VCenter Server Installation And Setup VMware VSphere 6.7 V Center 67 IG EN

User Manual: Pdf vCenter Server - 6.7 - Installation and Setup User Guide for VMware vCenter Software, Free Instruction Manual

Open the PDF directly: View PDF PDF.
Page Count: 163 [warning: Documents this large are best viewed by clicking the View PDF Link!]

vCenter Server
Installation and Setup
17 APR 2018
VMware vSphere 6.7
vCenter Server 6.7
vCenter Server Installation and Setup
VMware, Inc. 2
You can find the most up-to-date technical documentation on the VMware website at:
https://docs.vmware.com/
If you have comments about this documentation, submit your feedback to
docfeedback@vmware.com
Copyright © 2018 VMware, Inc. All rights reserved. Copyright and trademark information.
VMware, Inc.
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com
Contents
About vCenter Server Installation and Setup 5
1Introduction to vSphere Installation and Setup 6
Overview of the vSphere Installation and Setup Process 6
vCenter Server Components and Services 9
Overview of the vCenter Server Appliance 11
vCenter Server and Platform Services Controller Deployment Types 12
Understanding vSphere Domains, Domain Names, and Sites 16
Deployment Topologies with External Platform Services Controller Instances and High Availability 17
vCenter Enhanced Linked Mode 19
2Deploying the vCenter Server Appliance and Platform Services Controller
Appliance 22
System Requirements for the vCenter Server Appliance and Platform Services Controller
Appliance 23
Preparing for Deployment of the vCenter Server Appliance and Platform Services Controller
Appliance 32
Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance 35
GUI Deployment of the vCenter Server Appliance and Platform Services Controller Appliance 36
CLI Deployment of the vCenter Server Appliance and Platform Services Controller Appliance 60
3Installing vCenter Server and Platform Services Controller on Windows 78
vCenter Server for Windows Requirements 79
Preparing for Installing vCenter Server and Platform Services Controller on Windows 89
Required Information for Installing vCenter Server or Platform Services Controller on Windows 111
Installing vCenter Server and Platform Services Controller on Windows 113
4File-Based Backup and Restore of vCenter Server Appliance 121
Considerations and Limitations for File-Based Backup and Restore 122
Schedule a File-Based Backup 125
Manually Back up a vCenter Server Appliance by Using the vCenter Server Appliance
Management Interface 126
Restore a vCenter Server Appliance from a File-Based Backup 128
5Image-Based Backup and Restore of a vCenter Server Environment 134
Considerations and Limitations for Image-Based Backup and Restore 135
Restore a vCenter Server Image-based Environment 138
VMware, Inc. 3
6After You Install vCenter Server or Deploy the vCenter Server Appliance 143
Log in to vCenter Server by Using the vSphere Web Client 143
Install the VMware Enhanced Authentication Plug-in 144
Collect vCenter Server Log Files 145
Repoint vCenter Server to Another External Platform Services Controller in the Same Domain 145
Repoint vCenter Server to External Platform Services Controller in a Different Domain 147
Reconfigure a Standalone vCenter Server with an Embedded Platform Services Controller to a
vCenter Server with an External Platform Services Controller 155
7Troubleshooting vCenter Server Installation or Deployment 159
Collecting Logs for Troubleshooting a vCenter Server Installation or Upgrade 159
Attempt to Install a Platform Services Controller After a Prior Installation Failure 161
Microsoft SQL Database Set to Unsupported Compatibility Mode Causes vCenter Server
Installation or Upgrade to Fail 162
8Uninstall vCenter Server 163
vCenter Server Installation and Setup
VMware, Inc. 4
About vCenter Server Installation and
Setup
vCenter Server Installation and Setup describes how to install and configure VMware vCenter Server®,
and deploy the VMware vCenter® Server Appliance™.
vSphere Installation and Setup is intended for experienced administrators who want to install and
configure vCenter Server, and deploy and configure the vCenter Server Appliance.
This information is written for experienced Windows or Linux system administrators who are familiar with
virtual machine technology and data center operations. The information about using the Image Builder
and VMware vSphere® Auto Deploy™ is written for administrators who have experience with Microsoft
PowerShell and VMware vSphere® PowerCLI™.
vSphere Web Client and vSphere Client
Instructions in this guide reflect the vSphere Client (an HTML5-based GUI). You can also use the
instructions to perform most of the tasks by using the vSphere Web Client (a Flex-based GUI).
Note In vSphere 6.7, most of the vSphere Web Client functionality is implemented in the vSphere Client.
For an up-to-date list of the unsupported functionality, see Functionality Updates for the vSphere Client.
VMware Technical Publications Glossary
VMware Technical Publications provides a glossary of terms that might be unfamiliar to you. For
definitions of terms as they are used in VMware technical documentation, go to
http://www.vmware.com/support/pubs.
VMware, Inc. 5
Introduction to vSphere
Installation and Setup 1
vSphere 6.7 provides various options for installation and setup. To ensure a successful vSphere
deployment, understand the installation and setup options, and the sequence of tasks.
The two core components of vSphere are ESXi and vCenter Server. ESXi is the virtualization platform on
which you can create and run virtual machines and virtual appliances. vCenter Server is a service that
acts as a central administrator for ESXi hosts connected in a network. vCenter Server lets you pool and
manage the resources of multiple hosts.
You can install vCenter Server on a Windows virtual machine or physical server, or deploy the
vCenter Server Appliance. The vCenter Server Appliance is a preconfigured Linux-based virtual machine
optimized for running vCenter Server and the vCenter Server components. You can deploy the
vCenter Server Appliance on ESXi hosts 6.0 or later, or on vCenter Server instances 6.0 or later.
Starting with vSphere 6.0, all prerequisite services for running vCenter Server and the vCenter Server
components are bundled in the VMware Platform Services Controller™. You can deploy vCenter Server
with an embedded or external Platform Services Controller, but you must always install or deploy the
Platform Services Controller before installing or deploying vCenter Server.
For detailed information about the ESXi installation process, see VMware ESXi Installation and Setup .
This chapter includes the following topics:
nOverview of the vSphere Installation and Setup Process
nvCenter Server Components and Services
nOverview of the vCenter Server Appliance
nvCenter Server and Platform Services Controller Deployment Types
nUnderstanding vSphere Domains, Domain Names, and Sites
nDeployment Topologies with External Platform Services Controller Instances and High Availability
nvCenter Enhanced Linked Mode
Overview of the vSphere Installation and Setup Process
vSphere is a sophisticated product with multiple components to install and set up. To ensure a successful
vSphere deployment, understand the sequence of tasks required.
Installing vSphere includes the following tasks:
VMware, Inc. 6
Figure 11. vSphere Installation and Setup Workflow
Start the vSphere
installation and setup
End of the vSphere
installation and setup
Small envrionment with one
vCenter Server Instance
Large envrionment with multiple
vCenter Server Instances
Install ESXi
on at least one host
Set up ESXi
Deploy or install vCenter Server
with an embedded Platform
Services Controller
Log in to the vSphere Web
Client to create and organize
your vCenter Server inventory
Log in to the vSphere Web
Client to create and organize
your vCenter Server inventories
Start the vSphere
installation and setup
End of the vSphere
installation and setup
Install ESXi
on at least one host
Set up ESXi
Deploy or install the Platform
Services Controller instances
in a sequence
Deploy or install the vCenter Server
instances and register them with the
external Platform Services
Controller instances
1 Read the vSphere release notes.
2 Install ESXi.
Note See VMware ESXi Installation and Setup for detailed information about the ESXi installation
process.
vCenter Server Installation and Setup
VMware, Inc. 7
3 Configure the ESXi boot and network settings, the direct console, and other settings. See VMware
ESXi Installation and Setup for information.
4 Consider setting up a syslog server for remote logging, to ensure sufficient disk storage for log files.
Setting up logging on a remote host is especially important for hosts with limited local storage. See
VMware ESXi Installation and Setup
5 Determine the vCenter Server and Platform Services Controller deployment model that is suitable for
your environment.
vCenter Server with an embedded Platform Services Controller deployment is suitable for small-scale
environments. vCenter Server with an external Platform Services Controller deployment is suitable for
environments with several vCenter Server instances. See vCenter Server and Platform Services
Controller Deployment Types.
6 Deploy or install vCenter Server and Platform Services Controller.
You can deploy the vCenter Server Appliance or Platform Services Controller appliance on an ESXi
host or vCenter Server instance, or you can install vCenter Server and Platform Services Controller
on a Windows virtual machine or physical server.
You can deploy or install multiple vCenter Server instances connected in Enhanced Linked Mode
configuration by registering them to a common or different joined Platform Services Controller
instances.
nDeploy the vCenter Server Appliance or Platform Services Controller appliance.
1 Review the topics in System Requirements for the vCenter Server Appliance and Platform
Services Controller Appliance and verify that your system meets the hardware and software
requirements for deploying the appliance.
2 Determine the deployment method to use.
You can use the GUI method to deploy the appliance interactively. You can use the CLI
method to perform a silent deployment of the appliance. See GUI Deployment of the vCenter
Server Appliance and Platform Services Controller Appliance and CLI Deployment of the
vCenter Server Appliance and Platform Services Controller Appliance.
3 Use the topic Required Information for Deploying a vCenter Server Appliance or Platform
Services Controller Appliance to create a worksheet with the information you need for the
GUI deployment, or use the topic Prepare Your JSON Configuration File for CLI Deployment
to create your JSON templates for the CLI deployment.
4 Deploy the appliance.
nInstall vCenter Server or Platform Services Controller on a Windows virtual machine or physical
server.
1 Verify that your system meets the hardware and software requirements for installing
vCenter Server. See vCenter Server for Windows Requirements.
2 (Optional) Set up an external vCenter Server database. See Preparing vCenter Server
Databases for Install.
vCenter Server Installation and Setup
VMware, Inc. 8
For an environment with up to 20 hosts and 200 virtual machines, you can use the bundled
PostgreSQL database. For production and large scale environments, set up an external
database, because the migration from the embedded PostgreSQL database to an external
database is not a trivial manual process.
3 Create a worksheet with the information you need for installation. See Required Information
for Installing vCenter Server or Platform Services Controller on Windows.
4 Install vCenter Server with an embedded Platform Services Controller,
Platform Services Controller, or vCenter Server with an external Platform Services Controller.
7 Connect to vCenter Server from the vSphere Web Client. See Chapter 6 After You Install vCenter
Server or Deploy the vCenter Server Appliance.
8 Configure the vCenter Server Appliance or vCenter Server instance. See vCenter Server Appliance
Configuration and vCenter Server and Host Management.
vCenter Server Components and Services
vCenter Server provides a centralized platform for management, operation, resource provisioning, and
performance evaluation of virtual machines and hosts.
When you install vCenter Server with an embedded Platform Services Controller, or deploy the
vCenter Server Appliance with an embedded Platform Services Controller, vCenter Server, the
vCenter Server components, and the services included in the Platform Services Controller are deployed
on the same system.
When you install vCenter Server with an external Platform Services Controller, or deploy the
vCenter Server Appliance with an external Platform Services Controller, vCenter Server and the
vCenter Server components are deployed on one system, and the services included in the
Platform Services Controller are deployed on another system.
The following components are included in the vCenter Server and vCenter Server Appliance installations:
nThe VMware Platform Services Controller group of infrastructure services contains vCenter Single
Sign-On, License service, Lookup Service, and VMware Certificate Authority.
nThe vCenter Server group of services contains vCenter Server, vSphere Web Client, vSphere Auto
Deploy, and vSphere ESXi Dump Collector. vCenter Server for Windows also contains the VMware
vSphere Syslog Collector. The vCenter Server Appliance also contains the VMware vSphere Update
Manager Extension service.
Note Starting with vSphere 6.5, all vCenter Server services and some Platform Services Controller
services run as child processes of the VMware Service Lifecycle Manager service.
vCenter Server Installation and Setup
VMware, Inc. 9
Services Installed with VMware Platform Services Controller
vCenter Single Sign-On The vCenter Single Sign-On authentication service provides secure
authentication services to the vSphere software components. By using
vCenter Single Sign-On, the vSphere components communicate with each
other through a secure token exchange mechanism, instead of requiring
each component to authenticate a user separately with a directory service
like Active Directory. vCenter Single Sign-On constructs an internal security
domain (for example, vsphere.local) where the vSphere solutions and
components are registered during the installation or upgrade process,
providing an infrastructure resource. vCenter Single Sign-On can
authenticate users from its own internal users and groups, or it can connect
to trusted external directory services such as Microsoft Active Directory.
Authenticated users can then be assigned registered solution-based
permissions or roles within a vSphere environment.
vCenter Single Sign-On is required with vCenter Server.
vSphere License
Service
The vSphere License service provides common license inventory and
management capabilities to all vCenter Server systems that are connected
to a Platform Services Controller or multiple linked
Platform Services Controllers.
VMware Certificate
Authority
VMware Certificate Authority (VMCA) provisions each ESXi host with a
signed certificate that has VMCA as the root certificate authority, by default.
Provisioning occurs when the ESXi host is added to vCenter Server
explicitly or as part of the ESXi host installation process. All ESXi
certificates are stored locally on the host.
For information about all Platform Services Controller services and capabilities, see Platform Services
Controller Administration.
Services Installed with vCenter Server
These additional components are installed silently when you install vCenter Server. The components
cannot be installed separately as they do not have their own installers.
PostgreSQL A bundled version of the VMware distribution of PostgreSQL database for
vSphere and vCloud Hybrid Services.
vSphere Web Client The vSphere Web Client lets you connect to vCenter Server instances by
using a Web browser, so that you can manage your vSphere infrastructure.
vCenter Server Installation and Setup
VMware, Inc. 10
vSphere Client The new user interface that lets you connect to vCenter Server instances
by using a Web browser. The terminology, topology, and workflow are
closely aligned with the same aspects and elements of the
vSphere Web Client user interface.
vSphere ESXi Dump
Collector
The vCenter Server support tool. You can configure ESXi to save the
VMkernel memory to a network server, rather than to a disk, when the
system encounters a critical failure. The vSphere ESXi Dump Collector
collects such memory dumps over the network.
VMware vSphere
Syslog Collector
The vCenter Server on Windows support tool that enables network logging
and combining of logs from multiple hosts. You can use the vSphere Syslog
Collector to direct ESXi system logs to a server on the network, rather than
to a local disk. The recommended maximum number of supported hosts to
collect logs from is 30. For information about configuring vSphere Syslog
Collector, see http://kb.vmware.com/kb/2021652.
The vCenter Server Appliance uses the built-in Rsyslog service of the Linux
OS. For information how to redirect the log files to another machine with the
Appliance Management Interface, see vCenter Server Appliance
Configuration.
vSphere Auto Deploy The vCenter Server support tool that can provision hundreds of physical
hosts with ESXi software. You can specify the image to deploy and the
hosts to provision with the image. Optionally, you can specify host profiles
to apply to the hosts, and a vCenter Server location (folder or cluster) for
each host.
VMware vSphere
Update Manager
Extension
Update Manager enables centralized, automated patch and version
management for VMware vSphere and offers support for VMware ESXi
hosts, virtual machines, and virtual appliances. The VMware vSphere
Update Manager Extension is an optional service of only the
vCenter Server Appliance 6.7.
Overview of the vCenter Server Appliance
The vCenter Server Appliance is a preconfigured Linux-based virtual machine that is optimized for
running vCenter Server and the associated services.
The vCenter Server Appliance reduces the deployment time of vCenter Server and the associated
services, and provides a low-cost alternative to the Windows-based vCenter Server installation.
The vCenter Server Appliance package contains the following software:
nProject Photon OS® 1.0
nThe Platform Services Controller group of infrastructure services
nThe vCenter Server group of services
vCenter Server Installation and Setup
VMware, Inc. 11
nPostgreSQL
nVMware vSphere Update Manager Extension
Version 6.7 of the vCenter Server Appliance is deployed with virtual hardware version 10, which supports
64 virtual CPUs per virtual machine in ESXi.
The vCenter Server Appliance uses the embedded PostgreSQL database that has the scalability of up to
2,000 hosts and 35,000 virtual machines. During the deployment, you can choose the
vCenter Server Appliance size for your vSphere environment size and the storage size for your database
requirements.
Starting with vSphere 6.5, the vCenter Server uses the VMware vSphere Update Manager Extension
service. An external VMware Update Manager instance on Windows is no longer required for vSphere
centralized automated patch and version management. For information about the vCenter Server and
Platform Services Controller services, see vCenter Server Components and Services.
Starting with vSphere 6.5, the vCenter Server Appliance supports high availability. For information about
configuring vCenter Server Appliance in a vCenter High Availability cluster, see vSphere Availability.
Starting with vSphere 6.5, the vCenter Server Appliance and Platform Services Controller appliance
support file-based backup and restore. For information backing up and restoring, see Chapter 4 File-
Based Backup and Restore of vCenter Server Appliance.
For information about the vCenter Server Appliance maximums, see the Configuration Maximums
documentation.
vCenter Server and Platform Services Controller
Deployment Types
You can deploy the vCenter Server Appliance or install vCenter Server for Windows with an embedded or
external Platform Services Controller. You can also deploy a Platform Services Controller as an appliance
or install it on Windows. If necessary, you can use a mixed operating systems environment.
Before you deploy the vCenter Server Appliance or install vCenter Server for Windows, you must
determine the deployment model that is suitable for your environment. For each deployment or
installation, you must select one of the three deployment types.
vCenter Server Installation and Setup
VMware, Inc. 12
Table 11. vCenter Server and Platform Services Controller Deployment Types
Deployment Type Description
vCenter Server with an embedded Platform Services Controller All services that are bundled with the
Platform Services Controller are deployed together with the
vCenter Server services on the same virtual machine or physical
server.
Platform Services Controller Only the services that are bundled with the
Platform Services Controller are deployed on the virtual machine
or physical server.
vCenter Server with an external Platform Services Controller
(Requires external Platform Services Controller)
Only the vCenter Server services are deployed on the virtual
machine or physical server.
You must register such a vCenter Server instance with a
Platform Services Controller instance that you previously
deployed or installed.
vCenter Server with an Embedded Platform Services Controller
Using an embedded Platform Services Controller results in a standalone deployment that has its own
vCenter Single Sign-On domain with a single site. vCenter Server with an embedded
Platform Services Controller is suitable for small environments. You cannot join other vCenter Server or
Platform Services Controller instances to this vCenter Single Sign-On domain.
Figure 12. vCenter Server with an Embedded Platform Services Controller
Platform Services
Controller
Virtual Machine or Physical Server
vCenter Server
Installing vCenter Server with an embedded Platform Services Controller has the following advantages:
nThe connection between vCenter Server and the Platform Services Controller is not over the network,
and vCenter Server is not prone to outages caused by connectivity and name resolution issues
between vCenter Server and the Platform Services Controller.
nIf you install vCenter Server on Windows virtual machines or physical servers, you need fewer
Windows licenses.
nYou manage fewer virtual machines or physical servers.
Installing vCenter Server with an embedded Platform Services Controller has the following
disadvantages:
nThere is a Platform Services Controller for each product which might be more than required and
which consumes more resources.
nThe model is suitable only for small-scale environments.
vCenter Server Installation and Setup
VMware, Inc. 13
You can configure the vCenter Server Appliance with an embedded Platform Services Controller in
vCenter High Availability configuration. For information, see vSphere Availability.
Note After you deploy or install vCenter Server with an embedded Platform Services Controller, you can
reconfigure the deployment type and switch to vCenter Server with an external
Platform Services Controller.
See Reconfigure a Standalone vCenter Server with an Embedded Platform Services Controller to a
vCenter Server with an External Platform Services Controller.
Platform Services Controller and vCenter Server with an External
Platform Services Controller
When you deploy or install a Platform Services Controller instance, you can create a vCenter Single Sign-
On domain or join an existing vCenter Single Sign-On domain. Joined Platform Services Controller
instances replicate their infrastructure data, such as authentication and licensing information, and can
span multiple vCenter Single Sign-On sites. For information, see Understanding vSphere Domains,
Domain Names, and Sites.
For information about managing the Platform Services Controller services, see Platform Services
Controller Administration.
You can register multiple vCenter Server instances with one common external
Platform Services Controller instance. The vCenter Server instances assume the vCenter Single Sign-On
site of the Platform Services Controller instance with which they are registered. All vCenter Server
instances that are registered with one common or different joined Platform Services Controller instances
are connected in Enhanced Linked Mode.
See Enhanced Linked Mode for vCenter Server or vCenter Server Appliance with an External Platform
Services Controller.
Figure 13. Example of Two vCenter Server Instances with a Common External
Platform Services Controller
Platform Services
Controller
Virtual Machine or Physical Server
vCenter Server
Virtual Machine or Physical Server
vCenter Server
Virtual Machine or Physical Server
Installing vCenter Server with an external Platform Services Controller has the following advantages:
nFewer resources consumed by the shared services in the Platform Services Controller instances.
nThe model is suitable for large-scale environments.
vCenter Server Installation and Setup
VMware, Inc. 14
Installing vCenter Server with an external Platform Services Controller has the following disadvantages:
nThe connection between vCenter Server and Platform Services Controller might have connectivity
and name resolution issues.
nIf you install vCenter Server on Windows virtual machines or physical servers, you need more
Microsoft Windows licenses.
nYou must manage more virtual machines or physical servers.
For information about the Platform Services Controller and vCenter Server maximums, see the
Configuration Maximums documentation.
For information about the deployment topologies and Platform Services Controller high availability, see
Deployment Topologies with External Platform Services Controller Instances and High Availability.
For information about configuring the vCenter Server Appliance with an external
Platform Services Controller in vCenter High Availability configuration, see vSphere Availability.
Mixed Operating Systems Environment
A vCenter Server instance installed on Windows can be registered with either a
Platform Services Controller installed on Windows or a Platform Services Controller appliance. A
vCenter Server Appliance can be registered with either a Platform Services Controller installed on
Windows or a Platform Services Controller appliance. Both vCenter Server and the
vCenter Server Appliance can be registered with the same Platform Services Controller.
Figure 14. Example of a Mixed Operating Systems Environment with an External Platform
Services Controller on Windows
Platform Services
Controller on Windows
Windows Virtual Machine
or Physical Server
vCenter Server on Windows
Virtual Machine or Physical Server
vCenter Server Appliance
Virtual Machine
vCenter Server Installation and Setup
VMware, Inc. 15
Figure 15. Example of a Mixed Operating Systems Environment with an External Platform
Services Controller Appliance
Platform Services
Controller Appliance
Virtual Machine
vCenter Server on Windows
Virtual Machine or Physical Server
vCenter Server Appliance
Virtual Machine
Note To ensure easy manageability and maintenance, use only appliances or only Windows installations
of vCenter Server and Platform Services Controller.
Understanding vSphere Domains, Domain Names, and
Sites
Each Platform Services Controller is associated with a vCenter Single Sign-On domain. The domain
name defaults to vsphere.local, but you can change it during installation of the first
Platform Services Controller. The domain determines the local authentication space. You can split a
domain into multiple sites, and assign each Platform Services Controller and vCenter Server instance to a
site. Sites are logical constructs, but usually correspond to geographic location.
Platform Services Controller Domain
When you install a Platform Services Controller, you are prompted to create a vCenter Single Sign-On
domain or join an existing domain.
The domain name is used by the VMware Directory Service (vmdir) for all Lightweight Directory Access
Protocol (LDAP) internal structuring.
With vSphere 6.0 and later, you can give your vSphere domain a unique name. To prevent authentication
conflicts, use a name that is not used by OpenLDAP, Microsoft Active Directory, and other directory
services.
Note You cannot change the domain to which a Platform Services Controller or vCenter Server instance
belongs.
After you specify the name of your domain, you can add users and groups. It usually makes more sense
to add an Active Directory or LDAP identity source and allow the users and groups in that identity source
to authenticate. You can also add vCenter Server or Platform Services Controller instances, or other
VMware products, such as vRealize Operations, to the domain.
vCenter Server Installation and Setup
VMware, Inc. 16
Platform Services Controller Sites
You can organize Platform Services Controller domains into logical sites. A site in the VMware Directory
Service is a logical container for grouping Platform Services Controller instances within a vCenter Single
Sign-On domain.
Starting with vSphere 6.5, sites become important. During Platform Services Controller failover, the
vCenter Server instances are affinitized to a different Platform Services Controller in the same site. To
prevent your vCenter Server instances from being affinitized to a Platform Services Controller in a distant
geographic location, you can use multiple sites.
You are prompted for the site name when you install or upgrade a Platform Services Controller. See the
vCenter Server Installation and Setup documentation.
Deployment Topologies with External
Platform Services Controller Instances and High
Availability
To ensure Platform Services Controller high availability in external deployments, you must install or
deploy at least two joined Platform Services Controller instances in your vCenter Single Sign-On domain.
When you use a third-party load balancer, you can ensure an automatic failover without downtime.
Platform Services Controller with a Load Balancer
Figure 16. Example of a Load Balanced Pair of Platform Services Controller Instances
Load Balancer
vCenter Server
Platform Services
Controller
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
vCenter Server
Platform Services
Controller
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
You can use a third-party load balancer per site to configure Platform Services Controller high availability
with automatic failover for this site. For information about the maximum number of
Platform Services Controller instances behind a load balancer, see the Configuration Maximums
documentation.
Important To configure Platform Services Controller high availability behind a load balancer, the
Platform Services Controller instances must be of the same operating system type. Mixed operating
systems Platform Services Controller instances behind a load balancer are unsupported.
vCenter Server Installation and Setup
VMware, Inc. 17
The vCenter Server instances are connected to the load balancer. When a Platform Services Controller
instance stops responding, the load balancer automatically distributes the load among the other functional
Platform Services Controller instances without downtime.
Platform Services Controller with Load Balancers Across vCenter
Single Sign-On Sites
Figure 17. Example of Two Load Balanced Pairs of Platform Services Controller Instances
Across Two Sites
Load Balancer
vCenter Server
Platform Services
Controller
Virtual Machine or
Physical Server
Site 1
Virtual Machine or
Physical Server
vCenter Server
Platform Services
Controller
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
Load Balancer
vCenter Server
Platform Services
Controller
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
vCenter Server
Platform Services
Controller
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
Site 2
Your vCenter Single Sign-On domain might span multiple sites. To ensure Platform Services Controller
high availability with automatic failover throughout the domain, you must configure a separate load
balancer in each site.
Platform Services Controller with No Load Balancer
Figure 18. Example of Two Joined Platform Services Controller Instances with No a Load
Balancer
Platform Services
Controller
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
vCenter Server vCenter Server vCenter Server vCenter Server
Virtual Machine or
Physical Server
Platform Services
Controller
Virtual Machine or
Physical Server
When you join two or more Platform Services Controller instances in the same site with no load balancer,
you configure Platform Services Controller high availability with a manual failover for this site.
vCenter Server Installation and Setup
VMware, Inc. 18
When a Platform Services Controller instance stops responding, you must manually fail over the
vCenter Server instances that are registered to it. You fail over the instances by repointing them to other
functional Platform Services Controller instances within the same site. See Repoint vCenter Server to
Another External Platform Services Controller in the Same Domain.
Note If your vCenter Single Sign-On domain includes three or more Platform Services Controller
instances, you can manually create a ring topology. A ring topology ensures Platform Services Controller
reliability when one of the instances fails. To create a ring topology, run the /usr/lib/vmware-
vmdir/bin/vdcrepadmin -f createagreement command against the first and last
Platform Services Controller instance that you have deployed.
Platform Services Controller with No Load Balancer Across
vCenter Single Sign-On Sites
Figure 19. Example of Two Joined Pairs of Platform Services Controller Instances Across
Two Sites with No Load Balancer
vCenter Server
Platform Services
Controller
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
vCenter Server
Platform Services
Controller
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
vCenter Server
Platform Services
Controller
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
vCenter Server
Platform Services
Controller
Virtual Machine or
Physical Server
Virtual Machine or
Physical Server
Site 1 Site 2
Your vCenter Single Sign-On domain might span multiple sites. When no load balancer is available, you
can manually repoint vCenter Server from a failed to a functional Platform Services Controller within the
same site. See Repoint vCenter Server to Another External Platform Services Controller in the Same
Domain.
vCenter Enhanced Linked Mode
vCenter Enhanced Linked Mode allows you to log in to any single instance of vCenter Server Appliance
or vCenter Server and view and manage the inventories of all the vCenter Server systems in the group.
You can join up to ten vCenter Server Appliance systems and eight vCenter Server systems with vCenter
Enhanced Linked Mode.
You can create a vCenter Enhanced Linked Mode group only during the deployment of vCenter Server
Appliance or installation of vCenter Server. You cannot create a vCenter Enhanced Linked Mode group
after you install vCenter Server or after you deploy the vCenter Server Appliance.
vCenter Server Installation and Setup
VMware, Inc. 19
vCenter Embedded Linked Mode for a vCenter Server Appliance
with Embedded Platform Services Controller
vCenter Embedded Linked Mode is enhanced linked mode support for vCenter Server Appliance with an
embedded Platform Services Controller.
With vCenter Embedded Linked Mode, you can connect a vCenter Server Appliance with an embedded
Platform Services Controller together to form a domain. vCenter Embedded Linked Mode is not supported
for Windows vCenter Server installations. vCenter Embedded Linked Mode is suitable for most
deployments.
Other features of vCenter Embedded Linked Mode include:
nNo external Platform Services Controller, providing a more simplified domain architecture than
enhanced linked mode.
nA simplified backup and restore process.
nA simplified HA process, removing the need for load balancers.
nUp to ten vCenter Server Appliances can be linked together using vCenter Embedded Linked Mode
and displayed in a single inventory view.
nFor a vCenter High Availability (vCenter HA) cluster, three nodes are considered one logical
vCenter Server node. This represents ten times the vCenter HA clusters in a vCenter Embedded
Linked Mode for a total of 30 VMs.
Figure 110. Embedded Linked Mode
Platform Services
Controller
Appliance
vCenter Server
Platform Services
Controller
Appliance
vCenter Server
Platform Services
Controller
Appliance
vCenter Server
Platform Services
Controller
Appliance
vCenter Server
Note Embedded linked mode is not supported for Windows vCenter Server installations.
Joining a vCenter Embedded Linked Mode Domain
You can join a vCenter Server with an embedded Platform Services Controller to another embedded node
during deployment of the vCenter Server Appliance.
For example, suppose you have two vCenter Servers with embedded Platform Services Controller
systems.
If you are deploying the vCenter Server Appliances with the UI Installer:
1 For Appliance 1, deploy the vCenter Server Appliance as an instance on ESXi Host 1. Synchronize
the time settings with ESXi Host 1.
vCenter Server Installation and Setup
VMware, Inc. 20
2 For Appliance 2, deploy the vCenter Server Appliance as an instance on ESXi Host 1 and configure
the time settings so that Appliance 2 are synchronized with ESXi Host 1. In stage 2 you select to join
the vCenter Single Sign-On server of the deployed appliance on Machine 1. For specific instructions,
see Stage 2 - Set up the Newly Deployed vCenter Server Appliance with an Embedded Platform
Services Controller.
If you are deploying the vCenter Server Appliances with the CLI:
1 Configure the JSON configuration template embedded_vCSA_on_VC.json (or
embedded_vCSA_on_ESXi.json) for Appliance 1 as an instance on ESXi Host 1. See Prepare Your
JSON Configuration File for CLI Deployment for specific instructions on preparing the JSON
configuraiton file.
2 Deploy Appliance 1 by running the vcsa-cli-installer command. See Deploy a vCenter Server
Appliance or Platform Services Controller Appliance by Using the CLI for instructions.
3 Configure the JSON configuration template embedded_vCSA_replication_on_VC.json for
Appliance 2 as an instance on ESXi Host 1. Enter the hostname of the first embedded node in the
replication_partner_hostname field in the sso section.
4 Deploy Appliance 2 by running the vcsa-cli-installer command on the
embedded_vCSA_replication_on_VC.json file.
Enhanced Linked Mode for vCenter Server or vCenter Server
Appliance with an External Platform Services Controller
Enhanced Linked Mode connects multiple vCenter Server systems together by using one or more
Platform Services Controllers.
Enhanced Linked Mode lets you view and search across all linked vCenter Server systems and replicate
roles, permissions, licenses, policies, and tags.
