services successfully, after the
restore, you must reconfigure the IP address of the restored vCenter Server or Platform Services
Controller instance to the IP address that the instance was set to when you performed the
backup.

VMware, Inc. 151

vCenter Server Installation and Setup

Synchronizing Clocks with NTP Time Synchronization Prior to

Backup
Before creating a backup of your vCenter Server deployment, verify that all components on the
vSphere network have their clocks synchronized using NTP time synchronization. See
Synchronizing Clocks on the vSphere Network.

Configuration
After a restore, the following configurations revert to the state when the backup was taken.

n Virtual machine resource settings

n Resource pool hierarchy and setting

n Cluster-host membership

n DRS configuration and rules

Storage DRS
If the configuration changes, the following might change after a restore.

n Datastore Cluster configuration

n Datastore Cluster membership

n Datastore I/O Resource Management (Storage I/O Control) settings

n Datastore-Datacenter membership

n Host-Datastore membership

Distributed Power Management

If you put a host into standby mode after a backup, the vCenter Server might force the host to
exit standby mode when you restore to the backup.

Distributed Virtual Switch

VMware, Inc. 152

vCenter Server Installation and Setup

Virtual Machine Life Cycle Operations

n Restoring vCenter Server from a backup that was taken while there are in-flight relocation
operations within the vCenter Server instance.

After you restore vCenter Server, the vCenter Server view of the virtual machines may be out
of sync with the ESXi view of the virtual machines. This is also true if you performed the
backup while there were in-flight operations on vCenter Server. If virtual machines disappear
after you restore vCenter Server, you can refer to the following cases.

a The missing virtual machine is located on the destination ESXi host and is registered with
the destination ESXi host, but it is not in the vCenter Server inventory. You must manually
add the virtual machine to the vCenter Server inventory.

b The missing virtual machine is located on the destination ESXi host, but it is not registered
with the destination ESXi host and it is not in the vCenter Server inventory. You must
manually register the virtual machine to the ESXi and add the virtual machine back to the
vCenter Server inventory.

c The missing virtual machine is located on the destination ESXi host, but it is not registered
with the destination ESXi host. Within the vCenter Server instance, the missing virtual
machine is marked as orphaned. You must remove the virtual machine from the vCenter
Server inventory and add it again.

n Restoring vCenter Server from a backup that has an out of date linked clone virtual machine
layout.

If you create a linked clone virtual machine after the backup and you restore vCenter Server
from the old backup, then after the restore, vCenter Server does not know about the new
linked clone virtual machine until vCenter Server discovers the new linked clone virtual
machine. If you remove all existing virtual machines before the new linked clone virtual
machine is discovered, then the removal of existing virtual machines corrupts the new linked
clone due to missing disks. To avoid this corruption, you must wait until all linked clone virtual
machines get discovered by the vCenter Server before you remove virtual machines.

VMware, Inc. 153

vCenter Server Installation and Setup

vSphere High Availability

Restoring vCenter Server from a backup may cause it to roll back to older version for the
vSphere HA cluster state (HostList, ClusterConfiguration, VM protection state) while the hosts in
the cluster have the latest version for the cluster state. Ensure that the vSphere HA cluster state
stays the same during restore and backup operations. Otherwise, the following potential
problems are present.

n If hosts are added or removed to/from the vSphere HA cluster after backup and before
vCenter Server restore, virtual machines could potentially fail over to hosts not managed by
the vCenter Server but are still part of the HA cluster.

n Protection states for new virtual machines are not updated on the vSphere HA agents on the
hosts which are part of the vSphere HA cluster. As a result, virtual machines are not
protected/unprotected.

n New cluster configuration state is not updated on the vSphere HA agents on the hosts which
are part of the vSphere HA cluster.

vCenter High Availability

Restoring vCenter Server requires vCenter HA to be reconfigured.

Storage Policy Based Management

Restoring vCenter Server from a backup can lead to the following inconsistencies related to
storage policies, storage providers, and virtual machines.

n Registered storage providers after backup are lost.

n Unregistered storage providers after backup reappear and might show different provider
status.

n Changes, such as create, delete, or update, performed on storage policies after backup are
lost.

n Changes, such as create, delete, or update, performed on storage policy components after
backup are lost.

n Default policy configuration changes for datastores performed after backup are lost.

n Changes in the storage policy association of the virtual machine and its disks, and in their
policy compliance might occur.

Virtual Storage Area Network

Restoring vCenter Server from a backup may cause inconsistencies in the vSAN. For information
how to check vSAN health, see Administering VMware vSAN.

VMware, Inc. 154

vCenter Server Installation and Setup

Restore a vCenter Server Image-based Environment

You can use a third-party product that is integrated with VMware vSphere Storage APIs - Data
Protection to restore a virtual machine that contains vCenter Server, vCenter Server Appliance,
or Platform Services Controller.

You can perform an image-based restore of a virtual machine that contains vCenter Server, a
vCenter Server Appliance, or a Platform Services Controller. The virtual machine must use a fully
qualified domain name (FQDN) with correct DNS resolution, or the host name of the machine
must be configured to be an IP address. If the host name is configured as an IP address, the IP
address cannot be changed.

You can restore a virtual machine to the original location by either overwriting the backed up
virtual machine or by creating a new virtual machine that contains the restored vCenter Server,
vCenter Server Appliance, or Platform Services Controller on the same ESXi host. You can also
restore the virtual machine on a new ESXi host.

You can restore a virtual machine that contains vCenter Server or a Platform Services Controller
instance directly on the ESXi host that is running the third-party appliance when the vCenter
Server service becomes unavailable or when you cannot access the third-party user interface by
using the vSphere Client.

Important Restoring virtual machines that have snapshots or that are configured with Fault
Tolerance is unsupported.

VMware, Inc. 155

vCenter Server Installation and Setup

Figure 5-1. vCenter Server Restore Workflow

VMware, Inc. 156

vCenter Server Installation and Setup

Figure 5-2. Platform Services Controller Restore Workflow

Restoring a vCenter Server Instance with an Embedded Platform

Services Controller
Your environment might consist of vCenter Server or a vCenter Server Appliance with an
embedded Platform Services Controller. You can use a third-party product to restore a vCenter
Server environment with an embedded Platform Services Controller.

Important You can back up and restore only virtual machines that contain vCenter Server,
vCenter Server Appliance, and Platform Services Controller. You cannot back up and restore
physical machines that are running vCenter Server by using a third-party product.

VMware, Inc. 157

vCenter Server Installation and Setup

Procedure

1 Restore the vCenter Server virtual machine onto the ESXi host using a third-party solution.

2 Use the service-control --status --all command to verify that the services have started.

Wait for all the vCenter Server services to start, which can take several minutes.

3 Log into the vCenter Server Management Interface, https://appliance-IP-address-or-

FQDN:5480.

4 Run the reconciliation operation and provide the Single Sign-On credentials.

What to do next

Power on the restored virtual machine that contains the restored vCenter Server instance.

Restore a vCenter Server Environment with a Single Platform

Services Controller
Your environment might consist of many vCenter Server instances that are registered with a
single Platform Services Controller. You can use a third-party solution to restore a virtual machine
that contains a Platform Services Controller. You can also use the third-party solution to restore
either virtual machines that contain vCenter Server instances or vCenter Server Appliance
instances that are registered with a single external Platform Services Controller.

If the vCenter Server and Platform Services Controller instances fail at the same time, you must
first restore the Platform Services Controller and then the vCenter Server instance.

Procedure

1 Restore the Platform Services Controller virtual machine onto the ESXi host using a third-
party solution.

Wait for all the Platform Services Controller services to start, which can take several minutes.

2 After the restore succeeds, in the node associated with that Platform Services Controller, run
the following commands.

service-control --stop --all

service-control --start --all

3 Restore the vCenter Server virtual machine onto the ESXi host using a third-party solution.

The services are masked and are not running.

4 Use the systemctl status applmgmt command to verify that the systemd instance of the
applmgmt service has started.

Wait for all the vCenter Server services to start, which can take several minutes.

5 Log into the vCenter Server Management Interface, https://appliance-IP-address-or-

FQDN:5480.

VMware, Inc. 158

vCenter Server Installation and Setup

6 Run the reconciliation operation and provide the Single Sign-On credentials.

Do not unmask any services, and do not run the reconciliation script directly.

What to do next

Power on the restored virtual machine that contains the restored vCenter Server instance.

Restore a vCenter Server Environment with Multiple External

Platform Services Controller Instances
You can use a third-party solution to restore an environment in which the vCenter Server
instances are registered with different Platform Services Controller instances, and in which the
infrastructure data is replicated between the Platform Services Controller instances.

For a vCenter Server with an external Platform Services Controller, you can only restore the last
node in the cluster. If it is not the last node in the cluster, deploy a new Platform Services
Controller node and join the cluster.

For the last Platform Services Controller in the cluster, use the third-party solution to restore the
vCenter Server virtual machine onto the ESXi host. You do not need to perform reconciliation.

Procedure

1 Restore the Platform Services Controller virtual machine onto the ESXi host using a third-
party solution.

Wait for all the Platform Services Controller services to start, which can take several minutes.

2 After the restore succeeds, in the node associated with that Platform Services Controller, run
the following commands.

service-control --stop --all

service-control --start --all

3 Restore the vCenter Server virtual machine onto the ESXi host using a third-party solution.

The services are masked and are not running.

4 Use the systemctl status applmgmt command to verify that the systemd instance of the
applmgmt service has started.

Wait for all the vCenter Server services to start, which can take several minutes.

5 Log into the vCenter Server Management Interface, https://appliance-IP-address-or-

FQDN:5480.

6 Run the reconciliation operation and provide the Single Sign-On credentials.

Do not unmask any services, and do not run the reconciliation script directly.

VMware, Inc. 159

vCenter Server Installation and Setup

What to do next

Power on the restored virtual machine that contains the restored vCenter Server and Platform
Services Controller instances.

Restore a vCenter Enhanced Linked Mode Environment

You can restore a vCenter Enhanced Linked Mode environment with an external using a third-
party solution.

Procedure

1 Restore the vCenter Server virtual machine onto the ESXi host using a third-party solution.

The services are masked and are not yet running.

2 Use the systemctl status applmgmt command to verify that the systemd instance of the
applmgmt service has started.

Wait for all the vCenter Server services to start, which can take several minutes.

3 Log into the vCenter Server Management Interface, https://appliance-IP-address-or-

FQDN:5480.

4 Run the reconciliation operation and provide the Single Sign-On credentials.

Do not unmask any services, and do not run the reconciliation script directly.

5 If you are restoring the last embedded node in a vCenter Enhanced Linked Mode group, run
the reconciliation operation with the ignore_warnings flag selected.

What to do next

Power on the restored virtual machine that contains the restored vCenter Server instance.

VMware, Inc. 160

After You Install vCenter Server or
Deploy the vCenter Server
Appliance
6
After you install vCenter Server or deploy the vCenter Server Appliance, consider these
postinstallation options before adding inventory for the vCenter Server to manage.

For information about configuring the vSphere Authentication Proxy service, see vSphere
Security.

For information about upgrading vCenter Server, see vCenter Server Upgrade.

This chapter includes the following topics:

n Log In to vCenter Server by Using the vSphere Client

n Install the VMware Enhanced Authentication Plug-in

n Collect vCenter Server Log Files

n Repoint vCenter Server to External Platform Services Controller in a Different Domain

n Repoint vCenter Server with Embedded Platform Services Controller to Another vCenter
Server with Embedded Platform Services Controller in a Different Domain

n Repoint vCenter Server to Another External Platform Services Controller in the Same Domain

n Converging vCenter Server with an External Platform Services Controller to a vCenter Server
with an Embedded Platform Services Controller

n Reconfigure a Standalone vCenter Server with an Embedded Platform Services Controller to

a vCenter Server with an External Platform Services Controller

Log In to vCenter Server by Using the vSphere Client

In vSphere 6.5 and later, the vSphere Client is installed as part of the vCenter Server on Windows
or the vCenter Server Appliance deployment. This way, the vSphere Client always points to the
same vCenter Single Sign-On instance.

