Installation vSphere 5 (vCentre)
vCentre comprises of the following components. These can be installed on the same machine, or if required (in larger environments) on separate machines. However, they must be installed in the order specified.
- vCentre Single Sign On (SSO)
- VMware vCentre Inventory Service
- VMware vCentre Server
- VMware vSphere Update Manager
These notes were made using the vSphere v5.1a ISO, and assumes everything is being installed on the same server. You can either select the VMware vCenter Simple Install install, which will install SSO, Inventory and then vCentre Server, or select the component individually.
Requirements
- Database
- Selected Microsoft SQL, IBM DB2 and Oracle databases
- See http://partnerweb.vmware.com/comp_guide2/sim/interop_matrix.php
- For instructions see the MS_SQL#SQL_2008_Standard#MS SQL 2008 Install
- Operating System
- Windows Server 2003 64-bit (Standard, Enterprise or Datacenter; SP2 or R2)
- Windows Server 2008 64-bit (Standard, Enterprise or Datacenter; SP1, SP2, R2, R2 SP1)
Database Set-up
Create vCentre Database
These instructions are for creating a vCentre database on MS SQL 2008 (other variants of MS SQL will be similar, but these notes will be of no use if you're using IBM DB2 or Oracle).
For more information see the VMware documentation
- Start SQL Server Management Studio on your SQL server and login as a SQL administrator
- Create the database
- Right-click over Databases and select New Database...
- In General set the database name to
VCDB
(or something else of your choosing) - Go to Options set the Recovery model to Simple
- Then click on OK to create the database
- Create the vCentre user
- Right-click over Security and select New > Login
- In General set the Login name: to
vpxuser
, select SQL Server authentication, and create a password, and untick the following- Enforce password policy
- Enforce password expiration
- User must change password at next login
- Set the Default database to
VCDB
(or whatever you called your database) - Set the Default language to
English
(not British English, using (American) English is safer, though obviously wrong) - Go to User Mapping, check the Map option for msdb and check the
db_owner
role membership below, then do the same for VCDB - Then click on OK to create the user
- Click on the New Query button, and enter the following
GRANT VIEW SERVER STATE TO vpxuser
GO
- Then click on the ! Execute button
Create SSO Database
- Mount the vCenter install ISO on the machines CD Drive
- Start SQL Server Management Studio on your SQL server and login as a SQL administrator
- Create the database
- Go to File | Open | File... and open the following SQL script on the CD Drive
Single Sign On\DBScripts\SSOServer\schema\mssql\rsaIMSLiteMSSQLCreateSchema
- Edit the file to ensure that the file locations for you databases are correct (see example below)
- Click ! Execute
- Go to File | Open | File... and open the following SQL script on the CD Drive
- Create the SSO database user accounts
- Right-click over Security and select New > Login
- In General set the Login name: to
SSO_DBA
, select SQL Server authentication, create a password, and untick the following- Enforce password policy
- Enforce password expiration
- User must change password at next login
- Set the Default database to
SSO
(or whatever you called your database) - Then click on OK to create the user
- Then repeat the above for another user,
SSO_User
- Give SSO_DBA rights over schema
- Browse to Databases > SSO > Security > Users
- Right-click over SSO_DBA and select Properties
- In Schemas owned by this user: check
db_owner
, then click OK to apply
-- PROJECT IMS
-- MODEL IDENTITY MANAGEMENT SERVICE
-- COMPANY RSA, the Security Division of EMC
-- DATABASE MSSQL
USE MASTER
GO
-------------------------------------------------------------------------------------
-- Create database
--
-- Using this script is not mandatory. The database can be created with
-- SQL Management Studio, ensuring that there are two tablespaces, named RSA_DATA
-- and RSA_INDEX, and that there are only alphanumeric characters in the database name.
--
-- Before running this script, customize the file paths (CHANGE ME) below.
-- 1. Decide on a folder to hold the database files (10 GB of space required).