When you install vCenter Server or deploy the vCenter Server Appliance with an external
Platform Services Controller, you must first install the Platform Services Controller. During installation of
the Platform Services Controller, you can select whether to create a vCenter Single Sign-On domain or
join an existing domain. You can select to join an existing vCenter Single Sign-On domain if you have
already installed or deployed a Platform Services Controller instance and have created a vCenter Single
Sign-On domain. When you join an existing vCenter Single Sign-On domain, the infrastructure data
between the existing Platform Services Controller and the new Platform Services Controller is replicated.
With Enhanced Linked Mode, you can connect not only vCenter Server systems running on Windows but
also many vCenter Server Appliances. You can also have an environment where multiple vCenter Server
systems and vCenter Server Appliances are linked together.
If you install vCenter Server with an external Platform Services Controller, you first must deploy the
Platform Services Controller on one virtual machines or physical server and then deploy vCenter Server
on another virtual machine or physical server. While installing vCenter Server, you must select an existing
external Platform Services Controller. You cannot select an existing Platform Services Controller that is a
part of an embedded installation. For more information about the supported topologies, see vCenter
Server and Platform Services Controller Deployment Types.
vCenter Server Installation and Setup
VMware, Inc. 21
Deploying the
vCenter Server Appliance and
Platform Services Controller
Appliance 2
You can deploy the vCenter Server Appliance with an embedded or external Platform Services Controller
to manage your vSphere environment. You can deploy a Platform Services Controller appliance and
register external deployments and Windows installations of vCenter Server Appliance with this
Platform Services Controller appliance.
You can deploy the vCenter Server Appliance or Platform Services Controller appliance on an ESXi host
5.5 or later, or on an ESXi host or DRS cluster from the inventory of a vCenter Server instance 5.5 or
later.
For information about the software included in the vCenter Server Appliance 6.7, see Overview of the
vCenter Server Appliance.
For information about the software and hardware requirements for deploying the
vCenter Server Appliance and Platform Services Controller appliance, see System Requirements for the
vCenter Server Appliance and Platform Services Controller Appliance.
The vCenter Server Appliance installer contains executable files for GUI and CLI deployments, which you
can use alternatively.
nThe GUI deployment is a two stage process. The first stage is a deployment wizard that deploys the
OVA file of the appliance on the target ESXi host or vCenter Server instance. After the OVA
deployment finishes, you are redirected to the second stage of the process that sets up and starts the
services of the newly deployed appliance.
nThe CLI deployment method involves running a CLI command against a JSON file that you previously
prepared. The CLI installer parses the configuration parameters and their values from the JSON file
and generates an OVF Tool command that automatically deploys and sets up the appliance.
Important For topologies with external Platform Services Controller instances, you must deploy the
replicating Platform Services Controller instances in a sequence. After the successful deployment of all
Platform Services Controller instances in the domain, you can perform concurrent deployments of multiple
vCenter Server appliances that point to a common external Platform Services Controller instance.
The vCenter Server Appliance and Platform Services Controller appliance have the following default user
names:
VMware, Inc. 22
User Name Description
root Use this user name to log in to the appliance operating system and the Appliance
Management Interface.
You set the password while deploying the virtual appliance.
administrator@your_domain_name Use this user name for vCenter Single Sign-On login.
You set the password while creating the vCenter Single Sign-On domain. You create a
vCenter Single Sign-On domain during the deployment of a vCenter Server Appliance with an
embedded Platform Services Controller or the first Platform Services Controller instance in a
new vCenter Single Sign-On domain.
After you create a vCenter Single Sign-On domain, only the
administrator@your_domain_name user has the privileges required to log in to vCenter Single
Sign-On and vCenter Server.
The administrator@your_domain_name user can proceed as follows:
nAdd an identity source in which additional users and groups are defined to vCenter Single
Sign-On.
nGive permissions to the users and groups.
For information about adding identity sources and giving permissions to the users and groups,
see Platform Services Controller Administration.
For information about upgrading and patching the vCenter Server Appliance and
Platform Services Controller appliance, see vSphere Upgrade.
For information about configuring the vCenter Server Appliance and Platform Services Controller
appliance, see vCenter Server Appliance Configuration.
Starting with vSphere 6.5, vCenter Server supports mixed IPv4 and IPv6 environment. If you want to set
up the vCenter Server Appliance to use an IPv6 address version, use the fully qualified domain name
(FQDN) or host name of the appliance. To set up an IPv4 address, the best practice is to use the FQDN
or host name of the appliance, because the IP address can change if assigned by DHCP.
This chapter includes the following topics:
nSystem Requirements for the vCenter Server Appliance and Platform Services Controller Appliance
nPreparing for Deployment of the vCenter Server Appliance and Platform Services Controller
Appliance
nPrerequisites for Deploying the vCenter Server Appliance or Platform Services Controller Appliance
nGUI Deployment of the vCenter Server Appliance and Platform Services Controller Appliance
nCLI Deployment of the vCenter Server Appliance and Platform Services Controller Appliance
System Requirements for the vCenter Server Appliance
and Platform Services Controller Appliance
You can deploy the vCenter Server Appliance or Platform Services Controller appliance on an ESXi host
5.5 or later, or on a vCenter Server instance 5.5 or later. Your system must also meet specific software
and hardware requirements.
When you use Fully Qualified Domain Names, verify that the client machine from which you are deploying
the appliance and the network on which you are deploying the appliance use the same DNS server.
vCenter Server Installation and Setup
VMware, Inc. 23
Before you deploy the appliance, synchronize the clocks of the target server and all vCenter Server and
Platform Services Controller instances on the vSphere network. Unsynchronized clocks might result in
authentication problems and can cause the installation to fail or prevent the appliance services from
starting. See Synchronizing Clocks on the vSphere Network.
Hardware Requirements for the vCenter Server Appliance and
Platform Services Controller Appliance
When you deploy the vCenter Server Appliance, you can select to deploy an appliance that is suitable for
the size of your vSphere environment. The option that you select determines the number of CPUs and the
amount of memory for the appliance. The size of the Platform Services Controller appliance is the same
for all environment sizes.
Hardware Requirements for the vCenter Server Appliance
The hardware requirements for a vCenter Server Appliance depend on the size of your vSphere
inventory.
Table 21. Hardware Requirements for a vCenter Server Appliance with an Embedded or
External Platform Services Controller
Number of vCPUs Memory
Tiny environment (up to 10 hosts or 100
virtual machines)
2 10 GB
Small environment (up to 100 hosts or
1,000 virtual machines)
4 16 GB
Medium environment (up to 400 hosts or
4,000 virtual machine)
8 24 GB
Large environment (up to 1,000 hosts or
10,000 virtual machines)
16 32 GB
X-Large environment (up to 2,000 hosts or
35,000 virtual machines)
24 48 GB
Note If you want to add an ESXi host with more than 512 LUNs and 2,048 paths to the
vCenter Server Appliance inventory, you must deploy a vCenter Server Appliance for a large or x-large
environment.
Hardware Requirements for the Platform Services Controller Appliance
The hardware requirements for a Platform Services Controller appliance are 2 vCPUs and 4 GB memory.
vCenter Server Installation and Setup
VMware, Inc. 24
Storage Requirements for the vCenter Server Appliance and
Platform Services Controller Appliance
When you deploy the vCenter Server Appliance or Platform Services Controller appliance, the ESXi host
or DRS cluster on which you deploy the appliance must meet minimum storage requirements. The
required storage depends not only on the size of the vSphere environment and the storage size, but also
on the disk provisioning mode.
Storage Requirements for the vCenter Server Appliance
The storage requirements are different for each vSphere environment size and depend on your database
size requirements.
Table 22. Storage Requirements for a vCenter Server Appliance with an Embedded or
External Platform Services Controller
Default Storage Size Large Storage Size X-Large Storage Size
Tiny environment (up to 10
hosts or 100 virtual machines)
250 GB 775 GB 1650 GB
Small environment (up to 100
hosts or 1,000 virtual
machines)
290 GB 820 GB 1700 GB
Medium environment (up to
400 hosts or 4,000 virtual
machine)
425 GB 925 GB 1805 GB
Large environment (up to 1,000
hosts or 10,000 virtual
machines)
640 GB 990 GB 1870 GB
X-Large environment (up to
2,000 hosts or 35,000 virtual
machines)
980 GB 1030 GB 1910 GB
Note The storage requirements include the requirements for the VMware Update Manager that runs as
a service in the vCenter Server Appliance.
Storage Requirements for the Platform Services Controller Appliance
The storage requirement for a Platform Services Controller appliance is 60 GB.
Software Requirements for the vCenter Server Appliance and
Platform Services Controller Appliance
The VMware vCenter Server Appliance and Platform Services Controller appliance can be deployed on
ESXi hosts 5.5 or later, or on vCenter Server instances 6.0 or later.
vCenter Server Installation and Setup
VMware, Inc. 25
You can deploy the vCenter Server Appliance or Platform Services Controller appliance by using the GUI
or CLI installer. You run the installer from a network client machine that you use to connect to the target
server and deploy the appliance on the server. You can connect directly to an ESXi 6.x host on which to
deploy the appliance. You can also connect to a vCenter Server 6.x instance to deploy the appliance on
an ESXi host or DRS cluster that resides in the vCenter Server inventory.
For information about the requirements for network client machine, see System Requirements for the
vCenter Server Appliance Installer.
Required Ports for vCenter Server and
Platform Services Controller
The vCenter Server system, both on Windows and in the appliance, must be able to send data to every
managed host and receive data from the vSphere Web Client and the Platform Services Controller
services. To enable migration and provisioning activities between managed hosts, the source and
destination hosts must be able to receive data from each other.
If a port is in use or is blacklisted, the vCenter Server installer displays an error message. You must use
another port number to proceed with the installation. There are internal ports that are used only for inter-
process communication.
VMware uses designated ports for communication. Additionally, the managed hosts monitor designated
ports for data from vCenter Server. If a built-in firewall exists between any of these elements, the installer
opens the ports during the installation or upgrade process. For custom firewalls, you must manually open
the required ports. If you have a firewall between two managed hosts and you want to perform source or
target activities, such as migration or cloning, you must configure a means for the managed hosts to
receive data.
Note In Microsoft Windows Server 2008 and later, firewall is enabled by default.
Table 23. Ports Required for Communication Between Components
Port Protocol Description Required for
Used for Node-to-Node
Communication
22 TCP System port for SSHD. Appliance deployments
of
nvCenter Server
nPlatform Services
Controller
No
53 DNS service Windows installations
and appliance
deployments of
Platform Services
Controller
No
vCenter Server Installation and Setup
VMware, Inc. 26
Table 23. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
Used for Node-to-Node
Communication
80 TCP vCenter Server requires port 80 for direct
HTTP connections. Port 80 redirects
requests to HTTPS port 443. This
redirection is useful if you accidentally
use http://server instead of https://server.
WS-Management (also requires port 443
to be open).
If you use a Microsoft SQL database that
is stored on the same virtual machine or
physical server as the vCenter Server,
port 80 is used by the SQL Reporting
Service. When you install or upgrade
vCenter Server, the installer prompts you
to change the HTTP port for
vCenter Server. Change the
vCenter Server HTTP port to a custom
value to ensure a successful installation
or upgrade.
Important You can change this port
number during the vCenter Server and
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
nvCenter Server
nPlatform Services
Controller
No
88 TCP Active Directory server. This port must be
open for host to join Active Directory. If
you use native Active Directory, the port
must be open on both vCenter Server
and Platform Services Controller.
Windows installations
and appliance
deployments of
Platform Services
Controller
No
389 TCP/UDP This port must be open on the local and
all remote instances of vCenter Server.
This is the LDAP port number for the
Directory Services for the vCenter Server
group. If another service is running on
this port, it might be preferable to remove
it or change its port to a different port.
You can run the LDAP service on any
port from 1025 through 65535.
If this instance is serving as the Microsoft
Windows Active Directory, change the
port number from 389 to an available port
from 1025 through 65535.
Windows installations
and appliance
deployments of
Platform Services
Controller
nvCenter Server to
Platform Services
Controller
nPlatform Services
Controller to
Platform Services
Controller
vCenter Server Installation and Setup
VMware, Inc. 27
Table 23. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
Used for Node-to-Node
Communication
443 TCP The default port that the vCenter Server
system uses to listen for connections
from the vSphere Web Client. To enable
the vCenter Server system to receive
data from the vSphere Web Client, open
port 443 in the firewall.
The vCenter Server system also uses
port 443 to monitor data transfer from
SDK clients.
This port is also used for the following
services:
nWS-Management (also requires port
80 to be open)
nThird-party network management
client connections to vCenter Server
nThird-party network management
clients access to hosts
Important You can change this port
number during the vCenter Server and
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
nvCenter Server
nPlatform Services
Controller
nvCenter Server to
vCenter Server
nvCenter Server to
Platform Services
Controller
nPlatform Services
Controller to
vCenter Server
514 TCP/UDP vSphere Syslog Collector port for
vCenter Server on Windows and vSphere
Syslog Service port for
vCenter Server Appliance
Important You can change this port
number during the vCenter Server and
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
nvCenter Server
nPlatform Services
Controller
No
636 TCP vCenter Single Sign-On LDAPS
For backward compatibility with vSphere
6.0 only.
Windows installations
and appliance
deployments of
Platform Services
Controller
During upgrade from
vSphere 6.0 only.
vCenter Server 6.0 to
Platform Services
Controller 6.5
vCenter Server Installation and Setup
VMware, Inc. 28
Table 23. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
Used for Node-to-Node
Communication
902 TCP/UDP The default port that the vCenter Server
system uses to send data to managed
hosts. Managed hosts also send a
regular heartbeat over UDP port 902 to
the vCenter Server system. This port
must not be blocked by firewalls between
the server and the hosts or between
hosts.
Port 902 must not be blocked between
the VMware Host Client and the hosts.
The VMware Host Client uses this port to
display virtual machine consoles
Important You can change this port
number during the vCenter Server
installations on Windows.
Windows installations
and appliance
deployments of
vCenter Server
No
1514 TCP vSphere Syslog Collector TLS port for
vCenter Server on Windows and vSphere
Syslog Service TLS port for
vCenter Server Appliance
Important You can change this port
number during the vCenter Server and
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
nvCenter Server
nPlatform Services
Controller
No
2012 TCP Control interface RPC for vCenter Single
Sign-On
Windows installations
and appliance
deployments of
Platform Services
Controller
nvCenter Server to
Platform Services
Controller
nPlatform Services
Controller to
vCenter Server
nPlatform Services
Controller to
Platform Services
Controller
2014 TCP RPC port for all VMCA (VMware
Certificate Authority) APIs
Important You can change this port
number during the
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
Platform Services
Controller
nvCenter Server to
Platform Services
Controller
nPlatform Services
Controller to
vCenter Server
2015 TCP DNS management Windows installations
and appliance
deployments of
Platform Services
Controller
Platform Services
Controller to
Platform Services
Controller
vCenter Server Installation and Setup
VMware, Inc. 29
Table 23. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
Used for Node-to-Node
Communication
2020 TCP/UDP Authentication framework management
Important You can change this port
number during the vCenter Server and
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
nvCenter Server
nPlatform Services
Controller
nvCenter Server to
Platform Services
Controller
nPlatform Services
Controller to
vCenter Server
5480 TCP Appliance Management Interface
Open endpoint serving all HTTPS,
XMLRPS and JSON-RPC requests over
HTTPS.
Appliance deployments
of
nvCenter Server
nPlatform Services
Controller
No
6500 TCP/UDP ESXi Dump Collector port
Important You can change this port
number during the vCenter Server
installations on Windows.
Windows installations
and appliance
deployments of
vCenter Server
No
6501 TCP Auto Deploy service
Important You can change this port
number during the vCenter Server
installations on Windows.
Windows installations
and appliance
deployments of
vCenter Server
No
6502 TCP Auto Deploy management
Important You can change this port
number during the vCenter Server
installations on Windows.
Windows installations
and appliance
deployments of
vCenter Server
No
7080,
12721
TCP Secure Token Service
Note Internal ports
Windows installations
and appliance
deployments of
Platform Services
Controller
No
7081 TCP VMware Platform Services Controller
Web Client
Note Internal port
Windows installations
and appliance
deployments of
Platform Services
Controller
No
8200,
8201,
8300,
8301
TCP Appliance management
Note Internal ports
Appliance deployments
of
nvCenter Server
nPlatform Services
Controller
No
8084 TCP vSphere Update Manager SOAP port
The port used by vSphere Update
Manager client plug-in to connect to the
vSphere Update Manager SOAP server.
Appliance deployments
of vCenter Server
No
vCenter Server Installation and Setup
VMware, Inc. 30
Table 23. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
Used for Node-to-Node
Communication
9084 TCP vSphere Update Manager Web Server
Port
The HTTP port used by ESXi hosts to
access host patch files from vSphere
Update Manager server.
Appliance deployments
of vCenter Server
No
9087 TCP vSphere Update Manager Web SSL Port
The HTTPS port used by vSphere
Update Manager client plug-in to upload
host upgrade files to vSphere Update
Manager server.
Appliance deployments
of vCenter Server
No
9443 TCP vSphere Web Client HTTPS Windows installations
and appliance
deployments of
vCenter Server
No
To configure the vCenter Server system to use a different port to receive vSphere Web Client data, see
the vCenter Server and Host Management documentation.
For more information about firewall configuration, see the vSphere Security documentation.
DNS Requirements for the vCenter Server Appliance and
Platform Services Controller Appliance
When you deploy the vCenter Server Appliance or Platform Services Controller appliance, similar to any
network server, you can assign a fixed IP address and an FQDN that is resolvable by a DNS server so
that clients can reliably access the service.
When you deploy the vCenter Server Appliance or Platform Services Controller appliance with a static IP
address, you ensure that in case of system restart, the IP address of the appliance remains the same.
Before you deploy the vCenter Server Appliance or Platform Services Controller appliance with a static IP
address, you must verify that this IP address has a valid internal domain name system (DNS) registration.
When you deploy the vCenter Server Appliance, the installation of the Web server component that
supports the vSphere Web Client fails if the installer cannot look up the fully qualified domain name
(FQDN) for the appliance from its IP address. Reverse lookup is implemented using PTR records.
If you plan to use an FQDN for the appliance system name, you must verify that the FQDN is resolvable
by a DNS server.
You can use the nslookup command to verify that the DNS reverse lookup service returns an FQDN
when queried with the IP address and to verify that the FQDN is resolvable.
nslookup -nosearch -nodefname FQDN_or_IP_address
vCenter Server Installation and Setup
VMware, Inc. 31
If you use DHCP instead of a static IP address for the vCenter Server Appliance or
Platform Services Controller appliance, verify that the appliance name is updated in the domain name
service (DNS). If you can ping the appliance name, the name is updated in DNS.
Ensure that the ESXi host management interface has a valid DNS resolution from the vCenter Server and
all vSphere Web Client instances. Ensure that the vCenter Server has a valid DNS resolution from all
ESXi hosts and all vSphere Web Clients.
vSphere Web Client Software Requirements
Make sure that your browser supports the vSphere Web Client.
The vSphere Web Client 6.7 requires Adobe Flash Player v. 16 to 23. For best performance and the most
recent security updates, use Adobe Flash Player 23.
VMware has tested and supports the following guest operating systems and browser versions for the
vSphere Web Client. For best performance, use Google Chrome.
Table 24. Supported Guest Operating Systems and Minimum Browser Versions for the
vSphere Web Client
Operating system Browser
Windows Microsoft Internet Explorer v. 10.0.19 and later.
Mozilla Firefox v. 39 and later.
Google Chrome v. 34 and later.
Mac OS Mozilla Firefox v. 39 and later.
Google Chrome v. 34 and later.
Preparing for Deployment of the
vCenter Server Appliance and
Platform Services Controller Appliance
Before you deploy the vCenter Server Appliance or Platform Services Controller appliance, you must
download the vCenter Server Appliance installer ISO file and mount it to a network virtual machine or
physical server from which you want to perform the deployment.
The machine from which you deploy the appliance must run on a Windows, Linux, or Mac operating
system that meets the operating system requirements. See System Requirements for the vCenter Server
Appliance Installer.
System Requirements for the vCenter Server Appliance Installer
You can run the vCenter Server Appliance GUI or CLI installer from a network client machine that is
running on a Windows, Linux, or Mac operating system of a supported version.
To ensure optimal performance of the GUI and CLI installers, use a client machine that meets the
minimum hardware requirements.
vCenter Server Installation and Setup
VMware, Inc. 32
Table 25. System Requirements for the GUI and CLI Installers
Operating System Supported Versions Minimum Hardware Configuration for Optimal Performance
Windows nWindows 7, 8, 8.1, 10
nWindows 2012 x64 bit
nWindows 2012 R2
x64 bit
nWindows 2016 x64 bit
4 GB RAM, 2 CPU having 4 cores with 2.3 GHz, 32 GB hard disk, 1 NIC
Linux nSUSE 12
nUbuntu 14.04
4 GB RAM, 1 CPU having 2 cores with 2.3 GHz, 16 GB hard disk, 1 NIC
Note The CLI installer requires 64-bit OS.
Mac nmacOS v10.9, 10,10,
10.11
nmacOS Sierra
8 GB RAM, 1 CPU having 4 cores with 2.4 GHz, 150 GB hard disk, 1 NIC
Note For client machines that run on Mac 10.11, concurrent GUI deployments of multiple appliances are
unsupported. You must deploy the appliances in a sequence.
Note Visual C++ redistributable libraries need to be installed to run the CLI installer on versions of
Windows older than Windows 10. The Microsoft installers for these libraries are located in the vcsa-cli-
installer/win32/vcredist directory.
Note Deploying the vCenter Server Appliance with the GUI requires a minimum resolution of 1024x768
to properly display. Lower resolutions can truncate the UI elements.
Download and Mount the vCenter Server Appliance Installer
VMware releases the vCenter Server Appliance ISO image, which contains GUI and CLI installers for the
vCenter Server Appliance and Platform Services Controller appliance.
With the GUI and CLI executable files that are included in the vCenter Server Appliance installer, you can:
nDeploy the vCenter Server Appliance and Platform Services Controller appliance.
nUpgrade the vCenter Server Appliance and Platform Services Controller appliance.
nMigrate Windows installations of vCenter Server, vCenter Single Sign-On, and
Platform Services Controller to the vCenter Server Appliance and Platform Services Controller
appliance.
nRestore a vCenter Server Appliance from a file-based backup.
Prerequisites
nCreate a My VMware account at https://my.vmware.com/web/vmware/.
nVerify that your client machine meets the system requirements for the vCenter Server Appliance
installer. See System Requirements for the vCenter Server Appliance Installer.
vCenter Server Installation and Setup
VMware, Inc. 33
Procedure
1From the VMware Web site at https://my.vmware.com/web/vmware/downloads, download the
vCenter Server Appliance ISO image.
VMware-VCSA-all-version_number-build_number.iso
2Confirm that the md5sum is correct.
See the VMware Web site topic Using MD5 Checksums at
http://www.vmware.com/download/md5.html.
3Mount or extract the ISO image to the client machine from which you want to deploy, upgrade,
migrate, or restore the appliance.
Note ISO mounting or extracting software that does not allow more than eight directory levels, for
example, MagicISO Maker on Windows, is unsupported.
For Linux OS and Mac OS, Archive Manager is unsupported.
For Mac OS, you can use DiskImageMounter.
For Ubuntu 14.04, you can use Disk Image Mounter.
For SUSE 12 OS, you can use the terminal.
$ sudo mkdir mount_dir
$ sudo mount -o loop VMware-vCSA-all-version_number-build_number.iso mount_dir
What to do next
Open the readme.txt file and review the information about the other files and directories in the
vCenter Server Appliance ISO image.
Synchronizing Clocks on the vSphere Network
Verify that all components on the vSphere network have their clocks synchronized. If the clocks on the
machines in your vSphere network are not synchronized, SSL certificates, which are time-sensitive, might
not be recognized as valid in communications between network machines.
Unsynchronized clocks can result in authentication problems, which can cause the installation to fail or
prevent the vCenter Server Appliance vpxd service from starting.
Verify that any Windows host machine on which vCenter Server runs is synchronized with the Network
Time Server (NTP) server. See the Knowledge Base article http://kb.vmware.com/kb/1318.
To synchronize ESXi clocks with an NTP server, you can use the VMware Host Client. For information
about editing the time configuration of an ESXi host, see vSphere Single Host Management.
vCenter Server Installation and Setup
VMware, Inc. 34
System Clock Synchronization Between the Client and Server
To establish a secure TLS connection to a Platform Services Controller or vCenter Server (the server), the
system where you are running the CLI installer (the client) must not have its system clock slower or faster
than the server's system clock by an acceptable limit (tolerance).
See Table 26 for specific values for each deployment scenario.
Note The client clock values are applicable only for vCenter Server 6.7.
Table 26. Client Clock Tolerance
Deployment Scenario Clock Tolerance Connection Notes
Linking one Platform Services Controller
with another Platform Services Controller
Clock tolerance for the client and the
external Platform Services Controller
must not exceed 10 minutes
The CLI installer must make a secure
connection to a
Platform Services Controller.
Linking a vCenter Server with an external
Platform Services Controller
Clock tolerance for the client and
external Platform Services Controller
must not exceed 10 minutes.
The CLI installer must make a secure
connection to a
Platform Services Controller.
Linking one vCenter Server with an
embedded Platform Services Controller
with another vCenter Server with an
embedded Platform Services Controller
When deploying the second
vCenter Server with embedded
Platform Services Controller, the clock
tolerance for the client and the first
vCenter Server with embedded
Platform Services Controller must not
exceed 10 minutes.
Installing a vCenter Server Appliance
using a container vCenter Server
vCenter Server with a *._on_vc.json
template.
The maximum clock tolerance between
the client and the container
vCenter Server is 8 hours 20 minutes.
Prerequisites for Deploying the vCenter Server Appliance
or Platform Services Controller Appliance
To ensure successful deployment of the vCenter Server Appliance or Platform Services Controller
appliance, you must preform some required tasks and pre-checks before running the installer.
General Prerequisites
nDownload and Mount the vCenter Server Appliance Installer.
nFor topologies with external Platform Services Controller instances, verify that you deploy the
different nodes with time synchronization between each other. All vCenter Server instances,
Platform Services Controller instances, and third-party load balancers in the vCenter Single Sign-On
domain must be time synchronized. See Synchronizing Clocks on the vSphere Network.
vCenter Server Installation and Setup
VMware, Inc. 35
Target System Prerequisites
nVerify that your system meets the minimum software and hardware requirements. See System
Requirements for the vCenter Server Appliance and Platform Services Controller Appliance.
nIf you want to deploy the appliance on an ESXi host, verify that the ESXi host is not in lockdown or
maintenance mode and not part of a fully automated DRS cluster.
nIf you want to deploy the appliance on a DRS cluster of the inventory of a vCenter Server instance,
verify that the cluster contains at least one ESXi host that is not in lockdown or maintenance mode.
nIf you plan to use NTP servers for time synchronization, verify that the NTP servers are running and
that the time between the NTP servers and the target server on which you want to deploy the
appliance is synchronized.
Network Prerequisites
If you plan to assign a static IP address and an FQDN as a system name in the network settings of the
appliance, verify that you have configured the forward and reverse DNS records for the IP address.
GUI Deployment of the vCenter Server Appliance and
Platform Services Controller Appliance
You can use the GUI installer to perform an interactive deployment of a vCenter Server Appliance with an
embedded Platform Services Controller, a Platform Services Controller appliance, or a
vCenter Server Appliance with an external Platform Services Controller.
When you perform the GUI deployment, you download the vCenter Server Appliance installer on a
network client machine, run the deployment wizard from the client machine, and provide the inputs that
are required for the appliance deployment and setup.
Important For topologies with external Platform Services Controller instances, you must deploy the
replicating Platform Services Controller instances in a sequence. After the successful deployment of all
Platform Services Controller instances in the domain, you can perform concurrent deployments of multiple
vCenter Server appliances that point to a common external Platform Services Controller instance.
The GUI deployment process includes a series of two stages.
Figure 21. Stage 1 - OVA Deployment
The first stage walks you through the deployment wizard to choose the deployment type and appliance
settings. This stage completes the deployment of the OVA file on the target server with the deployment
type and appliance settings that you provide.
vCenter Server Installation and Setup
VMware, Inc. 36
As an alternative to performing the first stage of the deployment with the GUI installer, you can deploy the
OVA file of the vCenter Server Appliance or Platform Services Controller appliance by using the
vSphere Web Client or VMware Host Client. To deploy the OVA file on an ESXi host or vCenter Server
instance of 6.0, you can also use the vSphere Client. After the OVA deployment, you must log in to the
appliance management interface of the newly deployed appliance to proceed with the second stage of the
deployment process.
Figure 22. Stage 2 - Appliance Setup
The second stage walks you through the setup wizard to configure the appliance time synchronization
and vCenter Single Sign-On. This stage completes the initial setup and starts the services of the newly
deployed appliance.
As an alternative to performing the second stage of the deployment with the GUI installer, you can log in
to the Appliance Management Interface of the newly deployed appliance, https://FQDN_or_IP_address:
5480.
Required Information for Deploying a vCenter Server Appliance or
Platform Services Controller Appliance
When you use the GUI method to deploy a vCenter Server Appliance with an embedded
Platform Services Controller, a Platform Services Controller appliance, or a vCenter Server Appliance
with an external Platform Services Controller, the wizard prompts you for deployment and setup
information. It is a best practice to keep a record of the values that you enter in case you must reinstall
the product.
You can use this worksheet to record the information that you need for deploying a
vCenter Server Appliance with an embedded Platform Services Controller, a Platform Services Controller
appliance, or a vCenter Server Appliance with an external Platform Services Controller.
Table 27. Required Information During Stage 1 of the GUI Deployment Process
Required for Deployment of Required Information Default Your Entry
All deployment types FQDN or IP address of the target
server on which you want to deploy the
appliance.
The target server can be either an
ESXi host or a vCenter Server
instance.
-
HTTPS port of the target server 443
vCenter Server Installation and Setup
VMware, Inc. 37
Table 27. Required Information During Stage 1 of the GUI Deployment Process (Continued)
Required for Deployment of Required Information Default Your Entry
User name with administrative
privileges on the target server
nIf your target server is an ESXi
host, use root.
nIf your target server is a
vCenter Server instance, use
user_name@your_domain_name,
for example,
administrator@vsphere.local.
-
Password of the user with
administrative privileges on the target
server
-
All deployment types
Only if your target server is a
vCenter Server instance
Data center from the vCenter Server
inventory on which you want to deploy
the appliance
Optionally you can provide a data
center folder.
-
ESXi host or DRS cluster from the
data center inventory on which you
want to deploy the appliance
-
All deployment types VM name for the appliance
nMust not contain a percent sign
(%), backslash (\), or forward slash
(/)
nMust be no more than 80
characters in length
VMware vCenter
Server Appliance
All deployment types Password for the root user of the
appliance operating system
nMust contain only lower ASCII
characters without spaces.
nMust be at least 8 characters, but
no more than 20 characters in
length
nMust contain at least one
uppercase letter
nMust contain at least one
lowercase letter
nMust contain at least one number
nMust contain at least one special
character, for example, a dollar
sign ($), hash key (#), at sign (@),
period (.), or exclamation mark (!)
-
vCenter Server Installation and Setup
VMware, Inc. 38
Table 27. Required Information During Stage 1 of the GUI Deployment Process (Continued)
Required for Deployment of Required Information Default Your Entry
nvCenter Server Appliance
with an embedded
Platform Services Controller
nvCenter Server Appliance
with an external
Platform Services Controller
Deployment size of the
vCenter Server Appliance for your
vSphere environment
nTiny
Deploys an appliance with 2 CPUs
and 10 GB of memory.
Suitable for environments with up
to 10 hosts or 100 virtual
machines.
nSmall
Deploys an appliance with 4 CPUs
and 16 GB of memory.
Suitable for environments with up
to 100 hosts or 1,000 virtual
machines.
nMedium
Deploys an appliance with 8 CPUs
and 24 GB of memory.