VMware, Inc. 161

vCenter Server Installation and Setup

Procedure

1 Open a Web browser and enter the URL for your vCenter Server instance:
https://vcenter_server_ip_address_or_fqdn

2 Select Launch vSphere Client (HTML5). To use the vSphere Web Client, select Launch
vSphere Web Client (Flex).

You can instead open a Web browser and enter the URL for the vSphere Client:
https://vcenter_server_ip_address_or_fqdn/ui. To use the vSphere Web Client, enter the
URL: https://vcenter_server_ip_address_or_fqdn/vsphere-client.

3 Enter the credentials of a user who has permissions on vCenter Server, and click Login.

4 If a warning message about an untrusted SSL certificate appears, select the appropriate
action based on your security policy.

Option Action

Ignore the security warning for this Click Ignore.

Ignore the security warning for this Select Install this certificate and do not display any security warnings for
login session, and install the default this server and click Ignore.
certificate so that the warning does Select this option only if using the default certificate does not present a
not appear again. security problem in your environment.

Cancel and install a signed Click Cancel and ensure that a signed certificate is installed on the vCenter
certificate before proceeding. Server system before you attempt to connect again.

5 To log out, click the user name at the top of the vSphere Client window and select Logout.

Results

The vSphere Client connects to all the vCenter Server systems on which the specified user has
permissions, allowing you to view and manage your inventory.

Install the VMware Enhanced Authentication Plug-in

The VMware Enhanced Authentication Plug-in provides Integrated Windows Authentication and
Windows-based smart card functionality.

In the vSphere 6.5 release, the VMware Enhanced Authentication Plug-in replaced the Client
Integration Plug-in from vSphere 6.0 releases and earlier. The Enhanced Authentication Plug-in
provides Integrated Windows Authentication and Windows-based smart card functionality.
These are the only two features carried over from the previous Client Integration Plug-in. The
Enhanced Authentication Plug-in can function seamlessly if you already have the Client
Integration Plug-in installed on your system from vSphere 6.0 or earlier. There are no conflicts if
both plug-ins are installed.

Install the plug-in only once to enable all the functionality the plug-in delivers.

VMware, Inc. 162

vCenter Server Installation and Setup

If you install the plug-in from an Internet Explorer browser, you must first disable Protected Mode
and enable pop-up windows on your Web browser. Internet Explorer identifies the plug-in as
being on the Internet instead of on the local intranet. In such cases, the plug-in is not installed
correctly because Protected Mode is enabled for the Internet.

For information about supported browsers and operating systems, see the vCenter Server
Installation and Setup documentation.

Prerequisites

If you use Microsoft Internet Explorer, disable Protected Mode.

Procedure

1 Open a Web browser and type the URL for the vSphere Client.

2 At the bottom of the vSphere Client login page, click Download Enhanced Authentication
Plug-in.

3 If the browser blocks the installation either by issuing certificate errors or by running a pop-
up blocker, follow the Help instructions for your browser to resolve the problem.

4 Save the plug-in to your computer, and run the executable.

5 Step through the installation wizard for both the VMware Enhanced Authentication Plug-in
and the VMware Plug-in Service which are run in succession.

6 When the installations are complete, refresh your browser.

7 On the External Protocol Request dialog box, click Launch Application to run the Enhanced
Authentication Plug-in.

The link to download the plug-in disappears from the login page.

Collect vCenter Server Log Files

After you install vCenter Server, you can collect the vCenter Server log files for diagnosing and
troubleshooting purposes.

Note This procedure provides information about how to collect the log files for a Windows
installation of vCenter Server. For information about exporting a support bundle and browsing
the log files in the vCenter Server Appliance, see vCenter Server Appliance Configuration.

Procedure

1 Log in as an administrator on the Windows machine where vCenter Server is installed.

2 Navigate to Start > Programs > VMware > Generate vCenter Server log bundle to generate
the log bundle.

You can generate vCenter Server log bundles even if you are unable to connect to the
vCenter Server by using the vSphere Client.

VMware, Inc. 163

vCenter Server Installation and Setup

Results

The log files for the vCenter Server system are generated and saved in a .tgz archive on your
desktop.

Repoint vCenter Server to External Platform Services

Controller in a Different Domain
You can move one vCenter Server to a Platform Services Controller in another vSphere domain.
You can also move all vCenter Servers in one vSphere domain one at a time to another domain,
which provides a way to perform domain consolidation. Services such as tagging, and licensing,
are migrated to the new Platform Services Controller.

In addition to consolidating vSphere domains, you can also split an existing domain. The following
use cases are supported:

n You can move one or more vCenter Server instances that point to separate external Platform
Services Controller to point to a new Platform Services Controller in a different domain.

n You can move one or more vCenter Server instances that point to one external Platform
Services Controller to point to different Platform Services Controller in a different domain.

n You can move a vCenter Server that is part of an embedded Platform Services Controller to
an external Platform Services Controller in a different domain. You must first reconfigure the
node to an external Platform Services Controller node before repointing to a Platform
Services Controller in a different domain.

Prerequisites

n Cross domain repointing is only supported with Platform Services Controller 6.7 and vCenter
Server 6.7.

n Each vCenter Server and vCenter Server node must be in a healthy state.

n To ensure no loss of data, take a snapshot or backup each node before proceeding with
repointing the vCenter Server or Platform Services Controller.

Procedure

1 (Optional) Run the pre-check mode command. The pre-check mode fetches the tagging (tags
and categories) and authorization (roles and privileges) data from the Platform Services
Controller. Conflicts can be checked for tagging and authorization data. Pre-check does not
migrate any data, but checks the conflicts and writes them to a JSON file. For example, run
the pre-check with the following CLI:

cmsso-util domain-repoint --mode pre-check --src-psc-admin source_PSC_admin_userid --dest-psc-

fqdn target_PSC_FQDN --dest-psc-admin target_PSC_admin_userid --dest-domain-name target_FQDN --
dest-vc-fqdn target_vCenter_server

You are prompted for the administrator password.

VMware, Inc. 164

vCenter Server Installation and Setup

The pre-check writes the conflict details to a JSON file with the location provided after pre-
check.

2 (Optional) Edit the conflict file and apply resolutions for all conflicts or apply a separate
resolution for each conflict.

The conflict resolutions are:

n Copy: Create a duplicate copy of the data in the target Platform Services Controller.

n Skip: Skips copying the data in the target Platform Services Controller.

n Merge: Merges the conflict without creating duplicates.

To check conflicts of tag authZ data, you must provide a vCenter Server part of the target
Platform Services Controller or the conflicts are not checked.

3 Run the execute mode command. In the execute mode, the data generated during the pre-
check mode is read from the JSON file and imported to the target Platform Services
Controller. Licensing data is exported from the original Platform Services Controller. Then, the
vCenter Server is repointed to the target Platform Services Controller. For example, run the
execute command with the following:

cmsso-util domain-repoint --mode execute --src-psc-admin Source_PSC_admin_userid --dest-psc-fqdn

target_PSC_FQDN --dest-psc-admin target_PSC_admin_userid --dest-domain-name target_FQDN --dest-
vc-fqdn target_vCenter_server

You are prompted for the administrator password.

Note If you do not run the pre-check command, the data is exported first and then imported
to the target Platform Services Controller. You cannot edit the conflicts during the execute
mode. With the pre-check command, you can look at the conflicts in detail and edit the
conflicts file to provide detailed input on how to handle various conflicts. To avoid any
conflicts, run the pre-check mode first to understand the conflicts and then run in execute
mode.

Check that the tags and categories are migrated and all the required services are up and
running.

Note If the repointing fails, collect the support bundle and revert to the snapshot taken
before this process.

After vCenter Server is repointed to the target Platform Services Controller, the Customer
Experience Improvement Program (CEIP) participation preference is updated to the target
domain preference.

What to do next

If you repointed a vCenter Server Appliance that is configured in a vSphere High Availability
cluster, you can reconfigure the vSphere HA cluster. See vSphere Availability for information
about configuring vSphere HA.

VMware, Inc. 165

vCenter Server Installation and Setup

Solutions or plugins registered with vCenter Server must be registered again after a successful
repoint.

Identity sources must be manually migrated. SSO configuration is not migrated. Users and
policies require manual intervention.

Syntax of the Domain Repoint Command

You can use command arguments to set the execution parameters of the domain repoint
command.

The cmsso-util domain-repoint CLI repoints vCenter Server from one domain to another.

You can add a space-separated list of arguments to the CLI repoint command

Use the following command to repoint a vCenter Server to an external Platform Services
Controller:

cmsso-util domain repoint --mode mode --src-psc-admin source_PSC_admin_userid

--dest-psc-fqdn target_PSC_FQDN --dest-psc-admin target_PSC_admin_userid
--dest-domain-name domain_name_to_repoint --dest-vc-fqdn target_vCenter_server

Use the following command to repoint a vCenter Server with embedded Platform Services
Controller to another embedded node:

cmsso-util domain-repoint -m execute --src-emb-admin Administrator --replication-partner-fqdn FQDN

_of_destination_node --replication-partner-admin destination_node_PSC_Admin_user_name --dest-domain-
name destination_PSC_domain

Argument Description

-m, --mode mode can be pre-check or execute. The pre-check

argument runs the command in pre-check mode. The
execute argument runs the command in execute mode.

-spa, --src-psc-admin SSO administrator user name for the source Platform
Services Controller. Do not append the @domain.

-dpf, --dest-psc-fqdn The FQDN of the Platform Services Controller to repoint.

-dpa, --dest-psc-admin SSO administrator user name for the destination Platform
Services Controller. Do not append @domain.

-ddn, --dest-domain-name SSO domain name of the destination Platform Services

Controller.

-dpr, --dest-psc-rhttps (Optional) HTTPS port for the destination Platform Services
Controller. If not set, the default 443 is used.

VMware, Inc. 166

vCenter Server Installation and Setup

Argument Description

-dvf, --dest-vc-fqdn The FQDN of the vCenter Server pointing to a destination

Platform Services Controller. The vCenter Server is used to
check for component data conflicts in the pre-check mode.
If not provided, conflict checks are skipped and the default
resolution (COPY) is applied for any conflicts found during
the import process.

Note This argument is optional only if the destination

domain does not have a vCenter Server. If a vCenter Server
exists in the destination domain, this argument is
mandatory.

-sea, --src-emb-admin Administrator for the vCenter Server with embedded

Platform Services Controller. Do not append @domain to the
administrator id.

-rpf, --replication-partner-fqdn (Optional) The FQDN of the replication partner node to

which the vCenter Server is replicated. This can be an
embedded vCenter Server node or a Platform Services
Controller node.

-rpr, --replication-partner-rhttps (Optional) The HTTPS port for the replication node. If not
set, the default is 443.

-rpa, --replication-partner-admin (Optional) SSO administrator user name of the replication

partner vCenter Server with embedded Platform Services
Controller.

-dvr, --dest-vc-rhttps (Optional) The HTTPS port for the vCenter Server pointing
to the destination Platform Services Controller. If not set,
the default 443 is used.

--ignore-snapshot (Optional) Ignore snapshot warnings.

--no-check-certs (Optional) Ignore certification validations.

--debug (Optional) Retrieves command execution detail.

-h, --help (Optional) Displays the help message for the cmsso-util
domain repoint command.

Understanding Tagging and Authorization Conflicts

When you run the domain repoint command in pre-check mode, data from the Platform Services
Controller is exported, examined, and conflicts are written to a file.

The following data is exported to the /storage/domain-data/ or ProgramData/VMWare/

vCenterServerdata/domain-data folder:

n All_Privileges.json

n All_Roles.json

n All_TagCategories.json

n All_Tags.json

VMware, Inc. 167

vCenter Server Installation and Setup

These files contain the all the data (Authorization and Tagging) from the vCenter Server on which
this command was run.

