Monday 2 July 2018

Enhanced Linked Mode with Embedded PSC

Enhanced Linked Mode with Embedded PSC


The latest 6.5 U2 and 6.7 release support enhanced linked mode when used in a greenfield site. I was a bit confused over how this is done so decided to lab it just to see the steps required.

"With vCenter Server 6.5 Update 2, you can deploy by using the GUI or CLI installer up to 15 vCenter Server Appliance instances in Embedded Linked Mode, and manage these instances with the vSphere Web Client or vSphere Client from any of the instances."

So start with I'm using 6.5 U2 VCSA ISO and the deployment is in two stages as per normal. I choose embedded PSC:
 I wait for the deployment to process:
 Now for Stage two:
 Standard Stuff so far:
This is the key screen. You can setup the first VCSA with a new SSO. Later I'll join an existing SSO domain on my second VCSA deployment and see what happens.
Here is my vCenter up with a test host added:
Now I'll deploy the second vCenter and same story for part 1. Now I've just spotted an issue from the release notes:

Second node in Embedded Linked Mode might be deployed in a new site with the default site name regardless of the first node configuration
If you configure a vCenter Server instance in Embedded Linked Mode on a site with a name of your choice and then you add another node, the second node might be deployed in a new site and get the a  default name, regardless of the first node configuration. This issue is specific for the GUI installer of vCenter Server Appliance and not for the CLI installer.
Workaround: None. Site names in vCenter Server Appliance configured in Embedded Linked Mode by using the GUI installer must default to Default-First-Site and not be modified. 
Oh, great, stick with the site name defaults then. Too late for me, let's see what happens!

I've grabbed the following screenshot from the second part of the deployment phase which shows me joining the existing SSO:
Hmmm...no sign of being able to choose a different site name so I'll need to check both appliances after the second is finished to see what the two SSO site names end up as!!! Will ELM work or not, that's the question!!
So, here we are - looks ok - ELM see's both vCenters and VMs.
This is labvc01:
 It has the custom site name

This is labvc02:
This one defaulted to the default site name as per release notes.

Now, in vSphere 6.7 Sites are deprecated, i.e. no more sites so no worries. For now I would leave the Site to default and leave it well alone! The issue with the settings above is if I wanted to point vCenter at the other PSC in a DR scenario, as it's in a different site, that's not possible!!
https://communities.vmware.com/thread/587203

Now, let's try again and this time stick to the default site name:
 I tried leaving the two fields blank but you're forced to write something into them. Get this - the default site name shown is WRONG! Don't type in "default-site", type in "Default-First-Site" as shown below:
Validate with these commands (enable SSH during install!):
https://kenumemoto.blogspot.com/2017/06/vcsa-65-how-to-find-which-psc-your-vcsa.html

To find your SSO Domain Name:
/usr/lib/vmware-vmafd/bin/vmafd-cli get-domain-name --server-name localhost

To find your SSO Site Name:
/usr/lib/vmware-vmafd/bin/vmafd-cli get-site-name --server-name localhost

To find you which PSC your vCSA is pointing to:
/usr/lib/vmware-vmafd/bin/vmafd-cli get-ls-location --server-name localhost
So far, so good. Now let's look at the second one:
So, same settings as before and after it's finished we can check the site info using putty:
All looks fine now:
Once those Site Names match you're good to go.....Hope this saves someone a few minutes out there!