Suitable for environments with up
to 400 hosts or 4,000 virtual
machines.
nLarge
Deploys an appliance with 16
CPUs and 32 GB of memory.
Suitable for environments with up
to 1,000 hosts or 10,000 virtual
machines.
nX-Large
Deploys an appliance with 24
CPUs and 48 GB of memory.
Suitable for environments with up
to 2,000 hosts or 35,000 virtual
machines.
Tiny
vCenter Server Installation and Setup
VMware, Inc. 39
Table 27. Required Information During Stage 1 of the GUI Deployment Process (Continued)
Required for Deployment of Required Information Default Your Entry
nvCenter Server Appliance
with an embedded
Platform Services Controller
nvCenter Server Appliance
with an external
Platform Services Controller
Storage size of the
vCenter Server Appliance for your
vSphere environment
Increase the default storage size if you
want larger volume for SEAT data
(stats, events, alarms, and tasks).
nDefault
For tiny deployment size, deploys
the appliance with 300 GB of
storage.
For small deployment size,
deploys the appliance with 340 GB
of storage.
For medium deployment size,
deploys the appliance with 525 GB
of storage.
For large deployment size, deploys
the appliance with 740 GB of
storage.
For x-large deployment size,
deploys the appliance with 1180
GB of storage.
nLarge
For tiny deployment size, deploys
the appliance with 825 GB of
storage.
For small deployment size,
deploys the appliance with 870 GB
of storage.
For medium deployment size,
deploys the appliance with 1025
GB of storage.
For large deployment size, deploys
the appliance with 1090 GB of
storage.
For x-large deployment size,
deploys the appliance with 1230
GB of storage.
nX-Large
For tiny deployment size, deploys
the appliance with 1700 GB of
storage.
For small deployment size,
deploys the appliance with 1750
GB of storage.
Default
vCenter Server Installation and Setup
VMware, Inc. 40
Table 27. Required Information During Stage 1 of the GUI Deployment Process (Continued)
Required for Deployment of Required Information Default Your Entry
For medium deployment size,
deploys the appliance with 1905
GB of storage.
For large deployment size, deploys
the appliance with 1970 GB of
storage.
For x-large deployment size,
deploys the appliance with 2110
GB of storage.
All deployment types Name of the datastore on which you
want to store the configuration files
and virtual disks of the appliance
Note The installer displays a list of
datastores that are accessible from
your target server.
-
Enable or disable Thin Disk Mode Disabled
All deployment types Name of the network to which to
connect the appliance
Note The installer displays a drop-
down menu with networks that depend
on the network settings of your target
server. If you are deploying the
appliance directly on an ESXi host,
non-ephemeral distributed virtual port
groups are not supported and are not
displayed in the drop-down menu.
The network must be accessible from
the client machine from which you
perform the deployment.
-
IP version for the appliance address
Can be either IPv4 or IPv6.
IPv4
IP assignment for the appliance
address
Can be either static or DHCP.
static
All deployment types
Only if you use a static
assignment
FQDN
vCenter Server uses FQDN or IP
address as the system name.
-
IP address -
vCenter Server Installation and Setup
VMware, Inc. 41
Table 27. Required Information During Stage 1 of the GUI Deployment Process (Continued)
Required for Deployment of Required Information Default Your Entry
For IPv4 networks, you can use either
a subnet mask or a network prefix.
Subnet mask uses a dot decimal
notation (for example, 255.255.255.0).
An IPv4 network prefix is an integer
between 0 and 32.
For IPv6 networks, you must use a
network prefix. An IPv6 network prefix
is an integer between 0 and 128 .
-
Default gateway -
DNS servers separated by commas -
All deployment types
Only if you use a DHCP
assignment with IPv4 version and
a DDNS server is available in
your environment.
System name (FQDN) -
Table 28. Required Information During Stage 2 of the GUI Deployment Process
Required for Required Information Default Your Entry
All deployment types Time synchronization settings
You can synchronize the time of the
appliance either with the time of the
ESXi host or with one or more NTP
servers.
If you want to use more than one NTP
servers, you must provide the IP
addresses or FQDNs of the NTP
servers as a comma-separated list.
Synchronize time with
NTP servers
Enable or disable SSH access
Note vCenter Server Appliance high
availability requires remote SSH
access to the appliance.
Disabled
nvCenter Server Appliance
with an embedded
Platform Services Controller
nPlatform Services Controller
appliance as the first
instance in a new domain
Name for the new vCenter Single
Sign-On domain
For example, vsphere.local.
-
vCenter Server Installation and Setup
VMware, Inc. 42
Table 28. Required Information During Stage 2 of the GUI Deployment Process (Continued)
Required for Required Information Default Your Entry
Password for the administrator
account,
administrator@your_domain_name
nMust be at least 8 characters, but
no more than 20 characters in
length
nMust contain at least one
uppercase letter
nMust contain at least one
lowercase letter
nMust contain at least one number
nMust contain at least one special
character, such as ampersand (&),
hash key (#), and percent sign (%)
-
nvCenter Server Appliance
with an external
Platform Services Controller
nPlatform Services Controller
appliance as a subsequent
instance in an existing
domain
FQDN or IP address of the
Platform Services Controller instance
that you want to join
You must join a
Platform Services Controller instance
of the same version.
-
HTTPS port of the
Platform Services Controller instance
443
vCenter Single Sign On domain name
of the Platform Services Controller
instance
For example, vsphere.local.
-
Password of the vCenter Single Sign
On administrator user for the domain
-
vCenter Single Sign-On site name
You can join an existing site or create
a new site.
-
nvCenter Server Appliance
with an embedded
Platform Services Controller
nPlatform Services Controller
appliance
Join or do not participate in the
VMware Customer Experience
Improvement Program (CEIP)
For information about the CEIP, see
the Configuring Customer Experience
Improvement Program section in
vCenter Server and Host
Management.
Join the CEIP
vCenter Server Installation and Setup
VMware, Inc. 43
Deploy the vCenter Server Appliance with an Embedded
Platform Services Controller by Using the GUI
You can use the GUI installer to perform an interactive deployment of a vCenter Server Appliance with an
embedded Platform Services Controller. You must run the GUI deployment from a Windows, Linux, or
Mac machine that is in the network on which you want to deploy the appliance.
Figure 23. Deployment Workflow of a vCenter Server Appliance with an Embedded
Platform Services Controller
Start the deployment
End of the deployment
Stage 1 - Deploy the OVA file as
a vCenter Server Appliance
with an embedded Platform
Services Controller
Stage 2 - Set up the newly deployed
vCenter Server Appliance
with an embedded
Platform Services Controller
Prerequisites
nSee Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance.
nSee Required Information for Deploying a vCenter Server Appliance or Platform Services Controller
Appliance.
Procedure
1Stage 1 - Deploy the OVA File as a vCenter Server Appliance with an Embedded Platform Services
Controller
With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a vCenter Server Appliance with an embedded
Platform Services Controller.
vCenter Server Installation and Setup
VMware, Inc. 44
2Stage 2 - Set up the Newly Deployed vCenter Server Appliance with an Embedded Platform
Services Controller
When the OVA deployment finishes, you are redirected to stage 2 of the deployment process to set
up and start the services of the newly deployed vCenter Server Appliance with an embedded
Platform Services Controller.
Stage 1 - Deploy the OVA File as a vCenter Server Appliance with an
Embedded Platform Services Controller
With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a vCenter Server Appliance with an embedded
Platform Services Controller.
Procedure
1In the vCenter Server Appliance installer, navigate to the vcsa-ui-installer directory, go to the
subdirectory for your operating system, and run the installer executable file.
nFor Windows OS, go to the win32 subdirectory, and run the installer.exe file.
nFor Linux OS, go to the lin64 subdirectory, and run the installer file.
nFor Mac OS, go to the mac subdirectory, and run the Installer.app file.
2On the Home page, click Install to start the deployment wizard.
3Review the Introduction page to understand the deployment process and click Next.
4Read and accept the license agreement, and click Next.
5On the Select deployment type page, select vCenter Server with an Embedded Platform Services
Controller and click Next.
This option deploys an appliance in which both the Platform Services Controller and vCenter Server
are installed.
vCenter Server Installation and Setup
VMware, Inc. 45
6Connect to the target server on which you want to deploy the vCenter Server Appliance.
Option Steps
You can connect to an
ESXi host on which to
deploy the appliance.
1 Enter the FQDN or IP address of the ESXi host.
2 Enter the HTTPS port of the ESXi host.
3 Enter the user name and password of a user with administrative privileges on the ESXi host, for
example, the root user.
4 Click Next.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate that is
installed on the target ESXi host, and click Yes to accept the certificate thumbprint.
You can connect to a
vCenter Server instance
and browse the
inventory to select an
ESXi host or DRS
cluster on which to
deploy the appliance.
1 Enter the FQDN or IP address of the vCenter Server instance.
2 Enter the HTTPS port of the vCenter Server instance.
3 Enter the user name and password of user with vCenter Single Sign-On administrative
privileges on the vCenter Server instance, for example, the administrator@your_domain_name
user.
4 Click Next.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate that is
installed on the target vCenter Server instance, and click Yes to accept the certificate
thumbprint.
6 Select the data center or data center folder that contains the ESXi host or DRS cluster on which
you want to deploy the appliance, and click Next
Note You must select a data center or data center folder that contains at least one ESXi host
that is not in lockdown or maintenance mode.
7 Select the ESXi host or DRS cluster on which you want to deploy the appliance, and click Next.
7On the Set up appliance VM page, enter a name for the vCenter Server Appliance, set the password
for the root user, and click Next.
The appliance name must not contain a percent sign (%), backslash (\), or forward slash (/) and must
be no more than 80 characters in length.
The password must contain only lower ASCII characters without spaces, at least eight characters, a
number, uppercase and lowercase letters, and a special character, for example, an exclamation mark
(!), hash key (#), at sign (@), or brackets (()).
8Select the deployment size for the vCenter Server Appliance for your vSphere inventory.
Deployment Size Option Description
Tiny Deploys an appliance with 2 CPUs and 10 GB of memory.
Suitable for environments with up to 10 hosts or 100 virtual machines
Small Deploys an appliance with 4 CPUs and 16 GB of memory.
Suitable for environments with up to 100 hosts or 1,000 virtual machines
Medium Deploys an appliance with 8 CPUs and 24 GB of memory.
Suitable for environments with up to 400 hosts or 4,000 virtual machines
Large Deploys an appliance with 16 CPUs and 32 GB of memory.
Suitable for environments with up to 1,000 hosts or 10,000 virtual machines
X-Large Deploys an appliance with 24 CPUs and 48 GB of memory.
Suitable for environments with up to 2,000 hosts or 35,000 virtual machines
vCenter Server Installation and Setup
VMware, Inc. 46
9Select the storage size for the vCenter Server Appliance, and click Next.
Storage
Size
Option
Description for
Tiny Deployment
Size
Description for
Small Deployment
Size
Description for
Medium
Deployment Size
Description for
Large Deployment
Size
Description for X-
Large Deployment
Size
Default Deploys an
appliance with 300
GB of storage.
Deploys an
appliance with 340
GB of storage.
Deploys an
appliance with 525
GB of storage.
Deploys an
appliance with 740
GB of storage.
Deploys an
appliance with 1180
GB of storage.
Large Deploys an
appliance with 825
GB of storage.
Deploys an
appliance with 870
GB of storage.
Deploys an
appliance with 1025
GB of storage.
Deploys an
appliance with 1090
GB of storage.
Deploys an
appliance with 1230
GB of storage.
X-Large Deploys an
appliance with 1700
GB of storage.
Deploys an
appliance with 1750
GB of storage.
Deploys an
appliance with 1905
GB of storage.
Deploys an
appliance with 1970
GB of storage.
Deploys an
appliance with 2110
GB of storage.
10 From the list of available datastores, select the location where all the virtual machine configuration
files and virtual disks will be stored and, optionally, enable thin provisioning by selecting Enable Thin
Disk Mode. NFS datastores are thin provisioned by default.
11 On the Configure network settings page, set up the network settings.
The IP address or the FQDN of the appliance is used as a system name. It is recommended to use
an FQDN. However, if you want to use an IP address, use static IP address allocation for the
appliance, because IP addresses allocated by DHCP might change.
Option Action
Network Select the network to which to connect the appliance.
The networks displayed in the drop-down menu depend on the network settings
of the target server. If you are deploying the appliance directly on an ESXi host,
non-ephemeral distributed virtual port groups are not supported and are not
displayed in the drop-down menu.
IP version Select the version for the appliance IP address.
You can select either IPv4 or IPv6.
IP assignment Select how to allocate the IP address of the appliance.
nstatic
The wizard prompts you to enter the IP address and network settings.
Note Avoid using an IP address as a system name. If you use an IP address
as a system name, you cannot change the IP address and update the DNS
settings after deployment.
nDHCP
A DHCP server is used to allocate the IP address. Select this option only if a
DHCP server is available in your environment.
If there is an enabled DDNS in your environment, you can enter a preferred
fully qualified domain name (FQDN) for the appliance.
Common Ports You can customize the HTTP and HTTPS ports (optional).
If specifying a custom HTTP and HTTPS port number, ensure that you do not use
a port number already in use by vCenter Server, or the default HTTP and HTTPS
ports of 80 and 443.
vCenter Server Installation and Setup
VMware, Inc. 47
12 On the Ready to complete stage 1 page, review the deployment settings for the
vCenter Server Appliance and click Finish to start the OVA deployment process.
13 Wait for the OVA deployment to finish, and click Continue to proceed with stage 2 of the deployment
process to set up and start the services of the newly deployed appliance.
Note If you exit the wizard by clicking Close, you must log in to the vCenter Server Appliance
Management Interface to set up and start the services.
The newly deployed vCenter Server Appliance with an embedded Platform Services Controller is running
on the target server but the services are not started.
Stage 2 - Set up the Newly Deployed vCenter Server Appliance with an
Embedded Platform Services Controller
When the OVA deployment finishes, you are redirected to stage 2 of the deployment process to set up
and start the services of the newly deployed vCenter Server Appliance with an embedded
Platform Services Controller.
Procedure
1Review the introduction to stage 2 of the deployment process and click Next.
2Configure the time settings in the appliance, optionally enable remote SSH access to the appliance,
and click Next.
Option Description
Synchronize time with the ESXi host Enables periodic time synchronization, and VMware Tools sets the time of the
guest operating system to be the same as the time of the ESXi host.
Synchronize time with NTP servers Uses a Network Time Protocol server for synchronizing the time. If you select this
option, you must enter the names or IP addresses of the NTP servers separated
by commas.
vCenter Server Installation and Setup
VMware, Inc. 48
3Create a new vCenter Single Sign-On domain or join an existing domain.
Option Description
Create a new Single Sign-On domain Creates a new vCenter Single Sign-On domain.
a Enter the domain name, for example vsphere.local.
b Set the password for the vCenter Single Sign-On administrator account.
This is the password for the user administrator@your_domain_name.
c Confirm the administrator password, and click Next.
Join an existing vCenter Single Sign-
On domain
Joins a new vCenter Single Sign-On server to a vCenter Single Sign-On domain
in an existing Platform Services Controller. You must provide the information
about the vCenter Single Sign-On server to which you join the new vCenter
Single Sign-On server.
a Enter the fully qualified domain name (FQDN) or IP address of the
Platform Services Controller that contains the vCenter Single Sign-On server
to join.
b Enter the HTTPS port to use for communication with the
Platform Services Controller.
c Enter the domain name for the vCenter Single Sign-On you are joining, for
example vsphere.local.
d Enter the password of the vCenter Single Sign-On administrator account.
e Click Next.
4Review the VMware Customer Experience Improvement Program (CEIP) page and choose if you
want to join the program.
For information about the CEIP, see the Configuring Customer Experience Improvement Program
section in vCenter Server and Host Management.
5On the Ready to complete page, review the configuration settings for the vCenter Server Appliance,
click Finish, and click OK to complete stage 2 of the deployment process and set up the appliance.
6(Optional) After the initial setup finishes, enter the URL from the browser with
https://vcenter_server_appliance_fqdn/ui or https://vcenter_server_appliance_fqdn/vsphere-
client to go to the vSphere Web Client and log in to the vCenter Server instance in the
vCenter Server Appliance, or click the https://vcenter_server_appliance_fqdn:443 to go the
vCenter Server Appliance Getting Started page.
7Click Close to exit the wizard.
You are redirected to the vCenter Server Appliance Getting Started page.
What to do next
You can configure high availability for the vCenter Server Appliance. For information about providing
vCenter Server Appliance high availability, see vSphere Availability.
vCenter Server Installation and Setup
VMware, Inc. 49
Deploy a Platform Services Controller Appliance by Using the GUI
You can use the GUI installer to perform an interactive deployment of a Platform Services Controller
appliance as the first instance in a new vCenter Single Sign-On domain or as a replication partner in an
existing vCenter Single Sign-On domain. You must run the GUI deployment from a Windows, Linux, or
Mac machine that is in the network on which you want to deploy the appliance.
Important You must deploy the replicating Platform Services Controller instances in a sequence.
Figure 24. Deployment Workflow of a Platform Services Controller Appliance
Start the deployment
End of the deployment
Stage 1 - Deploy the OVA file
as a Platform Services
Controller appliance
Stage 2 - Set up the
newly deployed Platform
Services Controller appliance
Prerequisites
nSee Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance.
nSee Required Information for Deploying a vCenter Server Appliance or Platform Services Controller
Appliance.
Procedure
1Stage 1 - Deploy the OVA File as a Platform Services Controller Appliance
With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a Platform Services Controller appliance.
2Stage 2 - Set up the Newly Deployed Platform Services Controller Appliance
When the OVA deployment finishes, you are redirected to stage 2 of the deployment process to set
up and start the services of the newly deployed Platform Services Controller appliance.
vCenter Server Installation and Setup
VMware, Inc. 50
Stage 1 - Deploy the OVA File as a Platform Services Controller Appliance
With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a Platform Services Controller appliance.
Procedure
1In the vCenter Server Appliance installer, navigate to the vcsa-ui-installer directory, go to the
subdirectory for your operating system, and run the installer executable file.
nFor Windows OS, go to the win32 subdirectory, and run the installer.exe file.
nFor Linux OS, go to the lin64 subdirectory, and run the installer file.
nFor Mac OS, go to the mac subdirectory, and run the Installer.app file.
2On the Home page, click Install to start the deployment wizard.
3Review the Introduction page to understand the deployment process and click Next.
4Read and accept the license agreement, and click Next.
5On the Select a deployment type page, select Platform Services Controller and click Next.
6Connect to the target server on which you want to deploy the Platform Services Controller appliance
and click Next.
Option Steps
You can connect to an
ESXi host on which to
deploy the appliance.
1 Enter the FQDN or IP address of the ESXi host.
2 Enter the HTTPS port of the ESXi host.
3 Enter the user name and password of a user with administrative privileges on the ESXi host, for
example, the root user.
4 Click Next.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate that is
installed on the target ESXi host, and click Yes to accept the certificate thumbprint.
You can connect to a
vCenter Server instance
and browse the
inventory to select an
ESXi host or DRS
cluster on which to
deploy the appliance.
1 Enter the FQDN or IP address of the vCenter Server instance.
2 Enter the HTTPS port of the vCenter Server instance.
3 Enter the user name and password of user with vCenter Single Sign-On administrative
privileges on the vCenter Server instance, for example, the administrator@your_domain_name
user.
4 Click Next.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate that is
installed on the target vCenter Server instance, and click Yes to accept the certificate
thumbprint.
6 Select the data center or data center folder that contains the ESXi host or DRS cluster on which
you want to deploy the appliance, and click Next
Note You must select a data center or data center folder that contains at least one ESXi host
that is not in lockdown or maintenance mode.
7 Select the ESXi host or DRS cluster on which you want to deploy the appliance, and click Next.
vCenter Server Installation and Setup
VMware, Inc. 51
7On the Set up appliance VM page, enter a name for the Platform Services Controller appliance, set
the password for the root user, and click Next.
The appliance name must not contain a percent sign (%), backslash (\), or forward slash (/) and must
be no more than 80 characters in length.
The password must contain only lower ASCII characters without spaces, at least eight characters, a
number, uppercase and lowercase letters, and a special character, for example, an exclamation mark
(!), hash key (#), at sign (@), or brackets (()).
8From the list of available datastores, select the location where all the virtual machine configuration
files and virtual disks will be stored and, optionally, enable thin provisioning by selecting Enable Thin
Disk Mode. NFS datastores are thin provisioned by default.
9On the Configure network settings page, set up the network settings.
The IP address or the FQDN of the appliance is used as a system name. It is recommended to use
an FQDN. However, if you want to use an IP address, use static IP address allocation for the
appliance, because IP addresses allocated by DHCP might change.
Option Action
Network Select the network to which to connect the appliance.
The networks displayed in the drop-down menu depend on the network settings
of the target server. If you are deploying the appliance directly on an ESXi host,
non-ephemeral distributed virtual port groups are not supported and are not
displayed in the drop-down menu.
IP version Select the version for the appliance IP address.
You can select either IPv4 or IPv6.
IP assignment Select how to allocate the IP address of the appliance.
nstatic
The wizard prompts you to enter the IP address and network settings.
Note Avoid using an IP address as a system name. If you use an IP address
as a system name, you cannot change the IP address and update the DNS
settings after deployment.
nDHCP
A DHCP server is used to allocate the IP address. Select this option only if a
DHCP server is available in your environment.
If there is an enabled DDNS in your environment, you can enter a preferred
fully qualified domain name (FQDN) for the appliance.
Common Ports You can customize the HTTP and HTTPS ports (optional).
If specifying a custom HTTP and HTTPS port number, ensure that you do not use
a port number already in use by vCenter Server, or the default HTTP and HTTPS
ports of 80 and 443.
10 On the Ready to complete stage 1 page, review the deployment settings for the
Platform Services Controller appliance and click Finish to start the OVA deployment process.
vCenter Server Installation and Setup
VMware, Inc. 52
11 Wait for the OVA deployment to finish, and click Continue to proceed with stage 2 of the deployment
process to set up and start the services of the newly deployed appliance.
Note If you exit the wizard by clicking Close, you must log in to the Platform Services Controller
Appliance Management Interface to set up and start the services.
The newly deployed Platform Services Controller appliance is running on the target server but the
services are not started.
Stage 2 - Set up the Newly Deployed Platform Services Controller Appliance
When the OVA deployment finishes, you are redirected to stage 2 of the deployment process to set up
and start the services of the newly deployed Platform Services Controller appliance.
Procedure
1Review the introduction to stage 2 of the deployment process and click Next.
2Configure the time settings in the appliance, optionally enable remote SSH access to the appliance,
and click Next.
Option Description
Synchronize time with the ESXi host Enables periodic time synchronization, and VMware Tools sets the time of the
guest operating system to be the same as the time of the ESXi host.
Synchronize time with NTP servers Uses a Network Time Protocol server for synchronizing the time. If you select this
option, you must enter the names or IP addresses of the NTP servers separated
by commas.
vCenter Server Installation and Setup
VMware, Inc. 53
3Create a new vCenter Single Sign-On domain or join an existing domain.
Option Description
Create a new Single Sign-On domain Creates a vCenter Single Sign-On domain.
a Enter the domain name, for example vsphere.local.
b Set the password for the vCenter Single Sign-On administrator account.
This is the password for the user administrator@your_domain_name.
c Enter the site name for vCenter Single Sign-On.
The site name is important if you are using vCenter Single Sign-On in multiple
locations. The site name must contain alphanumeric characters. Choose your
own name for the vCenter Single Sign-On site. You cannot change the name
after installation.
Extended ASCII and non-ASCII characters are unsupported in site names.
Your site name must include alphanumeric characters and a comma (,),
period (.), question mark (?), dash (-), underscore (_), plus sign (+) or equals
sign (=).
d Click Next.
Join an existing vCenter Single Sign-
On domain
Joins the Platform Services Controller appliance to an existing vCenter Single
Sign-On domain as a replication partner of an existing
Platform Services Controller instance. You must provide the information about the
partner Platform Services Controller instance that you want to join.
a Enter the fully qualified domain name (FQDN) or IP address of the partner
Platform Services Controller instance.
b Enter the HTTPS port of the partner Platform Services Controller instance.
c Enter the vCenter Single Sign-On domain name of the partner
Platform Services Controller instance.
d Enter the password of the vCenter Single Sign-On administrator user.
e Click Next.
f Select whether to create or join an existing vCenter Single Sign-On site.
4Review the VMware Customer Experience Improvement Program (CEIP) page and choose if you
want to join the program.
For information about the CEIP, see the Configuring Customer Experience Improvement Program
section in vCenter Server and Host Management.
5On the Ready to complete page, review the configuration settings for the Platform Services Controller
appliance, click Finish, and click OK to complete stage 2 of the deployment process and set up the
appliance.
6(Optional) After the initial setup finishes, click the https://platform_services_controller_fqdn/psc to
go to the Platform Services Controller Web interface, or click the
https://platform_services_controller_fqdn:443 to go the Platform Services Controller Getting
Started page.
7Click Close to exit the wizard.
You are redirected to the Platform Services Controller Getting Started page.
vCenter Server Installation and Setup
VMware, Inc. 54
If you joined the new Platform Services Controller appliance to an existing vCenter Single Sign-On
domain, the appliance replicates infrastructure data with the other Platform Services Controller instances
within the domain.
What to do next
nYou can deploy a vCenter Server Appliance with an external Platform Services Controller and register
it with the newly deployed Platform Services Controller appliance.
nYou can deploy one or more Platform Services Controller instances joining the same vCenter Single
Sign-On domain to replicate infrastructure data and distribute the load.
Deploy the vCenter Server Appliance with an External
Platform Services Controller by Using the GUI
You can use the GUI installer to perform an interactive deployment of a vCenter Server Appliance and
register it with an existing external Platform Services Controller instance. You must run the GUI
deployment from a Windows, Linux, or Mac machine that is in the network on which you want to deploy
the appliance.
Figure 25. Deployment Workflow of a vCenter Server Appliance with an External
Platform Services Controller
Start the deployment
End of the deployment
Stage 1 - Deploy the OVA file
as a vCenter Server Appliance
with an external Platform
Services Controller
Stage 2 - Set up the newly
deployed vCenter Server Appliance
with an external Platform
Services Controller
Prerequisites
nSee Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance.
nSee Required Information for Deploying a vCenter Server Appliance or Platform Services Controller
Appliance.
vCenter Server Installation and Setup
VMware, Inc. 55
nVerify that you have installed or deployed the Platform Services Controller instance with which you
plan to register the vCenter Server Appliance.
Procedure
1Stage 1 - Deploy the OVA File as a vCenter Server Appliance With an External Platform Services
Controller
With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a vCenter Server Appliance with an external
Platform Services Controller.
2Stage 2 - Set up the Newly Deployed vCenter Server Appliance With an External Platform Services
Controller
When the OVA deployment finishes, you are redirected to stage 2 of the deployment process to set
up and start the services of the newly deployed vCenter Server Appliance with an external
Platform Services Controller.
Stage 1 - Deploy the OVA File as a vCenter Server Appliance With an External
Platform Services Controller
With stage 1 of the deployment process, you deploy the OVA file, which is included in the
vCenter Server Appliance installer, as a vCenter Server Appliance with an external
Platform Services Controller.
Procedure
1In the vCenter Server Appliance installer, navigate to the vcsa-ui-installer directory, go to the
subdirectory for your operating system, and run the installer executable file.
nFor Windows OS, go to the win32 subdirectory, and run the installer.exe file.
nFor Linux OS, go to the lin64 subdirectory, and run the installer file.
nFor Mac OS, go to the mac subdirectory, and run the Installer.app file.
2On the Home page, click Install to start the deployment wizard.
3Review the Introduction page to understand the deployment process and click Next.
4Read and accept the license agreement, and click Next.
5On the Select deployment type page, select vCenter Server (Requires External Platform Services
Controller) and click Next.
vCenter Server Installation and Setup
VMware, Inc. 56
6Connect to the target server on which you want to deploy the vCenter Server Appliance.
Option Steps
You can connect to an
ESXi host on which to
deploy the appliance.
1 Enter the FQDN or IP address of the ESXi host.
2 Enter the HTTPS port of the ESXi host.
3 Enter the user name and password of a user with administrative privileges on the ESXi host, for
example, the root user.
4 Click Next.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate that is
installed on the target ESXi host, and click Yes to accept the certificate thumbprint.
You can connect to a
vCenter Server instance
and browse the
inventory to select an
ESXi host or DRS
cluster on which to
deploy the appliance.
1 Enter the FQDN or IP address of the vCenter Server instance.
2 Enter the HTTPS port of the vCenter Server instance.
3 Enter the user name and password of user with vCenter Single Sign-On administrative
privileges on the vCenter Server instance, for example, the administrator@your_domain_name
user.
4 Click Next.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate that is
installed on the target vCenter Server instance, and click Yes to accept the certificate
thumbprint.
6 Select the data center or data center folder that contains the ESXi host or DRS cluster on which
you want to deploy the appliance, and click Next
Note You must select a data center or data center folder that contains at least one ESXi host
that is not in lockdown or maintenance mode.
7 Select the ESXi host or DRS cluster on which you want to deploy the appliance, and click Next.
7On the Set up appliance VM page, enter a name for the vCenter Server Appliance, set the password
for the root user, and click Next.
The appliance name must not contain a percent sign (%), backslash (\), or forward slash (/) and must
be no more than 80 characters in length.
The password must contain only lower ASCII characters without spaces, at least eight characters, a
number, uppercase and lowercase letters, and a special character, for example, an exclamation mark
(!), hash key (#), at sign (@), or brackets (()).
8Select the deployment size for the vCenter Server Appliance for your vSphere inventory.
Deployment Size Option Description
Tiny Deploys an appliance with 2 CPUs and 10 GB of memory.
Suitable for environments with up to 10 hosts or 100 virtual machines
Small Deploys an appliance with 4 CPUs and 16 GB of memory.
Suitable for environments with up to 100 hosts or 1,000 virtual machines
Medium Deploys an appliance with 8 CPUs and 24 GB of memory.
Suitable for environments with up to 400 hosts or 4,000 virtual machines
Large Deploys an appliance with 16 CPUs and 32 GB of memory.
Suitable for environments with up to 1,000 hosts or 10,000 virtual machines
X-Large Deploys an appliance with 24 CPUs and 48 GB of memory.
Suitable for environments with up to 2,000 hosts or 35,000 virtual machines
vCenter Server Installation and Setup
VMware, Inc. 57
9Select the storage size for the vCenter Server Appliance, and click Next.
Storage
Size
Option
Description for
Tiny Deployment
Size
Description for
Small Deployment
Size
Description for
Medium
Deployment Size
Description for
Large Deployment
Size
Description for X-
Large Deployment
Size
Default Deploys an
appliance with 300
GB of storage.
Deploys an
appliance with 340
GB of storage.
Deploys an
appliance with 525
GB of storage.
Deploys an
appliance with 740
GB of storage.
Deploys an
appliance with 1180
GB of storage.
Large Deploys an
appliance with 825
GB of storage.
Deploys an
appliance with 870
GB of storage.
Deploys an
appliance with 1025
GB of storage.
Deploys an
appliance with 1090
GB of storage.
Deploys an
appliance with 1230
GB of storage.
X-Large Deploys an
appliance with 1700
GB of storage.
Deploys an
appliance with 1750
GB of storage.
Deploys an
appliance with 1905
GB of storage.
Deploys an
appliance with 1970
GB of storage.
Deploys an
appliance with 2110
GB of storage.
10 From the list of available datastores, select the location where all the virtual machine configuration
files and virtual disks will be stored and, optionally, enable thin provisioning by selecting Enable Thin
Disk Mode. NFS datastores are thin provisioned by default.
11 On the Configure network settings page, set up the network settings.
The IP address or the FQDN of the appliance is used as a system name. It is recommended to use
an FQDN. However, if you want to use an IP address, use static IP address allocation for the
appliance, because IP addresses allocated by DHCP might change.
Option Action
Network Select the network to which to connect the appliance.
The networks displayed in the drop-down menu depend on the network settings
of the target server. If you are deploying the appliance directly on an ESXi host,
non-ephemeral distributed virtual port groups are not supported and are not
displayed in the drop-down menu.