If a secondary vCenter Server is provided using the -dvf or --dest-vc-fqdn option, any
conflicts are also exported to the same folder:

n Conflicts_Roles.json

n Conflicts_TagCategories.json

n Conflicts_Tags.json

The following is a sample conflicts file:

<---- Sample Conflict file code block --->

{
"global" : {
"resolution" : "MERGE|SKIP|COPY",
"description" : "Default resolution option used to resolve Role Conflicts is COPY. The
conflicts list describes the differences between Role entities on source and target PSC. If
the source information represents an empty JSON array, it simply means that all the entity
attributes from source and target are identical. If the source lists few entries, it means
that only these entity attributes are missing from the target. If the target lists few entries,
it means that only these entity attributes are missing from the source. Though a global resolution
can be set, it can also be overridden at each conflict level by providing individual resolution
mode."
},
"conflicts-count" : 1,
"conflicts-list" : {
"NoCryptoAdmin" : {
"source" : {
"privileges" : "[]"
},
"target" : {
"privileges" : "[Group-1.SamplePriv-1, Group-1.SamplePriv-4, Group-2.SamplePriv-10,
Group-2.SamplePriv-3, Group-2.SamplePriv-7, Group-3.SamplePriv-2, Group-3.SamplePriv-9]"
},
"resolution" : ""
}
}
<----- End of code block --->

The parts of the sample conflict files are:

n description. Provides the details on how the respective conflicts file is read and understood.

n source and target. JSON objects that list only the differences between the source and target
Platform Services Controller objects.

n resolution. User supplies one valid resolution. Valid resolutions are MERGE, COPY, and SKIP.

To specify the resolution for handling conflicts, you can provide a default resolution option all
conflicts in the "global": "resolution" = "MERGE|SKIP|COPY" section. If you do not provide a valid
global resolution type for resolution or leave it unedited, the system uses COPY as the default
resolution option.

VMware, Inc. 168

vCenter Server Installation and Setup

You can also provide a valid resolution option for each of the conflicts by editing the resolution
property at each conflict level which overrides the global resolution option.

The types of conflicts listed in Table 6-1. Conflict Types.

VMware, Inc. 169

vCenter Server Installation and Setup

Table 6-1. Conflict Types

Properties used to
compare Category Conflicting
Conflict Objects Conflict Types Properties Conflict Resolution Options

Role conflict n name: Name of the RoleName conflict Properties that n COPY. A copy of the
category. occurs while can be conflicting role is created in
n privilegeId: List of importing roles and conflicting for the target Platform Services
privileges for the a role with the same RoleName conflict Controller, with –-copy
role. name exists in the type can be appended to the role name.
target Platform Privileges. The new role is created with
Services Controller a new role ID with the same
but with different set of privilege IDs. The new
privileges. role ID is updated in the
VPX_ACCESS table. The new
role ID is applicable for both
role name conflict and role
ID conflict.

Note

The default resolution option

to resolve Role conflicts is
COPY.
n MERGE.The MERGE option is
resolved in the following
sequence:
a If the source Platform
Services Controller has a
role with the same name
and privilege list as a
role in the target
Platform Services
Controller, but the role
IDs are different, the role
ID from the target
Platform Services
Controller is used and
updated in the
VPX_ACCESS table.
b If the source Platform
Services Controller has a
role with the same name
as a role in the target
Platform Services
Controller, but with a
different privilege list,
then the privilege lists
for both roles are
merged.
n SKIP. Do nothing. The
specific role is skipped.

Tag Category n name: Name of the Only one type of Properties that n COPY. A copy of the
conflict: A category. conflict can be seen can be conflicting category is

VMware, Inc. 170

vCenter Server Installation and Setup

Table 6-1. Conflict Types (continued)

Properties used to
compare Category Conflicting
Conflict Objects Conflict Types Properties Conflict Resolution Options

category name n cardinality: while importing Tag conflicting for created in the target
must be unique Cardinality of Categories, conflict type Platform Services Controller,
in a Platform Category, either CategoryName CategoryName can with –-copy appended to the
Services Single or Multiple. conflict. This be at least one category name. The new
Controller. n associableEntityType conflict indicates of two types: category is created with the
: List of vCenter that a category with Cardinality or same property name as in
Server object that the same name AssociableTypes. the source Platform Services
can be associated exists in the target Controller. All the tags that
with a tag from this Platform Services were present under this
category. A value of Controller but with category is imported under
All indicates all different properties the newly created
vCenter Server (cardinality or CategoryCopy.
objects. associableEntityTyp
Note
e).
The default resolution option
to resolve CategoryName
conflicts is COPY.
n MERGE. Conflicting properties
are merged with the
category that is already
present in the SSO.
Properties are merged as
follows:
a Description. The
description that is
already present is used.
b Cardinality. Cardinality
cannot shrink. If there is
a cardinality conflict, the
cardinality is set to
multiple. It cannot be
reduced to single.
c AssociableTypes.If either
the associableEntityType
values are null, it is set to
null. Otherwise, Objects
types are merged.
n SKIP. Do nothing. All tags are
imported under the
category that exists.

Tags Conflict: A n name Only one type of Properties that n COPY. A copy of the
tag object n description conflict can be seen can be conflicting tag is created in
always belongs while importing conflicting for a the target Platform Services
to a category tags: TagName conflict of type: Controller, with –-copy
Object. A tag conflict. This TagName can be appended to the tag name.
Name must be conflict indicates Description.
unique only that a Tag with the
same name exists

VMware, Inc. 171

vCenter Server Installation and Setup

Table 6-1. Conflict Types (continued)

Properties used to
compare Category Conflicting
Conflict Objects Conflict Types Properties Conflict Resolution Options

vCenter Server Domain Repoint License Considerations

Domain repointing copies license keys to a new domain. Copying the license keys ensures that
valid licensing of all assets is maintained after repointing.

vCenter Server tracks license usage on a per domain basis. If a key is used in more than one
domain, you must ensure that the aggregate use of the key does not exceed its capacity. To
simplify your license management, remove each license copied to a second domain and assign a
new license to assets.

Consider the following two cases:

n License keys that are no longer in use (that is, assigned to assets) in the original domain post
repointing.

n License keys that are in use (that is, assigned to assets) in multiple domains.

License Keys Not in Use in a Domain

If after completing repointing, a license key appears in more than one domain, but is not in use in
some of those domains, you can remove the license key from any domain in which it is not in use.
See "Remove Licenses" in vCenter Server and Host Management for instructions on how to
remove the licenses in vCenter Server.

VMware, Inc. 172

vCenter Server Installation and Setup

License Keys in Use in Multiple Domains

If after completing repointing, a license key is in use (that is, assigned to assets) in more than one
domain, to remove the license key from all but one domain, first a different license key must be
assigned to each asset in domains from which the license key will be removed. Two common
approaches:

n If you have other license keys available with sufficient unused capacity, you might use these
other keys in place of a license key to be removed. See "Assign a License to Multiple Assets"
in vCenter Server and Host Management to assign licenses in vCenter Server.

n You might divide the license keys used in more than one domain into separate license keys,
one for each domain. To divide the license keys, see the VMware knowledge base article at
http://kb.vmware.com/kb/2006972. To determine the capacity to be included in each of the
license keys into which the original is divided, see "Viewing Licensing Information" in vCenter
Server and Host Management to view the usage of the license key in vCenter Server for each
of the domains.

Each of the resulting license keys can then be added to a different domain and assigned in
vCenter Server to assets previously licensed with the original license key. See "Create New
Licenses" in vCenter Server and Host Management to create licenses and "Assign a License
to Multiple Assets" in vCenter Server and Host Management to assign a license to multiple
assets.

After different licenses are assigned to all assets, the original license key, which is no longer
valid, can be removed from all the domains using vCenter Server. See "Remove Licenses"
vCenter Server and Host Management.

Repoint vCenter Server with Embedded Platform Services

Controller to Another vCenter Server with Embedded
Platform Services Controller in a Different Domain
Starting with vSphere 6.7 Update 1, you can move a vCenter Server with an embedded Platform
Services Controller from one vSphere domain to another vSphere domain. Services such as
tagging and licensing are retained and migrated to the new domain.

The following use cases are supported:

n You can migrate a vCenter Server with embedded Platform Services Controller from an
existing domain to an another existing domain with or without replication. The migrated
vCenter Server moves from its current Single Sign-On domain and joins the other existing
domain as another vCenter Server connected via enhanced linked mode.

n See Repoint a Single Embedded Node from One Domain to an Existing Domain for
instructions on repointing a single embedded node from one domain to an existing
domain without a replication partner.

VMware, Inc. 173

vCenter Server Installation and Setup

n See Repoint an Embedded Node from One Domain to an Existing Domain with a
Replication Partner for instructions on repointing an embedded node from one domain to
an existing domain using replication.

n You can migrate a vCenter Server with embedded Platform Services Controller from an
existing domain to a newly created domain (where the migrated vCenter Server is the first
instance). See Repoint an Embedded Node to a New Domain for instructions of this type of
repointing. In this case, there is no replication partner.

Repoint a Single Embedded Node from One Domain to an Existing

Domain
You can repoint a single vCenter Server with an embedded Platform Services Controller from one
Single Sign-On domain to an existing Single Sign-On domain without a replication partner. Each
Single Sign-On domain contains a single vCenter Server.

See Figure 6-1. Repointing a Single vCenter Server with an Embedded Platform Services
Controller from One Domain to an Existing Domain for an example of repointing a single vCenter
Server from one domain to another existing domain. This is one of several ways to create an
Enhanced Linked Mode deployment. In this case, there is no replication.

VMware, Inc. 174

vCenter Server Installation and Setup

Figure 6-1. Repointing a Single vCenter Server with an Embedded Platform Services Controller
from One Domain to an Existing Domain
Before repointing

Node A Node B

Platform Platform
Services Services
Controller Controller

vCenter vCenter
Server Server

Domain1.local Domain2.local

After repointing

Node A Node B

Platform Platform
Services Services
Controller Controller

vCenter vCenter
Server Server

Domain2.local

Represents embedded nodes

connected by enhanced linked mode

Prerequisites

n Embedded repointing is only supported with vCenter Server 6.7 Update 1 and later.

n To ensure no loss of data, take a file-based backup of each node before proceeding with
repointing the vCenter Server.

Procedure

1 Make sure that both embedded nodes are powered on before beginning the repointing
process.

VMware, Inc. 175

vCenter Server Installation and Setup

2 (Optional) Run the pre-check mode command. The pre-check mode fetches the tagging (tags
and categories) and authorization (roles and privileges) data from the vCenter Server. Pre-
check does not migrate any data, but checks for conflicts between the source and
destination vCenter Server. For example, run the pre-check with the following CLI:

cmsso-util domain-repoint -m pre-check --src-emb-admin Administrator --replication-partner-fqdn

FQDN_of_destination_node --replication-partner-admin PSC_Admin_of_destination_node --dest-domain-
name destination_PSC_domain

Note Pre-check is not required if a replication partner does not exist (repointing to a newly
created domain).

See Syntax of the Domain Repoint Command for argument definitions for the cmsso-util
domain-repoint command.

The pre-check writes the conflicts to the /storage/domain-data directory.

3 (Optional) Review the conflicts and apply resolutions for all conflicts or apply a separate
resolution for each conflict.

The conflict resolutions are:

n Copy: Create a duplicate copy of the data in the target domain.

n Skip: Skips copying the data in the target domain.

n Merge: Merges the conflict without creating duplicates.

Note The default resolution mode for Tags and Authorization conflicts is Copy, unless
overridden in the conflict files generated during pre-check.

4 Run the execute command. In execute mode, the data generated during the pre-check mode
is read and imported to the target node. Then, the vCenter Server is repointed to the target
domain. For example, repointing without a replication partner, run the execute command with
the following:

cmsso-util domain-repoint -m execute --src-emb-admin Administrator --replication-partner-fqdn

FQDN_of_destination_node --replication-partner-admin PSC_Admin_of_destination_node --dest-domain-
name destination_PSC_domain

See Syntax of the Domain Repoint Command for argument definitions for the cmsso-util
domain-repoint command.

Repoint an Embedded Node from One Domain to an Existing

Domain with a Replication Partner
You can repoint a vCenter Server with an embedded Platform Services Controller from one Single
Sign-On domain to an existing domain using a replication partner.

VMware, Inc. 176

vCenter Server Installation and Setup

See Figure 6-2. Repointing a vCenter Server with an Embedded Platform Services Controller from
One Domain to an Existing Domain for an example of repointing to an existing domain. In this
case, there is repliacation.