-- For example, it can be the DATA folder of the SQL Server, usually
-- C:\Program Files\Microsoft SQL Server\MSSQL10_50.<instance name>\MSSQL\DATA
-- 2. Replace all 3 occurrences of C:\CHANGE ME with the path to the folder
-- The database name can also be customized, but it is forbidden to include
-- reserved keywords like database or any characters other than letters, numbers,
-- _, @ and #.
-- Advanced users can put the different files (RSA_DATA, RSA_INDEX and LOG)
-- on different storage devices to improve performance. RSA_INDEX is a small file which
-- is recommended to be stored on a fast device.
-- For more details, please refer to Microsoft documentation at http://technet.microsoft.com/en-us/library/ms143547.aspx
-------------------------------------------------------------------------------------
CREATE DATABASE SSO ON PRIMARY(
NAME='RSA_DATA',
FILENAME='D:\MS SQL\MSSQL10.MSSQLSERVER\MSSQL\DATA\SSO_DATA.mdf',
SIZE=10MB,
MAXSIZE=UNLIMITED,
FILEGROWTH=10%),
FILEGROUP RSA_INDEX(
NAME='RSA_INDEX',
FILENAME='D:\MS SQL\MSSQL10.MSSQLSERVER\MSSQL\DATA\SSO_INDEX.ndf',
SIZE=10MB,
MAXSIZE=UNLIMITED,
FILEGROWTH=10%)
LOG ON(
NAME='translog',
FILENAME='D:\MS SQL\MSSQL10.MSSQLSERVER\MSSQL\DATA\SSO_log.ldf',
SIZE=10MB,
MAXSIZE=UNLIMITED,
FILEGROWTH=10% )
GO
-- Set recommended perform settings on the database
EXEC SP_DBOPTION 'SSO', 'autoshrink', true
GO
EXEC SP_DBOPTION 'SSO', 'trunc. log on chkpt.', true
GO
CHECKPOINT
GO
-------------------------------------------------------------------------------------
-- To drop the database, the commands is:
-------------------------------------------------------------------------------------
-- DROP DATABASE RSA
Installation
Single Sign On
Before starting the install, ensure you have set-up...
- Start the installer
- Select vCenter Single Sign On, and click Install
- Click Allow or Continue if you get a User Account Control warning
- Click Next at both the vCenter Single Sign On install start, and End User Patent Agreement screens
- Accept EULA, and then click Next
- Enter a password for the SSO admin account
- Select Use an existing supported database, and then click Next
- Populate the Database Information as follows, then click Next
- Database Name:
SSO
- Host name or IP address:
localhost
(assuming database has been installed locally) - Database user name:
SSO_User
- Database password: [as created for SSO_User]
- Database DBA user name:
SSO_DBA
- Database DBA password: [as created for SSO_DBA]
- Database Name:
- Check the system name (or IP address) is correct, then click Next
- You may get a popup complaining the FQDN cannot be resolved, double-check with
nslookup
manually, performing both forward and reverse lookups
- You may get a popup complaining the FQDN cannot be resolved, double-check with
- Leave Use network service account checked, and then click Next
- If required, change the Destination Folder, then click Next
- Its common to install to a separate disk, eg
D:\VMware\Infrastructure
- Its common to install to a separate disk, eg
- Leave HTTPS port as is, then click Next', the Install to commence installation
Inventory Service
- Select VMware vCentre Inventory Service from the installer menu, and click Install
- Click Allow or Continue if you get a User Account Control warning
- Change the installer language if required, then click OK
- Click Next at both the VMware vCentre Inventory Service install start, and End User Patent Agreement screens
- Accept EULA, and then click Next
- If required, change the Destination Folder, then click Next
- Its common to install to a separate disk, eg
D:\VMware\Infrastructure
- Its common to install to a separate disk, eg
- Check the system name (or IP address) is correct, then click Next
- You may get a popup complaining the FQDN cannot be resolved, double-check with
nslookup
manually, performing both forward and reverse lookups
- You may get a popup complaining the FQDN cannot be resolved, double-check with
- Unless required, leave TCP ports as is, then click Next
- Select the appropriate Inventory Size for your environment, then click Next
- If you expect your infrastructure to grow, and you have sufficient memory available, then use what you expect your final inventory size to be
- Enter the password for the SSO admin account (created in SSO install), and then click Next
- If you installed SSO on a different server, you'll also need to update the Lookup service URL
- If you get a screen regarding Certificate Installation for Secure Connection, click on Install certificates
- Click Install to complete installation
vCentre Server
Before starting the install, ensure you have set-up both...