IP version Select the version for the appliance IP address.
You can select either IPv4 or IPv6.
IP assignment Select how to allocate the IP address of the appliance.
nstatic
The wizard prompts you to enter the IP address and network settings.
Note Avoid using an IP address as a system name. If you use an IP address
as a system name, you cannot change the IP address and update the DNS
settings after deployment.
nDHCP
A DHCP server is used to allocate the IP address. Select this option only if a
DHCP server is available in your environment.
If there is an enabled DDNS in your environment, you can enter a preferred
fully qualified domain name (FQDN) for the appliance.
Common Ports You can customize the HTTP and HTTPS ports (optional).
If specifying a custom HTTP and HTTPS port number, ensure that you do not use
a port number already in use by vCenter Server, or the default HTTP and HTTPS
ports of 80 and 443.
vCenter Server Installation and Setup
VMware, Inc. 58
12 On the Ready to complete stage 1 page, review the deployment settings for the
vCenter Server Appliance and click Finish to start the OVA deployment process.
13 Wait for the OVA deployment to finish, and click Continue to proceed with stage 2 of the deployment
process to set up and start the services of the newly deployed appliance.
Note If you exit the wizard by clicking Close, you must log in to the vCenter Server Appliance
Management Interface to set up and start the services.
The newly deployed vCenter Server Appliance with an external Platform Services Controller is running on
the target server but the services are not started.
Stage 2 - Set up the Newly Deployed vCenter Server Appliance With an
External Platform Services Controller
When the OVA deployment finishes, you are redirected to stage 2 of the deployment process to set up
and start the services of the newly deployed vCenter Server Appliance with an external
Platform Services Controller.
Procedure
1Review the introduction to stage 2 of the deployment process and click Next.
2Configure the time settings in the appliance, optionally enable remote SSH access to the appliance,
and click Next.
Option Description
Synchronize time with the ESXi host Enables periodic time synchronization, and VMware Tools sets the time of the
guest operating system to be the same as the time of the ESXi host.
Synchronize time with NTP servers Uses a Network Time Protocol server for synchronizing the time. If you select this
option, you must enter the names or IP addresses of the NTP servers separated
by commas.
3Provide the FQDN or IP address of the Platform Services Controller instance with which you want to
register the vCenter Server Appliance, enter the vCenter Single Sign-On HTTPS port, domain name,
and administrator password, and click Next.
If the Platform Services Controller instance is a Windows installation, provide the system name of the
host machine on which the Platform Services Controller is running.
4On the Ready to complete page, review the configuration settings for the vCenter Server Appliance,
click Finish, and click OK to complete stage 2 of the deployment process and set up the appliance.
5(Optional) After the initial setup finishes, enter the URL from the browser with
https://vcenter_server_appliance_fqdn/ui or https://vcenter_server_appliance_fqdn/vsphere-
client to go to the vSphere Web Client and log in to the vCenter Server instance in the
vCenter Server Appliance, or click the https://vcenter_server_appliance_fqdn:443 to go the
vCenter Server Appliance Getting Started page.
vCenter Server Installation and Setup
VMware, Inc. 59
6Click Close to exit the wizard.
You are redirected to the vCenter Server Appliance Getting Started page.
The newly deployed vCenter Server Appliance joined the vCenter Single Sign-On domain and site of the
Platform Services Controller instance with which you registered the appliance.
What to do next
You can configure high availability for the vCenter Server Appliance. For information about providing
vCenter Server Appliance high availability, see vSphere Availability.
CLI Deployment of the vCenter Server Appliance and
Platform Services Controller Appliance
You can use the CLI installer to perform a silent deployment of a vCenter Server Appliance or
Platform Services Controller appliance on an ESXi host or vCenter Server instance.
The CLI deployment process includes downloading the vCenter Server Appliance installer on a network
virtual machine or physical server from which you want to perform the deployment, preparing a JSON
configuration file with the deployment information, and running the deployment command.
Important The user name that you use to log in to the machine from which you want to run the CLI
installer, the path to the vCenter Server Appliance installer, the path to your JSON configuration file, and
the string values in your JSON configuration file, including the passwords, must contain only ASCII
characters. Extended ASCII and non-ASCII characters are unsupported.
The vCenter Server Appliance ISO file contains templates of JSON files that contain the minimum
configuration parameters that are required for deploying the vCenter Server Appliance or
Platform Services Controller appliance.
The vCenter Server Appliance ISO file contains templates of JSON files that contain the minimum
configuration parameters that are required for deploying the vCenter Server Appliance or
Platform Services Controller appliance. For information about preparing JSON templates for CLI
deployment, see Prepare Your JSON Configuration File for CLI Deployment.
Important For topologies with external Platform Services Controller instances, you must deploy the
replicating Platform Services Controller instances in a sequence. After the successful deployment of all
Platform Services Controller instances in the domain, you can perform concurrent deployments of multiple
vCenter Server appliances that point to a common external Platform Services Controller instance.
Prepare Your JSON Configuration File for CLI Deployment
Before you run the CLI installer to deploy a vCenter Server Appliance or Platform Services Controller
appliance, you must prepare a JSON file with configuration parameters and their values for your
deployment specification.
vCenter Server Installation and Setup
VMware, Inc. 60
The vCenter Server Appliance installer contains JSON templates for all deployment types. For information
about the templates, see JSON Templates for CLI Deployment of the vCenter Server Appliance and
Platform Services Controller Appliance.
You can deploy an appliance with minimum configurations by setting values to the configuration
parameters in the JSON template for your specification. You can edit the preset values, remove
configuration parameters, and add configuration parameters for custom configurations.
For a complete list of the configuration parameters and their descriptions, navigate to the installer
subdirectory for your operating system and run the vcsa-deploy install --template-help command
or see Deployment Configuration Parameters.
Prerequisites
nYou must be familiar with the JSON syntax.
nDownload and Mount the vCenter Server Appliance Installer.
Procedure
1In the vCenter Server Appliance installer, navigate to the vcsa-cli-installer directory, and open
the templates subfolder.
2Copy the deployment templates from the install subfolder to your workspace.
Important The path to the JSON configuration files must contain only ASCII characters. Extended
ASCII and non-ASCII characters are unsupported.
3In a text editor, open the template file for your specification.
To ensure the correct syntax of your JSON configuration file, use a JSON editor.
vCenter Server Installation and Setup
VMware, Inc. 61
4Fill in the values for the required configuration parameters and, optionally, enter additional parameters
and their values.
For example, if you want to use an IPv4 DHCP assignment for the network of the appliance, in the
network subsection of the template, change the value of the mode parameter to dhcp and remove the
default configuration parameters that are for a static assignment.
"network": {
"ip_family": "ipv4",
"mode": "dhcp"
},
Important The string values, including the passwords, must contain only ASCII characters.
Extended ASCII and non-ASCII characters are unsupported.
To set a value that contains a backslash (\) or quotation mark (") character, you must precede the
character with the backslash (\) character. For example, "password":"my\"password" sets the
password my"password, "image":"G:\\vcsa\\VMware-vCenter-Server-
Appliance-6.7.0.XXXX-YYYYYYY_OVF10.ova" sets the path G:\vcsa\VMware-vCenter-Server-
Appliance-6.7.0.XXXX-YYYYYYY_OVF10.ova.
The Boolean values must contain only lowercase characters, that is, a value can be either true or
false. For example, "ssh_enable":false.
5(Optional) Use a JSON editor of your choice to validate the JSON file.
6Save in UTF-8 format and close the file.
What to do next
You can create and save additional templates if needed for your deployment specification.
JSON Templates for CLI Deployment of the vCenter Server Appliance and
Platform Services Controller Appliance
The vCenter Server Appliance installer contains JSON templates that are located in the vcsa-cli-
installer/templates directory. In the install subfolder, you can find eight JSON templates with the
minimum configuration parameters for all deployment types.
For each deployment type, there is one template for deploying the appliance on an ESXi host and another
template for deploying the appliance on a vCenter Server instance.
vCenter Server Installation and Setup
VMware, Inc. 62
Table 29. Deployment JSON Templates Included in the vCenter Server Appliance Installer
Location Template Description
vcsa-cli-
installer\templates\install
embedded_vCSA_on_ESXi.json Contains the minimum configuration
parameters that are required for
deployment of a vCenter Server Appliance
with an embedded
Platform Services Controller on an ESXi
host.
embedded_vCSA_on_VC.json Contains the minimum configuration
parameters that are required for
deployment of a vCenter Server Appliance
with an embedded
Platform Services Controller on a
vCenter Server instance.
embedded_vCSA_replication_on_ESX
i.json
Contains the minimum configuration
parameters that are required for
deployment of a vCenter Server Appliance
with an embedded
Platform Services Controller joining an
exsiting Single Sign-On domain on an
ESXi host.
embedded_vCSA_replication_on_VC.
json
Contains the minimum configuration
parameters that are required for
deployment of a vCenter Server Appliance
with an embedded
Platform Services Controller joining an
exsiting Single Sign-On domain on a
vCenter Server instance.
PSC_first_instance_on_ESXi.json Contains the minimum configuration
parameters that are required for
deployment of a
Platform Services Controller appliance as
the first instance in a new vCenter Single
Sign-On domain on an ESXi host.
PSC_first_instance_on_VC.json Contains the minimum configuration
parameters that are required for
deployment of a
Platform Services Controller appliance as
the first instance in a new vCenter Single
Sign-On domain on a vCenter Server
instance.
PSC_replication_on_ESXi.json Contains the minimum configuration
parameters that are required for
deployment of a
Platform Services Controller appliance
joining an existing vCenter Single Sign-On
domain on an ESXi host.
vCenter Server Installation and Setup
VMware, Inc. 63
Table 29. Deployment JSON Templates Included in the vCenter Server Appliance Installer
(Continued)
Location Template Description
PSC_replication_on_VC.json Contains the minimum configuration
parameters that are required for
deployment of a
Platform Services Controller appliance
joining an existing vCenter Single Sign-On
domain on a vCenter Server instance.
vCSA_on_ESXi.json Contains the minimum configuration
parameters that are required for
deployment of a vCenter Server Appliance
with an external
Platform Services Controller on an ESXi
host.
vCSA_on_VC.json Contains the minimum configuration
parameters that are required for
deployment of a vCenter Server Appliance
with an external
Platform Services Controller on a
vCenter Server instance.
Deployment Configuration Parameters
When you prepare your JSON configuration files for CLI deployment, you must set parameters and
values to provide input data for the deployment of a vCenter Server Appliance or
Platform Services Controller appliance.
Sections and Subsections of Configuration Parameters in the JSON Deployment Files
The configuration parameters in the JSON configuration files for CLI upgrade are organized in sections
and subsections.
Table 210. Sections and Subsections of Configuration Parameters in the JSON Deployment
Files
Section
Subsecti
on Description
new_vcsa - describes the
appliance that you want to
deploy
esxi Use only if you want to deploy the appliance directly on an ESXi host.
Contains the configuration parameters that describe the target ESXi host. See
Table 211.
Note You must fill in either the esxi or the vc subsection.
vc Use only if you want to deploy the appliance on the inventory of a vCenter Server
instance.
Contains the configuration parameters that describe the target ESXi host or DRS
cluster from the vCenter Server inventory. See Table 212.
Note You must fill in either the vc or the esxi subsection.
vCenter Server Installation and Setup
VMware, Inc. 64
Table 210. Sections and Subsections of Configuration Parameters in the JSON Deployment
Files (Continued)
Section
Subsecti
on Description
applianc
e
Contains the configuration parameters that describe the appliance. See Table 213.
network Contains the configuration parameters that describe the network settings for the
appliance. See Table 214.
os Contains the configuration parameters that describe the operating system settings for
the appliance. See Table 215.
sso Contains the configuration parameters that describe the vCenter Single Sign-On
settings for the appliance. See Table 216.
ovftool_
argument
s
Optional subsection for adding arbitrary arguments and their values to the OVF Tool
command that the installer generates.
Important The vCenter Server Appliance installer does not validate the configuration
parameters in the ovftool_arguments subsection. If you set arguments that the OVF
Tool does not recognize, the deployment might fail.
ceip - describes joining the
VMware Customer
Experience Improvement
Program (CEIP)
settings Contains only the ceip_enabled configuration parameter to join or not to join the
VMware Customer Experience Improvement Program (CEIP). See Table 217.
Required only if you are deploying a vCenter Server Appliance with an embedded
Platform Services Controller or a Platform Services Controller appliance.
Note If set to true, you must run the CLI deployment command with the --
acknowledge-ceip argument.
For information about the CEIP, see the Configuring Customer Experience
Improvement Program section in vCenter Server and Host Management.
Important The string values, including the passwords, must contain only ASCII characters. Extended
ASCII and non-ASCII characters are unsupported.
To set a value that contains a backslash (\) or quotation mark (") character, you must precede the
character with the backslash (\) character. For example, "password":"my\"password" sets the
password my"password, "image":"G:\\vcsa\\VMware-vCenter-Server-Appliance-6.7.0.XXXX-
YYYYYYY_OVF10.ova" sets the path G:\vcsa\VMware-vCenter-Server-Appliance-6.7.0.XXXX-
YYYYYYY_OVF10.ova.
The Boolean values must contain only lowercase characters. Can be either true or false. For example,
"ssh_enable":false.
Configuration Parameters in the new_vcsa Section
Table 211. Configuration Parameters in the new_vcsa Section, esxi Subsection
Name Type Description
hostname string The IP address or FQDN of the target ESXi host on which you want to deploy the
appliance.
username string A user name with administrative privileges on the target ESXi host, for example, root.
vCenter Server Installation and Setup
VMware, Inc. 65
Table 211. Configuration Parameters in the new_vcsa Section, esxi Subsection (Continued)
Name Type Description
password string The password of the user with administrative privileges on the target ESXi host.
deployment_network string The name of the network to which to connect the appliance.
Note The network must be accessible from the target ESXi host.
Ignored if the target ESXi host has only one network.
datastore string The name of the datastore that you want to store all virtual machine configuration files
and virtual disks of the appliance.
Note The datastore must be accessible from the ESXi host.
The datastore must have enough free space.
port integer The HTTPS reverse proxy port of the target ESXi host.
The default port is 443. Use only if the target ESXi host uses a custom HTTPS reverse
proxy port.
Table 212. Configuration Parameters in the new_vcsa Section, vc Subsection
Name Type Description
hostname string The IP address or FQDN of the target vCenter Server instance on which you want to
deploy the appliance.
username string vCenter Single Sign-On administrator user name on the target vCenter Server
instance, for example, administrator@vsphere.local.
password string The password of the vCenter Single Sign-On administrator user on the target
vCenter Server instance.
deployment_network string The name of the network to which to connect the appliance.
Note The network must be accessible from the target ESXi host or DRS cluster on
which you want to deploy the appliance.
Ignored if the target ESXi host or DRS cluster has only one network.
datacenter string or
array
The vCenter Server datacenter that contains the target ESXi host or DRS cluster on
which you want to deploy the appliance.
If the datacenter is located in a folder or a structure of folders, the value must be either
a comma-separated list of strings or a comma-separated list as a single string. For
example,
["parent_folder", "child_folder", "datacenter_name"]
or
"parent_folder, child_folder, datacenter_name"
Note The value is case-sensitive.
datastore string The name of the datastore that you want to store all virtual machine configuration files
and virtual disks of the appliance.
Note The datastore must be accessible from the target ESXi host or DRS cluster.
The datastore must have at least 15 GB of free space.
vCenter Server Installation and Setup
VMware, Inc. 66
Table 212. Configuration Parameters in the new_vcsa Section, vc Subsection (Continued)
Name Type Description
port integer The HTTPS reverse proxy port of the target vCenter Server instance.
The default port is 443. Use only if the target vCenter Server instance uses a custom
HTTPS reverse proxy port.
target string or
array
The target ESXi host or DRS cluster on which you want to deploy the appliance.
Important You must provide the name that is displayed in the vCenter Server
inventory. For example, if the name of the target ESXi host is an IP address in the
vCenter Server inventory, you cannot provide an FQDN.
If the target ESXi host or DRS cluster is located in a folder or a structure of folders, the
value must be a comma-separated list of strings or a comma-separated list as a single
string. For example,
["parent_folder", "child_folder", "esxi-host.domain.com"]
or
"parent_folder, child_folder, esxi-host.domain.com"
If the target ESXi host is part of a cluster, use a comma-separated list of strings or a
comma-separated list as a single string to provide the path. For example,
["cluster_name", "esxi-host.domain.com"]
or
"cluster_name, esxi-host.domain.com"
Note The value is case-sensitive.
vm_folder string Optional. The name of the VM folder to which to add the appliance.
vCenter Server Installation and Setup
VMware, Inc. 67
Table 213. Configuration Parameters in the new_vcsa Section, appliance Subsection
Name Type Description
thin_disk_mode Boolean Set to true to deploy the appliance with thin virtual disks.
deployment_option string The size of the appliance.
nSet to tiny if you want to deploy a vCenter Server Appliance with an embedded
Platform Services Controller for up to 10 hosts and 100 virtual machines with the
default storage size.
Deploys an appliance with 2 CPUs, 10 GB of memory, and 250 GB of storage.
nSet to tiny-lstorage if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 10 hosts and 100 virtual
machines with the large storage size.
Deploys an appliance with 2 CPUs, 10 GB of memory, and 775 GB of storage.
nSet to tiny-xlstorage if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 10 hosts and 100 virtual
machines with the x-large storage size.
Deploys an appliance with 2 CPUs, 10 GB of memory, and 1650 GB of storage.
nSet to small if you want to deploy a vCenter Server Appliance with an embedded
Platform Services Controller for up to 100 hosts and 1,000 virtual machines with
the default storage size.
Deploys an appliance with 4 CPUs, 16 GB of memory, and 290 GB of storage.
nSet to small-lstorage if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 100 hosts and 1,000 virtual
machines with the large storage size.
Deploys an appliance with 4 CPUs, 16 GB of memory, and 820 GB of storage.
nSet to small-xlstorage if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 100 hosts and 1,000 virtual
machines with the x-large storage size.
Deploys an appliance with 4 CPUs, 16 GB of memory, and 1700 GB of storage.
nSet to medium if you want to deploy a vCenter Server Appliance with an embedded
Platform Services Controller for up to 400 hosts and 4,000 virtual machines with
the default storage size.
Deploys an appliance with 8 CPUs, 24 GB of memory, and 425 GB of storage.
nSet to medium-lstorage if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 400 hosts and 4,000 virtual
machines with the large storage size.
Deploys an appliance with 8 CPUs, 24 GB of memory, and 925 GB of storage.
nSet to medium-xlstorage if you want to deploy a vCenter Server Appliance with
an embedded Platform Services Controller for up to 400 hosts and 4,000 virtual
machines with the x-large storage size.
Deploys an appliance with 8 CPUs, 24 GB of memory, and 1805 GB of storage.
nSet to large if you want to deploy a vCenter Server Appliance with an embedded
Platform Services Controller for up to 1,000 hosts and 10,000 virtual machines
with the default storage size.
Deploys an appliance with 16 CPUs, 32 GB of memory, and 640 GB of storage.
vCenter Server Installation and Setup
VMware, Inc. 68
Table 213. Configuration Parameters in the new_vcsa Section, appliance Subsection
(Continued)
Name Type Description
nSet to large-lstorage if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 1,000 hosts and 10,000 virtual
machines with the large storage size.
Deploys an appliance with 16 CPUs, 32 GB of memory, and 990 GB of storage.
nSet to large-xlstorage if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 1,000 hosts and 10,000 virtual
machines with the x-large storage size.
Deploys an appliance with 16 CPUs, 32 GB of memory, and 1870 GB of storage.
nSet to xlarge if you want to deploy a vCenter Server Appliance with an embedded
Platform Services Controller for up to 2,000 hosts and 35,000 virtual machines
with the default storage size.
Deploys an appliance with 24 CPUs, 48 GB of memory, and 980 GB of storage.
nSet to xlarge-lstorage if you want to deploy a vCenter Server Appliance with an
embedded Platform Services Controller for up to 2,000 hosts and 35,000 virtual
machines with the large storage size.
Deploys an appliance with 24 CPUs, 48 GB of memory, and 1030 GB of storage.
nSet to xlarge-xlstorage if you want to deploy a vCenter Server Appliance with
an embedded Platform Services Controller for up to 2,000 hosts and 35,000 virtual
machines with the x-large storage size.
Deploys an appliance with 24 CPUs, 48 GB of memory, and 1910 GB of storage.
nSet to management-tiny if you want to deploy a vCenter Server Appliance with an
external Platform Services Controller for up to 10 hosts and 100 virtual machines
with the default storage size.
Deploys an appliance with 2 CPUs, 10 GB of memory, and 250 GB of storage.
nSet to management-tiny-lstorage if you want to deploy a
vCenter Server Appliance with an external Platform Services Controller for up to
10 hosts and 100 virtual machines with the large storage size.
Deploys an appliance with 2 CPUs, 10 GB of memory, and 775 GB of storage.
nSet to management-tiny-xlstorage if you want to deploy a
vCenter Server Appliance with an external Platform Services Controller for up to
10 hosts and 100 virtual machines with the x-large storage size.
Deploys an appliance with 2 CPUs, 10 GB of memory, and 1650 GB of storage.
nSet to management-small if you want to deploy a vCenter Server Appliance with
an external Platform Services Controller for up to 100 hosts and 1,000 virtual
machines with the default storage size.
Deploys an appliance with 4 CPUs, 16 GB of memory, and 290 GB of storage.
nSet to management-small-lstorage if you want to deploy a
vCenter Server Appliance with an external Platform Services Controller for up to
100 hosts and 1,000 virtual machines with the large storage size.
Deploys an appliance with 4 CPUs, 16 GB of memory, and 820 GB of storage.
vCenter Server Installation and Setup
VMware, Inc. 69
Table 213. Configuration Parameters in the new_vcsa Section, appliance Subsection
(Continued)
Name Type Description
nSet to management-small-xlstorage if you want to deploy a
vCenter Server Appliance with an external Platform Services Controller for up to
100 hosts and 1,000 virtual machines with the x-large storage size.
Deploys an appliance with 4 CPUs, 16 GB of memory, and 1700 GB of storage.
nSet to management-medium if you want to deploy a vCenter Server Appliance with
an external Platform Services Controller for up to 400 hosts and 4,000 virtual
machines with the default storage size.
Deploys an appliance with 8 CPUs, 24 GB of memory, and 425 GB of storage.
nSet to management-medium-lstorage if you want to deploy a
vCenter Server Appliance with an external Platform Services Controller for up to
400 hosts and 4,000 virtual machines with the large storage size.
Deploys an appliance with 8 CPUs, 24 GB of memory, and 925 GB of storage.
nSet to management-medium-xlstorage if you want to deploy a
vCenter Server Appliance with an external Platform Services Controller for up to
400 hosts and 4,000 virtual machines with the x-large storage size.
Deploys an appliance with 8 CPUs, 24 GB of memory, and 1805 GB of storage.
nSet to management-large if you want to deploy a vCenter Server Appliance with
an external Platform Services Controller for up to 1,000 hosts and 10,000 virtual
machines with the default storage size.
Deploys an appliance with 16 CPUs, 32 GB of memory, and 640 GB of storage.
nSet to management-large-lstorage if you want to deploy a
vCenter Server Appliance with an external Platform Services Controller for up to
1,000 hosts and 10,000 virtual machines with the large storage size.
Deploys an appliance with 16 CPUs, 32 GB of memory, and 990 GB of storage.
nSet to management-large-xlstorage if you want to deploy a
vCenter Server Appliance with an external Platform Services Controller for up to
1,000 hosts and 10,000 virtual machines with the x-large storage size.
Deploys an appliance with 16 CPUs, 32 GB of memory, and 1870 GB of storage.
nSet to management-xlarge if you want to deploy a vCenter Server Appliance with
an external Platform Services Controller for up to 2,000 hosts and 35,000 virtual
machines with the default storage size.
Deploys an appliance with 24 CPUs, 48 GB of memory, and 980 GB of storage.
nSet to management-xlarge-lstorage if you want to deploy a
vCenter Server Appliance with an external Platform Services Controller for up to
2,000 hosts and 35,000 virtual machines with the large storage size.
Deploys an appliance with 24 CPUs, 48 GB of memory, and 1030 GB of storage.
nSet to management-xlarge-xlstorage if you want to deploy a
vCenter Server Appliance with an external Platform Services Controller for up to
2,000 hosts and 35,000 virtual machines with the x-large storage size.
Deploys an appliance with 24 CPUs, 48 GB of memory, and 1910 GB of storage.
nSet to infrastructureif you want to deploy a Platform Services Controller
appliance.
Deploys an appliance with 2 CPUs, 4 GB of memory, and 60 GB of storage.
vCenter Server Installation and Setup
VMware, Inc. 70
Table 213. Configuration Parameters in the new_vcsa Section, appliance Subsection
(Continued)
Name Type Description
image string Optional. A local file path or URL to the vCenter Server Appliance installation package.
By default the installer uses the installation package that is included in the ISO file, in
the vcsa folder.
name string The VM name for the appliance.
Must contain only ASCII characters except a percent sign (%), backslash (\), or
forward slash (/) and must be no more than 80 characters in length.
ovftool_path string Optional. A local file path to the OVF Tool executable file.
By default the installer uses the OVF Tool instance that is included in the ISO file, in
the vcsa/ovftool folder.
Table 214. Configuration Parameters in the new_vcsa Section, network Subsection
Name Type Description
ip_family string IP version for the network of the appliance.
Set to ipv4 or ipv6.
mode string IP assignment for the network of the appliance.
Set to static or dhcp.
ip string IP address for the appliance.
Required only if you use static assignment, that is, if you set the mode parameter to
static.
You must set an IPv4 or IPv6 address that corresponds to the network IP version, that
is, to the value of the ip.family parameter.
An IPv4 address must comply with the RFC 790 guidelines.
An IPv6 address must comply with the RFC 2373 guidelines.
dns_servers string or
array
IP addresses of one or more DNS servers.
To set more than one DNS server, use a comma-separated list of strings or a comma-
separated list as a single string to provide the path. For example,
["x.y.z.a", "x.y.z.b"]
or
"x.y.z.a, x.y.z.b"
Required only if you use static assignment, that is, if you set the mode parameter to
static.
prefix string Network prefix length.
Use only if the mode parameter is set to static. Remove if the mode parameter is set
to dhcp.
The network prefix length is the number of bits that are set in the subnet mask. For
example, if the subnet mask is 255.255.255.0, there are 24 bits in the binary version of
the prefix length, so the network prefix length is 24.
For IPv4 version, the value must be between 0 and 32.
For IPv6 version, the value must be between 0 and 128.
vCenter Server Installation and Setup
VMware, Inc. 71
Table 214. Configuration Parameters in the new_vcsa Section, network Subsection
(Continued)
Name Type Description
gateway string IP address of the default gateway.
For IPv6 version, the value can be default.
system_name string Primary network identity.
Can be an IP address or FQDN, preferably FQDN.
You cannot change the value of this parameter after the deployment.
The FQDN and dotted-decimal numbers must comply with the RFC 1123 guidelines.
Table 215. Configuration Parameters in the new_vcsa Section, os Subsection
Name Type Description
password string The password for the root user of the appliance operating system.
The password must contain between 8 and 20 characters, at least one uppercase
letter, at least one lowercase letter, at least one number, and at least one special
character, for example, a dollar sign ($), hash key (#), at sign (@), period (.), or
exclamation mark (!). All characters must be lower ASCII characters without spaces.
ntp_servers string or
array
Optional. Host names or IP addresses of one or more NTP servers for time
synchronization.
To set more than one NTP server, use a comma-separated list of strings or a comma-
separated list as a single string to provide the path. For example,
["x.y.z.a", "x.y.z.b"]
or
"x.y.z.a, x.y.z.b"
ssh_enable Boolean Set to true to enable SSH administrator login to the appliance.
Note vCenter Server Appliance high availability requires remote SSH access to the
appliance.
time_tools-sync Boolean Optional. Set to true to deploy the appliance with the VMware Tools time
synchronization. VMware Tools synchronizes the time of the appliance with the time of
the ESxi host.
Ignored if you set NTP servers for time synchronization, that is, if you set the
ntp.servers parameter.
vCenter Server Installation and Setup
VMware, Inc. 72
Table 216. Configuration Parameters in the new_vcsa Section, sso Subsection
Name Type Description
password string Password of the vCenter Single Sign-On administrator user,
administrator@your_domain_name.
nIf you are deploying a vCenter Server Appliance with an embedded
Platform Services Controller or a Platform Services Controller appliance as the
first instance in a new vCenter Single Sign-On domain, you must set the password
for the vCenter Single Sign-On administrator user.
The password must contain between 8 and 20 characters, at least one uppercase
letter, at least one lowercase letter, at least one number, and at least one special
character, for example, a dollar sign ($), hash key (#), at sign (@), period (.), or
exclamation mark (!). All characters must be ASCII characters.
nIf you are deploying a Platform Services Controller appliance as a replication
partner in an existing vCenter Single Sign-On domain, you must provide the
password of the vCenter Single Sign-On administrator user of the partner
Platform Services Controller.
nIf you are deploying a vCenter Server Appliance with an external
Platform Services Controller, you must provide the password of the vCenter Single
Sign-On administrator user of the external Platform Services Controller.
domain_name string vCenter Single Sign-On domain name, for example, vsphere.local.
nIf you are deploying a vCenter Server Appliance with an embedded
Platform Services Controller or a Platform Services Controller appliance as the
first instance in a new vCenter Single Sign-On domain, you must set the name for
the new vCenter Single Sign-On domain.
nIf you are deploying a vCenter Server Appliance with an external
Platform Services Controller or a Platform Services Controller appliance as a
replication partner in an existing vCenter Single Sign-On domain, you must
provide the name of the existing vCenter Single Sign-On domain.
first_instance Boolean Required only if you are deploying a Platform Services Controller appliance.
The default value is true.
Set to false if you want to join the Platform Services Controller appliance to an
existing vCenter Single Sign-On domain.
Joined Platform Services Controller instances replicate their infrastructure data and
enable Enhanced Linked Mode. For information about managing the
Platform Services Controller services, see Platform Services Controller Administration.
platform_services_contr
oller
string The system name of the external Platform Services Controller.
Required only if you are deploying a vCenter Server Appliance with an external
Platform Services Controller.
replication_partner_hos
tname
string The system name of the partner Platform Services Controller.
Required only if you are deploying a Platform Services Controller appliance as a
replication partner in an existing vCenter Single Sign-On domain.
sso_port integer The HTTPS reverse proxy port of the partner Platform Services Controller.
The default port is 443. Use only if you the partner Platform Services Controller uses a
custom HTTPS reverse proxy port.
site_name string vCenter Single Sign-On name.
Required only if you are deploying an embedded Platform Services Controller
appliance.
vCenter Server Installation and Setup
VMware, Inc. 73
Configuration Parameters in the ceip Section
Table 217. Configuration Parameters in the ceip Section, settings Subsection
Name Type Description
ceip_enabled Boolean Set to true to join the CEIP for this appliance.
Deploy a vCenter Server Appliance or
Platform Services Controller Appliance by Using the CLI
You can use the CLI installer to perform an unattended deployment of a vCenter Server Appliance or
Platform Services Controller appliance. You must run the CLI deployment from a Windows, Linux, or Mac
machine that is in the network on which you want to deploy the appliance.
Prerequisites
nSee Prerequisites for Deploying the vCenter Server Appliance or Platform Services Controller
Appliance.
nPrepare Your JSON Configuration File for CLI Deployment.
nReview Syntax of the CLI Deployment Command.
nVerify that the user name with which you are logged in to your client machine, the path to the
vCenter Server Appliance installer, the path to your JSON configuration file, and the string values in
your JSON configuration file contain only ASCII characters. Extended ASCII and non-ASCII
characters are unsupported.
Procedure
1Navigate to the vcsa-cli-installer subdirectory for your operating system.
nIf you are running the deployment on Windows OS, navigate to the vcsa-cli-installer\win32
directory.
nIf you are running the deployment on Linux OS, navigate to the vcsa-cli-installer/lin64
directory.
nIf you are running the deployment on Mac OS, navigate to the vcsa-cli-installer/mac
directory.