Figure 6-2. Repointing a vCenter Server with an Embedded Platform Services Controller from
One Domain to an Existing Domain
Before repointing

Node A Node B Node C Node D

Platform Platform Platform Platform

Services Services Services Services
Controller Controller Controller Controller

vCenter vCenter vCenter vCenter

Server Server Server Server

Domain1.local Domain2.local

After repointing

Node A Node B Node C Node D

Platform Platform Platform Platform

Services Services Services Services
Controller Controller Controller Controller

vCenter vCenter vCenter vCenter

Server Server Server Server

Domain1.local Domain2.local

Represents embedded nodes connected by enhanced linked mode

Prerequisites

n Embedded repointing is only supported with vCenter Server 6.7 Update 1 and later.

n To ensure no loss of data, take a file-based backup of each node before proceedeing with
repointing the vCenter Server.

VMware, Inc. 177

vCenter Server Installation and Setup

Procedure

1 Shut down the node (for example, Node C) that is being repointed (moved to a different
domain).

2 Decommission the embedded node that is being repointed. For example, to decommission
Node C, log into Node B (on the original domain) and run the following command:

cmsso-util unregister --node-pnid Node_C_FQDN --username Node_B_sso_administrator@sso_domain.com

--passwd Node_B_sso_adminuser_password

After unregistering Node C, services are restarted. References to Node C are deleted from
Node B and any other nodes that were linked with Node C on the original domain.

3 Power on Node C to begin the repointing process.

4 (Optional) Run the pre-check mode command. The pre-check mode fetches the tagging (tags
and categories) and authorization (roles and privileges) data from the vCenter Server. Pre-
check does not migrate any data, but checks the conflicts between the source and
destination vCenter Server. For example, run the pre-check with the following CLI:

cmsso-util domain-repoint -m pre-check --src-emb-admin Administrator --replication-partner-fqdn

FQDN_of_destination_node --replication-partner-admin PSC_Admin_of_destination_node --dest-domain-
name destination_PSC_domain

Note Pre-check is not required if a replication partner does not exist (repointing to a newly
created domain).

See Syntax of the Domain Repoint Command for argument definitions for the cmsso-util
domain-repoint command.

The pre-check writes the conflicts to the /storage/domain-data directory.

5 (Optional) Check conflicts and apply resolutions for all conflicts or apply a separate resolution
for each conflict.

The conflict resolutions are:

n Copy: Create a duplicate copy of the data in the target domain.

n Skip: Skips copying the data in the target domain.

n Merge: Merges the conflict without creating duplicates.

Note The default resolution mode for Tags and Authorization conflicts is Copy, unless
overridden in the conflict files generated during pre-check.

VMware, Inc. 178

vCenter Server Installation and Setup

6 Run the execute command. In execute mode, the data generated during the pre-check mode
is read and imported to the target node. Then, the vCenter Server is repointed to the target
domain. For example, run the execute command with the following:

cmsso-util domain-repoint -m execute --src-emb-admin Administrator --replication-partner-fqdn

FQDN _of_destination_node --replication-partner-admin destination_node_PSC_Admin_user_name --dest-
domain-name destination_PSC_domain

See Syntax of the Domain Repoint Command for argument definitions for the cmsso-util
domain-repoint command.

Repoint an Embedded Node to a New Domain

You can repoint a vCenter Server with an embedded Platform Services Controller from an
existing domain to a newly created domain.

See Figure 6-3. Repointing a vCenter Server with an Embedded Platform Services Controller from
One Domain to a New Domain for an example of repointing to a new domain. In this case, there is
no replication partner.

VMware, Inc. 179

vCenter Server Installation and Setup

Figure 6-3. Repointing a vCenter Server with an Embedded Platform Services Controller from
One Domain to a New Domain
Before repointing
Nodes consist of a vCenter Server with embededded
Platform Services Controller.

Node A Node B Node C

Platform Platform Platform

Services Services Services
Controller Controller Controller

vCenter vCenter vCenter

Server Server Server

Domain1.local

After repointing

Node A Node B Node C

Platform Platform Platform

Services Services Services
Controller Controller Controller

vCenter vCenter vCenter

Server Server Server

Domain1.local Domain2.local

Represents embedded nodes connected by

enhanced linked mode

Prerequisites

n Embedded repointing is only supported with vCenter Server 6.7 Update 1 and later.

n To ensure no loss of data, take a file-based backup of each node before proceeding with
repointing the vCenter Server.

VMware, Inc. 180

vCenter Server Installation and Setup

Procedure

1 Shut down the node (for example, Node C) that is being repointed (moved to a different
domain).

2 Decommission the embedded node that is being repointed. For example, to decommission
Node C, log into Node B (on the original domain) and run the following command:

cmsso-util unregister --node-pnid Node_C_FQDN --username Node_B_sso_administrator@sso_domain.com

--passwd Node_B_sso_adminuser_password

After unregistering Node C, services are restarted. References to Node C are deleted from
Node B and any other nodes that were linked with Node C on the original domain.

3 Power on Node C to begin the repointing process.

4 Run the execute command. In execute mode, the data generated during the pre-check mode
is read and imported to the target node. Then, the vCenter Server is repointed to the target
domain. For example, repointing with no replication partner (repointing to a new domain), run
the execute command with the following:

cmsso-util domain-repoint -m execute --src-emb-admin Administrator --dest-domain-name

destination_PSC_domain

See Syntax of the Domain Repoint Command for argument definitions for the cmsso-util
domain-repoint command.

Repoint vCenter Server to Another External Platform

Services Controller in the Same Domain
Joining external Platform Services Controller instances in the same vCenter Single Sign-On
domain, ensures high availability of your system.

If an external Platform Services Controller stops responding or if you want to distribute the load
of an external Platform Services Controller, you can repoint the vCenter Server instances to
another Platform Services Controller in the same domain and site.

n You can repoint the vCenter Server instance to an existing functional Platform Services
Controller instance with free load capacity in the same domain and site.

n You can install or deploy a new Platform Services Controller instance in the same domain and
site to which to repoint the vCenter Server instance.

Prerequisites

n If the old Platform Services Controller instance has stopped responding, remove the node
and clean up the stale vmdir data by running the cmsso-util unregister command. For
information about decommissioning a Platform Services Controller instance, see https://
kb.vmware.com/kb/2106736.

VMware, Inc. 181

vCenter Server Installation and Setup

n Verify that the old and the new Platform Services Controller instances are in the same
vCenter Single Sign-On domain and site by running the vdcrepadmin -f showservers
command. For information about using the command, see https://kb.vmware.com/kb/
2127057.

n If you want to repoint a vCenter Server Appliance that is configured in a vCenter HA cluster,
remove the vCenter HA configuration. For information about removing a vCenter HA
configuration, see vSphere Availability.

Procedure

1 Log in to the vCenter Server instance.

n For a vCenter Server Appliance, log in to the vCenter Server Appliance shell as root.

n For a vCenter Server instance on Windows, log in as an administrator to the vCenter

Server virtual machine or physical server.

2 If the vCenter Server instance runs on Windows, in the Windows command prompt, navigate
to C:\Program Files\VMware\vCenter Server\bin.

3 Run the cmsso-util repoint command.

cmsso-util repoint --repoint-psc psc_fqdn_or_static_ip [--dc-port port_number]

where the square brackets [ ] enclose the command options.

Here, psc_fqdn_or_static_ip is the system name used to identify the Platform Services
Controller. This system name must be an FQDN or a static IP address.

Note The FQDN value is case-sensitive.

Use the --dc-port port_number option if the Platform Services Controller runs on a custom
HTTPS port. The default value of the HTTPS port is 443.

4 Log in to the vCenter Server instance by using the vSphere Client to verify that the vCenter
Server instance is running and can be managed.

Results

The vCenter Server instance is registered with the new Platform Services Controller.

What to do next

If you repointed a vCenter Server Appliance that was configured in a vCenter HA cluster, you can
reconfigure the vCenter HA cluster. For information about configuring vCenter HA, see vSphere
Availability.

VMware, Inc. 182

vCenter Server Installation and Setup

Converging vCenter Server with an External Platform

Services Controller to a vCenter Server with an Embedded
Platform Services Controller
Convergence is the process of reconfiguring or converting a vCenter Server instance with an
external Platform Services Controller to a vCenter Server instance with an embedded Platform
Services Controller.

Figure 6-4. Convergence Internal Workflow illustrates the process of converging a single
standalone vCenter Server with an external Platform Services Controller to a vCenter Server with
an embedded Platform Services Controller.

VMware, Inc. 183

vCenter Server Installation and Setup

Figure 6-4. Convergence Internal Workflow

Stage 0

Virtual Machine

Platform Services Controller A

Virtual Machine

vCenter Server A

Deploy new Platform Services Controller B

as a replication partner of Platform Services
Controller A

Stage 1

Virtual Machine

Platform Services Controller A

Virtual Machine

Platform Services Controller B

vCenter Server A

Reconfigure and repoint vCenter Server A

to the new Platform Services Controller B

Stage 2

Virtual Machine

Platform Services Controller A

Virtual Machine

Platform Services Controller B

vCenter Server A

VMware, Inc. 184

vCenter Server Installation and Setup

Table 6-2. Legend for Single Convergence

Stage Description

Stage 0 Stage 0 represents the original vCenter Server A with

external Platform Services Controller A node.

Stage 1 In Stage 1, the converge process performs the following

tasks:
1 Deploys the new embedded Platform Services
Controller B on the vCenter Server A and sets it up so
that all the data in the original Platform Services
Controller A is replicated in the new embedded
Platform Services Controller B.
2 Configures the new embedded Platform Services
Controller B so that it works on the vCenter Server A
node.
3 Repoints vCenter Server A to the new embedded
Platform Services Controller B.

Stage 2 Stage 2 shows the new node which contains vCenter

Server A with embedded Platform Services Controller B.
The original Platform Services Controller A can be
decommissioned.

You can perform the converge process using the vcsa-util command-line utility or with the
vSphere Client.

Converging with Platform Services Controller High Availability

If you want to converge to a vCenter Server Appliance with an embedded Platform Services
Controller with a Platform Services Controller HA environment, see the VMware knowledge base
article at https://kb.vmware.com/s/article/65129.

Converge to an Embedded Platform Services Controller Node Using

the vSphere Client
You can use the vSphere Client to converge a vCenter Server with an external Platform Services
Controller to a vCenter Server with an embedded Platform Services Controller.

After you converge a vCenter Server with an external Platform Services Controller to a vCenter
Server with an embedded Platform Services Controller, you must refresh the certificates for the
ESXi hosts in your environment. Failing to do this results in connection errors when other
products attempt to connect to vCenter Server. To learn more, see "Renew or Refresh ESXi
Certificates" in the vSphere Security documentation.

To perform the converge operation using the UI, log into the vSphere Client.

This video demonstrates how you can use the vSphere Client to converge a vCenter Server
Appliance with an external Platform Services Controller to a vCenter Server Appliance with an
embedded Platform Services Controller.

VMware, Inc. 185

vCenter Server Installation and Setup

vCenter Server Converge Tool (vSphere 6.7 Update 2)

(http://link.brightcove.com/services/player/bcpid2296383276001?
bctid=ref:video_vsphere67U2_converge)

Prerequisites

n (Optional) If your vCenter Server does not have external Internet access, download, and
mount the vCenter Server Appliance 6.7 Update 2 ISO to the /mnt/cdrom folder. See
Download and Mount the vCenter Server Appliance Installer for UI Convergence for details.

n Create backups of the vCenter Server and external Platform Services Controller instances so
that you can restore them if the reconfiguration fails. See Chapter 4 File-Based Backup and
Restore of vCenter Server Appliance for information on backing up the vCenter Server.

n Disable and remove vCenter HA before starting the process. Converging with vCenter HA
configurations is not supported. Remove any vCenter HA configurations before starting the
converge process. After converging, enable vCenter HA configurations in the embedded
node.

Procedure

1 From the vSphere Client side bar, click Administration. In the Administration panel, under
Deployment click System Configuration.

The System Configuration page lists each of the vCenter Server and Platform Services
Controller nodes with details including FQDN or IP address, node health, type, version, virtual
machine, and uptime.

