Installation vSphere 5 (vCentre)

From vwiki
Jump to navigation Jump to search

vCentre comprises of the following components. These can be installed on the same machine, or if required (in larger environments) on separate machines. However, they must be installed in the order specified.

  1. vCentre Single Sign On (SSO)
  2. VMware vCentre Inventory Service
  3. VMware vCentre Server
  4. VMware vSphere Update Manager

These notes were made using the vSphere v5.1a ISO, and assumes everything is being installed on the same server. You can either select the VMware vCenter Simple Install install, which will install SSO, Inventory and then vCentre Server, or select the component individually.

Requirements

Database Set-up

Create vCentre Database

These instructions are for creating a vCentre database on MS SQL 2008 (other variants of MS SQL will be similar, but these notes will be of no use if you're using IBM DB2 or Oracle).

For more information see the VMware documentation

  1. Start SQL Server Management Studio on your SQL server and login as a SQL administrator
  2. Create the database
    1. Right-click over Databases and select New Database...
    2. In General set the database name to VCDB (or something else of your choosing)
    3. Go to Options set the Recovery model to Simple
    4. Then click on OK to create the database
  3. Create the vCentre user
    1. Right-click over Security and select New > Login
    2. In General set the Login name: to vpxuser, select SQL Server authentication, and create a password, and untick the following
      • Enforce password policy
      • Enforce password expiration
      • User must change password at next login
    3. Set the Default database to VCDB (or whatever you called your database)
    4. Set the Default language to English (not British English, using (American) English is safer, though obviously wrong)
    5. Go to User Mapping, check the Map option for msdb and check the db_owner role membership below, then do the same for VCDB
    6. Then click on OK to create the user
    7. Click on the New Query button, and enter the following
      • GRANT VIEW SERVER STATE TO vpxuser
      • GO
    8. Then click on the ! Execute button

Create SSO Database

  1. Mount the vCenter install ISO on the machines CD Drive
  2. Start SQL Server Management Studio on your SQL server and login as a SQL administrator
  3. Create the database
    1. Go to File | Open | File... and open the following SQL script on the CD Drive
      • Single Sign On\DBScripts\SSOServer\schema\mssql\rsaIMSLiteMSSQLCreateSchema
    2. Edit the file to ensure that the file locations for you databases are correct (see example below)
    3. Click ! Execute
  4. Create the SSO database user accounts
    1. Right-click over Security and select New > Login
    2. In General set the Login name: to SSO_DBA, select SQL Server authentication, create a password, and untick the following
      • Enforce password policy
      • Enforce password expiration
      • User must change password at next login
    3. Set the Default database to SSO (or whatever you called your database)
    4. Then click on OK to create the user
    5. Then repeat the above for another user, SSO_User
  5. Give SSO_DBA rights over schema
    1. Browse to Databases > SSO > Security > Users
    2. Right-click over SSO_DBA and select Properties
    3. In Schemas owned by this user: check db_owner, then click OK to apply
-- PROJECT     IMS
-- MODEL       IDENTITY MANAGEMENT SERVICE
-- COMPANY     RSA, the Security Division of EMC
-- DATABASE    MSSQL

USE MASTER
GO

-------------------------------------------------------------------------------------
-- Create database
--
-- Using this script is not mandatory. The database can be created with
-- SQL Management Studio, ensuring that there are two tablespaces, named RSA_DATA
-- and RSA_INDEX, and that there are only alphanumeric characters in the database name.
--
-- Before running this script, customize the file paths (CHANGE ME) below.
-- 1. Decide on a folder to hold the database files (10 GB of space required).
-- For example, it can be the DATA folder of the SQL Server, usually
-- C:\Program Files\Microsoft SQL Server\MSSQL10_50.<instance name>\MSSQL\DATA
-- 2. Replace all 3 occurrences of C:\CHANGE ME with the path to the folder

-- The database name can also be customized, but it is forbidden to include
-- reserved keywords like database or any characters other than letters, numbers,
-- _, @ and #.

-- Advanced users can put the different files (RSA_DATA, RSA_INDEX and LOG)
-- on different storage devices to improve performance. RSA_INDEX is a small file which
-- is recommended to be stored on a fast device.
-- For more details, please refer to Microsoft documentation at http://technet.microsoft.com/en-us/library/ms143547.aspx
-------------------------------------------------------------------------------------
CREATE DATABASE SSO ON PRIMARY(
    NAME='RSA_DATA',
    FILENAME='D:\MS SQL\MSSQL10.MSSQLSERVER\MSSQL\DATA\SSO_DATA.mdf',
    SIZE=10MB,
    MAXSIZE=UNLIMITED,
    FILEGROWTH=10%),
FILEGROUP RSA_INDEX(
    NAME='RSA_INDEX',
    FILENAME='D:\MS SQL\MSSQL10.MSSQLSERVER\MSSQL\DATA\SSO_INDEX.ndf',
    SIZE=10MB,
    MAXSIZE=UNLIMITED,
    FILEGROWTH=10%)
LOG ON(
    NAME='translog',
    FILENAME='D:\MS SQL\MSSQL10.MSSQLSERVER\MSSQL\DATA\SSO_log.ldf',
    SIZE=10MB,
    MAXSIZE=UNLIMITED,
    FILEGROWTH=10% )
GO

-- Set recommended perform settings on the database
EXEC SP_DBOPTION 'SSO', 'autoshrink', true
GO
EXEC SP_DBOPTION 'SSO', 'trunc. log on chkpt.', true
GO

CHECKPOINT
GO

-------------------------------------------------------------------------------------
-- To drop the database, the commands is:
-------------------------------------------------------------------------------------
-- DROP DATABASE RSA

Installation

Single Sign On

Before starting the install, ensure you have set-up...