2(Optional) Run a pre-deployment check without deploying the appliance to verify that you prepared
the deployment template correctly.
vcsa-deploy install --verify-only path_to_the_json_file
vCenter Server Installation and Setup
VMware, Inc. 74
3Run the deployment command.
vcsa-deploy install --accept-eula --acknowledge-ceip optional_arguments path_to_the_json_file
Use optional_arguments to enter space-separated arguments to set additional execution parameters
of the deployment command.
For example, you can set the location of the log and other output files that the installer generates.
vcsa-deploy install --accept-eula --acknowledge-ceip --log-dir=path_to_the_location
path_to_the_json_file
Syntax of the CLI Deployment Command
You can use command arguments to set the execution parameters of the deployment command.
You can add a space-separated list of arguments to the CLI deployment command.
vcsa-deploy install path_to_the_json_file list_of_arguments
Argument Description
--accept-eula Accepts the end-user license agreement.
Required for executing the deployment command.
--acknowledge-ceip Confirms your acknowledgement of your VMware Customer
Experience Improvement Program (CEIP) participation.
Required if the ceip.enabled parameter is set to true in the
JSON deployment template.
-v, --verbose Adds debug information to the console output.
-t, --terse Hides the console output. Displays only warning and error
messages.
--log-dir LOG_DIR Sets the location of the log and other output files.
--skip-ovftool-verification Performs basic verification of the configuration parameters in the
JSON file and deploys the appliance. Does not perform
verification of the OVF Tool parameters.
--no-esx-ssl-certificate-verification Skips the SSL verification for ESXi connections.
Important Avoid using this option because it might cause
problems during deployment or after deployment because of not
validated identity of the target ESXi host.
--pause-on-warnings Pauses and waits for acknowledgment of warnings.
--verify-only Performs basic verification of the configuration parameters in the
JSON file and verification of the OVF Tool parameters. Does not
deploy the appliance.
--sso-ssl-thumbprint SSL-SHA1-THUMBPRINT Validates server certificate against the supplied SHA1
thumbprint.
vCenter Server Installation and Setup
VMware, Inc. 75
Argument Description
-h, --help Displays the help message for the vcsa-deploy install
command.
--template-help Displays the help message for the use of configuration
parameters in the JSON deployment file.
After the execution finishes, you can get the exit code of the command.
Exit Code Description
0 Command ran successfully
1 Runtime error
2 Validation error
3 Template error
Deploy Multiple vCenter Server Appliances or Platform Services
Controller Appliances Using the CLI
You can deploy multiple instances of the vCenter Server Appliance or the Platform Services Controller
concurrently (in batch mode) using the CLI installer.
To deploy multiple instances concurrently, create JSON templates for all the vCenter Server Applianceand
Platform Services Controller instances in your deployment. The CLI installer assesses the topology of the
deployment using the JSON templates, and determines the order. For this reason, the JSON templates
must use static IP addresses for all vCenter Server and Platform Services Controller instances in the
deployment that are dependant upon one another. For example, you can install two vCenter Server
instances which share a common external Platform Services Controller instance.
Important The JSON templates you create for each appliance must use a static IP address to resolve
the network addresses of other appliances in the deployment upon which they have a dependency.
To perform the batch deployment, place the JSON templates defining your deployment in a single
directory. When invoked, the CLI installer deploys your existing deployment using the topology defined in
the JSON templates.
Procedure
1In your workspace, create a folder to contain the JSON files for batch deployment. For example,
MyWorkspace/BatchDeploy.
2Prepare each JSON configuration file and copy the file to your batch deployment folder. See Prepare
Your JSON Configuration File for CLI Deployment for instructions on configuring the JSON files.
3Navigate to the vcsa-cli-installer subdirectory for your operating system.
nIf you are running the deployment on Windows OS, navigate to the vcsa-cli-installer\win32
directory.
vCenter Server Installation and Setup
VMware, Inc. 76
nIf you are running the deployment on Linux OS, navigate to the vcsa-cli-installer/lin64
directory.
nIf you are running the deployment on Mac OS, navigate to the vcsa-cli-installer/mac
directory.
4(Optional) Run a pre-deployment check without deploying the appliance to verify that you prepared
the deployment template correctly. For example:
vcsa-deploy install --verify-only MyWorkspace/BatchDeploy
5Run the deployment command. For example,
vcsa-deploy install --accept-eula --acknowledge-ceip optional_arguments MyWorkspace/BatchDeploy
Use optional_arguments to enter space-separated arguments to set additional execution parameters
of the deployment command.
For example, you can set the location of the log and other output files that the installer generates.
vcsa-deploy install --accept-eula --acknowledge-ceip --log-dir=path_to_the_location
MyWorkspace/BatchDeploy
vCenter Server Installation and Setup
VMware, Inc. 77
Installing vCenter Server and
Platform Services Controller on
Windows 3
You can install vCenter Server with an embedded or external Platform Services Controller on a Microsoft
Windows virtual machine or physical server to manage your vSphere environment.
Before you install vCenter Server, download the installer ISO file and mount it to the Windows host
machine on which you want to perform the installation, and then start the installation wizard.
Windows installations of vCenter Server can use either the embedded PostreSQL database or an
external database. Before installing vCenter Server that uses an external database, you must prepare
your database. See Preparing vCenter Server Databases for Install.
For information about the vCenter Server requirements, see vCenter Server for Windows Requirements.
For information about the inputs that are required during the installation of vCenter Server, see Required
Information for Installing vCenter Server or Platform Services Controller on Windows.
Important For topologies with external Platform Services Controller instances, you must install the
replicating Platform Services Controller instances in a sequence. After the successful deployment of all
Platform Services Controller instances in the domain, you can perform concurrent installations of multiple
vCenter Server instances that point to a common external Platform Services Controller instance.
After you install vCenter Server, only the user administrator@your_domain_name has the privileges to
log in to the vCenter Server system.
The administrator@your_domain_name user can perform the following tasks:
nAdd an identity source in which additional users and groups are defined in vCenter Single Sign-On.
nAssign roles to users and groups to give them privileges.
For information about adding identity sources and giving permissions to the users and groups, see
Platform Services Controller Administration.
Starting with vSphere 6.5, vCenter Server supports mixed IPv4 and IPv6 environment. If you want to set
up the vCenter Server instance to use an IPv6 address version, use the fully qualified domain name
(FQDN) or host name of the host machine. To set up an IPv4 address, the best practice is to use the
FQDN or host name of the host machine, because the IP address can change if assigned by DHCP.
VMware, Inc. 78
This chapter includes the following topics:
nvCenter Server for Windows Requirements
nPreparing for Installing vCenter Server and Platform Services Controller on Windows
nRequired Information for Installing vCenter Server or Platform Services Controller on Windows
nInstalling vCenter Server and Platform Services Controller on Windows
vCenter Server for Windows Requirements
To install vCenter Server on a Windows virtual machine or physical server, your system must meet
specific hardware and software requirements.
nSynchronize the clocks of the virtual machines on which you plan to install vCenter Server and the
Platform Services Controller. See Synchronizing Clocks on the vSphere Network.
nVerify that the DNS name of the virtual machine or physical server matches the actual full computer
name.
nVerify that the host name of the virtual machine or physical server on which you are installing
vCenter Server complies with RFC 1123 guidelines.
nVerify that the system on which you are installing vCenter Server is not an Active Directory domain
controller.
nIf you plan to use a user account other than the Local System account in which to run your
vCenter Server service, verify that the user account has the following permissions:
nMember of the Administrators group
nLog on as a service
nAct as part of the operating system (if the user is a domain user)
Note Starting with vSphere 6.5, the vCenter Server services run as child processes of the VMware
Service Lifecycle Manager service.
nVerify that the local policy of the virtual machine or physical server on which you are installing
vCenter Server allows assigning Log on as a batch job rights to new local users.
Note Starting with vSphere 6.5, some vCenter Server processes use separate local users that are
automatically created and added to the local security policy Log on as a batch job. Such new local
users are cm, content-library, eam, imagebuilder, mbcs, netdumper, perfcharts, rbd, vapiEndpoint,
vmware-vpostgres, vsan-health, vsm, vsphere-client, and vsphere-ui.
nIf the system that you use for your vCenter Server installation belongs to a workgroup rather than a
domain, not all functionality is available to vCenter Server. If assigned to a workgroup, the
vCenter Server system is not able to discover all domains and systems available on the network
when using some features. Your host machine must be connected to a domain if you want to add
Active Directory identity sources after the installation.
vCenter Server Installation and Setup
VMware, Inc. 79
nVerify that the LOCAL SERVICE account has read permission on the folder in which vCenter Server
is installed and on the HKLM registry.
nVerify that the connection between the virtual machine or physical server and the domain controller is
working.
Pre-Install Checks for vCenter Server and
Platform Services Controller on Windows
When you install or upgrade vCenter Server and Platform Services Controller on Windows, the installer
does a pre-check, for example, to verify that enough space is available on the virtual machine or physical
server where you are installing or upgrading vCenter Server, and verifies that the external database, if
any, can be successfully accessed.
When you install Platform Services Controller as an embedded or external instance, vCenter Single Sign-
On is installed as part of Platform Services Controller. During the installation of an external
Platform Services Controller, the installer provides you with the option to join an existing vCenter Single
Sign-On server domain. During the installation of vCenter Server with an external
Platform Services Controller, the installer prompts you to join an existing vCenter Single Sign-On server
domain. When you provide the information about the vCenter Single Sign-On service, the installer uses
the administrator account to check the host name and password, to verify that the details of the vCenter
Single Sign-On server you provided can be authenticated before proceeding with the installation process.
The pre-install checker performs checks for the following aspects of the environment:
nWindows version
nMinimum processor requirements
nMinimum memory requirements
nMinimum disk space requirements
nPermissions on the selected install and data directory
nInternal and external port availability
nExternal database version
nExternal database connectivity
nAdministrator privileges on the Windows machine
nAny credentials that you enter
Additionally, the pre-install checker verifies if Universal C Runtime is installed. This is a Microsoft
Windows operating system component that enables CRT functionality on the Windows OS. If Universal C
Runtime is not installed, you receive an error message.
For information about the minimum storage requirements, see Storage Requirements for vCenter Server
and Platform Services Controller on Windows. For information about the minimum hardware
requirements, see Hardware Requirements for vCenter Server and Platform Services Controller on
Windows.
vCenter Server Installation and Setup
VMware, Inc. 80
Hardware Requirements for vCenter Server and
Platform Services Controller on Windows
When you install vCenter Server or Platform Services Controller on a virtual machine or physical server
running Microsoft Windows, your system must meet specific hardware requirements.
You can install vCenter Server and the Platform Services Controller on the same virtual machine or
physical server or on different virtual machines or physical servers. When you install vCenter Server with
an embedded Platform Services Controller, you install vCenter Server and the
Platform Services Controller on the same virtual machine or physical server. When you install the
vCenter Server with an external Platform Services Controller, first install the Platform Services Controller
that contains all of the required services on one virtual machine or physical server, and then install
vCenter Server and the vCenter Server components on another virtual machine or physical server.
Note Installing vCenter Server on a network drive or USB flash drive is not supported.
Table 31. Minimum Recommended Hardware Requirements for Installing vCenter Server and
Platform Services Controller on Windows
Platform Services
Controller
vCenter
Server with
an
Embedded
or External
Platform
Services
Controller
for a Tiny
Environment
(up to 10
Hosts, 100
Virtual
Machines)
vCenter
Server with
an
Embedded
or External
Platform
Services
Controller
for a Small
Environment
(up to 100
Hosts, 1000
Virtual
Machines)
vCenter
Server with
an
Embedded
or External
Platform
Services
Controller
for a Medium
Environment
(up to 400
Hosts, 4,000
Virtual
Machines)
vCenter
Server with
an
Embedded
or External
Platform
Services
Controller
for a Large
Environment
(up to 1,000
Hosts,
10,000
Virtual
Machines)
vCenter Server
with an
Embedded or
External
Platform Services
Controller for X-
Large
Environment (up
to 2,000 Hosts,
35,000 Virtual
Machines)
Number of
CPUs
2 2 4 8 16 24
Memory 4 GB RAM 10 GB RAM 16 GB RAM 24 GB RAM 32 GB RAM 48 GB RAM
Note If you want to add an ESXi host with more than 512 LUNs and 2,048 paths to the vCenter Server
inventory, your vCenter Server instance must be suitable for a large or x-large environment.
For the hardware requirements of your database, see the database documentation. The database
requirements are in addition to the vCenter Server requirements if the database and vCenter Server run
on the same machine.
Storage Requirements for vCenter Server and
Platform Services Controller on Windows
When you install vCenter Server, your system must meet minimum storage requirements.
vCenter Server Installation and Setup
VMware, Inc. 81
The storage requirements per folder depend on the deployment model that you decide to install. During
installation, you can select a folder other than the default C:\Program Files\VMware folder to install
vCenter Server and the Platform Services Controller. You can also select a folder other than the default
C:\ProgramData\VMware\vCenterServer\ in which to store data.
Table 32. vCenter Server Minimum Storage Requirements Depending On the Deployment
Model
Default Folder
vCenter Server with an
Embedded
Platform Services
Controller
vCenter Server with an
External
Platform Services
Controller
External
Platform Services Controller
Program Files 6 GB 6 GB 1 GB
ProgramData 8 GB 8 GB 2 GB
System folder (to cache the
MSI installer)
3 GB 3 GB 1 GB
Software Requirements for vCenter Server and
Platform Services Controller on Windows
Verify that your operating system supports vCenter Server.
vCenter Server requires a 64-bit operating system, and the 64-bit system DSN is required for
vCenter Server to connect to the external database.
The earliest Windows Server version that vCenter Server supports is Windows Server 2008 SP2. Your
Windows Server must have the latest updates and patches installed. For a full list of supported operating
systems, see http://kb.vmware.com/kb/2091273.
Database Requirements for vCenter Server on Windows
vCenter Server requires a database to store and organize server data.
Each vCenter Server instance must have its own database. For environments with up to 20 hosts and
200 virtual machines, you can use the bundled PostgreSQL database that the vCenter Server installer
can install and set up for you during the vCenter Server installation. A larger installation requires a
supported external database for the size of the environment.
During vCenter Server installation you must select to install the embedded database or point the
vCenter Server system to any existing supported database. vCenter Server supports Oracle and
Microsoft SQL Server databases.
For information about supported database server versions, see the VMware Product Interoperability
Matrix at http://www.vmware.com/resources/compatibility/sim/interop_matrix.php.
vCenter Server Installation and Setup
VMware, Inc. 82
Required Ports for vCenter Server and
Platform Services Controller
The vCenter Server system, both on Windows and in the appliance, must be able to send data to every
managed host and receive data from the vSphere Web Client and the Platform Services Controller
services. To enable migration and provisioning activities between managed hosts, the source and
destination hosts must be able to receive data from each other.
If a port is in use or is blacklisted, the vCenter Server installer displays an error message. You must use
another port number to proceed with the installation. There are internal ports that are used only for inter-
process communication.
VMware uses designated ports for communication. Additionally, the managed hosts monitor designated
ports for data from vCenter Server. If a built-in firewall exists between any of these elements, the installer
opens the ports during the installation or upgrade process. For custom firewalls, you must manually open
the required ports. If you have a firewall between two managed hosts and you want to perform source or
target activities, such as migration or cloning, you must configure a means for the managed hosts to
receive data.
Note In Microsoft Windows Server 2008 and later, firewall is enabled by default.
Table 33. Ports Required for Communication Between Components
Port Protocol Description Required for
Used for Node-to-Node
Communication
22 TCP System port for SSHD. Appliance deployments
of
nvCenter Server
nPlatform Services
Controller
No
53 DNS service Windows installations
and appliance
deployments of
Platform Services
Controller
No
vCenter Server Installation and Setup
VMware, Inc. 83
Table 33. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
Used for Node-to-Node
Communication
80 TCP vCenter Server requires port 80 for direct
HTTP connections. Port 80 redirects
requests to HTTPS port 443. This
redirection is useful if you accidentally
use http://server instead of https://server.
WS-Management (also requires port 443
to be open).
If you use a Microsoft SQL database that
is stored on the same virtual machine or
physical server as the vCenter Server,
port 80 is used by the SQL Reporting
Service. When you install or upgrade
vCenter Server, the installer prompts you
to change the HTTP port for
vCenter Server. Change the
vCenter Server HTTP port to a custom
value to ensure a successful installation
or upgrade.
Important You can change this port
number during the vCenter Server and
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
nvCenter Server
nPlatform Services
Controller
No
88 TCP Active Directory server. This port must be
open for host to join Active Directory. If
you use native Active Directory, the port
must be open on both vCenter Server
and Platform Services Controller.
Windows installations
and appliance
deployments of
Platform Services
Controller
No
389 TCP/UDP This port must be open on the local and
all remote instances of vCenter Server.
This is the LDAP port number for the
Directory Services for the vCenter Server
group. If another service is running on
this port, it might be preferable to remove
it or change its port to a different port.
You can run the LDAP service on any
port from 1025 through 65535.
If this instance is serving as the Microsoft
Windows Active Directory, change the
port number from 389 to an available port
from 1025 through 65535.
Windows installations
and appliance
deployments of
Platform Services
Controller
nvCenter Server to
Platform Services
Controller
nPlatform Services
Controller to
Platform Services
Controller
vCenter Server Installation and Setup
VMware, Inc. 84
Table 33. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
Used for Node-to-Node
Communication
443 TCP The default port that the vCenter Server
system uses to listen for connections
from the vSphere Web Client. To enable
the vCenter Server system to receive
data from the vSphere Web Client, open
port 443 in the firewall.
The vCenter Server system also uses
port 443 to monitor data transfer from
SDK clients.
This port is also used for the following
services:
nWS-Management (also requires port
80 to be open)
nThird-party network management
client connections to vCenter Server
nThird-party network management
clients access to hosts
Important You can change this port
number during the vCenter Server and
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
nvCenter Server
nPlatform Services
Controller
nvCenter Server to
vCenter Server
nvCenter Server to
Platform Services
Controller
nPlatform Services
Controller to
vCenter Server
514 TCP/UDP vSphere Syslog Collector port for
vCenter Server on Windows and vSphere
Syslog Service port for
vCenter Server Appliance
Important You can change this port
number during the vCenter Server and
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
nvCenter Server
nPlatform Services
Controller
No
636 TCP vCenter Single Sign-On LDAPS
For backward compatibility with vSphere
6.0 only.
Windows installations
and appliance
deployments of
Platform Services
Controller
During upgrade from
vSphere 6.0 only.
vCenter Server 6.0 to
Platform Services
Controller 6.5
vCenter Server Installation and Setup
VMware, Inc. 85
Table 33. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
Used for Node-to-Node
Communication
902 TCP/UDP The default port that the vCenter Server
system uses to send data to managed
hosts. Managed hosts also send a
regular heartbeat over UDP port 902 to
the vCenter Server system. This port
must not be blocked by firewalls between
the server and the hosts or between
hosts.
Port 902 must not be blocked between
the VMware Host Client and the hosts.
The VMware Host Client uses this port to
display virtual machine consoles
Important You can change this port
number during the vCenter Server
installations on Windows.
Windows installations
and appliance
deployments of
vCenter Server
No
1514 TCP vSphere Syslog Collector TLS port for
vCenter Server on Windows and vSphere
Syslog Service TLS port for
vCenter Server Appliance
Important You can change this port
number during the vCenter Server and
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
nvCenter Server
nPlatform Services
Controller
No
2012 TCP Control interface RPC for vCenter Single
Sign-On
Windows installations
and appliance
deployments of
Platform Services
Controller
nvCenter Server to
Platform Services
Controller
nPlatform Services
Controller to
vCenter Server
nPlatform Services
Controller to
Platform Services
Controller
2014 TCP RPC port for all VMCA (VMware
Certificate Authority) APIs
Important You can change this port
number during the
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
Platform Services
Controller
nvCenter Server to
Platform Services
Controller
nPlatform Services
Controller to
vCenter Server
2015 TCP DNS management Windows installations
and appliance
deployments of
Platform Services
Controller
Platform Services
Controller to
Platform Services
Controller
vCenter Server Installation and Setup
VMware, Inc. 86
Table 33. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
Used for Node-to-Node
Communication
2020 TCP/UDP Authentication framework management
Important You can change this port
number during the vCenter Server and
Platform Services Controller installations
on Windows.
Windows installations
and appliance
deployments of
nvCenter Server
nPlatform Services
Controller
nvCenter Server to
Platform Services
Controller
nPlatform Services
Controller to
vCenter Server
5480 TCP Appliance Management Interface
Open endpoint serving all HTTPS,
XMLRPS and JSON-RPC requests over
HTTPS.
Appliance deployments
of
nvCenter Server
nPlatform Services
Controller
No
6500 TCP/UDP ESXi Dump Collector port
Important You can change this port
number during the vCenter Server
installations on Windows.
Windows installations
and appliance
deployments of
vCenter Server
No
6501 TCP Auto Deploy service
Important You can change this port
number during the vCenter Server
installations on Windows.
Windows installations
and appliance
deployments of
vCenter Server
No
6502 TCP Auto Deploy management
Important You can change this port
number during the vCenter Server
installations on Windows.
Windows installations
and appliance
deployments of
vCenter Server
No
7080,
12721
TCP Secure Token Service
Note Internal ports
Windows installations
and appliance
deployments of
Platform Services
Controller
No
7081 TCP VMware Platform Services Controller
Web Client
Note Internal port
Windows installations
and appliance
deployments of
Platform Services
Controller
No
8200,
8201,
8300,
8301
TCP Appliance management
Note Internal ports
Appliance deployments
of
nvCenter Server
nPlatform Services
Controller
No
8084 TCP vSphere Update Manager SOAP port
The port used by vSphere Update
Manager client plug-in to connect to the
vSphere Update Manager SOAP server.
Appliance deployments
of vCenter Server
No
vCenter Server Installation and Setup
VMware, Inc. 87
Table 33. Ports Required for Communication Between Components (Continued)
Port Protocol Description Required for
Used for Node-to-Node
Communication
9084 TCP vSphere Update Manager Web Server
Port
The HTTP port used by ESXi hosts to
access host patch files from vSphere
Update Manager server.
Appliance deployments
of vCenter Server
No
9087 TCP vSphere Update Manager Web SSL Port
The HTTPS port used by vSphere
Update Manager client plug-in to upload
host upgrade files to vSphere Update
Manager server.
Appliance deployments
of vCenter Server
No
9443 TCP vSphere Web Client HTTPS Windows installations
and appliance
deployments of
vCenter Server
No
To configure the vCenter Server system to use a different port to receive vSphere Web Client data, see
the vCenter Server and Host Management documentation.
For more information about firewall configuration, see the vSphere Security documentation.
DNS Requirements for vCenter Server and
Platform Services Controller on Windows
You install or upgrade vCenter Server, like any other network server, on a host machine with a fixed IP
address and well-known DNS name, so that clients can reliably access the service.
Assign a static IP address and host name to the Windows server that will host the vCenter Server system.
This IP address must have a valid (internal) domain name system (DNS) registration. When you install
vCenter Server and the Platform Services Controller, you must provide the fully qualified domain name
(FQDN) or the static IP of the host machine on which you are performing the install or upgrade. The
recommendation is to use the FQDN.
Ensure that DNS reverse lookup returns an FQDN when queried with the IP address of the host machine
on which vCenter Server is installed. When you install or upgrade vCenter Server, the installation or
upgrade of the Web server component that supports the vSphere Web Client fails if the installer cannot
look up the fully qualified domain name of the vCenter Server host machine from its IP address. Reverse
lookup is implemented using PTR records.
If you plan to use an FQDN for the virtual machine or physical server, you must verify that the FQDN is
resolvable.
You can use the nslookup command to verify that the DNS reverse lookup service returns an FQDN
when queried with the IP address and to verify that the FQDN is resolvable.
nslookup -nosearch -nodefname FQDN_or_IP_address
vCenter Server Installation and Setup
VMware, Inc. 88
If you use DHCP instead of a static IP address for vCenter Server, make sure that the vCenter Server
computer name is updated in the domain name service (DNS). If you can ping the computer name, the
name is updated in DNS.
Ensure that the ESXi host management interface has a valid DNS resolution from the vCenter Server and
all vSphere Web Client instances. Ensure that the vCenter Server has a valid DNS resolution from all
ESXi hosts and all vSphere Web Clients.
vSphere Web Client Software Requirements
Make sure that your browser supports the vSphere Web Client.
The vSphere Web Client 6.7 requires Adobe Flash Player v. 16 to 23. For best performance and the most
recent security updates, use Adobe Flash Player 23.
VMware has tested and supports the following guest operating systems and browser versions for the
vSphere Web Client. For best performance, use Google Chrome.
Table 34. Supported Guest Operating Systems and Minimum Browser Versions for the
vSphere Web Client
Operating system Browser
Windows Microsoft Internet Explorer v. 10.0.19 and later.
Mozilla Firefox v. 39 and later.
Google Chrome v. 34 and later.
Mac OS Mozilla Firefox v. 39 and later.
Google Chrome v. 34 and later.
Preparing for Installing vCenter Server and
Platform Services Controller on Windows
Before you install vCenter Server or Platform Services Controller, you must download the vCenter Server
installer ISO file and mount it to the Windows virtual machine or physical server on which you want to
install vCenter Server or Platform Services Controller.
If you plan to use an external vCenter Server database, before you install vCenter Server, you must set
up the database.
Download the vCenter Server Installer for Windows
Download the .iso installer for vCenter Server for Windows and the associated vCenter Server
components and support tools.
Prerequisites
Create a My VMware account at https://my.vmware.com/web/vmware/.
vCenter Server Installation and Setup
VMware, Inc. 89
Procedure
1Download the vCenter Server installer from the VMware Web site at
https://my.vmware.com/web/vmware/downloads.
vCenter Server is part of VMware vCloud Suite and VMware vSphere, listed under Datacenter &
Cloud Infrastructure.
2VMware provides a sha-1 hash, a sha-256 hash, or an MD5 message digest for software downloads.
To confirm file integrity, use a sha-1, sha-256, and/or a MD5 utility on your computer to calculate your
own hash for files downloaded from the VMware web site.
See the VMware Web site topic Using Cryptographic Hashes at
http://www.vmware.com/download/md5.html.
3Mount the ISO image to the Windows virtual machine or physical server on which you want to install
vCenter Server for Windows.
Preparing vCenter Server Databases for Install
vCenter Server requires a database to store and organize server data. For vCenter Server on Windows,
you can either use the bundled PostgreSQL database that can be installed and configured together with
vCenter Server, or you can set up an external database prior to installing vCenter Server.
vCenter Server for Windows supports Oracle and Microsoft SQL Server as external databases.
You can configure an external database manually or by using a script. In addition, the data source name
user must have a specific list of permissions.
The database passwords are stored in clear text on the Windows virtual machine or physical host on
which you install vCenter Server and in the vCenter Server Appliance. The files containing the passwords
are protected by using the operating system protection, that is, you must be a Windows local
administrator or a Linux root user to access and read these files.
vCenter Server instances cannot share the same database schema. Multiple vCenter Server databases
can reside on the same database server, or they can be separated across multiple database servers. For
Oracle databases, which have the concept of schema objects, you can run multiple vCenter Server
instances in a single database server if you have a different schema owner for each vCenter Server
instance. You can also use a dedicated Oracle database server for each vCenter Server instance.
You cannot install vCenter Server and point to an older external vCenter Server database. You can
upgrade the old vCenter Server database to the latest version only by upgrading the vCenter Server
instance connected to that database. For information about upgrading vCenter Server, see vSphere
Upgrade.
vCenter Server Database Configuration Notes
After you select a supported database type, make sure you understand any special configuration
requirements.
vCenter Server Installation and Setup
VMware, Inc. 90
Table 35 is not a complete list of databases supported with vCenter Server for Windows. For information
about specific database versions and service pack configurations supported with vCenter Server, see the
VMware Product Interoperability Matrixes. Only special database configuration notes not listed in the
Product Interoperability Matrixes are provided in Table 35.
vCenter Server databases require a UTF code set.
Contact your DBA for the appropriate database credentials.
Table 35. Configuration Notes for Databases Supported with vCenter Server
Database Type Configuration Notes
Embedded PostgreSQL For vCenter Server 6.7, the bundled PostgreSQL database is suitable for environments with up to
20 hosts and 200 virtual machines.
Important If you use the embedded PostgreSQL database, uninstalling vCenter Server on
Windows, uninstalls the embedded database, and all data is lost.
Microsoft SQL Server 2012
SP3
Ensure that the machine has a valid ODBC DSN entry.
Microsoft SQL Server 2014
SP2
Ensure that the machine has a valid ODBC DSN entry.
Oracle 11g and Oracle 12c Ensure that the machine has a valid ODBC DSN entry.
After you complete the vCenter Server installation, apply the latest patch to the Oracle client and
server.
Configure Microsoft SQL Server Databases
To use a Microsoft SQL database for your vCenter Server repository, configure your database to work
with vCenter Server.
You can install and configure the Microsoft SQL Server database on the same machine on which you plan
to install vCenter Server. You can install and configure the Microsoft SQL Server database on a separate
machine.
Procedure
1Prepare the vCenter Server SQL Server Database
You first create a database and user for vCenter Server. Then you assign permissions to the
vCenter Server database user either by using the existing dbo schema and dbo_owner role or by
creating custom database schema and roles.
2(Optional) Use a Script to Create Microsoft SQL Server Database Objects Manually
This topic describes how to create database objects manually instead of letting the vCenter Server
installer create the data objects automatically.
3Configure a SQL Server ODBC Connection
After you create and configure a SQL Server database and user for vCenter Server, you must create
a 64-bit DSN on the machine on which you plan to install vCenter Server. During the vCenter Server
installation, you use the DSN to establish a connection between vCenter Server and the database.
vCenter Server Installation and Setup
VMware, Inc. 91
4Configure Microsoft SQL Server TCP/IP for JDBC
If the Microsoft SQL Server database has TCP/IP disabled and the dynamic ports are not set, the
JDBC connection remains closed. The closed connection causes the vCenter Server statistics to
malfunction. You can configure the server TCP/IP for JDBC.
Prepare the vCenter Server SQL Server Database
You first create a database and user for vCenter Server. Then you assign permissions to the
vCenter Server database user either by using the existing dbo schema and dbo_owner role or by creating
custom database schema and roles.
Prerequisites
Log in to the Microsoft SQL Server Management Studio as the sysadmin (SA) or a user account with
sysadmin privileges.
Prepare the vCenter Server Database by Using the dbo Schema and the db_owner Database
Role
The simplest way to assign permissions for a vCenter Server database user is through the database role
db_owner.
You must first create a database and user for vCenter Server. Then you can use the existing dbo_owner
database role and let the vCenter Server installer create the default dbo schema that assigns database
user permissions to that role. You must also enable database monitoring for the user before you install
vCenter Server. See Database Permission Requirements for vCenter Server.
To perform the following procedure, you can either use the graphical user interface or run scripts. The
vCenter Server installer package contains example scripts in the vCenter-
Server\dbschema\DB_and_schema_creation_scripts_PostgreSQL.txt file.
Procedure
1Create a database and user for vCenter Server.
a In the master database, create a database for vCenter Server.
b Create a database user for vCenter Server and map it to the vCenter Server and msdb
databases.
For example, to create the database VCDB and user vpxuser, you can run the following script:
use master
go
CREATE DATABASE VCDB ON PRIMARY
(NAME = N'vcdb', FILENAME = N'C:\database_path\VCDB.mdf', SIZE = 10MB, FILEGROWTH = 10% )
LOG ON
(NAME = N'vcdb_log', FILENAME = N'C:\database_path\VCDB.ldf', SIZE = 1000KB, FILEGROWTH = 10%)
COLLATE SQL_Latin1_General_CP1_CI_AS
go
use VCDB
go
CREATE LOGIN vpxuser WITH PASSWORD=N'vpxuser!0', DEFAULT_DATABASE=VCDB,
DEFAULT_LANGUAGE=us_english, CHECK_POLICY=OFF
vCenter Server Installation and Setup
VMware, Inc. 92
go
CREATE USER vpxuser for LOGIN vpxuser
go
use MSDB
go
CREATE USER vpxuser for LOGIN vpxuser
go
You now have a Microsoft SQL Server database that you can use with vCenter Server.