2 (Optional) To display more information, including replication partner, click the expand button
next to the node.

To log into the vCenter Server or Platform Services Controller, click Login.

3 (Optional) To display the nodes in a graphical format, click View as Topology.

Select each node to view its details.

4 (Optional) To return to viewing the nodes in a table format, click View as Table.

5 Select a vCenter Server with an external Platform Services Controller and click Converge to
Embedded.

If you are logged into this vCenter Server, you receive a warning that converging this node
restarts all vCenter Server services. Access to the vSphere Client on this vCenter Server is
lost while the services restart. However, the converge process is not impacted. If possible, log
into a vSphere Client from a different vCenter Server connected through Enhanced Linked
Mode to monitor the converge process without the vSphere Client session being impacted.

6 In the Convert to Embedded dialog box, enter the details:

n Single Sign-On user name.

n Single Sign-On password.

VMware, Inc. 186

vCenter Server Installation and Setup

n Select from an available embedded node (only for the second and subsequent
convergences).

n Active Directory information, if you select Join AD (extends the dialog box). Enter the
following information for joining Active Directory:

n Active Directory domain name.

n Active Directory domain user name.

n Active directory domain password.

n DNS server.

n Select Skip AD if you do not want to join an Active Directory.

7 Acknowledge that you took a backup of the vCenter Server Appliance before starting the
converge process.

8 Click Converge.

Results

You are notified when the convergence succeeds.

What to do next

n Decommission the Platform Services Controller. See Decommission the Platform Services
Controller Using the vSphere Client for instructions.

n Refresh the certificates for the ESXi hosts in your environment. See "Renew or Refresh ESXi
Certificates" in the vSphere Security documentation.

Download and Mount the vCenter Server Appliance Installer for UI Convergence
VMware releases the vCenter Server Appliance ISO image, which contains installers for the
vCenter Server Appliance.

This procedure describes how to download and mount the vCenter Server Appliance installer to
perform convergence using the vSphere Client if you do not have external Internet access.

Prerequisites

n Create a My VMware account at https://my.vmware.com/web/vmware/.

n Verify that your client machine meets the system requirements for the vCenter Server
Appliance installer. See System Requirements for the vCenter Server Appliance Installer.

Procedure

1 From the VMware website at https://my.vmware.com/web/vmware/downloads, download

the vCenter Server Appliance 6.7 Update 2 ISO image.

VMware-VCSA-all-version_number-build_number.iso

VMware, Inc. 187

vCenter Server Installation and Setup

2 Confirm that the md5sum is correct.

See the VMware website topic Using MD5 Checksums at http://www.vmware.com/download/

md5.html.

3 Attach the ISO image to the CD/DVD drive of the vCenter Server Appliance.

4 Mount the ISO to the /mnt/cdrom folder.

mount /dev/cdrom /mnt/cdrom

Decommission the Platform Services Controller Using the vSphere Client

You can use the vSphere Client to decommission a Linux-based Platform Services Controller
appliance.

After converging an external Platform Services Controller node to an embedded Platform

Services Controller node, decommission the original external Platform Services Controller.
Decommissioning a Platform Services Controller shuts it down and removes it from the single
sign-on domain.

If there are multiple Platform Services Controller instances in a deployment, with one instance
pointing to vCenter Server and the others acting as replication partners, you first decommission
the Platform Services Controller that was pointing to the vCenter Server. You must then manually
delete the other Platform Services Controller instances in the deployment. Because the Platform
Services Controller acting as a replication partner is isolated from vCenter Server, it is not able to
decommission the replicating Platform Services Controller.

Note You can decommission a Linux-based Platform Services Controller using the vSphere
Client. To decommission a Windows-based Platform Services Controller, use the cmsso-util
utility. See Knowledge Base article KB 2106736.

Prerequisites

Make sure no vCenter Server instances are pointing to the Platform Services Controller before
decommissioning.

Reconfigure any products deployed into the environment that use the Platform Services
Controller to use the newly deployed embedded Platform Services Controller.

Make a backup of the Platform Services Controller before decommissioning to ensure no loss of
data.

Procedure

1 Select the Platform Services Controller from the System Configuration page and click
Decommission PSC.

2 Enter the single sign-on user name and password, and click Decommission.

VMware, Inc. 188

vCenter Server Installation and Setup

Results

The vCenter Server that you are logged into to perform the decommission restarts its services,
making the UI inaccessible during this time. The decommission process is not impacted.

What to do next

You can delete the virtual machine for the decommissioned Platform Services Controller.

Ensure that any external solutions or products are registered with the new embedded Platform
Services Controller.

Converging to an Embedded Platform Services Controller Node

Using the Command-Line Utility
You can use the vcsa-util command-line utility to converge a vCenter Server with an external
Platform Services Controller to a vCenter Server with an embedded Platform Services Controller.

Converge vCenter Server with an External Platform Services Controller to a

vCenter Server with an Embedded Platform Services Controller
If you have deployed or installed a vCenter Server instance with an external Platform Services
Controller, you can convert it to a vCenter Server instance with an embedded Platform Services
Controller using the converge utility.

This convergence is performed using the vcsa-util command-line utility. You can locate the
vcsa-util utility in the vcsa-converge-cli directory:

n Linux 64-bit: lin64/vcsa-util

n MasOS X: mac/vcsa-util

n Windows: win32/vcsa-util.exe

The convergence utility can only be run within one domain. It cannot be run between multiple
domains.

Note The vcsa-util command can be run from a system running on a Windows, Linux, or Mac
OS operating system. You must have administrator privileges on the system that you are running
the converge utility. Reconfiguring a vCenter Server with an external Platform Services Controller
to a Platform Services Controller with an embedded Platform Services Controller is only
supported for a vCenter Server Appliance running the same version on each node. It is not
supported for a vCenter Server installed on Windows.

VMware, Inc. 189

vCenter Server Installation and Setup

Prerequisites

Download and mount the vCenter Server Appliance 6.7 Update 2 ISO. See Download and Mount
the vCenter Server Appliance Installer for instructions.

Create backups of the vCenter Server and external Platform Services Controller instance so that
you can restore them if the reconfiguration fails.

Disable and remove vCenter HA before starting the process. Converging with vCenter HA
configurations is not supported. Remove any vCenter HA configurations before starting the
converge process. After a successful convergence, you can enable vCenter HA configurations in
the embedded node.

Procedure

1 Edit the converge.json and decommission_psc.json templates to include information about

the managing ESXi host or vCenter Server and the vCenter Server Appliance. See Preparing
JSON Configuration Files for Reconfiguring External to Embedded Nodes for information on
preparing the converge.json template.

If you are running a DRS configuration, enter only the vCenter Server, not the ESXi host in the
JSON file.

2 Run the converge command in pre-check mode. Pre-check does not perform a converge but
verifies the JSON file and checks for any conflicts. Enter vcsa-util converge --precheck-
only converge.json to run the converge command in pre-check mode.

3 Begin the convergence process by running the vcsa-util converge converge.json

command on the client machine running on a Windows, Linux, or Mac OS operating system.
This operation installs and configures the new embedded Platform Services Controller. See
Syntax of the Converge Command for a list of available arguments for the vsca-util
converge command.

a Enter yes or no if you backed up the Platform Services Controller and vCenter Server.

b The command provides a thumb print of the certificate and asks you to accept. Enter 1 to
accept and continue.

After the utility successfully finishes, you can log into the vCenter Server Appliance appliance
management interface (https://appliance-IP-address-or-FQDN:5480) and see that it is now a
vCenter Server with embedded Platform Services Controller.

4 (Optional) Reconfigure any products deployed into the environment that uses the external
Platform Services Controller to use the newly deployed embedded Platform Services
Controller.

VMware, Inc. 190

vCenter Server Installation and Setup

5 Decommission the original Platform Services Controller by running the vcsa-util

decommission decomission.json command. This operation removes the external Platform
Services Controller from the SSO domain.

The vcsa-util decommission utility uses the cmsso-util utility to decommission the Platform
Services Controller. If you decommission the Platform Services Controller with cmsso-util,
you must first manually shut down the Platform Services Controller and then unregister also
with cmsso-util. See the VMware Knowledge Base article https://kb.vmware.com/s/article/
2106736 for instructions on directly using the cmsso-util command.

Note If you shut down the Platform Services Controller before decommissioning or do not
manually decommission it using cmsso-util, security and replication problems might occur.

What to do next

Refresh the certificates for the ESXi hosts in your environment. See "Renew or Refresh ESXi
Certificates" in the vSphere Security documentation.

Preparing JSON Configuration Files for Reconfiguring External to Embedded

Nodes
Before you run the CLIs to reconfigure a vCenter Server with an external Platform Services
Controller to a vCenter Server with an embedded Platform Services Controller, or decommission
a Platform Services Controller, you must prepare a JSON file with configuration parameters and
their values for your specification.

The converge.json and decommission_psc.json sample templates are located in vcsa-

converge-cli\templates\converge and vcsa-converge-cli\templates\decommission. Save the
templates to your workspace.

These sample templates contain the most frequently used options.

Converge Configuration Parameters

The configuration parameters in the converge.json configuration file are organized in parts,
sections, and subsections.

Table 6-3. Configuration Parameter for the converge.json File

Part Section Subsection Description

vCenter description comments Describes the vCenter

Server Appliance and ESXi
host on which the appliance
is running.

managing_esxi_or_vc hostname FQDN or IP address of the

ESXi host of vCenter Server
where the vCenter Server
resides.

VMware, Inc. 191

vCenter Server Installation and Setup

Table 6-3. Configuration Parameter for the converge.json File (continued)

Part Section Subsection Description

username User ID with administrator

privileges on the ESXi host
or vCenter Server. For
example, root for the ESXi
host and
administrator@SSO_domain
for vCenter Server.

password Password of the user with

administrator privileges on
the ESXi host or vCenter
Server. If omitted, you are
prompted to enter the
password on the command
console during the template
verification.

vc_appliance hostname FQDN or IP address of the

vCenter Server Appliance.

username administrator@SSO_domain
where SSO_domain is the
vCenter Single Sign-On
domain for the vCenter
Server Appliance.

password vCenter Single Sign-On

administrator password. If
omitted, you are prompted
to enter the password on
the command console during
the template verification.

root_password vCenter Server Appliance

root password. If omitted,
you are prompted to enter
the password on the
command console during the
template verification.

ad_domain_info domain_name FQDN or IP address of the

Platform Services Controller
Note If the external
appliance's active directory
Platform Services
domain.
Controller is not joined to
Active Directory, remove username Active directory domain user
this section from the JSON ID with privileges to join any
template. machine to the provided
domain.

password Active directory domain

password with privileges to
join any machine to the
provided domain.

VMware, Inc. 192

vCenter Server Installation and Setup

Table 6-3. Configuration Parameter for the converge.json File (continued)

Part Section Subsection Description

dns_ip (Optional) DNS IP address

which resolves the active
directory domain name.
Required only when the
existing DNS setting cannot
resolve the provided active
directory domain.

replication description Describes the vCenter

Server Appliance that is in
replication with the provided
Platform Services Controller.

partner hostname FQDN or IP address of the

target Platform Services
Controller node.