...for small (less than 5 ESX's and 50 VM's, and normally all test) installs you can skip this, and let the vCentre installer use SQL 2008 Express
- Select VMware vCentre Server from the installer menu, and click Install
- Click Allow or Continue if you get a User Account Control warning
- Change the installer language if required, then click OK
- Click Next at both the VMware vCentre Server install start, and End User Patent Agreement screens
- Accept EULA, and then click Next
- Enter vCentre license key (if you have one), and then click Next
- Select Use an existing supported database, and select the DSN for your vCentre database, and then click Next
- You can yse Install a Microsoft SQL 2008 Express instance... for small scale or non-production deployments only
- Select an existing DSN (to set-up a new DSN, see Create DSN)
- Enter the password for vpxuser (created during database creation), and then click Next
- You may get a pop-up regarding using both TCP/IP and named pipes for remote conmections
- Start the SQL Server Configuration Manager
- Go to SQL Server Network Configuration > Protocols for MSSQLSERVER
- Set Named Pipes to Enabled (you'll need to restart SQL to apply)
- You may get a pop-up regarding using both TCP/IP and named pipes for remote conmections
- Leave the vCentre Server Service to use the SYSTEM account
- If you need to change this, do not use a domain account, in the event of a distaster you want to be able to run the service without dependance on outside infrastructure that could be down or unreachable
- Select the appropriate Linked Mode (this proc assumes Standalone, use this unless you know different), and then click Next
- Accept the default TCP ports (its recommended that you don't share the server with other services which, for example, might necessitate changing the vCentre ports), and then click Next
- Select the appropriate Inventory Size for your environment, then click Next
- If you expect your infrastructure to grow, and you have sufficient memory available, then use what you expect your final inventory size to be
- Enter the password for the SSO admin account (created in SSO install), and then click Next
- If you installed SSO on a different server, you'll also need to update the Lookup service URL
- Set a group or user account that should be used by SSO to allow admin access to vCentre, then click Next
- I'd recommend creating a local group on the server called something likeVC-Admins, and add into that any local or domain users or groups that should have access
- Don't use the default Administrators local group if there are people such as domain admins that should not have admin access over your virtual estate
- Click Next to accept the default Inventory Service URL
- If you installed ytour Inventory Service on a different server, you'll also need to update the vCenter Inventory Service URL
- If required, change the Destination Folder, then click Next
- Its common to install to a seperate disk, eg
D:\VMware\Infrastructure
- Its common to install to a seperate disk, eg
- Click Install to complete the installation
Web Client
- Select VMware vSphere Web Client from the installer menu, and click Install
- Click Allow or Continue if you get a User Account Control warning
- Change the installer language if required, then click OK
- Click Next at both the VMware vSphere Web Client install start, and End User Patent Agreement screens
- Accept EULA, and then click Next
- If required, change the Destination Folder, then click Next
- Its common to install to a seperate disk, eg
D:\VMware\Infrastructure
- Its common to install to a seperate disk, eg
- Accept the default TCP ports (its recommended that you don't share the server with other services which, for example, might necessitate changing the ports), and then click Next
- Enter the password for the SSO admin account (created in SSO install), and then click Next
- Click Install to complete the installation