2Assign the db_owner role to the vCenter Server database user on both the vCenter Server and msdb
databases.
For example, to assign the db_owner role to the vpxuser user, you can run the following script:
use VCDB
go
sp_addrolemember @rolename = 'db_owner', @membername = 'vpxuser'
go
use MSDB
go
sp_addrolemember @rolename = 'db_owner', @membername = 'vpxuser'
go
3Enable database monitoring for the vCenter Server database user.
For example, to grant database disk size monitoring permissions to the vpxuser user, you can run the
following script:
use master
go
grant VIEW SERVER STATE to vpxuser
go
GRANT VIEW ANY DEFINITION TO vpxuser
go
When you install vCenter Server, the installer uses the default dbo schema to assign permissions to the
db_owner role.
Prepare the vCenter Server Database by Creating Custom Database Schema and Roles
As an alternative to using the db_owner database role, experienced database administrators can set
permissions by creating database schema and roles manually, which ensures greater control over
database permissions.
You must first create a database and user for vCenter Server. Then you can create a custom schema and
new database roles for the database user. You must also enable database monitoring for the user before
you install vCenter Server. See Database Permission Requirements for vCenter Server.
To perform the following procedure, you can either use the graphical user interface or run scripts. The
vCenter Server installer package contains example scripts in the vCenter-
Server\dbschema\DB_and_schema_creation_scripts_PostgreSQL.txt file.
vCenter Server Installation and Setup
VMware, Inc. 93
Procedure
1Create a database and user for vCenter Server.
a In the master database, create a database for vCenter Server.
b Create a database user for vCenter Server and map it to the vCenter Server and msdb
databases.
For example, to create the database VCDB and user vpxuser, you can run the following script:
use master
go
CREATE DATABASE VCDB ON PRIMARY
(NAME = N'vcdb', FILENAME = N'C:\database_path\VCDB.mdf', SIZE = 10MB, FILEGROWTH = 10% )
LOG ON
(NAME = N'vcdb_log', FILENAME = N'C:\database_path\VCDB.ldf', SIZE = 1000KB, FILEGROWTH = 10%)
COLLATE SQL_Latin1_General_CP1_CI_AS
go
use VCDB
go
CREATE LOGIN vpxuser WITH PASSWORD=N'vpxuser!0', DEFAULT_DATABASE=VCDB,
DEFAULT_LANGUAGE=us_english, CHECK_POLICY=OFF
go
CREATE USER vpxuser for LOGIN vpxuser
go
use MSDB
go
CREATE USER vpxuser for LOGIN vpxuser
go
You now have a Microsoft SQL Server database that you can use with vCenter Server.
2In the vCenter Server database, create a database schema and assign it to the vCenter Server
database user.
For example, to create the schema VMW in VCDB and assign it to the vpxuser user, you can run the
following script:
use VCDB
CREATE SCHEMA VMW
go
ALTER USER vpxuser WITH DEFAULT_SCHEMA =VMW
3In the vCenter Server database, create and grant privileges to the VC_ADMIN_ROLE and
VC_USER_ROLE database roles and assign them to the vCenter Server database user.
For example, to create the roles in VCDB and assign them to the vpxuser user, you can run the
following script:
use VCDB
go
if not exists (SELECT name FROM sysusers WHERE issqlrole=1 AND name = 'VC_ADMIN_ROLE')
CREATE ROLE VC_ADMIN_ROLE;
vCenter Server Installation and Setup
VMware, Inc. 94
GRANT ALTER ON SCHEMA :: VMW to VC_ADMIN_ROLE;
GRANT REFERENCES ON SCHEMA :: VMW to VC_ADMIN_ROLE;
GRANT INSERT ON SCHEMA :: VMW to VC_ADMIN_ROLE;
GRANT CREATE TABLE to VC_ADMIN_ROLE;
GRANT CREATE VIEW to VC_ADMIN_ROLE;
GRANT CREATE Procedure to VC_ADMIN_ROLE;
if not exists (SELECT name FROM sysusers WHERE issqlrole=1 AND name = 'VC_USER_ROLE')
CREATE ROLE VC_USER_ROLE
go
GRANT SELECT ON SCHEMA :: VMW to VC_USER_ROLE
go
GRANT INSERT ON SCHEMA :: VMW to VC_USER_ROLE
go
GRANT DELETE ON SCHEMA :: VMW to VC_USER_ROLE
go
GRANT UPDATE ON SCHEMA :: VMW to VC_USER_ROLE
go
GRANT EXECUTE ON SCHEMA :: VMW to VC_USER_ROLE
go
sp_addrolemember VC_USER_ROLE , vpxuser
go
sp_addrolemember VC_ADMIN_ROLE , vpxuser
go
4In the msdb database, create and grant privileges to the VC_ADMIN_ROLE database role and assign
it to the vCenter Server database user.
For example, to create the roles and assign them to the vpxuser user, you can run the following
script:
use MSDB
go
if not exists (SELECT name FROM sysusers WHERE issqlrole=1 AND name = 'VC_ADMIN_ROLE')
CREATE ROLE VC_ADMIN_ROLE;
go
GRANT SELECT on msdb.dbo.syscategories to VC_ADMIN_ROLE
go
GRANT SELECT on msdb.dbo.sysjobsteps to VC_ADMIN_ROLE
go
GRANT SELECT ON msdb.dbo.sysjobs to VC_ADMIN_ROLE
go
GRANT SELECT ON msdb.dbo.sysjobs_view to VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_add_job TO VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_delete_job TO VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_add_jobstep TO VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_update_job TO VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_add_jobserver TO VC_ADMIN_ROLE
vCenter Server Installation and Setup
VMware, Inc. 95
go
GRANT EXECUTE ON msdb.dbo.sp_add_jobschedule TO VC_ADMIN_ROLE
go
GRANT EXECUTE ON msdb.dbo.sp_add_category TO VC_ADMIN_ROLE
go
sp_addrolemember VC_ADMIN_ROLE , vpxuser
go
Note The VC_ADMIN_ROLE role in the msdb database is required only during installation and
upgrade of vCenter Server. After the installation or upgrade, you can revoke the role and leave it as
inactive for future upgrades, or you can remove it for increased security.
5Enable database monitoring for the vCenter Server database user.
For example, to grant database disk size monitoring permissions to the vpxuser user, you can run the
following script:
use master
go
grant VIEW SERVER STATE to vpxuser
go
GRANT VIEW ANY DEFINITION TO vpxuser
go
(Optional) Use a Script to Create Microsoft SQL Server Database Objects Manually
This topic describes how to create database objects manually instead of letting the vCenter Server
installer create the data objects automatically.
Procedure
1Log in to a Microsoft SQL Server Management Studio session with the vCenter Server database user
account that you created on the vCenter Server and msdb databases.
2In the vCenter Server installation package, locate the dbschema scripts in the vCenter-
Server/dbschema directory.
3Open the VCDB_mssql.SQL and the TopN_DB_mssql.sql files by using Microsoft SQL Server
Management Studio and replace all occurrences of $schema with your schema name.
4Open the VCDB_views_mssql.sql file by using Microsoft SQL Server Management Studio and after
each occurrence of ;, insert a new line and write go.
5Run the scripts in a sequence on the database.
The DBO user must own the objects created by these scripts. Open the scripts one at a time in
Microsoft SQL Server Management Studio and press F5 to execute each script in the following order:
aVCDB_mssql.SQL
binsert_stats_proc_mssql.sql
cload_stats_proc_mssql.sql
vCenter Server Installation and Setup
VMware, Inc. 96
dpurge_stat2_proc_mssql.sql
epurge_stat3_proc_mssql.sql
fpurge_usage_stats_proc_mssql.sql
gstats_rollup1_proc_mssql.sql
hstats_rollup2_proc_mssql.sql
istats_rollup3_proc_mssql.sql
jcleanup_events_mssql.sql
kdelete_stats_proc_mssql.sql
lupsert_last_event_proc_mssql.sql
mload_usage_stats_proc_mssql.sql
nTopN_DB_mssql.sql
ocalc_topn1_proc_mssql.sql
pcalc_topn2_proc_mssql.sql
qcalc_topn3_proc_mssql.sql
rcalc_topn4_proc_mssql.sql
sclear_topn1_proc_mssql.sql
tclear_topn2_proc_mssql.sql
uclear_topn3_proc_mssql.sql
vclear_topn4_proc_mssql.sql
wrule_topn1_proc_mssql.sql
xrule_topn2_proc_mssql.sql
yrule_topn3_proc_mssql.sql
zrule_topn4_proc_mssql.sql
aa process_license_snapshot_mssql.sql
ab l_stats_rollup3_proc_mssql.sql
ac l_purge_stat2_proc_mssql.sql
ad l_purge_stat3_proc_mssql.sql
ae l_stats_rollup1_proc_mssql.sql
af l_stats_rollup2_proc_mssql.sql
ag VCDB_views_mssql.sql
6(Optional) Run the scripts to enable database health monitoring.
ajob_dbm_performance_data_mssql.sql
vCenter Server Installation and Setup
VMware, Inc. 97
bprocess_performance_data_mssql.sql
7For all supported editions of Microsoft SQL Server except Microsoft SQL Server Express, run the
scripts to set up scheduled jobs on the database.
These scripts ensure that the SQL Server Agent service is running.
ajob_schedule1_mssql.sql
bjob_schedule2_mssql.sql
cjob_schedule3_mssql.sql
djob_cleanup_events_mssql.sql
ejob_topn_past_day_mssql.sql
fjob_topn_past_week_mssql.sql
gjob_topn_past_month_mssql.sql
hjob_topn_past_year_mssql.sql
8For all the procedures you created in Step 5, grant the execute privilege to the vCenter Server
database user in the vCenter Server database.
For example, to grant execute privilege for the procedures to the vpxuser user, you can run the
following script.
grant execute on insert_stats_proc to vpxuser
grant execute on purge_stat2_proc to vpxuser
grant execute on purge_stat3_proc to vpxuser
grant execute on purge_usage_stat_proc to vpxuser
grant execute on stats_rollup1_proc to vpxuser
grant execute on stats_rollup2_proc to vpxuser
grant execute on stats_rollup3_proc to vpxuser
grant execute on cleanup_events_tasks_proc to vpxuser
grant execute on delete_stats_proc to vpxuser
grant execute on upsert_last_event_proc to vpxuser
grant execute on load_usage_stats_proc to vpxuser
grant execute on load_stats_proc to vpxuser
grant execute on calc_topn1_proc to v
grant execute on calc_topn2_proc to vpxuser
grant execute on calc_topn3_proc to vpxuser
grant execute on calc_topn4_proc to vpxuser
grant execute on clear_topn1_proc to vpxuser
grant execute on clear_topn2_proc to vpxuser
grant execute on clear_topn3_proc to vpxuser
grant execute on clear_topn4_proc to vpxuser
grant execute on rule_topn1_proc to vpxuser
grant execute on rule_topn2_proc to vpxuser
grant execute on rule_topn3_proc to vpxuser
grant execute on rule_topn4_proc to vpxuser
grant execute on process_license_snapshot_proc to vpxuser
grant execute on l_stats_rollup3_proc to vpxuser
vCenter Server Installation and Setup
VMware, Inc. 98
grant execute on l_purge_stat2_proc to vpxuser
grant execute on l_purge_stat3_proc to vpxuser
grant execute on l_stats_rollup1_proc to vpxuser
grant execute on l_stats_rollup2_proc to vpxuser
If you ran the script process_performance_data_mssql.sql in Step 5, grant the following execute
privilege to the vCenter Server database.
grant execute on process_performance_data_proc to vpxuser
You created the vCenter Server tables manually.
Note During the vCenter Server installation, when a database reinitialization warning message appears,
select Do not overwrite, leave my existing database in place and continue the installation.
Configure a SQL Server ODBC Connection
After you create and configure a SQL Server database and user for vCenter Server, you must create a
64-bit DSN on the machine on which you plan to install vCenter Server. During the vCenter Server
installation, you use the DSN to establish a connection between vCenter Server and the database.
If you use SQL Server for vCenter Server, do not use the master or any other system database.
See your Microsoft SQL ODBC documentation for specific instructions for configuring the SQL Server
ODBC connection.
Prerequisites
Deploy SQL Native Client version 10 or 11.
Procedure
1On the machine on which you plan to install vCenter Server, select Start > Administrative Tools >
Data Sources (ODBC).
2On the System DSN tab, modify an existing or create a new SQL Server ODBC connection.
nTo modify an existing SQL Server ODBC connection, select the connection from the System Data
Source list and click Configure.
Important The existing DSN must use SQL Native Client version 10 or 11.
nTo create a new SQL Server ODBC connection, click Add, select SQL Native Client, and click
Finish .
3In the Name text box, enter an ODBC data source name (DSN).
For example, VMware vCenter Server.
4(Optional) In the Description text box, enter an ODBC DSN description.
vCenter Server Installation and Setup
VMware, Inc. 99
5In the Server text box, enter the IP address or FQDN of the SQL Server and, if you want to use a
non-default port to access the SQL Server, enter a custom port separated by a comma.
For example, if the IP address of your SQL Server is 10.160.10.160 and you want to access the
server by using custom port 8347, enter 10.160.10.160,8347.
Note You cannot use a database server alias to create a DSN.
6Select an authentication method.
nIntegrate Windows authentication.
Additionally, you can also enter the Service Principal Name (SPN).
Important You cannot use this option if the vCenter Server service is running under the
Microsoft Windows built-in system account.
nSQL Server authentication.
Enter your SQL Server login name and password.
7Select the database created for the vCenter Server system from the Change the default database
to menu.
8Click Finish.
9Test the data source by selecting Test Data Source and clicking OK from the ODBC Microsoft SQL
Server Setup menu.
10 Verify that the SQL Agent is running on your database server.
Configure Microsoft SQL Server TCP/IP for JDBC
If the Microsoft SQL Server database has TCP/IP disabled and the dynamic ports are not set, the JDBC
connection remains closed. The closed connection causes the vCenter Server statistics to malfunction.
You can configure the server TCP/IP for JDBC.
This task applies to remote Microsoft SQL Server database servers. You can skip this task if your
database is located on the same machine as vCenter Server.
Procedure
1Select Start > All Programs > Microsoft SQL Server > Configuration Tool > SQL Server
Configuration Manager.
2Select SQL Server Network Configuration > Protocols for Instance name.
3Enable TCP/IP.
4Open TCP/IP Properties.
vCenter Server Installation and Setup
VMware, Inc. 100
5On the Protocol tab, make the following entries.
Enabled Yes
Listen All Yes
Keep Alive 30000
6On the IP Addresses tab, make the following selections.
Active Yes
TCP Dynamic Ports 0
7Restart the SQL Server service from SQL Server Configuration Manager > SQL Server Services.
8Start the SQL Server Browser service from SQL Server Configuration Manager > SQL Server
Services.
Configure Oracle Databases
To use an Oracle database for your vCenter Server repository, configure your database to work with
vCenter Server.
You can install and configure the Oracle database on the same machine on which you plan to install
vCenter Server. You can install and configure the Oracle database on a separate machine.
Procedure
1Prepare the vCenter Server Oracle Database
To use an Oracle database with vCenter Server, you must create the database with certain
tablespaces and privileges, and the database user with certain permissions.
2(Optional) Use a Script to Create the Oracle Database Schema
The vCenter Server installer creates the schema during installation. For experienced database
administrators who need more control over schema creation because of environmental constraints,
you can optionally use a script to create your database schema.
3Create a Net Service Name
To configure an Oracle ODBC DSN, you must have a net service name for your database. On the
machine on which your Oracle database is running, you must create a net service name for the
vCenter Server tablespace.
4Configure an Oracle ODBC Connection
After you create and configure an Oracle database and user for vCenter Server, you must create a
64-bit DSN on the machine on which you plan to install vCenter Server. During the vCenter Server
installation, you use the DSN to establish a connection between vCenter Server and the database.
Prepare the vCenter Server Oracle Database
To use an Oracle database with vCenter Server, you must create the database with certain tablespaces
and privileges, and the database user with certain permissions.
vCenter Server Installation and Setup
VMware, Inc. 101
You must first create a tablespace and user for vCenter Server. Then you grant permissions to the
database user. You must also enable database monitoring for the user before you install vCenter Server.
See Database Permission Requirements for vCenter Server.
To perform the following procedure, you can either use the graphical user interface or run scripts. The
vCenter Server installer package contains example scripts in the vCenter-
Server\dbschema\DB_and_schema_creation_scripts_PostgreSQL.txt file.
Prerequisites
Log in to a SQL*Plus session with the system account.
Procedure
1Create a tablespace for vCenter Server.
For example, to create the tablespace VPX, you can run the following script:
CREATE SMALLFILE TABLESPACE "VPX" DATAFILE 'C:\database_path\vpx01.dbf'
SIZE 1G AUTOEXTEND ON NEXT 10M MAXSIZE UNLIMITED LOGGING EXTENT MANAGEMENT LOCAL SEGMENT
SPACE MANAGEMENT AUTO;
2Create a database user with the correct permissions for vCenter Server.
For example, to create the VPXADMIN user, you can run the following script:
CREATE USER "VPXADMIN" PROFILE "DEFAULT" IDENTIFIED BY "oracle" DEFAULT TABLESPACE "VPX" ACCOUNT
UNLOCK;
grant connect to VPXADMIN;
grant resource to VPXADMIN;
grant create view to VPXADMIN;
grant create sequence to VPXADMIN;
grant create table to VPXADMIN;
grant create materialized view to VPXADMIN;
grant execute on dbms_lock to VPXADMIN;
grant execute on dbms_job to VPXADMIN;
grant select on dba_lock to VPXADMIN;
grant select on dba_tablespaces to VPXADMIN;
vCenter Server Installation and Setup
VMware, Inc. 102
grant select on dba_temp_files to VPXADMIN;
grant select on dba_data_files to VPXADMIN;
grant select on v_$session to VPXADMIN;
grant unlimited tablespace to VPXADMIN;
By default, the RESOURCE role has the CREATE PROCEDURE, CREATE TABLE, and CREATE
SEQUENCE privileges assigned. If the RESOURCE role lacks these privileges, grant them to the
vCenter Server database user.
Note Instead of granting unlimited tablespace, you can set a specific tablespace quota. The
recommended quota is unlimited with a minimum of at least 500MB. To set an unlimited quota, use
the following command.
alter user "VPXADMIN" quota unlimited on "VPX";
If you set a limited quota, monitor the remaining available tablespace to avoid the following error.
ORA-01536: space quota exceeded for tablespace 'tablespace'
You now have an Oracle database user for vCenter Server.
3Enable database monitoring for the vCenter Server database user.
For example, to grant database disk size monitoring permissions to the VPXADMIN user, you can run
the following script:
grant select on v_$system_event to VPXADMIN;
grant select on v_$sysmetric_history to VPXADMIN;
grant select on v_$sysstat to VPXADMIN;
grant select on dba_data_files to VPXADMIN;
grant select on v_$loghist to VPXADMIN;
(Optional) Use a Script to Create the Oracle Database Schema
The vCenter Server installer creates the schema during installation. For experienced database
administrators who need more control over schema creation because of environmental constraints, you
can optionally use a script to create your database schema.
Procedure
1Open a SQL*Plus window with a user that has schema owner rights on the vCenter Server database.
2Locate the dbschema scripts in the vCenter Server installation package /installation
directory/vCenter-Server/dbschema directory.
3In SQL*Plus, run the scripts in a sequence on the database.
aVCDB_oracle.SQL
bVCDB_views_oracle.SQL
cinsert_stats_proc_oracle.sql
vCenter Server Installation and Setup
VMware, Inc. 103
dload_stats_proc_oracle.sql
epurge_stat2_proc_oracle.sql
fpurge_stat3_proc_oracle.sql
gpurge_usage_stats_proc_oracle.sql
hstats_rollup1_proc_oracle.sql
istats_rollup2_proc_oracle.sql
jstats_rollup3_proc_oracle.sql
kcleanup_events_oracle.sql
ldelete_stats_proc_oracle.sql
mload_usage_stats_proc_oracle.sql
nTopN_DB_oracle.sql
ocalc_topn1_proc_oracle.sql
pcalc_topn2_proc_oracle.sql
qcalc_topn3_proc_oracle.sql
rcalc_topn4_proc_oracle.sql
sclear_topn1_proc_oracle.sql
tclear_topn2_proc_oracle.sql
uclear_topn3_proc_oracle.sql
vclear_topn4_proc_oracle.sql
wrule_topn1_proc_oracle.sql
xrule_topn2_proc_oracle.sql
yrule_topn3_proc_oracle.sql
zrule_topn4_proc_oracle.sql
aa process_license_snapshot_oracle.sql
ab l_purge_stat2_proc_oracle.sql
ac l_purge_stat3_proc_oracle.sql
ad l_stats_rollup1_proc_oracle.sql
ae l_stats_rollup2_proc_oracle.sql
af l_stats_rollup3_proc_oracle.sql
4(Optional) You can also run the following scripts to enable database health monitoring.
ajob_dbm_performance_data_oracle.sql
bprocess_performance_data_oracle.sql
vCenter Server Installation and Setup
VMware, Inc. 104
5For all supported editions of Oracle Server, run the scripts to set up scheduled jobs on the database.
ajob_schedule1_oracle.sql
bjob_schedule2_oracle.sql
cjob_schedule3_oracle.sql
djob_cleanup_events_oracle.sql
ejob_topn_past_day_oracle.sql
fjob_topn_past_week_oracle.sql
gjob_topn_past_month_oracle.sql
hjob_topn_past_year_oracle.sql
You created the vCenter Server tables manually.
Note During the vCenter Server installation, when a database reinitialization warning message appears,
select Do not overwrite, leave my existing database in place and continue the installation.
Create a Net Service Name
To configure an Oracle ODBC DSN, you must have a net service name for your database. On the
machine on which your Oracle database is running, you must create a net service name for the
vCenter Server tablespace.
Procedure
1Use a text editor or the Net8 Configuration Assistant to open the tnsnames.ora file located in the
directory C:\Oracle\Oraxx\NETWORK\ADMIN, where xx is either 10g or 11g.
2Add the following entry, where HOST is the managed host to which the client must connect.
VPX_TNS =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS=(PROTOCOL=TCP)(HOST=vpxd-Oracle)(PORT=1521))
)
(CONNECT_DATA =
(SERVICE_NAME = ORCL)
)
)
Configure an Oracle ODBC Connection
After you create and configure an Oracle database and user for vCenter Server, you must create a 64-bit
DSN on the machine on which you plan to install vCenter Server. During the vCenter Server installation,
you use the DSN to establish a connection between vCenter Server and the database.
Prerequisites
Install the Oracle Client 11.2.0.3 p16656151 (Patch 19) or later, 11.2.0.4, 12.1.0.1.12 or later, or 12.1.0.2.
vCenter Server Installation and Setup
VMware, Inc. 105
Procedure
1On the machine on which you plan to install vCenter Server, select Start > Administrative Tools >
Data Sources (ODBC).
2On the System DSN tab, modify an existing or create a new Oracle ODBC connection.
nTo modify an existing Oracle ODBC connection, select the connection from the System Data
Source list and click Configure.
nTo create an Oracle ODBC connection, click Add, select the Oracle client, and click Finish.
3In the Data Source Name text box, enter an ODBC data source name (DSN).
For example, VMware vCenter Server.
4(Optional) In the Description text box, enter an ODBC DSN description.
5In the TNS Service Name text box, enter the net service name for the database to which you want to
connect.
For example, VPX_TNS.
This is the net service name that you previously configured in the tnsnames.ora file that is located in
the NETWORK\ADMIN folder in the Oracle database installation location.
6In the User ID text box, enter the database user name for vCenter Server.
For example, VPXADMIN.
7Click Test Connection.
8In the Password text box, enter the password of the database user and click OK.
If you configured the DNS correctly, the Connection successful message appears.
9Click OK.
Database Permission Requirements for vCenter Server
vCenter Server requires a database. If you decide to use an external Oracle or Microsoft SQL Server
database, when you create the database, you must grant certain permissions to the database user.
Table 36. Microsoft SQL Database Permissions for vCenter Server
Permission Description
GRANT ALTER ON SCHEMA :: [VMW] TO VC_ADMIN_ROLE Mandatory when you work with SQL Server custom schema.
GRANT REFERENCES ON SCHEMA :: [VMW] TO
VC_ADMIN_ROLE
Mandatory when you work with SQL Server custom schema.
GRANT INSERT ON SCHEMA :: [VMW] TO
VC_ADMIN_ROLE
Mandatory when you work with SQL Server custom schema.
GRANT CREATE TABLE TO VC_ADMIN_ROLE Necessary for creating a table.
GRANT CREATE VIEW TO VC_ADMIN_ROLE Necessary for creating a view.
GRANT CREATE PROCEDURE TO VC_ADMIN_ROLE Necessary for creating a stored procedure.
vCenter Server Installation and Setup
VMware, Inc. 106
Table 36. Microsoft SQL Database Permissions for vCenter Server (Continued)
Permission Description
GRANT SELECT ON SCHEMA :: [VMW] TO VC_USER_ROLE Permissions that let you run SELECT, INSERT, DELETE,
UPDATE operations on tables which are part of the VMW
schema.
GRANT INSERT ON SCHEMA :: [VMW] TO VC_USER_ROLE
GRANT DELETE ON SCHEMA :: [VMW] TO VC_USER_ROLE
GRANT UPDATE ON SCHEMA :: [VMW] TO VC_USER_ROLE
GRANT EXECUTE ON SCHEMA :: [VMW] TO
VC_USER_ROLE
Necessary for running a stored procedure in the db schema.
GRANT SELECT ON msdb.dbo.syscategories TO
VC_ADMIN_ROLE
Necessary for deploying SQL Server jobs.
These permissions are mandatory only during installation and
upgrade and not required after deployment.
GRANT SELECT ON msdb.dbo.sysjobsteps
TOVC_ADMIN_ROLE
GRANT SELECT ON msdb.dbo.sysjobs TO
VC_ADMIN_ROLE
GRANT EXECUTE ON msdb.dbo.sp_add_job TO
VC_ADMIN_ROLE
GRANT EXECUTE ON msdb.dbo.sp_delete_job TO
VC_ADMIN_ROLE
GRANT EXECUTE ON msdb.dbo.sp_add_jobstep TO
VC_ADMIN_ROLE
GRANT EXECUTE ON msdb.dbo.sp_update_job TO
VC_ADMIN_ROLE
GRANT EXECUTE ON msdb.dbo.sp_add_jobserver TO
VC_ADMIN_ROLE
GRANT EXECUTE ON msdb.dbo.sp_add_jobschedule TO
VC_ADMIN_ROLE
GRANT EXECUTE ON msdb.dbo.sp_add_category TO
VC_ADMIN_ROLE
GRANT VIEW SERVER STATE TO [vpxuser] Provides access to SQL Server DMV views and sp_lock
execution.
GRANT VIEW ANY DEFINITION TO [vpxuser] Necessary for providing the user with the privileges to see
metadata for SQL Server objects.
Table 37. Oracle Database Permissions for vCenter Server
Permission Description
GRANT CONNECT TO VPXADMIN Necessary for connecting to the Oracle database.
GRANT RESOURCE TO VPXADMIN Necessary for creating a trigger, sequence, type, procedure, and
so on.
By default, the RESOURCE role has the CREATE
PROCEDURE, CREATE TABLE, and CREATE SEQUENCE
privileges assigned. If the RESOURCE role lacks these
privileges, grant them to the vCenter Server database user.
GRANT CREATE VIEW TO VPXADMIN Necessary for creating a view.
vCenter Server Installation and Setup
VMware, Inc. 107
Table 37. Oracle Database Permissions for vCenter Server (Continued)
Permission Description
GRANT CREATE SEQUENCE TO VPXADMIN Necessary for creating a sequence.
GRANT CREATE TABLE TO VPXADMIN Necessary for creating a table.
GRANT CREATE MATERIALIZED VIEW TO VPXADMIN Necessary for creating a materialized view.
GRANT EXECUTE ON dbms_lock TO VPXADMIN Necessary for guaranteeing that the vCenter Server database is
used by a single vCenter Server instance.
GRANT EXECUTE ON dbms_job TO VPXADMIN Necessary during installation or upgrade for scheduling and
managing the SQL jobs.
This permission is not required after deployment.
GRANT SELECT ON dba_lock TO VPXADMIN Necessary for determining existing locks on the vCenter Server
database.
GRANT SELECT ON dba_tablespaces TO VPXADMIN Necessary during upgrade for determining the required disk
space.
This permission is not required after deployment.
GRANT SELECT ON dba_temp_files TO VPXADMIN Necessary during upgrade for determining the required disk
space.
This permission is not required after deployment.
GRANT SELECT ON dba_data_files TO VPXADMIN Necessary for monitoring the free space while vCenter Server is
working.
GRANT SELECT ON v_$session TO VPXADMIN View used to determine existing locks on the vCenter Server
database.
GRANT UNLIMITED TABLESPACE TO VPXADMIN Necessary for granting unlimited tablespace permissions to the
vCenter Server database user.
GRANT SELECT ON v_$system_event TO VPXADMIN Necessary for checking log file switches.
GRANT SELECT ON v_$sysmetric_history TO VPXADMIN Necessary for checking the CPU utilization.
GRANT SELECT ON v_$sysstat TO VPXADMIN Necessary for determining the Buffer Cache Hit Ratio.
GRANT SELECT ON dba_data_files TO VPXADMIN Necessary for determining the tablespace utilization.
GRANT SELECT ON v_$loghist TO VPXADMIN Necessary for checking the checkpoint frequency.
The privileges on the master database are used to monitor the vCenter Server database. so that, for
example, if a certain threshold is reached, you can see an alert.
Verify That vCenter Server Can Communicate with the Local Database
If your database is on the same machine on which vCenter Server is to be installed, and you changed the
machine name, verify the configuration. Make sure that the vCenter Server DSN is configured to
communicate with the new name of the machine.
Changing the vCenter Server computer name impacts database communication if the database server is
on the same computer with vCenter Server. If you changed the machine name, you can verify that
communication remains intact.
vCenter Server Installation and Setup
VMware, Inc. 108
If your database is remote, you can skip this procedure. The name change has no effect on
communication with remote databases.
After you rename the server, verify with your database administrator or the database vendor that all
components of the database are working.
Prerequisites
nMake sure that the database server is running.
nMake sure that the vCenter Server computer name is updated in the domain name service (DNS).
Procedure
1Update the data source information, as needed.
2To test this condition, ping the computer name.
For example, if the computer name is host-1.company.com, run the following command at the
Windows command prompt:
ping host-1.company.com
If you can ping the computer name, the name is updated in DNS.
vCenter Server communication is confirmed. You can continue to prepare other components of your
environment.
Maintaining a vCenter Server Database
After your vCenter Server database instance and vCenter Server are installed and operational, perform
standard database maintenance processes.
The standard database maintenance processes include the following:
nMonitoring the growth of the log file and compacting the database log file, as needed.
nScheduling regular backups of the database.
nBacking up the database before any vCenter Server upgrade.
See your database vendor's documentation for specific maintenance procedures and support.
Synchronizing Clocks on the vSphere Network
Verify that all components on the vSphere network have their clocks synchronized. If the clocks on the
machines in your vSphere network are not synchronized, SSL certificates, which are time-sensitive, might
not be recognized as valid in communications between network machines.
Unsynchronized clocks can result in authentication problems, which can cause the installation to fail or
prevent the vCenter Server Appliance vpxd service from starting.
Verify that any Windows host machine on which vCenter Server runs is synchronized with the Network
Time Server (NTP) server. See the Knowledge Base article http://kb.vmware.com/kb/1318.
vCenter Server Installation and Setup
VMware, Inc. 109
To synchronize ESXi clocks with an NTP server, you can use the VMware Host Client. For information
about editing the time configuration of an ESXi host, see vSphere Single Host Management.
Using a User Account for Running vCenter Server
You can use the Microsoft Windows built-in system account or a user account to run vCenter Server. With
a user account, you can enable Windows authentication for SQL Server, and it provides more security.