Converge Configuration File Template

Sample converge.json template:

{
"__version": "2.11.0",
"__comments": "Template for VCSA with external Platform Services Controller converge",
"vcenter": {
"description": {
"__comments": [
"This section describes the vCenter appliance which you want to",
"converge and the ESXi host on which the appliance is running. "
]
},
"managing_esxi_or_vc": {
"hostname": "<FQDN or IP address of the ESXi or vCenter on which the vCenter Server
Appliance resides.>",
"username": "<Username of a user with administrative privilege on the ESXi host or
vCenter Server. For example 'root' for ESXi and 'administrator@<SSO domain name>' for vCenter >",
"password": "<Password of the administrative user on the ESXi host or vCenter Server.
If left blank, or omitted, you will be prompted to enter it at the command console during template
verification.>"
},
"vc_appliance": {
"hostname": "<FQDN or IP address of the vCenter Server Appliance>",
"username": "administrator@<SSO domain name>",
"password": "<vCenter Single Sign-On administrator password. If left blank, or
omitted, you will be prompted to enter it at the command console during template verification.>",
"root_password": "<Appliance root password. If left blank, or omitted, you will be
prompted to enter it at the command console during template verification.>",
},
"ad_domain_info": {
"__comments": [
"Important Note: This section is needed only when PSC (Platform Services
Controller) appliance is joined to a domain.",

VMware, Inc. 193

vCenter Server Installation and Setup

"Remove this section if PSC appliance is not joined to a domain.",

"Keeping this section without valid values results in JSON validation errors."
],
"domain_name": "<Domain name of the Platform Services Controller appliance's AD
domain>",
"username": "<AD domain username with privileges to join any machine to the provided
domain>",
"password": "<AD domain password with privileges to join any machine to the provided
domain>",
"dns_ip": "<DNS IP which resolves AD domain name. This is an optional field and is
required only when the provided AD domain cannot be resolved by the existing DNS setting of the VCSA
node.>"
}
},
"replication": {
"description": {
"__comments": [
"Important Note: Make sure you provide the information in this section very carefully,
as this changes the replication topology.",
"Refer to the documentation for complete details. Remove this section if this is first
converge operation in your setup.",
"This section provides details of the PSC node which will be set up as a replicated
node for a new PSC on the target VCSA node."
]
},
"partner": {
"hostname": "<FQDN or IP address of the target VCSA PSC node>"
}
}
}

Decommission Configuration Parameters

The configuration parameters in the decommision_psc.json configuration file are organized in
parts, sections, and subsections.

Table 6-4. Configuration Parameter for the decommisision_psc.json file

Part Section Subsection Description

psc description comments Describes the Platform

Services Controller appliance
you want to decommission
and the Platform Services
Controller host on which the
appliance is running.

managing_esxi_or_vc hostname FQDN or IP address of the

ESXi host or vCenter Server
on which the Platform
Services Controller resides.

VMware, Inc. 194

vCenter Server Installation and Setup

Table 6-4. Configuration Parameter for the decommisision_psc.json file (continued)

Part Section Subsection Description

username User ID with administrator

privileges on the ESXi host
or vCenter Server. For
example, root for the ESXi
host and
administrator@SSO_domain
for vCenter Server.

password Password of the user with

administrator privileges on
the ESXi host or vCenter
Server. If omitted, you are
prompted to enter the
password on the command
console during the template
verification.

port (Optional) Port for the host.

Default port is 443.

psc_appliance hostname FQDN or IP address of the

external Platform Services
Controller appliance that you
wish to decommission.

Note Ensure that no other

solutions are currently using
this external Platform
Services Controller before
you decommission it.

username administrator@SSO_domain
where SSO_domain is the
vCenter Single Sign-On
domain for the vCenter
Server Appliance.

password vCenter Single Sign-On

administrator password. If
omitted, you are prompted
to enter the password on
the command console during
the template verification.

root_password vCenter Server Appliance

root password. If omitted,
you are prompted to enter
the password on the
command console during the
template verification.

VMware, Inc. 195

vCenter Server Installation and Setup

Table 6-4. Configuration Parameter for the decommisision_psc.json file (continued)

Part Section Subsection Description

vcenter description comments Describes the embedded

vCenter Server Appliance
that is in replication with the
provided Platform Services
Controller.

managing_esxi_or_vc hostname FQDN or IP address of the

ESXi host or vCenter Server
on which the vCenter Server
Appliance resides.

username User ID with administrator

privileges on the ESXi host
or vCenter Server. For
example, root for the ESXi
host and
administrator@SSO_domain
for vCenter Server.

password Password of the user with

administrator privileges on
the ESXi host or vCenter
Server. If omitted, you are
prompted to enter the
password on the command
console during the template
verification.

port (Optional) Port for the host.

Default port is 443.

vc_appliance hostname FQDN or IP address of the

vCenter Server Appliance .

username administrator@SSO_domain
where SSO_domain is the
vCenter Single Sign-On
domain for the vCenter
Server Appliance.

password vCenter Single Sign-On

administrator password. If
omitted, you are prompted
to enter the password on
the command console during
the template verification.

root_password vCenter Server Appliance

root password. If omitted,
you are prompted to enter
the password on the
command console during the
template verification.

VMware, Inc. 196

vCenter Server Installation and Setup

Decommission Configuration File Template

Sample decommission.json template:

{
"__comments": "Template for decommissioning PSC node with converge CLI tool.",
"__version": "2.11.0",
"psc": {
"description": {
"__comments": [
"This section describes the PSC appliance which you want to",
"decommission and the ESXi host on which the appliance is running. "
]
},
"managing_esxi_or_vc": {
"hostname": "<FQDN or IP address of the ESXi or vCenter on which the Platform
Services Controller appliance resides.>",
"username": "<Username of a user with administrative privilege on the ESXi host or
vCenter Server. For example 'root' for ESXi and 'administrator@<SSO domain name>' for vCenter >",
"password": "<Password of the administrative user on the ESXi host or vCenter Server.
If left blank, or omitted, you will be prompted to enter it at the command console during template
verification.>",
"port": "This section may be removed, if default port is 443. If not, custom port
have to be specified"
},
"psc_appliance": {
"hostname": "<FQDN or IP address of the Platform Services Controller appliance>",
"username": "administrator@<SSO domain name>",
"password": "<vCenter Single Sign-On administrator password. If left blank, or
omitted, you will be prompted to enter it at the command console during template verification.>",
"root_password": "<Appliance root password. If left blank, or omitted, you will be
prompted to enter it at the command console during template verification.>",
}
}
"vcenter": {
"description": {
"__comments": [
"This section describes the embedded vCenter appliance which is in ",
"replication with the provided PSC"
]
},
"managing_esxi_or_vc": {
"hostname": "<FQDN or IP address of the ESXi or vCenter on which the vCenter Server
Appliance resides.>",
"username": "<Username of a user with administrative privilege on the ESXi host or
vCenter Server. For example 'root' for ESXi and 'administrator@<SSO domain name>' for vCenter >",
"password": "<Password of the administrative user on the ESXi host or vCenter Server.
If left blank, or omitted, you will be prompted to enter it at the command console during template
verification.>",
"port": "This section may be removed, if default port is 443. If not, custom port
have to be specified"
},
"vc_appliance": {
"hostname": "<FQDN or IP address of the vCenter Server Appliance>",
"username": "administrator@<SSO domain name>",

VMware, Inc. 197

vCenter Server Installation and Setup

"password": "<vCenter Single Sign-On administrator password. If left blank, or

omitted, you will be prompted to enter it at the command console during template verification.>",
"root_password": "<Appliance root password. If left blank, or omitted, you will be
prompted to enter it at the command console during template verification.>"
}
}
}

Syntax of the Converge Command

You can use command arguments to set the execution parameters of the vcsa-util converge
command.

The vsca-util converge command reconfigures a vCenter Server with an external Platform
Services Controller to a vCenter Server with an embedded Platform Services Controller.

Use the following command converge a single standalone vCenter Server with an external
Platform Services Controller to a vCenter Server with an embedded Platform Services Controller:

vcsa-util converge [--help] [--template-help] [--log-dir LOG_DIR] [--pause-on-warnings] [--verbose |

--terse] [--no-ssl-certificate-verification] [--skip-domain-handling] [--verify-template-only | --
precheck-only] [--silent] [--backup-taken] [--skip-reboot] [--skip-domain-hadling] converge.json

Use the following command to decommission a Platform Services Controller:

vcsa-util decommision [--help] [--template-help] [--log-dir LOG_DIR] [--pause-on-warnings] [--verbose

| --terse] [--no-ssl-certificate-verification] [--verify-template-only | --precheck-only]
decommission_psc.json

Argument Description

converge.json JSON file or path to the JSON file that contains the
configuration parameters to specify the converge
procedure.

decommission_psc.json JSON file or path to the JSON file that contains the
configuration parameters to specify the decommission
procedure.

--backup-taken (Optional) Ensure that the backup is already taken. If this

argument is not provided, you are prompted for
confirmation.

-v, --verbose (Optional) Display debug information in the console. If you

set this parameter, you cannot set --terse.

-t, --terse (Optional) Display only warning and error information in the
console. If you set this parameter, you cannot set --
verbose.

--log-dir (Optional) Specify LOG_DIR as the directory for log and

other output files.

--no-ssl-certificate-verification (Optional) Skip security certificate verification for all server

connections.

VMware, Inc. 198

vCenter Server Installation and Setup

Argument Description

--pause-on-warnings (Optional) Pause and wait for an acknowledgement of

some warnings.

--precheck-only (Optional) Perform the prechecks for converge.

--verify-template-only (Optional) Perform only the basic template verification, but

do not run additional prechecks. For additional precheck
verification, use the --precheck-only parameter.

--silent (Optional) Run converge in silent mode, avoiding prompts.

If this argument is specified, converge avoids prompts and
uses the default values.

--skip-reboot (Optional) Skip rebooting machine after joining ADdomain.

This is applicable only for AD domain environments.

--skip-domain-handling (Optional) Skip any operation that joins to a domain.

--template-help (Optional) Retrieve the help for the template settings.

-h, --help (Optional) Display the help message for the vsca-util
command.

Reconfigure a Standalone vCenter Server with an

Embedded Platform Services Controller to a vCenter Server
with an External Platform Services Controller
If you have deployed or installed a standalone vCenter Server instance with an embedded
Platform Services Controller and you want to extend your vCenter Single Sign-On domain with
more vCenter Server instances, you can reconfigure and repoint the existing vCenter Server
instance to an external Platform Services Controller.

VMware, Inc. 199

vCenter Server Installation and Setup

Figure 6-5. Reconfiguration of a Standalone vCenter Server Instance with an Embedded

Platform Services Controller and Repointing it to an External Platform Services Controller

VM or Physical Server

Platform Services Controller А

vCenter Server А

Deploy or install Platform Services Controller A’ as a

replication partner of Platorm Services Controller A

VM or Physical Server

Platform Services Controller А’

VM or Physical Server

Platform Services Controller А

vCenter Server А

Reconfigure and repoint the vCenter Server

instance to Platform Services Controller A’

VM or Physical Server

Platform Services Controller А’

VM or Physical Server

vCenter Server А

Table 6-5. Legend

Arrow or line Description

Replication agreement between two Platform Services

Controller instances

vCenter Server registration with an external Platform

Services Controller

Transition step

Note The reconfiguration of a vCenter Server instance with an embedded Platform Services
Controller and repointing it to an external Platform Services Controller instance is a one-way
process after which you cannot switch back to vCenter Server with an embedded Platform
Services Controller.

VMware, Inc. 200

vCenter Server Installation and Setup

Prerequisites

n Deploy or install the external Platform Services Controller instance as a replication partner of
the existing embedded Platform Services Controller instance in the same vCenter Single Sign-
On site.

Note You can determine the current vCenter Single Sign-On site by using the vmfad-cli
command.

n For a vCenter Server Appliance with an embedded Platform Services Controller, log in to
the appliance shell as root and run the command.

/usr/lib/vmware-vmafd/bin/vmafd-cli get-site-name --server-name localhost

n For a Windows installation of vCenter Server instance with an embedded Platform

Services Controller, log in to the Windows machine as an administrator, open the
Windows command prompt, and run the command.

C:\Program Files\VMware\vCenter Server\vmafdd\vmafd-cli get-site-name --server-name localhost

n Create snapshots of the vCenter Server with an embedded Platform Services Controller and
the external Platform Services Controller instance, so that you can revert to the snapshots if
the reconfiguration fails.

n If you want to reconfigure a vCenter Server Appliance with an embedded Platform Services
Controller that is configured in a vCenter HA cluster, remove the vCenter HA configuration.
For information about removing a vCenter HA configuration, see vSphere Availability.

Procedure

1 Log in to the vCenter Server instance with an embedded Platform Services Controller.

Option Steps

For a vCenter Server Appliance with Log in to the appliance shell as root.
an embedded Platform Services n If you have direct access to the appliance console, press Alt+F1.
Controller n If you want to connect remotely, use SSH or another remote console
connection to start a session to the appliance.