  1. Start the installer
  2. Select vCenter Single Sign On, and click Install
    • Click Allow or Continue if you get a User Account Control warning
  3. Click Next at both the vCenter Single Sign On install start, and End User Patent Agreement screens
  4. Accept EULA, and then click Next
  5. Enter a password for the SSO admin account
  6. Select Use an existing supported database, and then click Next
  7. Populate the Database Information as follows, then click Next
    • Database Name: SSO
    • Host name or IP address: localhost (assuming database has been installed locally)
    • Database user name: SSO_User
    • Database password: [as created for SSO_User]
    • Database DBA user name: SSO_DBA
    • Database DBA password: [as created for SSO_DBA]
  8. Check the system name (or IP address) is correct, then click Next
    • You may get a popup complaining the FQDN cannot be resolved, double-check with nslookup manually, performing both forward and reverse lookups
  9. Leave Use network service account checked, and then click Next
  10. If required, change the Destination Folder, then click Next
    • Its common to install to a separate disk, eg D:\VMware\Infrastructure
  11. Leave HTTPS port as is, then click Next', the Install to commence installation

Inventory Service

  1. Select VMware vCentre Inventory Service from the installer menu, and click Install
    • Click Allow or Continue if you get a User Account Control warning
  2. Change the installer language if required, then click OK
  3. Click Next at both the VMware vCentre Inventory Service install start, and End User Patent Agreement screens
  4. Accept EULA, and then click Next
  5. If required, change the Destination Folder, then click Next
    • Its common to install to a separate disk, eg D:\VMware\Infrastructure
  6. Check the system name (or IP address) is correct, then click Next
    • You may get a popup complaining the FQDN cannot be resolved, double-check with nslookup manually, performing both forward and reverse lookups
  7. Unless required, leave TCP ports as is, then click Next
  8. Select the appropriate Inventory Size for your environment, then click Next
    • If you expect your infrastructure to grow, and you have sufficient memory available, then use what you expect your final inventory size to be
  9. Enter the password for the SSO admin account (created in SSO install), and then click Next
    • If you installed SSO on a different server, you'll also need to update the Lookup service URL
  10. If you get a screen regarding Certificate Installation for Secure Connection, click on Install certificates
  11. Click Install to complete installation

vCentre Server

Before starting the install, ensure you have set-up both...

...for small (less than 5 ESX's and 50 VM's, and normally all test) installs you can skip this, and let the vCentre installer use SQL 2008 Express

  1. Select VMware vCentre Server from the installer menu, and click Install
    • Click Allow or Continue if you get a User Account Control warning
  2. Change the installer language if required, then click OK
  3. Click Next at both the VMware vCentre Server install start, and End User Patent Agreement screens
  4. Accept EULA, and then click Next
  5. Enter vCentre license key (if you have one), and then click Next
  6. Select Use an existing supported database, and select the DSN for your vCentre database, and then click Next
    • You can yse Install a Microsoft SQL 2008 Express instance... for small scale or non-production deployments only
    • Select an existing DSN (to set-up a new DSN, see Create DSN)
  7. Enter the password for vpxuser (created during database creation), and then click Next
    • You may get a pop-up regarding using both TCP/IP and named pipes for remote conmections
      1. Start the SQL Server Configuration Manager
      2. Go to SQL Server Network Configuration > Protocols for MSSQLSERVER
      3. Set Named Pipes to Enabled (you'll need to restart SQL to apply)
  8. Leave the vCentre Server Service to use the SYSTEM account
    • If you need to change this, do not use a domain account, in the event of a distaster you want to be able to run the service without dependance on outside infrastructure that could be down or unreachable
  9. Select the appropriate Linked Mode (this proc assumes Standalone, use this unless you know different), and then click Next
  10. Accept the default TCP ports (its recommended that you don't share the server with other services which, for example, might necessitate changing the vCentre ports), and then click Next
  11. Select the appropriate Inventory Size for your environment, then click Next
    • If you expect your infrastructure to grow, and you have sufficient memory available, then use what you expect your final inventory size to be
  12. Enter the password for the SSO admin account (created in SSO install), and then click Next
    • If you installed SSO on a different server, you'll also need to update the Lookup service URL
  13. Set a group or user account that should be used by SSO to allow admin access to vCentre, then click Next
    • I'd recommend creating a local group on the server called something likeVC-Admins, and add into that any local or domain users or groups that should have access
    • Don't use the default Administrators local group if there are people such as domain admins that should not have admin access over your virtual estate
  14. Click Next to accept the default Inventory Service URL
    • If you installed ytour Inventory Service on a different server, you'll also need to update the vCenter Inventory Service URL
  15. If required, change the Destination Folder, then click Next
    • Its common to install to a seperate disk, eg D:\VMware\Infrastructure
  16. Click Install to complete the installation

Web Client

  1. Select VMware vSphere Web Client from the installer menu, and click Install
    • Click Allow or Continue if you get a User Account Control warning
  2. Change the installer language if required, then click OK
  3. Click Next at both the VMware vSphere Web Client install start, and End User Patent Agreement screens
  4. Accept EULA, and then click Next
  5. If required, change the Destination Folder, then click Next
    • Its common to install to a seperate disk, eg D:\VMware\Infrastructure
  6. Accept the default TCP ports (its recommended that you don't share the server with other services which, for example, might necessitate changing the ports), and then click Next
  7. Enter the password for the SSO admin account (created in SSO install), and then click Next
  8. Click Install to complete the installation