The user account must be an administrator on the local machine. In the installation wizard, you specify
the account name as DomainName\Username. You must configure the SQL Server database to allow the
domain account access to SQL Server.
The Microsoft Windows built-in system account has more permissions and rights on the server than the
vCenter Server system needs, which can contribute to security problems.
Important If the vCenter Server service is running under the Microsoft Windows built-in system account,
when using Microsoft SQL Server, vCenter Server supports only DSNs with SQL Server authentication.
For SQL Server DSNs configured with Windows authentication, use the same user account for the
VMware VirtualCenter Management Webservices service and the DSN user.
If you do not plan to use Microsoft Windows authentication for SQL Server or you are using an Oracle
database, you might still want to set up a local user account for the vCenter Server system. The only
requirement is that the user account is an administrator on the local machine and the account must be
granted the Log on as a service privilege.
Note Starting with vSphere 6.5, the vCenter Server services are not standalone services under Windows
SCM, instead they run as child processes of the VMware Service Lifecycle Manager service.
Installing vCenter Server on IPv6 Machines
Starting with vSphere 6.5, vCenter Server supports mixed IPv4 and IPv6 environments.
You can connect vCenter Server with an IPv4 address to vCenter Server with an IPv6 address. When you
install vCenter Server with an IPv6 address, use the fully qualified domain name (FQDN) or host name of
the machine on which you install vCenter Server. When you install vCenter Server with an IPv4 address,
the best practice is to use the fully qualified domain name (FQDN) or host name of the machine on which
you install vCenter Server, because the IP address can change if assigned by DHCP.
Running the vCenter Server Installer from a Network Drive
You can run the vCenter Server installer from a network drive, but you cannot install the software on a
network drive.
In Windows, you can run the installers from the network drive and install the software on the local
machine.
vCenter Server Installation and Setup
VMware, Inc. 110
Required Information for Installing vCenter Server or
Platform Services Controller on Windows
When you install vCenter Server with an embedded Platform Services Controller,
Platform Services Controller, or vCenter Server with an external Platform Services Controller, the wizard
prompts you for the installation information. It is a best practice to keep a record of the values that you
entered in case you must reinstall the product.
You can use this worksheet to record the information that you need for the installation of vCenter Server
with an embedded Platform Services Controller, Platform Services Controller, or vCenter Server with an
external Platform Services Controller.
Table 38. Required Information for Installing vCenter Server or Platform Services Controller
on Windows
Required for Required Information Default Your Entry
All deployment types System name of the local system
A system name to use for managing the local system. The
system name must be an FQDN. If a DNS is not available,
provide a static IP address.
-
nvCenter Server with an
embedded
Platform Services
Controller
nPlatform Services
Controller as the first
instance in a new domain
Name for the new vCenter Single Sign-On domain vsphere.loc
al
User name administrato
r
You cannot change
the default user name
during installation.
Password for the vCenter Single Sign-On administrator
account
The password must be at least 8 characters, but no more
than 20 characters in length.
The password must conform to the following requirements:
nMust contain at least one uppercase letter.
nMust contain at least one lowercase letter.
nMust contain at least one number.
nMust contain at least one special character, such as
ampersand (&), hash key (#), and percent sign (%).
-
Site name
A name for the vCenter Single Sign-On site.
Default-
First-Site
nvCenter Server with an
external
Platform Services
Controller
nPlatform Services
Controller as a
subsequent instance in
an existing domain
FQDN or IP address of the Platform Services Controller
instance that you want to join
You must join a Platform Services Controller instance of
the same version.
-
HTTPS port of the Platform Services Controller instance 443
Password of the vCenter Single Sign On administrator user
for the domain
-
vCenter Single Sign-On site name
You can join an existing site or create a new site.
-
vCenter Server Installation and Setup
VMware, Inc. 111
Table 38. Required Information for Installing vCenter Server or Platform Services Controller
on Windows (Continued)
Required for Required Information Default Your Entry
nvCenter Server with an
embedded
Platform Services
Controller
nvCenter Server with an
external
Platform Services
Controller
vCenter Server service account information
Can be the Windows local system account or a user
service account.
Note Starting with vSphere 6.5, the vCenter Server
services run as child processes of the VMware Service
Lifecycle Manager service.
Windows
local system
account
Account user name
Only if you use a user service account
-
Account password
Only if you use a user service account
-
nvCenter Server with an
embedded
Platform Services
Controller
nvCenter Server with an
external
Platform Services
Controller
vCenter Server database
Can be the embedded VMware Postgres database or an
existing external database
embedded
Postgres
database
Data source name (DSN)
Only if you use an existing external database. Leading and
trailing spaces are not supported. Remove spaces from the
beginning or end of the DSN.
-
Database user name
Only if you use an existing external database. Non-ASCII
characters are not supported.
-
Database password
Only if you use an existing external database.
-
All deployment types HTTP port 80
HTTPS port 443
Syslog Service port 514
Syslog Service TLS port 1514
nvCenter Server with an
embedded
Platform Services
Controller
nPlatform Services
Controller
Secure Token Service port 7444
nvCenter Server with an
embedded
Platform Services
Controller
nvCenter Server with an
external
Platform Services
Controller
Auto Deploy Management port 6502
Auto Deploy Service port 6501
ESXi Dump Collector port 6500
ESXi Heartbeat port 902
vSphere Web Client port 9443
vCenter Server Installation and Setup
VMware, Inc. 112
Table 38. Required Information for Installing vCenter Server or Platform Services Controller
on Windows (Continued)
Required for Required Information Default Your Entry
All deployment types Destination folder
nThe folder in which to install vCenter Server or
Platform Services Controller
nThe folder in which to store data for vCenter Server or
Platform Services Controller
The installation paths cannot contain non-ASCII
characters, commas (,), periods (.), exclamation points (!),
pound signs (#), at signs (@), or percentage signs (%).
nThe
default
installati
on
folder is
C:\Pro
gram
File
s\VMwa
re.
nThe
default
folder
for data
storage
is
C:\Pro
gramDa
ta\VMw
are.
nvCenter Server with an
embedded
Platform Services
Controller
nPlatform Services
Controller
Join or do not participate in the VMware Customer
Experience Improvement Program (CEIP)
For information about the CEIP, see the Configuring
Customer Experience Improvement Program section in
vCenter Server and Host Management.
Join the
CEIP
Installing vCenter Server and Platform Services Controller
on Windows
You can install vCenter Server with an embedded Platform Services Controller,
Platform Services Controller, or vCenter Server with an external Platform Services Controller on a
Windows virtual or physical machine.
You download the vCenter Server installer ISO file, mount it to the Windows host machine on which you
want to perform the installation, start the installation wizard, and provide the inputs that required for the
installation and setup.
Before installing vCenter Server that uses an external database, you must prepare your database. See
Preparing vCenter Server Databases for Install.
Important For topologies with external Platform Services Controller instances, you must install the
replicating Platform Services Controller instances in a sequence. After the successful deployment of all
Platform Services Controller instances in the domain, you can perform concurrent installations of multiple
vCenter Server instances that point to a common external Platform Services Controller instance.
vCenter Server Installation and Setup
VMware, Inc. 113
Install vCenter Server with an Embedded
Platform Services Controller
You can deploy vCenter Server, the vCenter Server components, and the Platform Services Controller on
one virtual machine or physical server.
After you deploy vCenter Server with an embedded Platform Services Controller, you can reconfigure
your topology and switch to vCenter Server with an external Platform Services Controller. This is a one-
way process after which you cannot switch back to vCenter Server with an embedded
Platform Services Controller. You can repoint the vCenter Server instance only to an external
Platform Services Controller that is configured to replicate the infrastructure data within the same domain.
Figure 31. vCenter Server with an Embedded Platform Services Controller
Platform Services
Controller
Virtual Machine or Physical Server
vCenter Server
Prerequisites
nVerify that your system meets the minimum software and hardware requirements. See vCenter
Server for Windows Requirements.
nDownload the vCenter Server Installer for Windows.
nIf you want to use the vSphere Web Client on the host machine on which you install vCenter Server,
verify that Adobe Flash Player version 11.9 or later is installed on the system.
Procedure
1In the software installer directory, double-click the autorun.exe file to start the installer.
2Select vCenter Server for Windows and click Install.
3Follow the prompts of the installation wizard to review the welcome page and accept the license
agreement.
4Select vCenter Server and Embedded Platform Services Controller, and click Next.
5Enter the system network name, preferably an FQDN, and click Next.
You can also enter an IP address. If you enter an IP address, provide a static IP address.
Important Make sure the FQDN or IP address that you provide does not change. The system name
cannot be changed after deployment. If the system name changes, you must uninstall vCenter Server
and install it again.
vCenter Server Installation and Setup
VMware, Inc. 114
6Set up the new vCenter Single Sign-On domain and click Next.
a Enter the domain name, for example vsphere.local.
b Set the password for the vCenter Single Sign-On administrator account.
This is the password for the user administrator@your_domain_name. After installation, you can
log in to vCenter Single Sign-On and to vCenter Server as adminstrator@your_domain_name.
7Select the vCenter Server service account and click Next.
Note Starting with vSphere 6.5, the vCenter Server services are not standalone services under
Windows SCM, instead they run as child processes of the VMware Service Lifecycle Manager
service.
Option Description
Use Windows Local System Account The vCenter Server service runs in the Windows Local System account.
This option prevents you from connecting to an external database by using
Windows integrated authentication.
Specify a user service account The vCenter Server service runs in an administrative user account with a user
name and password that you provide.
Important The user credentials that you provide must be of a user who is in the
local administrator group and who has the Log on as a service privilege.
8Select the type of database that you want to use and click Next.
Option Description
Use an embedded database
(PostgreSQL)
vCenter Server uses the embedded PostgreSQL database. This database is
suitable for small scale deployments.
Use an external database vCenter Server uses an existing external database.
a Select your database from the list of available DSNs.
b Type the user name and the password for the DSN.
If your database uses Windows NT authentication, the user name and password
text boxes are disabled.
9For each component, accept the default port numbers, or if another service is using the defaults,
enter alternative ports, and click Next.
Make sure that ports 80 and 443 are free and dedicated, so that vCenter Single Sign-On can use
these ports. Otherwise, use custom ports during installation.
10 (Optional) Change the default destination folders and click Next.
Important Do not use folders that end with an exclamation mark (!).
11 Review the VMware Customer Experience Improvement Program (CEIP) page and choose if you
want to join the program.
For information about the CEIP, see the Configuring Customer Experience Improvement Program
section in vCenter Server and Host Management.
vCenter Server Installation and Setup
VMware, Inc. 115
12 Click Next.
13 Review the summary of the installation settings and click Install to start the installation.
14 (Optional) After the installation finishes, click Launch vSphere Web Client to start the vSphere Web
Client and log in to vCenter Server.
15 Click Finish to close the installer.
vCenter Server, the vCenter Server components, and the Platform Services Controller are installed.
Install a Platform Services Controller on Windows
Before installing vCenter Server with an external Platform Services Controller, you install a
Platform Services Controller. The Platform Services Controller contains the common services, such as
vCenter Single Sign-On and the License service, which can be shared across several vCenter Server
instances.
You can install many Platform Services Controllers of the same version and join them as replicating
partners in the same vCenter Single Sign-On domain. Concurrent installations of replicating
Platform Services Controllers are not supported. You must install the Platform Services Controllers in the
domain in a sequence.
Important If you want to replace the VMCA-signed certificate with a CA-signed certificate, install the
Platform Services Controller first, and then include VMCA in the certificate chain and generate new
certificates from VMCA that are signed by the whole chain. You can then install vCenter Server. For
information about managing vCenter Server certificates, see Platform Services Controller Administration.
Prerequisites
nVerify that your system meets the minimum software and hardware requirements. See vCenter
Server for Windows Requirements.
nDownload the vCenter Server Installer for Windows.
Procedure
1In the software installer directory, double-click the autorun.exe file to start the installer.
2Select vCenter Server for Windows and click Install.
3Follow the prompts of the installation wizard to review the welcome page and accept the license
agreement.
4Select Platform Services Controller and click Next.
vCenter Server Installation and Setup
VMware, Inc. 116
5Enter the system name, preferably an FQDN, and click Next.
You can also enter an IP address. If you enter an IP address, provide a static IP address.
Important When you provide an FQDN or an IP address as the system name of the
Platform Services Controller, make sure that the FQDN or IP address does not change. If the FQDN
or IP address of the host machine changes, you have to reinstall the Platform Services Controller and
the vCenter Server instances registered with it. The FQDN or IP address of the
Platform Services Controller is used to generate an SSL certificate for the
Platform Services Controller host machine.
6Create a new vCenter Single Sign-On domain or join an existing domain.
Option Description
Create a new Single Sign-On domain Creates a new vCenter Single Sign-On domain.
a Enter the domain name, for example vsphere.local.
b Set the password for the vCenter Single Sign-On administrator account.
This is the password for the user administrator@your_domain_name.
c Enter the site name for vCenter Single Sign-On.
The site name is important if you are using vCenter Single Sign-On in multiple
locations. Choose your own name for the vCenter Single Sign-On site. You
cannot change the name after installation.
The supported characters are alphanumeric characters and dash (-).
d Confirm the administrator password, and click Next.
Join an existing vCenter Single Sign-
On domain
Joins a new vCenter Single Sign-On server to a vCenter Single Sign-On domain
in an existing Platform Services Controller. You must provide the information
about the vCenter Single Sign-On server to which you join the new vCenter
Single Sign-On server.
a Enter the fully qualified domain name (FQDN) or IP address of the
Platform Services Controller that contains the vCenter Single Sign-On server
to join.
b Enter the HTTPS port to use for communication with the
Platform Services Controller.
c Enter the domain name for the vCenter Single Sign-On you are joining, for
example vsphere.local.
d Enter the password of the vCenter Single Sign-On administrator account.
e Click Next.
7Click Next.
8For each component, accept the default port numbers, or if another service is using the defaults,
enter alternative ports, and click Next.
Make sure that ports 80 and 443 are free and dedicated, so that vCenter Single Sign-On can use
these ports. Otherwise, use custom ports during installation.
9(Optional) Change the default destination folders and click Next.
Important Do not use folders that end with an exclamation mark (!).
vCenter Server Installation and Setup
VMware, Inc. 117
10 Review the VMware Customer Experience Improvement Program (CEIP) page and choose if you
want to join the program.
For information about the CEIP, see the Configuring Customer Experience Improvement Program
section in vCenter Server and Host Management.
11 Review the summary of the installation settings and click Install to start the installation.
12 After the installation completes, click Finish to close the i nstaller.
The Platform Services Controller is installed.
What to do next
Install vCenter Server on another Windows virtual machine or physical server and register vCenter Server
and the vCenter Server components to the Platform Services Controller.
Install vCenter Server with an External
Platform Services Controller on Windows
After you install a Platform Services Controller on a Windows host machine, or deploy a
Platform Services Controller appliance, you can install vCenter Server and the vCenter Server
components and connect the vCenter Server instance to the deployed Platform Services Controller.
Prerequisites
nVerify that your system meets the minimum software and hardware requirements. See vCenter
Server for Windows Requirements.
nDownload the vCenter Server Installer for Windows.
nIf you want to use the vSphere Web Client on the host machine on which you install vCenter Server,
verify that Adobe Flash Player version 11.9 or later is installed on the system.
Procedure
1In the software installer directory, double-click the autorun.exe file to start the installer.
2Select vCenter Server for Windows and click Install.
3Follow the prompts of the installation wizard to review the welcome page and accept the license
agreement.
4Select vCenter Server and click Next.
5Enter the system network name, preferably a static IP address, and click Next.
Important The name that you type is encoded in the SSL certificate of the system. The components
communicate with each other by using this name. The system name must be either a static IP
address or a fully qualified domain name (FQDN). Make sure that the system name does not change.
You cannot change the system name after the installation completes.
vCenter Server Installation and Setup
VMware, Inc. 118
6Provide the system name of the Platform Services Controller that you already installed or deployed,
the HTTPS port to use for communication with the vCenter Single Sign-On server, as well as the
vCenter Single Sign-On password, and click Next.
Important Make sure that you use either the IP address or the FQDN that you provided during the
installation of the Platform Services Controller. If you provided the FQDN as a system name of the
Platform Services Controller, you cannot use an IP address, and the reverse. When a service from
vCenter Server connects to a service running in the Platform Services Controller, the certificate is
verified. If the IP address or FQDN changes, the verification fails and vCenter Server cannot connect
to the Platform Services Controller.
7Approve the certificate provided by the remote machine.
8Select the vCenter Server service account and click Next.
Note Starting with vSphere 6.5, the vCenter Server services are not standalone services under
Windows SCM, instead they run as child processes of the VMware Service Lifecycle Manager
service.
Option Description
Use Windows Local System Account The vCenter Server service runs in the Windows Local System account.
This option prevents you from connecting to an external database by using
Windows integrated authentication.
Specify a user service account The vCenter Server service runs in an administrative user account with a user
name and password that you provide.
Important The user credentials that you provide must be of a user who is in the
local administrator group and who has the Log on as a service privilege.
9Select the type of database that you want to use and click Next.
Option Description
Use an embedded database
(PostgreSQL)
vCenter Server uses the embedded PostgreSQL database. This database is
suitable for small scale deployments.
Use an external database vCenter Server uses an existing external database.
a Select your database from the list of available DSNs.
b Type the user name and the password for the DSN.
If your database uses Windows NT authentication, the user name and password
text boxes are disabled.
10 For each component, accept the default port numbers, or if another service is using the defaults,
enter alternative ports, and click Next.
11 (Optional) Change the default destination folders and click Next.
Important Do not use folders that end with an exclamation mark (!).
12 Review the summary of the installation settings and click Install to start the installation.
vCenter Server Installation and Setup
VMware, Inc. 119
13 (Optional) After the installation finishes, click Launch vSphere Web Client to start the vSphere Web
Client and log in to vCenter Server.
14 Click Finish to close the installer.
vCenter Server is installed in evaluation mode. You can activate vCenter Server by using the
vSphere Web Client. For information about activating vCenter Server, see vCenter Server and Host
Management.
Installing vCenter Server in an Environment with Multiple NICs
If you want to install vCenter Server with an externalPlatform Services Controller in an environment with
multiple NICs, you must keep a record of the IP addresses or FQDNs that you use as system network
names.
For example, if you want to install a Platform Services Controller on one virtual machine and
vCenter Server on another virtual machine and each virtual machine has two NICs, you can use the
following workflow:
1 Install a Platform Services Controller on one of the virtual machines and use one of its IP addresses
or FQDNs as a system network name.
2 On the other virtual machine, start the installation of vCenter Server and use one of its IP addresses
or FQDNs as a system network name.
3 When prompted to provide the system network name of the Platform Services Controller, enter the IP
address or FQDN that you entered during the installation of the Platform Services Controller.
If you enter the other IP address or FQDN of the Platform Services Controller, you receive an error
message.
4 After the installation completes, you can log in to the vSphere Web Client by using either of the NIC
IP addresses or FQDNs of vCenter Server.
vCenter Server Installation and Setup
VMware, Inc. 120
File-Based Backup and Restore
of vCenter Server Appliance 4
The vCenter Server Appliance supports a file-based backup and restore mechanism that helps you to
recover your environment after failures.
In vSphere 6.7, you can use the vCenter Server Appliance Management Interface to create a file-based
backup of the vCenter Server Appliance and Platform Services Controller appliance. After you create the
backup, you can restore it by using the GUI installer of the appliance.
You use the vCenter Server Appliance Management Interface to perform a file-based backup of the
vCenter Server core configuration, inventory, and historical data of your choice. The backed-up data is
streamed over FTP, FTPS, HTTP, HTTPS, or SCP to a remote system. The backup is not stored on the
vCenter Server Appliance.
You can perform a file-based restore only for a vCenter Server Appliance that you have previously backed
up by using the vCenter Server Appliance Management Interface. You can perform such restore
operation by using the GUI installer of the vCenter Server Appliance. The process consists of deploying a
new vCenter Server Appliance and copying the data from the file-based backup to the new appliance.
You can also perform a restore operation by deploying a new vCenter Server Appliance and using the
vCenter Server Appliance management interface to copy the data from the file-based backup to the new
appliance.
Important If you back up a vCenter Server Appliance High Availability cluster, the backup operation only
backs up the primary vCenter Server instance. Before restoring a vCenter Server Appliance High
Availability cluster, you must power off the active, passive, and witness nodes. The restore operation
restores the vCenter Server in non-vCenter Server High Availability mode. You must reconstruct the
cluster after the restore operation completes successfully.
This chapter includes the following topics:
nConsiderations and Limitations for File-Based Backup and Restore
nSchedule a File-Based Backup
nManually Back up a vCenter Server Appliance by Using the vCenter Server Appliance Management
Interface
nRestore a vCenter Server Appliance from a File-Based Backup
VMware, Inc. 121
Considerations and Limitations for File-Based Backup and
Restore
When you backup or restore a vCenter Server environment, take into account these considerations and
limitation.
Protocols
The following considerations apply to file-based backup and restore protocols:
nFTP and HTTP are not secure protocols
nBackup servers must support minimum of 10 simultaneous connections for each
vCenter Server Appliance
nYou must have write permissions for upload and read permissions for download
nOnly explicit mode is supported for FTPS
nIf you use HTTP or HTTPS, you must enable WebDAV on the backup Web server
nYou can use only FTP, FTPS, HTTP, or HTTPS to transmit data through an HTTP proxy server
nYou can use IPv4 and IPv6 URLs in file-based backup and restore of a vCenter Server Appliance.
Mixed mode of IP versions between the backup server and the vCenter Server Appliance is
unsupported.
nIf you use SCP protocol, you must use the Linux backup server
Configuration
After a restore, the following configurations revert to the state when the backup was taken.
nVirtual machine resource settings
nResource pool hierarchy and setting
nCluster-host membership
nDRS configuration and rules
Storage DRS
If the configuration changes, the following might change after a restore.
nDatastore Cluster configuration
nDatastore Cluster membership
nDatastore I/O Resource Management (Storage I/O Control) settings
nDatastore-Datacenter membership
nHost-Datastore membership
vCenter Server Installation and Setup
VMware, Inc. 122
Distributed Power Management
If you put a host into standby mode after a backup, the vCenter Server might force the host to exit
standby mode when you restore to the backup.
Distributed Virtual Switch
If you use a distributed virtual switch, you are advised to export separately the distributed virtual switch
configuration before you restore to a backup. You can import the configuration after the restore. If you
omit this consideration, you may lose the changes made to a distributed virtual switch after the backup.
For detailed steps, see the VMware knowledge base article at http://kb.vmware.com/kb/2034602.
Content Libraries
If you delete libraries or items after a backup, you cannot access or use these libraries or items after the
restore. You can only delete such libraries or items. A warning message notifies you that there are
missing files or folders in the storage backup.
If you create new items or item files after the backup, the Content Library Service has no record of the
new items or files after the restore operation. A warning notifies you that extra folders or files were found
on the storage backup.
If you create new libraries after the backup, the Content Library Service has no record of the new libraries
after restore. The library content exists on the storage backing, but no warning is displayed. You must
manually clean the new libraries.
Virtual Machine Life Cycle Operations
nRestoring vCenter Server from a backup that was taken during in-flight relocation operations in the
vCenter Server instance.
After you restore vCenter Server, the vCenter Server view of the virtual machines might be out of
sync with the ESXi view of the virtual machines. This is also true if you performed the backup during
in-flight operations on vCenter Server. If virtual machines disappear after you restore vCenter Server,
you can refer to the following cases.
a The missing virtual machine is located on the destination ESXi host and is registered with the
destination ESXi host, but it is either an orphan or not in the vCenter Server inventory. You must
manually add the virtual machine to the vCenter Server inventory.
b The missing virtual machine is located on the destination ESXi host, but it is not registered with
the destination ESXi host and it is not in the vCenter Server inventory. You must manually register
the virtual machine to the ESXi host and add the virtual machine back to the vCenter Server
inventory.
vCenter Server Installation and Setup
VMware, Inc. 123
c The missing virtual machine is located on the destination ESXi host, but it is not registered with
the destination ESXi host. In the vCenter Server instance, the missing virtual machine is marked
as orphaned. You must remove the virtual machine from the vCenter Server inventory and add it
again.
nRestoring vCenter Server from a backup that has an out-of-date linked clone virtual machine layout.
If you create a linked clone virtual machine after the backup and you restore vCenter Server from the
old backup, then after the restore, the vCenter Server does not know about the new linked clone
virtual machine until vCenter Server discovers the new linked clone virtual machine. If you remove all
existing virtual machines before the new linked clone virtual machine is discovered, then the removal
of existing virtual machines corrupts the new linked clone due to missing disks. In order to avoid this,
you must wait until all linked clone virtual machines are discovered by the vCenter Server before you
remove virtual machines.
nRestoring vCenter Server from a backup that was taken during virtual machine registration.
If you are registering a virtual machine during the backup and you restore vCenter Server from the old
backup, then after the restore, the virtual machine is marked as orphaned in the vCenter Server
instance. You must manually add the virtual machine to the vCenter Server inventory.
vSphere High Availability
Restoring vCenter Server from a backup might cause it to rollback to older version for the vSphere HA
cluster state (HostList, ClusterConfiguration, VM protection state) while the hosts in the cluster have the
latest version for the cluster state. You need to make sure the vSphere HA cluster state stays the same
during restore and backup operations. Otherwise, the following problems might occur.
nIf hosts are added or removed to or from the vSphere HA cluster after backup and before
vCenter Server restore, virtual machines could potentially failover to hosts not being managed by the
vCenter Server but are still part of the HA cluster.
nProtection state for new virtual machines is not updated on the vSphere HA agents on the hosts that
are part of the vSphere HA cluster. As a result, virtual machines are not protected or unprotected.
nNew cluster configuration state is not updated on the vSphere HA agents on the hosts that are part of
the vSphere HA cluster.
vCenter High Availability
Restoring vCenter Server requires vCenter HA to be reconfigured.
Storage Policy Based Management
Restoring vCenter Server from a backup can lead to the following inconsistencies related to storage
policies, storage providers, and virtual machines.
nRegistered storage providers after backup are lost.
nUnregistered storage providers after backup re-appear and might show different provider status.
vCenter Server Installation and Setup
VMware, Inc. 124
nChanges, such as create, delete, or update, performed on storage policies after backup are lost.
nChanges, such as create, delete, or update, performed on storage policy components after backup
are lost.
nDefault policy configuration changes for datastores performed after backup are lost.
nChanges in the storage policy association of the virtual machine and its disks, and in their policy
compliance might occur.
Virtual Storage Area Network
Restoring vCenter Server from a backup might cause inconsistencies in the vSAN. For information on
how to check vSAN health, see Administering VMware vSAN.
Patching
Restoring vCenter Server from a backup might result in missing security patches. You must apply them
again after the restore is complete. For information on patching the vCenter Server Appliance, see
vSphere Upgrade.
Schedule a File-Based Backup
You can schedule file-based backups in vSphere 6.7. You can set up a schedule that is used to perform
periodic backups.
The schedule can be set up with information about the backup location, recurrence, and retention for the
backups.
You can only set up one schedule at a time.
Prerequisites
nYou must have an FTP, FTPS, HTTP, HTTPS, or SCP server up and running with sufficient disk
space to store the backup.
Procedure
1In a Web browser, go to the vCenter Server Appliance Management Interface, https://appliance-IP-
address-or-FQDN:5480.
2Log in as root.
3In the vCenter Server Appliance Management Interface, click Backup.
4Click Configure to set up a backup schedule.
vCenter Server Installation and Setup
VMware, Inc. 125
5Enter the backup location details.
Option Description
Backup location Enter the backup location, including the protocol to use to connect to your backup
server, the port, the server address, and backup folder to store the backup files.
Use one of the following protocols: FTP, FTPS, HTTP, HTTPS, or SCP.
For FTP, FTPS, HTTP, or HTTPS the path is relative to the home directory
configured for the service. For SCP, the path is absolute to the remote systems
root directory.
Backup server credentials Enter a user name and password of a user with write privileges on the backup
server.
6Set the schedule recurrence and time for the backup.
The recurrence can be set daily, weekly, or you can customize the schedule to run the backup on a
specific day or days of the week. You can specify the time of day to run the backup. The default time
is 11:59pm.
7(Optional) Enter an Encryption Password if you want to encrypt your backup file.
If you select to encrypt the backup data, you must use the encryption password for the restore
procedure.
8Select Retain all backups or enter the number of backups to retain.
The retention information provides the number of backups to retain for a given vCenter Server.
9(Optional) Select Stats, Events, and Tasks to back up additional historical data from the database.
10 Click Create.
The backup schedule information is populated in the Backup page.
The complete and in progress backups are listed under Activity.
What to do next
You can perform an immediate backup with the existing schedule information by selecting Use backup
location and user name from backup schedule from the backup schedule on the Backup Now dialog
box.
Manually Back up a vCenter Server Appliance by Using
the vCenter Server Appliance Management Interface
You can use the vCenter Server Appliance Management Interface to back up the vCenter Server
instance. You can select whether to include historical data, such as stats, events, and tasks, in the
backup file.
Note The backup operation for a vCenter High Availability cluster, backs up only the active node.
vCenter Server Installation and Setup
VMware, Inc. 126
Prerequisites
nYou must have an FTP, FTPS, HTTP, HTTPS, or SCP server up and running with sufficient disk
space to store the backup.
Procedure
1In a Web browser, go to the vCenter Server Appliance Management Interface, https://appliance-IP-
address-or-FQDN:5480.
2Log in as root.
3In the vCenter Server Appliance Management Interface, click Backup.
4Click Backup Now.
The Backup Appliance wizard opens.
5(Optional) Select Use backup location and user name from backup schedule to use the
information from a scheduled backup.
6Enter the backup location details.
Option Description
Backup location Enter the backup location, including the protocol to use to connect to your backup
server, the port, the server address, and backup folder to store the backup files.
Use one of the following protocols: FTP, FTPS, HTTP, HTTPS, or SCP.
For FTP, FTPS, HTTP, or HTTPS the path is relative to the home directory
configured for the service. For SCP, the path is absolute to the remote systems
root directory.
Backup server credentials Enter a user name and password of a user with write privileges on the backup
server.
Note Username and password should only contain ASCII characters.
7(Optional) Enter an Encryption Password if you want to encrypt your backup file.
If you select to encrypt the backup data, you must use the encryption password for the restore
procedure.
8(Optional) Select Stats, Events, and Tasks to back up additional historical data from the database.
9(Optional) In the Description text box, enter a description of the backup.
10 Click Start to begin the backup process.
The complete and in progress backups are listed under Activity.
vCenter Server Installation and Setup
VMware, Inc. 127
Restore a vCenter Server Appliance from a File-Based
Backup
You can use the vCenter Server Appliance GUI installer to restore a vCenter Server Appliance to an ESXi
host or a vCenter Server instance. The restore procedure has two stages. The first stage deploys a new
vCenter Server Appliance. The second stage populates the newly deployed vCenter Server Appliance
with the data stored in the file-based backup.
Figure 41. vCenter Server Appliance Restore Workflow
vCenter Server Installation and Setup
VMware, Inc. 128
Perform a file-based restore of a Platform Services Controller only when the last
Platform Services Controller in the domain fails. If there are other Platform Services Controller instances
in the same vCenter Single Sign-On domain, deploy a new Platform Services Controller instance and join
it to the existing Single Sign-On domain.
Figure 42. Platform Services Controller Appliance Restore Workflow
Prerequisites
nVerify that your system meets the minimum software and hardware requirements. See System
Requirements for the vCenter Server Appliance and Platform Services Controller Appliance.
nDownload and Mount the vCenter Server Appliance Installer.
vCenter Server Installation and Setup
VMware, Inc. 129
nIf the vCenter Server instance is part of a vCenter High Availability cluster, you must power off the
active, passive, and witness nodes of the cluster before restoring the vCenter Server.
Procedure
1Stage 1 - Deploy a New Appliance
In stage 1 of the restore process, you deploy the OVA file, which is included in the
vCenter Server Appliance GUI installer.
2Stage 2 - Transfer Data to the Newly Deployed Appliance
After the OVA deployment finishes, you are redirected to stage 2 of the restore process in which the
data from the backup location is copied to the newly deployed vCenter Server Appliance.