For a Windows installation of Log in to the Windows machine as an administrator, open the Windows
vCenter Server with an embedded command prompt, and navigate to C:\Program Files\VMware\vCenter
Platform Services Controller Server\bin.

2 Verify that all Platform Services Controller services are running.

Run the service-control --status --all command.

The Platform Services Controller services that must be running are VMware License Service,
VMware Identity Management Service, VMware Security Token Service, VMware Certificate
Service, and VMware Directory Service.

VMware, Inc. 201

vCenter Server Installation and Setup

3 Run the cmsso-util reconfigure command.

cmsso-util reconfigure --repoint-psc psc_fqdn_or_static_ip --username username --domain-

name domain_name --passwd password [--dc-port port_number]

where the square brackets [ ] enclose optional items.

Here, psc_fqdn_or_static_ip is the system name used to identify the external Platform
Services Controller instance. This system name must be an FQDN or a static IP address.

Note The FQDN value is case-sensitive.

The options username and password are the administrator user name and password of the
vCenter Single Sign-On domain_name.

Use the --dc-port option if the external Platform Services Controller runs on a custom HTTPS
port. The default value of the HTTPS port is 443.
For example, if the external Platform Services Controller runs on a custom HTTPS port 449,
you must run:

cmsso-util reconfigure --repoint-psc psc.acme.local --username administrator --domain-name

vsphere.local --passwd Password1! --dc-port 449

4 Log in to the vCenter Server instance by using the vSphere Client to verify that the vCenter
Server instance is running and can be managed.

Results

The vCenter Server with an embedded Platform Services Controller is demoted, and the vCenter
Server is redirected to the external Platform Services Controller.

What to do next

n You can deploy or install additional vCenter Server and Platform Services Controller instances
in the vCenter Single Sign-On domain.

n If you reconfigured a vCenter Server Appliance with an embedded Platform Services

Controller that was configured in a vCenter HA cluster, you can reconfigure the vCenter HA
cluster. For information about configuring vCenter HA, see vSphere Availability.

VMware, Inc. 202

Troubleshooting vCenter Server
Installation or Deployment 7
The vCenter Server installation or deployment troubleshooting topics provide solutions to
problems that you might encounter during the vCenter Server installation or vCenter Server
Appliance deployment process.

This chapter includes the following topics:

n Collecting Logs for Troubleshooting a vCenter Server Installation or Upgrade

n Attempt to Install a Platform Services Controller After a Prior Installation Failure

n Microsoft SQL Database Set to Unsupported Compatibility Mode Causes vCenter Server
Installation or Upgrade to Fail

Collecting Logs for Troubleshooting a vCenter Server

Installation or Upgrade
You can collect installation or upgrade log files for vCenter Server. If an installation or upgrade
fails, checking the log files can help you identify the source of the failure.

You can choose the Installation Wizard method or the manual method for saving and recovering
log files for a vCenter Server for Windows installation failure.

You can also collect deployment log files for vCenter Server Appliance.

n Collect Installation Logs by Using the Installation Wizard

You can use the Setup Interrupted page of the installation wizard to browse to the
generated .zip file of the vCenter Server for Windows installation log files.

n Retrieve Installation Logs Manually

You can retrieve the installation log files manually for examination.

n Collect Deployment Log Files for the vCenter Server Appliance

If the vCenter Server Appliance deployment fails, you can retrieve the log files and examine
them for the reason of the failure.

VMware, Inc. 203

vCenter Server Installation and Setup

n Export a vCenter Server Support Bundle for Troubleshooting

You can export the support bundle of the vCenter Server instance in the vCenter Server
Appliance for troubleshooting using the URL displayed on the DCUI home screen.

Collect Installation Logs by Using the Installation Wizard

You can use the Setup Interrupted page of the installation wizard to browse to the
generated .zip file of the vCenter Server for Windows installation log files.

If the installation fails, the Setup Interrupted page appears with the log collection check boxes
selected by default.

Procedure

1 Leave the check boxes selected and click Finish.

The installation files are collected in a .zip file on your desktop, for example, VMware-VCS-
logs-time-of-installation-attempt.zip, where time-of-installation-attempt displays the
year, month, date, hour, minutes, and seconds of the installation attempt.

2 Retrieve the log files from the .zip file on your desktop.

What to do next

Examine the log files to determine the cause of failure.

Retrieve Installation Logs Manually

You can retrieve the installation log files manually for examination.

Procedure

1 Navigate to the installation log file locations.

n %PROGRAMDATA%\VMware\vCenterServer\logs directory, usually C:\ProgramData\VMware

\vCenterServer\logs

n %TEMP% directory, usually C:\Users\username\AppData\Local\Temp

The files in the %TEMP% directory include vc-install.txt, vminst.log, pkgmgr.log, pkgmgr-
comp-msi.log, and vim-vcs-msi.log.

2 Open the installation log files in a text editor for examination.

Collect Deployment Log Files for the vCenter Server Appliance

If the vCenter Server Appliance deployment fails, you can retrieve the log files and examine them
for the reason of the failure.

The full path to the log files is displayed in the vCenter Server Appliance deployment wizard.

In case of firstboot failure, you can download the support bundle on a Windows host machine
and examine the log files to determine which firstboot script failed. See Export a vCenter Server
Support Bundle for Troubleshooting.

VMware, Inc. 204

vCenter Server Installation and Setup

Procedure

1 On the Windows machine that you use for deploying the vCenter Server Appliance, navigate
to the log files folder.

If you are logged in as an administrator, by default this is the C:\Users\Administrator

\AppData\Local\VMware\CIP\vcsaInstaller folder.

2 Open the installation log files in a text editor for examination.

Export a vCenter Server Support Bundle for Troubleshooting

You can export the support bundle of the vCenter Server instance in the vCenter Server
Appliance for troubleshooting using the URL displayed on the DCUI home screen.

You can also collect the support bundle from the vCenter Server Appliance Bash shell by running
the vc-support.sh script.

The support bundle is exported in .tgz format.

Procedure

1 Log in to the Windows host machine on which you want to download the bundle.

2 Open a Web browser and enter the URL to the support bundle displayed in the DCUI.

https://appliance-fully-qualified-domain-name:443/appliance/support-bundle

3 Enter the user name and password of the root user.

4 Click Enter.

The support bundle is downloaded as .tgz file on your Windows machine.

5 (Optional) To determine which firstboot script failed, examine the firstbootStatus.json file.

If you ran the vc-support.sh script in the vCenter Server Appliance Bash shell, to examine
the firstbootStatus.json file, run

cat /var/log/firstboot/firstbootStatus.json

Attempt to Install a Platform Services Controller After a

Prior Installation Failure
When you want to replicate Platform Services Controller data, you might not be able to join a
vCenter Single Sign-On domain in an existing Platform Services Controller.

Problem

When you try to install a Platform Services Controller, either embedded or external, and join the
Platform Services Controller to a vCenter Single Sign-On domain or site, the installation might fail
and the failure might leave incomplete data in the Platform Services Controller federation.

VMware, Inc. 205

vCenter Server Installation and Setup

Cause

The Platform Services Controller data is not cleaned up when an installation of a Platform
Services Controller fails. Consider the following scenario:

1 Install Platform Services Controller A.

2 When you try to install Platform Services Controller B and join it to the same domain as
Platform Services Controller A, the installation fails.

3 Second attempt to install Platform Services Controller B and join it to the same domain as
Platform Services Controller A fails, because Platform Services Controller A contains
incomplete data.

Solution

1 Log in as an administrator to the machine on which you install Platform Services Controller A.

2 At the command prompt navigate to the vdcleavefed command.

The vdcleavefed command is located at C:\Program Files\VMware\vCenter Server\vmdird

\ on Windows and /usr/lib/vmware-vmdir/bin/ on Linux.

3 Run the vdcleavefed command to delete the data.

vdcleavefed -h Platform-Services-Controller-B-System-Name -u Administrator

4 Install Platform Services Controller B.

Microsoft SQL Database Set to Unsupported Compatibility

Mode Causes vCenter Server Installation or Upgrade to Fail
vCenter Server installation with a Microsoft SQL database fails when the database is set to
compatibility mode with an unsupported version.

Problem

The following error message appears: The DB User entered does not have the required
permissions needed to install and configure vCenter Server with the selected DB.
Please correct the following error(s): %s

Cause

The database version must be supported for vCenter Server. For SQL, even if the database is a
supported version, if it is set to run in compatibility mode with an unsupported version, this error
occurs. For example, if SQL 2008 is set to run in SQL 2000 compatibility mode, this error occurs.

Solution

u Make sure the vCenter Server database is a supported version and is not set to compatibility
mode with an unsupported version. See the VMware Product Interoperability Matrixes at
http://partnerweb.vmware.com/comp_guide2/sim/interop_matrix.php?.

VMware, Inc. 206

Uninstall vCenter Server
8
You must have administrator privileges to uninstall VMware vCenter Server.

Important If you are using the embedded PostgreSQL database, uninstalling vCenter Server
causes the embedded database to be uninstalled, and all data is lost.

Prerequisites

If you are uninstalling the vCenter Server system, remove the hosts from the Hosts and Clusters
inventory.

Procedure

1 As an administrator user on the Windows system, click Start > Control Panel > Programs and
Features.

2 Select VMware vCenter Server from the list and click Remove.

3 Click Remove to confirm that you want to remove the program.

4 Click Finish.

5 Reboot the system.

VMware, Inc. 207

Palo Alto Firewall Pan-Os-Administration Guide v10.0 PDF
50% (2)
Palo Alto Firewall Pan-Os-Administration Guide v10.0 PDF
1,446 pages
HCIA STORAGE Practice Question
100% (2)
HCIA STORAGE Practice Question
40 pages
EDU - DATASHEET VMware NSX-T Data Center Troubleshooting and Operations V3.03
No ratings yet
EDU - DATASHEET VMware NSX-T Data Center Troubleshooting and Operations V3.03
3 pages
Omniswitch 6900 Stackable Lan Switches Datasheet en
No ratings yet
Omniswitch 6900 Stackable Lan Switches Datasheet en
15 pages
Antenna Analysis and Design Chapter 4
No ratings yet
Antenna Analysis and Design Chapter 4
19 pages
VMware L1 L2 L3 Tasks
67% (3)
VMware L1 L2 L3 Tasks
4 pages
Vsphere Vcenter Server 67 Installation Guide PDF
100% (2)
Vsphere Vcenter Server 67 Installation Guide PDF
166 pages
Vsphere Esxi Vcenter Server 602 Installation Setup Guide PDF
No ratings yet
Vsphere Esxi Vcenter Server 602 Installation Setup Guide PDF
298 pages
VMware Horizon View Essentials
From Everand
VMware Horizon View Essentials
Peter von Oven
No ratings yet
CentOS 8 Essentials: Learn to Install, Administer and Deploy CentOS 8 Systems
From Everand
CentOS 8 Essentials: Learn to Install, Administer and Deploy CentOS 8 Systems
Neil Smyth
No ratings yet
VMW Vcap NV Design Exam Preparation Guide
No ratings yet
VMW Vcap NV Design Exam Preparation Guide
3 pages
Avaya Ethernet Routing Switching Implementation
No ratings yet
Avaya Ethernet Routing Switching Implementation
76 pages
Vmware Learning Paths
No ratings yet
Vmware Learning Paths
38 pages
Comparing SD Wan Solution From Client To Cloud
No ratings yet
Comparing SD Wan Solution From Client To Cloud
10 pages
Master All Steps of Deployment, Seamless Integration, and Migration of Large SDA and SD-WAN Networks - BRKENS-3834
No ratings yet
Master All Steps of Deployment, Seamless Integration, and Migration of Large SDA and SD-WAN Networks - BRKENS-3834
42 pages
VMware P2V Process
No ratings yet
VMware P2V Process
28 pages
Tshoot - Chapter 1
No ratings yet
Tshoot - Chapter 1
31 pages
VMW VCP NV Exam Preparation Guide
No ratings yet
VMW VCP NV Exam Preparation Guide
7 pages
M05 - SDDC Advanced Security
No ratings yet
M05 - SDDC Advanced Security
70 pages
DatacenterServerrefreshRFP
No ratings yet
DatacenterServerrefreshRFP
15 pages
NexentaConnect VMware VSAN QuickStart InstallGuide 1.0.2 FP2 GA
No ratings yet
NexentaConnect VMware VSAN QuickStart InstallGuide 1.0.2 FP2 GA
15 pages
How To Patch ESXi 7 Using Lifecycle Manager - Mastering VMware
No ratings yet
How To Patch ESXi 7 Using Lifecycle Manager - Mastering VMware
8 pages
Deployment Guide PDF
No ratings yet
Deployment Guide PDF
10 pages
Virtual SAN 6.0 Overview Deck(1)
No ratings yet
Virtual SAN 6.0 Overview Deck(1)
47 pages
Fortinet
No ratings yet
Fortinet
21 pages
Avaya Network-Design
No ratings yet
Avaya Network-Design
346 pages
Forticonverter 6.0.1 Admin Guide
No ratings yet
Forticonverter 6.0.1 Admin Guide
198 pages
Enhanced VPC: Topology, Configuration & Verification
No ratings yet
Enhanced VPC: Topology, Configuration & Verification
5 pages
CVD VirtualizationWithCiscoUCSNexus1000VandVMwareDesignGuide AUG14
No ratings yet
CVD VirtualizationWithCiscoUCSNexus1000VandVMwareDesignGuide AUG14
153 pages
CIS Hardening Windows 2019 New DC L1
No ratings yet
CIS Hardening Windows 2019 New DC L1
174 pages
FortiOS-6.4-VMware ESXi Cookbook PDF
No ratings yet
FortiOS-6.4-VMware ESXi Cookbook PDF
56 pages
Start-Stop VCenter Server Appliance Services Through SSH
No ratings yet
Start-Stop VCenter Server Appliance Services Through SSH
4 pages
Configracion Flash Switch Capacitacion
No ratings yet
Configracion Flash Switch Capacitacion
4 pages
How To Create VLANs Within A Virtual Switch in VMware ESXi
No ratings yet
How To Create VLANs Within A Virtual Switch in VMware ESXi
10 pages
BRKDCT 2049 Otv
No ratings yet
BRKDCT 2049 Otv
86 pages
NSX Reference Design Guide - VMware
No ratings yet
NSX Reference Design Guide - VMware
224 pages
Summer Experience vSAN 101 Maurice
No ratings yet
Summer Experience vSAN 101 Maurice
67 pages
Overview of Cisco UCS Manager
No ratings yet
Overview of Cisco UCS Manager
4 pages
Configuring Cisco Nexus 7000 Series Switches-Student Guide p402-511 Final-New
No ratings yet
Configuring Cisco Nexus 7000 Series Switches-Student Guide p402-511 Final-New
229 pages
Install Ucs Emulator
No ratings yet
Install Ucs Emulator
4 pages
Software Upgrade Procedure September 23, 2020
No ratings yet
Software Upgrade Procedure September 23, 2020
23 pages
Meraki Proposal
No ratings yet
Meraki Proposal
3 pages
NSX-T Reference Design Guide Version 2.0
No ratings yet
NSX-T Reference Design Guide Version 2.0
246 pages
Cisco UCS Director 5.2 Lab-V.1.5
100% (1)
Cisco UCS Director 5.2 Lab-V.1.5
180 pages
Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release PDF
No ratings yet
Cisco Nexus 7000 Series NX-OS Security Configuration Guide, Release PDF
776 pages
Installation Guide For Cisco ACS
No ratings yet
Installation Guide For Cisco ACS
8 pages
AOS-CX Simulator Lab - Spanning Tree Basics Lab Guide
No ratings yet
AOS-CX Simulator Lab - Spanning Tree Basics Lab Guide
18 pages
Total Solution For Automating Data
No ratings yet
Total Solution For Automating Data
24 pages
Cisco ISE Project Overview
No ratings yet
Cisco ISE Project Overview
2 pages
Data at Rest & Data-in-Transit On Mariadb Galera Cluster - 24022022
No ratings yet
Data at Rest & Data-in-Transit On Mariadb Galera Cluster - 24022022
9 pages
Meraki Solutions Specialist at A Glance
No ratings yet
Meraki Solutions Specialist at A Glance
2 pages
Sd-Wan Velocloud by Vmware
No ratings yet
Sd-Wan Velocloud by Vmware
8 pages
FortiWiFi and FortiAP-7.4.4-Configuration Guide
No ratings yet
FortiWiFi and FortiAP-7.4.4-Configuration Guide
425 pages
Flexpod Saphana n9k Aff Ucsm PDF
No ratings yet
Flexpod Saphana n9k Aff Ucsm PDF
399 pages
Cisco MDS Training Vol1 PDF
100% (1)
Cisco MDS Training Vol1 PDF
32 pages
CISCO Data Center Architecture Overview
No ratings yet
CISCO Data Center Architecture Overview
10 pages
HPE Compute Transceiver and Cable Hardware Matrix-A00002507enw
No ratings yet
HPE Compute Transceiver and Cable Hardware Matrix-A00002507enw
16 pages
Windows Server Hardening Checklist
No ratings yet
Windows Server Hardening Checklist
11 pages
Cisco Nexus7000 Fundamentals Config Guide 8x
No ratings yet
Cisco Nexus7000 Fundamentals Config Guide 8x
190 pages
Vmware Ports
No ratings yet
Vmware Ports
26 pages
Final DRP
No ratings yet
Final DRP
38 pages
BRKUCC-2676 Migrating From VCS To CUCM
No ratings yet
BRKUCC-2676 Migrating From VCS To CUCM
113 pages
Cisco Catalyst 9800-CL Wireless Controller For Cloud Deployment Guide
No ratings yet
Cisco Catalyst 9800-CL Wireless Controller For Cloud Deployment Guide
80 pages
Windows Server 2008 For Dummies
From Everand
Windows Server 2008 For Dummies
Ed Tittel
No ratings yet
Compact Ultrawideband Rectangular Aperture Antenna and Band-Notched Designs
No ratings yet
Compact Ultrawideband Rectangular Aperture Antenna and Band-Notched Designs
12 pages
Antenna Analysis and Design Chapter 9
No ratings yet
Antenna Analysis and Design Chapter 9
15 pages
Antenna Analysis and Design Chapter 8
No ratings yet
Antenna Analysis and Design Chapter 8
14 pages
Antenna Analysis and Design Chapter 1
No ratings yet
Antenna Analysis and Design Chapter 1
11 pages
Antenna Analysis and Design Chapter 5
50% (2)
Antenna Analysis and Design Chapter 5
26 pages
Antenna Analysis and Design Chapter 3
No ratings yet
Antenna Analysis and Design Chapter 3
7 pages
Antenna Analysis and Design Chapter 7
No ratings yet
Antenna Analysis and Design Chapter 7
9 pages
Antenna Analysis and Design Chapter 6
No ratings yet
Antenna Analysis and Design Chapter 6
9 pages
Chapter 1 Introduction and Review
No ratings yet
Chapter 1 Introduction and Review
19 pages
Chapter 5 Algorithms For Optimum Linear Filters
No ratings yet
Chapter 5 Algorithms For Optimum Linear Filters
42 pages
Chapter 2 Linear Signal Models
No ratings yet
Chapter 2 Linear Signal Models
40 pages
Imanager NetEco Software Datasheet (Site) PDF
100% (1)
Imanager NetEco Software Datasheet (Site) PDF
2 pages
Vcenter Server and Host Management VMware Vsphere6.5 - ESXi6.5 - Vcenter Server6.5 PDF
No ratings yet
Vcenter Server and Host Management VMware Vsphere6.5 - ESXi6.5 - Vcenter Server6.5 PDF
184 pages
Huawei HCNP H12-224 FastTrack Exam Title HCNP-R&S Fast Track (Huawei Certified Network Professional - Routing & Switching) Fast Track Exam PDF
No ratings yet
Huawei HCNP H12-224 FastTrack Exam Title HCNP-R&S Fast Track (Huawei Certified Network Professional - Routing & Switching) Fast Track Exam PDF
256 pages
HCIE-Routing & Switching V3.0 Lab Guide
50% (2)
HCIE-Routing & Switching V3.0 Lab Guide
420 pages
I.K.G Punjab Technical University, Kapurthala: Operating System Lab BTCS404-18
No ratings yet
I.K.G Punjab Technical University, Kapurthala: Operating System Lab BTCS404-18
26 pages
Vmware Fortinet Solution Brief PDF
No ratings yet
Vmware Fortinet Solution Brief PDF
3 pages
Sym Netbackup PDF
No ratings yet
Sym Netbackup PDF
9 pages
Deep Security 12.0 On-Premise Administration Guide PDF
No ratings yet
Deep Security 12.0 On-Premise Administration Guide PDF
1,521 pages
P - V - SIVAKUMAR Resume
No ratings yet
P - V - SIVAKUMAR Resume
7 pages
PTC Deployment Guide White Paper
No ratings yet
PTC Deployment Guide White Paper
20 pages
Lab 01 - VMware Guide and Installation
No ratings yet
Lab 01 - VMware Guide and Installation
9 pages
Critical Business Update- Positioning & Portfolio Simplification Deck
No ratings yet
Critical Business Update- Positioning & Portfolio Simplification Deck
38 pages
VMW Deploy Horizon Seven On Vmware Cloud On Aws
No ratings yet
VMW Deploy Horizon Seven On Vmware Cloud On Aws
30 pages
MSFT AzureVMwareSolutions SteveLindsey March13
No ratings yet
MSFT AzureVMwareSolutions SteveLindsey March13
14 pages
Kerio Connect VM Getting Started Guide
No ratings yet
Kerio Connect VM Getting Started Guide
2 pages
Installation Guide For Cisco Business Edition 7000H/M (M5), Release 12.5
No ratings yet
Installation Guide For Cisco Business Edition 7000H/M (M5), Release 12.5
36 pages
Vcp6.5 DCV Study Guide
No ratings yet
Vcp6.5 DCV Study Guide
268 pages
3BSE056141-510 C en System 800xa 5.1 Server Node Virtualization
No ratings yet
3BSE056141-510 C en System 800xa 5.1 Server Node Virtualization
136 pages
DT-0009 ModernizeInfrastructure SolutionOverview
No ratings yet
DT-0009 ModernizeInfrastructure SolutionOverview
5 pages
Vmware Vsan Licensing Guide
No ratings yet
Vmware Vsan Licensing Guide
16 pages
VMware Tanzu Application Catalog Documentation - Tutorials
No ratings yet
VMware Tanzu Application Catalog Documentation - Tutorials
181 pages
VMworld 2019 Conference Coverage
No ratings yet
VMworld 2019 Conference Coverage
79 pages
HPE2-B04- Demo
No ratings yet
HPE2-B04- Demo
9 pages
VMware HA Deployment Guide Esri ArcGIS Server 10.1
No ratings yet
VMware HA Deployment Guide Esri ArcGIS Server 10.1
28 pages
Intro To Virtualization
100% (8)
Intro To Virtualization
452 pages
Vmware Cheatsheet PDF
No ratings yet
Vmware Cheatsheet PDF
2 pages
Reference Architecture: 11 April 2019 Vrealize Automation 7.6
100% (1)
Reference Architecture: 11 April 2019 Vrealize Automation 7.6
41 pages
Arnab Kumar Das: System Administrator (Vmware & Windows)
No ratings yet
Arnab Kumar Das: System Administrator (Vmware & Windows)
3 pages
VMW VCP DCV Certification Preparation Guide
No ratings yet
VMW VCP DCV Certification Preparation Guide
5 pages
Vmware Infrastructure 3: Install and Configure: Course Outline
No ratings yet
Vmware Infrastructure 3: Install and Configure: Course Outline
1 page
Vmware Certified Professional 6 - Data Center Virtualization Exam
No ratings yet
Vmware Certified Professional 6 - Data Center Virtualization Exam
20 pages
Whats New Vsphere 6.7
No ratings yet
Whats New Vsphere 6.7
99 pages
VMware HealthAnalyzer Install and User Guide v5.5.2
No ratings yet
VMware HealthAnalyzer Install and User Guide v5.5.2
62 pages