Stage 1 - Deploy a New Appliance
In stage 1 of the restore process, you deploy the OVA file, which is included in the
vCenter Server Appliance GUI installer.
As an alternative to performing the first stage of the restore with the GUI installer, you can deploy the OVA
file of the new vCenter Server Appliance or Platform Services Controller appliance by using the
vSphere Web Client or the vSphere Client. After the OVA deployment, you must log in to the appliance
management interface of the newly deployed appliance to proceed with the second stage of the restore
process.
Prerequisites
nDownload and mount the vCenter Server Appliance installer. See Download and Mount the vCenter
Server Appliance Installer.
nIf you plan to restore the vCenter Server Appliance on an ESXi host, verify that the target ESXi host is
not in lockdown or maintenance mode.
nIf you plan to restore the vCenter Server Appliance on a DRS cluster of a vCenter Server inventory,
verify that the cluster contains at least one ESXi host that is not in lockdown or maintenance mode.
nIf you plan to assign a static IP address to the appliance, verify that you have configured the forward
and reverse DNS records for the IP address.
nIf you are attempting to restore a vCenter Server instance that is still running, power off the backed up
vCenter Server before you start the restore operation.
Procedure
1In the vCenter Server Appliance installer, navigate to the vcsa-ui-installer directory, go to the
subdirectory for your operating system, and run the installer executable file.
nFor Windows OS, go to the win32 subdirectory, and run the installer.exe file.
nFor Linux OS, go to the lin64 subdirectory, and run the installer file.
nFor Mac OS, go to the mac subdirectory, and run the Installer.app file.
2On the Home page, click Restore.
vCenter Server Installation and Setup
VMware, Inc. 130
3Review the Introduction page to understand the restore process and click Next.
4Read and accept the license agreement, and click Next.
5On the Enter backup details page, enter the details of the backup file that you want to restore, and
click Next.
Option Description
Backup location Enter the server address and backup folder where the backup files are stored.
Specify the protocol to use to retrieve the backup from your backup server. You
can select HTTPS, HTTP, SCP, FTPS, or FTP.
You can also enter the IP address or hostname of the backup server and browse
for the location of the backup folder.
User name Enter the user name of a user with read privileges on the backup server.
Password Enter the password of the user with read privileges on the backup server.
6Review the backup information, and click Next.
7Connect to the ESXi host or vCenter Server on which you want to deploy the
vCenter Server Appliance to use for the restore operation.
Option Steps
You can connect to an
ESXi host on which to
deploy the appliance to
use for the restore
operation.
1 Enter the FQDN or IP address of the ESXi host.
2 Enter the HTTPS port of the ESXi host.
3 Enter the user name and password of a user with administrative privileges on the ESXi host,
for example, the root user.
4 Click Next.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate that is
installed on the target ESXi host, and click Yes to accept the certificate thumbprint.
You can connect to a
vCenter Server instance
and browse the inventory
to select an ESXi host or
DRS cluster on which to
deploy the appliance to
use for the restore
operation.
1 Enter the FQDN or IP address of the vCenter Server instance.
2 Enter the HTTPS port of the vCenter Server instance.
3 Enter the user name and password of user with vCenter Single Sign-On administrative
privileges on the vCenter Server instance, for example, the
administrator@your_domain_name user.
4 Click Next.
5 Verify that the certificate warning displays the SHA1 thumbprint of the SSL certificate that is
installed on the target vCenter Server instance, and click Yes to accept the certificate
thumbprint.
6 Select the data center or data center folder that contains the ESXi host or DRS cluster on
which you want to deploy the appliance, and click Next.
Note You must select a data center or data center folder that contains at least one ESXi
host that is not in lockdown or maintenance mode.
7 Select the ESXi host or DRS cluster on which you want to deploy the appliance, and click
Next.
8Accept the certificate warning.
9Enter a name for the vCenter Server Appliance, set up the password for the root user, and click Next.
vCenter Server Installation and Setup
VMware, Inc. 131
10 Select the deployment size for the new vCenter Server Appliance depending on the size of your
vSphere inventory.
Deployment Size Option Description
Tiny Deploys an appliance with 2 CPUs and 10 GB of memory.
Suitable for environments with up to 10 hosts or 100 virtual machines
Small Deploys an appliance with 4 CPUs and 16 GB of memory.
Suitable for environments with up to 100 hosts or 1,000 virtual machines
Medium Deploys an appliance with 8 CPUs and 24 GB of memory.
Suitable for environments with up to 400 hosts or 4,000 virtual machines
Large Deploys an appliance with 16 CPUs and 32 GB of memory.
Suitable for environments with up to 1,000 hosts or 10,000 virtual machines
X-Large Deploys an appliance with 24 CPUs and 48 GB of memory.
Suitable for environments with up to 2,000 hosts or 35,000 virtual machines
11 Select the storage size for the new vCenter Server Appliance, and click Next.
Important You must consider the storage size of the appliance that you are restoring.
Storage
Size
Option
Description for
Tiny Deployment
Size
Description for
Small Deployment
Size
Description for
Medium
Deployment Size
Description for
Large Deployment
Size
Description for X-
Large Deployment
Size
Default Deploys an
appliance with 300
GB of storage.
Deploys an
appliance with 340
GB of storage.
Deploys an
appliance with 525
GB of storage.
Deploys an
appliance with 740
GB of storage.
Deploys an
appliance with 1180
GB of storage.
Large Deploys an
appliance with 825
GB of storage.
Deploys an
appliance with 870
GB of storage.
Deploys an
appliance with 1025
GB of storage.
Deploys an
appliance with 1090
GB of storage.
Deploys an
appliance with 1230
GB of storage.
X-Large Deploys an
appliance with 1700
GB of storage.
Deploys an
appliance with 1750
GB of storage.
Deploys an
appliance with 1905
GB of storage.
Deploys an
appliance with 1970
GB of storage.
Deploys an
appliance with 2110
GB of storage.
12 From the list of available datastores, select the location where all the virtual machine configuration
files and virtual disks will be stored and, optionally, enable thin provisioning by selecting Enable Thin
Disk Mode.
13 On the Configure network settings page review the settings populated from the backup file of the
vCenter Server Appliance.
14 (Optional) Edit the network configuration to match the current network environment where the
vCenter Server Appliance is restored.
15 On the Ready to complete stage 1 page, review the deployment settings for the restored
vCenter Server Appliance and click Finish to start the OVA deployment process.
vCenter Server Installation and Setup
VMware, Inc. 132
16 Wait for the OVA deployment to finish, and click Continue to proceed with stage 2 of the restore
process to transfer the data to the newly deployed appliance.
Note If you exit the wizard by clicking Close, you must log in to the vCenter Server Appliance
Management Interface to transfer the data.
The newly deployed vCenter Server Appliance is running on the target server but the data is not copied
from the backup location.
Stage 2 - Transfer Data to the Newly Deployed Appliance
After the OVA deployment finishes, you are redirected to stage 2 of the restore process in which the data
from the backup location is copied to the newly deployed vCenter Server Appliance.
Procedure
1Review the introduction to stage 2 of the restore process and click Next.
2Review the backup details and click Next.
3If you are restoring a vCenter Server Appliance that is a vCenter Embedded Linked Mode, you are
asked to provide the Single Sign-On credentials. Enter the Single Sign-On user name and password,
then click Validate and Recover.
4On the Ready to complete page, review the details, click Finish, and click OK to complete stage 2 of
the restore process.
The restore process restarts the vCenter Server Appliance Management Service. You cannot access
the vCenter Server Appliance Management API during the restart.
Important If a restore operation of a vCenter Server Appliance or a Platform Services Controller
appliance VM results with a failure, you must power off and delete the partially restored VM. After that
you can try to restore the VM again.
5(Optional) After the restore process finishes, click the
https://vcenter_server_appliance_fqdn/vsphere-client to go to the vSphere Web Client and log in
to the vCenter Server instance in the vCenter Server Appliance, or click the
https://vcenter_server_appliance_fqdn:443 to go to the vCenter Server Appliance Getting Started
page.
6Click Close to exit the wizard.
You are redirected to the vCenter Server Appliance Getting Started page.
7If the backed up vCenter node is part of a vCenter High Availability cluster, the last needs to be
reconfigured after the restore operation completes successfully.
For information about how to perform backup and restore operations, see vSphere Availability.
vCenter Server Installation and Setup
VMware, Inc. 133
Image-Based Backup and
Restore of a vCenter Server
Environment 5
You can use a third-party product that is integrated with VMware vSphere Storage APIs - Data Protection
to back up and restore a virtual machine that contains vCenter Server, a vCenter Server Appliance, or a
Platform Services Controller.
You can perform a full image backup of a virtual machine that contains vCenter Server, a
vCenter Server Appliance, or a Platform Services Controller. The virtual machine must use a fully
qualified domain name (FQDN) with correct DNS resolution, or the hostname must be configured to be an
IP address. If the hostname is configured as an IP address, the IP address cannot be changed.
The following backups and recoveries are not supported:
nIncremental backups
nDifferential backups
nIndividual disk backups
nVirtual machines that have snapshots
nVirtual machines configured with Fault Tolerance
VMware vSphere Storage APIs - Data Protection is a data protection framework that enables backup
products to perform centralized, efficient, off-host LAN free backup of vSphere virtual machines. For
information about VMware vSphere Storage APIs - Data Protection, see the VMware Web site. For
information about the integration of backup products with VMware vSphere Storage APIs - Data
Protection, contact your backup vendor.
This chapter includes the following topics:
nConsiderations and Limitations for Image-Based Backup and Restore
nRestore a vCenter Server Image-based Environment
VMware, Inc. 134
Considerations and Limitations for Image-Based Backup
and Restore
When you restore a vCenter Server environment, take into account these considerations and limitations.
Note Restoring a vCenter Server or Platform Services Controller instance with DHCP network
configuration results in changing its IP address. The changed IP address prevents some vCenter Server
services from starting properly. To start all vCenter Server services successfully, after the restore, you
must reconfigure the IP address of the restored vCenter Server or Platform Services Controller instance
to the IP address that the instance was set to when you performed the backup.
Configuration
After a restore, the following configurations revert to the state when the backup was taken.
nVirtual machine resource settings
nResource pool hierarchy and setting
nCluster-host membership
nDRS configuration and rules
Storage DRS
If the configuration changes, the following might change after a restore.
nDatastore Cluster configuration
nDatastore Cluster membership
nDatastore I/O Resource Management (Storage I/O Control) settings
nDatastore-Datacenter membership
nHost-Datastore membership
Distributed Power Management
If you put a host into standby mode after a backup, the vCenter Server might force the host to exit
standby mode when you restore to the backup.
Distributed Virtual Switch
If you use a distributed virtual switch, you are advised to export separately the distributed virtual switch
configuration before you restore to a backup. You can import the configuration after the restore. If you
omit this consideration, you may lose the changes made to a distributed virtual switch after the backup.
For detailed steps, see the VMware knowledge base article at http://kb.vmware.com/kb/2034602.
vCenter Server Installation and Setup
VMware, Inc. 135
Content Libraries
If you delete libraries or items after a backup, you cannot access or use these libraries or items after the
restore. You can only delete such libraries or items. A warning message notifies you that there are
missing files or folders in the storage backup.
If you create new items or item files after the backup, the Content Library Service has no record of the
new items or files after the restore operation. A warning notifies you that extra folders or files were found
on the storage backup.
If you create new libraries after the backup, the Content Library Service has no record of the new libraries
after restore. The library content exists on the storage backing, but no warning is displayed. You must
manually clean the new libraries.
Virtual Machine Life Cycle Operations
nRestoring vCenter Server from a backup that was taken while there are in-flight relocation operations
within the vCenter Server instance.
After you restore vCenter Server, the vCenter Server view of the virtual machines may be out of sync
with the ESXi view of the virtual machines. This is also true if you performed the backup while there
were in-flight operations on vCenter Server. If virtual machines disappear after you restore
vCenter Server, you can refer to the following cases.
a The missing virtual machine is located on the destination ESXi host and is registered with the
destination ESXi host, but it is not in the vCenter Server inventory. You must manually add the
virtual machine to the vCenter Server inventory.
b The missing virtual machine is located on the destination ESXi host, but it is not registered with
the destination ESXi host and it is not in the vCenter Server inventory. You must manually register
the virtual machine to the ESXi and add the virtual machine back to the vCenter Server inventory.
c The missing virtual machine is located on the destination ESXi host, but it is not registered with
the destination ESXi host. Within the vCenter Server instance, the missing virtual machine is
marked as orphaned. You must remove the virtual machine from the vCenter Server inventory
and add it again.
nRestoring vCenter Server from a backup that has an out of date linked clone virtual machine layout.
If you create a linked clone virtual machine after the backup and you restore vCenter Server from the
old backup, then after the restore, vCenter Server does not know about the new linked clone virtual
machine until vCenter Server discovers the new linked clone virtual machine. If you remove all
existing virtual machines before the new linked clone virtual machine is discovered, then the removal
of existing virtual machines corrupts the new linked clone due to missing disks. To avoid this
corruption, you must wait until all linked clone virtual machines get discovered by the vCenter Server
before you remove virtual machines.
vCenter Server Installation and Setup
VMware, Inc. 136
vSphere High Availability
Restoring vCenter Server from a backup may cause it to roll back to older version for the vSphere HA
cluster state (HostList, ClusterConfiguration, VM protection state) while the hosts in the cluster have the
latest version for the cluster state. Ensure that the vSphere HA cluster state stays the same during
restore and backup operations. Otherwise, the following potential problems are present.
nIf hosts are added or removed to/from the vSphere HA cluster after backup and before
vCenter Server restore, virtual machines could potentially fail over to hosts not managed by the
vCenter Server but are still part of the HA cluster.
nProtection states for new virtual machines are not updated on the vSphere HA agents on the hosts
which are part of the vSphere HA cluster. As a result, virtual machines are not protected/unprotected.
nNew cluster configuration state is not updated on the vSphere HA agents on the hosts which are part
of the vSphere HA cluster.
vCenter High Availability
Restoring vCenter Server requires vCenter HA to be reconfigured.
Storage Policy Based Management
Restoring vCenter Server from a backup can lead to the following inconsistencies related to storage
policies, storage providers, and virtual machines.
nRegistered storage providers after backup are lost.
nUnregistered storage providers after backup reappear and might show different provider status.
nChanges, such as create, delete, or update, performed on storage policies after backup are lost.
nChanges, such as create, delete, or update, performed on storage policy components after backup
are lost.
nDefault policy configuration changes for datastores performed after backup are lost.
nChanges in the storage policy association of the virtual machine and its disks, and in their policy
compliance might occur.
Virtual Storage Area Network
Restoring vCenter Server from a backup may cause inconsistencies in the vSAN. For information how to
check vSAN health, see Administering VMware vSAN.
Patching
Restoring vCenter Server from a backup might result in missing security patches. You must apply them
again after the restore is complete. For information on patching the vCenter Server Appliance, see
vSphere Upgrade.
vCenter Server Installation and Setup
VMware, Inc. 137
Restore a vCenter Server Image-based Environment
You can use a third-party product that is integrated with VMware vSphere Storage APIs - Data Protection
to restore a virtual machine that contains vCenter Server, vCenter Server Appliance, or
Platform Services Controller.
You can perform an image-based restore of a virtual machine that contains vCenter Server, a
vCenter Server Appliance, or a Platform Services Controller. The virtual machine must use a fully
qualified domain name (FQDN) with correct DNS resolution, or the host name of the machine must be
configured to be an IP address. If the host name is configured as an IP address, the IP address cannot be
changed.
You can restore a virtual machine to the original location by either overwriting the backed up virtual
machine or by creating a new virtual machine that contains the restored vCenter Server,
vCenter Server Appliance, or Platform Services Controller on the same ESXi host. You can also restore
the virtual machine on a new ESXi host.
You can restore a virtual machine that contains vCenter Server or a Platform Services Controller instance
directly on the ESXi host that is running the third-party appliance when the vCenter Server service
becomes unavailable or when you cannot access the third-party user interface by using the
vSphere Web Client.
Important Restoring virtual machines that have snapshots or that are configured with Fault Tolerance is
unsupported.
vCenter Server Installation and Setup
VMware, Inc. 138
Figure 51. vCenter Server Restore Workflow
vCenter Server Installation and Setup
VMware, Inc. 139
Figure 52. Platform Services Controller Restore Workflow
Restore a vCenter Server Instance with an Embedded
Platform Services Controller
Your environment might consist of vCenter Server or a vCenter Server Appliance with an embedded
Platform Services Controller. You can use a third-party product to restore a vCenter Server environment
with an embedded Platform Services Controller.
Important You can back up and restore only virtual machines that contain vCenter Server,
vCenter Server Appliance, and Platform Services Controller. You cannot back up and restore physical
machines that are running vCenter Server by using a third-party product.
vCenter Server Installation and Setup
VMware, Inc. 140
Procedure
1Restore the vCenter Server virtual machine onto the ESXi host using a third-party solution.
2Log into the vCenter Server Appliance Management Interface, https://appliance-IP-address-or-FQDN:
5480.
3Run the reconciliation operation and provide the Single Sign-On credentials.
4If you are restoring the last embedded node in the embedded linked mode deployment, run the
reconciliation operation with the ignore_warnings flag selected.
What to do next
Power on the restored virtual machine that contains the restored vCenter Server instance.
Restoring a vCenter Server Environment with a Single Embedded
Platform Services Controller
Your environment might consist of many vCenter Server instances that are registered with a single
Platform Services Controller. You can use a third party solution to restore a virtual machine that contains
a Platform Services Controller. You can also use the third party solution to restore either virtual machines
that contain vCenter Server instances or vCenter Server Appliance instances that are registered with a
single external Platform Services Controller.
Note If vCenter Server and Platform Services Controller instances fail at the same time, you must first
restore the Platform Services Controller and then the vCenter Server instances.
Restoring a vCenter Server Environment with Multiple
Platform Services Controller Instances
You can use a third party solution to restore an environment in which the vCenter Server instances are
registered with different Platform Services Controller instances, and the infrastructure data is replicated
between the Platform Services Controller instances.
Important You can back up and restore only virtual machines that contain vCenter Server,
vCenter Server Appliance, and Platform Services Controller. You cannot back up and restore physical
machines that are running vCenter Server by using a third-party product.
For a vCenter Server with an external Platform Services Controller, restore is only allowed if it is the last
node in the cluster. If it is not the last node in the cluster, deploy a new Platform Services Controller node
and join the cluster.
vCenter Server Installation and Setup
VMware, Inc. 141
For the last Platform Services Controller in the cluster, use the third party solution to restore the
vCenter Server virtual machine onto the ESXi host. You do not need to perform reconciliation. After the
restore succeeds, in the node associated with that Platform Services Controller, run the following
commands:
service-control --stop --all
service-control --start --all
vCenter Server Installation and Setup
VMware, Inc. 142
After You Install vCenter Server
or Deploy the
vCenter Server Appliance 6
After you install vCenter Server or deploy the vCenter Server Appliance, consider these postinstallation
options before adding inventory for the vCenter Server to manage.
For information about configuring the vSphere Authentication Proxy service, see vSphere Security.
This chapter includes the following topics:
nLog in to vCenter Server by Using the vSphere Web Client
nInstall the VMware Enhanced Authentication Plug-in
nCollect vCenter Server Log Files
nRepoint vCenter Server to Another External Platform Services Controller in the Same Domain
nRepoint vCenter Server to External Platform Services Controller in a Different Domain
nReconfigure a Standalone vCenter Server with an Embedded Platform Services Controller to a
vCenter Server with an External Platform Services Controller
Log in to vCenter Server by Using the vSphere Web Client
Log in to vCenter Server by using the vSphere Web Client to manage your vSphere inventory.
In vSphere 6.0 and later, the vSphere Web Client is installed as part of the vCenter Server on Windows or
the vCenter Server Appliance deployment. This way, the vSphere Web Client always points to the same
vCenter Single Sign-On instance.
Procedure
1Open a Web browser and enter the URL for the vSphere Web Client:
https://vcenter_server_ip_address_or_fqdn/vsphere-client.
2Enter the credentials of a user who has permissions on vCenter Server, and click Login.
VMware, Inc. 143
3If a warning message about an untrusted SSL certificate appears, select the appropriate action based
on your security policy.
Option Action
Ignore the security warning for this
login session only.
Click Ignore.
Ignore the security warning for this
login session, and install the default
certificate so that the warning does not
appear again.
Select Install this certificate and do not display any security warnings for
this server and click Ignore.
Select this option only if using the default certificate does not present a security
problem in your environment.
Cancel and install a signed certificate
before proceeding.
Click Cancel and ensure that a signed certificate is installed on the vCenter
Server system before you attempt to connect again.
The vSphere Web Client connects to all the vCenter Server systems on which the specified user has
permissions, allowing you to view and manage your inventory.
Install the VMware Enhanced Authentication Plug-in
The VMware Enhanced Authentication Plug-in provides Integrated Windows Authentication and
Windows-based smart card functionality.
In the vSphere 6.5 release, the VMware Enhanced Authentication Plug-in replaced the Client Integration
Plug-in from vSphere 6.0 releases and earlier. The Enhanced Authentication Plug-in provides Integrated
Windows Authentication and Windows-based smart card functionality. These are the only two features
carried over from the previous Client Integration Plug-in. The Enhanced Authentication Plug-in can
function seamlessly if you already have the Client Integration Plug-in installed on your system from
vSphere 6.0 or earlier. There are no conflicts if both plug-ins are installed.
Watch the video "vSphere Web Client after the Client Integration Plug-in Removal" for more information
about the workflow changes to the vSphere Client:
vSphere Web Client after the Client Integration Plug-in Removal
(http://link.brightcove.com/services/player/bcpid2296383276001?
bctid=ref:video_web_client_after_cip_removal)
Install the plug-in only once to enable all the functionality the plug-in delivers.
If you install the plug-in from an Internet Explorer browser, you must first disable Protected Mode and
enable pop-up windows on your Web browser. Internet Explorer identifies the plug-in as being on the
Internet instead of on the local intranet. In such cases, the plug-in is not installed correctly because
Protected Mode is enabled for the Internet.
For information about supported browsers and operating systems, see the vCenter Server Installation and
Setup documentation.
Prerequisites
If you use Microsoft Internet Explorer, disable Protected Mode.
vCenter Server Installation and Setup
VMware, Inc. 144
Procedure
1Open a Web browser and type the URL for the vSphere Web Client.
2At the bottom of the vSphere Web Client login page, click Download Enhanced Authentication
Plug-in.
3If the browser blocks the installation either by issuing certificate errors or by running a pop-up blocker,
follow the Help instructions for your browser to resolve the problem.
4Save the plug-in to your computer, and run the executable.
5Step through the installation wizard for both the VMware Enhanced Authentication Plug-in and the
VMware Plug-in Service which are run in succession.
6When the installations are complete, refresh your browser.
7On the External Protocol Request dialog box, click Launch Application to run the Enhanced
Authentication Plug-in.
The link to download the plug-in disappears from the login page.
Collect vCenter Server Log Files
After you install vCenter Server, you can collect the vCenter Server log files for diagnosing and
troubleshooting purposes.
Note This procedure provides information about how to collect the log files for a Windows installation of
vCenter Server. For information about exporting a support bundle and browsing the log files in the
vCenter Server Appliance, see vCenter Server Appliance Configuration.
Procedure
1Log in as an administrator on the Windows machine where vCenter Server is installed.
2Navigate to Start > Programs > VMware > Generate vCenter Server log bundle to generate the
log bundle.
You can generate vCenter Server log bundles even if you are unable to connect to the vCenter Server
by using the vSphere Web Client
The log files for the vCenter Server system are generated and saved in a .tgz archive on your desktop.
Repoint vCenter Server to Another External
Platform Services Controller in the Same Domain
Joining external Platform Services Controller instances in the same vCenter Single Sign-On domain,
ensures high availability of your system.
vCenter Server Installation and Setup
VMware, Inc. 145
If an external Platform Services Controller stops responding or if you want to distribute the load of an
external Platform Services Controller, you can repoint the vCenter Server instances to another
Platform Services Controller in the same domain and site.
nYou can repoint the vCenter Server instance to an existing functional Platform Services Controller
instance with free load capacity in the same domain and site.
nYou can install or deploy a new Platform Services Controller instance in the same domain and site to
which to repoint the vCenter Server instance.
Prerequisites
nIf the old Platform Services Controller instance has stopped responding, remove the node and clean
up the stale vmdir data by running the cmsso-util unregister command. For information about
decommissioning a Platform Services Controller instance, see https://kb.vmware.com/kb/2106736.
nVerify that the old and the new Platform Services Controller instances are in the same vCenter Single
Sign-On domain and site by running the vdcrepadmin -f showservers command. For information
about using the command, see https://kb.vmware.com/kb/2127057.
nIf you want to repoint a vCenter Server Appliance that is configured in a vCenter HA cluster, remove
the vCenter HA configuration. For information about removing a vCenter HA configuration, see
vSphere Availability.
Procedure
1Log in to the vCenter Server instance.
nFor a vCenter Server Appliance, log in to the vCenter Server Appliance shell as root.
nFor a vCenter Server instance on Windows, log in as an administrator to the vCenter Server
virtual machine or physical server.
2If the vCenter Server instance runs on Windows, in the Windows command prompt, navigate to
C:\Program Files\VMware\vCenter Server\bin.
3Run the cmsso-util repoint command.
cmsso-util repoint --repoint-psc psc_fqdn_or_static_ip [--dc-port port_number]
where the square brackets [ ] enclose the command options.
Here, psc_fqdn_or_static_ip is the system name used to identify the Platform Services Controller.
This system name must be an FQDN or a static IP address.
Note The FQDN value is case-sensitive.
Use the --dc-port port_number option if the Platform Services Controller runs on a custom
HTTPS port. The default value of the HTTPS port is 443.
4Log in to the vCenter Server instance by using the vSphere Web Client to verify that the
vCenter Server instance is running and can be managed.
vCenter Server Installation and Setup
VMware, Inc. 146
The vCenter Server instance is registered with the new Platform Services Controller.
What to do next
If you repointed a vCenter Server Appliance that was configured in a vCenter HA cluster, you can
reconfigure the vCenter HA cluster. For information about configuring vCenter HA, see vSphere
Availability.
Repoint vCenter Server to External Platform Services
Controller in a Dierent Domain
You can move one vCenter Server to a Platform Services Controller in another vSphere domain. You can
also move all vCenter Servers in one vSphere domain one at a time to another domain, which provides a
way to perform domain consolidation. Services such as tagging, and licensing, are migrated to the new
Platform Services Controller.
In addition to consolidating vSphere domains, you can also split an existing domain. The following use
cases are supported:
nYou can move one or more vCenter Server instances that point to separate external
Platform Services Controller to point to a new Platform Services Controller in a different domain.
nYou can move one or more vCenter Server instances that point to one external
Platform Services Controller to point to different Platform Services Controller in a different domain.
nYou can move a vCenter Server that is part of an embedded Platform Services Controller to an
external Platform Services Controller in a different domain. You must first reconfigure the node to an
external Platform Services Controller node before repointing to a Platform Services Controller in a
different domain.
Prerequisites
nCross domain repointing is only supported with Platform Services Controller 6.7 and vCenter Server
6.7.
nEach vCenter Server and vCenter Server node must be in a healthy state.
nTo ensure no loss of data, take a snapshot or backup each node before proceeding with repointing
the vCenter Server or Platform Services Controller.
vCenter Server Installation and Setup
VMware, Inc. 147
Procedure
1(Optional) Run the pre-check mode command. The pre-check mode fetches the tagging (tags and
categories) and authorization (roles and privileges) data from the Platform Services Controller.
Conflicts can be checked for tagging and authorization data. Pre-check does not migrate any data,
but checks the conflicts and writes them to a JSON file. For example, run the pre-check with the
following CLI:
cmsso-util domain-repoint --mode pre-check --src-psc-admin source_PSC_admin_userid --dest-psc-fqdn
target_PSC_FQDN --dest-psc-admin target_PSC_admin_userid --dest-domain-name target_FQDN --dest-vc-
fqdn target_vCenter_server
You are prompted for the administrator password.
The pre-check writes the conflict details to a JSON file with the location provided after pre-check.
2(Optional) Edit the conflict file and apply resolutions for all conflicts or apply a separate resolution for
each conflict.
The conflict resolutions are:
nCopy: Create a duplicate copy of the data in the target Platform Services Controller.
nSkip: Skips copying the data in the target Platform Services Controller.
nMerge: Merges the conflict without creating duplicates.
To check conflicts of tag authZ data, you must provide a vCenter Server part of the target
Platform Services Controller or the conflicts are not checked.
3Run the execute mode command. In the execute mode, the data generated during the pre-check
mode is read from the JSON file and imported to the target Platform Services Controller. Licensing
data is exported from the original Platform Services Controller. Then, the vCenter Server is repointed
to the target Platform Services Controller. For example, run the execute command with the following:
cmsso-util domain-repoint --mode execute --src-psc-admin Source_PSC_admin_userid --dest-psc-fqdn
target_PSC_FQDN --dest-psc-admin target_PSC_admin_userid --dest-domain-name target_FQDN --dest-vc-
fqdn target_vCenter_server
You are prompted for the administrator password.
Note If you do not run the pre-check command, the data is exported first and then imported to the
target Platform Services Controller. You cannot edit the conflicts during the execute mode. The pre-
check command give you the opportunity to look at the conflicts in detail and edit the conflicts file to
provide detailed input on how to handle various conflicts. To avoid any conflicts, run the pre-check
mode first to understand the conflicts and then run in execute mode.
Check that the tags and categories are migrated and all the required services are up and running.
Note If the repointing fails, collect the support bundle and revert to the snapshot taken before this
process.
vCenter Server Installation and Setup
VMware, Inc. 148
After vCenter Server is repointed to the target Platform Services Controller, the Customer Experience
Improvement Program (CEIP) participation preference is updated to the target domain preference.
What to do next
If you repointed a vCenter Server Appliance that is configured in a vSphere High Availability cluster, you
can reconfigure the vSphere HA cluster. See vSphere Availability for information about configuring
vSphere HA.
Solutions or plugins registered with vCenter Server must be registered again after a successful repoint.
Identity sources must be manually migrated. SSO configuration is not migrated. Users and policies
require manual intervention.
Syntax of the Domain Repoint Command
You can use command arguments to set the execution parameters of the domain repoint command.
The cmsso-util domain-repoint CLI repoints vCenter Server to External Platform Services Controller
in a different Domain.
You can add a space-separated list of arguments to the CLI repoint command
cmsso-util domain repoint --mode mode --src-psc-admin source_PSC_admin_userid
--dest-psc-fqdn target_PSC_FQDN --dest-psc-admin target_PSC_admin_userid
--dest-domain-name domain_name_to_repoint --dest-vc-fqdn target_vCenter_server
Argument Description
-m, --mode mode can be pre-check or execute. The pre-check argument
runs the command in pre-check mode. The execute argument
runs the command in execute mode.
-spa, --src-psc-admin SSO administrator user name for the source
Platform Services Controller. Do not append the @domain.
-dpf, --dest-psc-fqdn The FQDN of the Platform Services Controller to repoint.
-dpa, --dest-psc-admin SSO administrator user name for the destination
Platform Services Controller. Do not append @domain.
-ddn, --dest-domain-name SSO domain name of the destination
Platform Services Controller.
-dpr, --dest-psc-rhttps (Optional) HTTPS port for the destination
Platform Services Controller. If not set, the default 443 is used.
-dvf, --dest-vc-fqdn The FQDN of the vCenter Server pointing to a destination
Platform Services Controller. The vCenter Server is used to
check for component data conflicts in the pre-check mode. If not
provided, conflict checks are skipped and the default resolution
(COPY) is applied for any conflicts found during the import
process.
Note This argument is optional only if the destination domain
does not have a vCenter Server. If a vCenter Server exists in the
destination domain, this argument is mandatory.
vCenter Server Installation and Setup
VMware, Inc. 149
Argument Description
-dvr, --dest-vc-rhttps (Optional) The HTTPS port for the vCenter Server pointing to the
destination Platform Services Controller. If not set, the default
443 is used.
--ignore-snapshot (Optional) Ignore snapshot warnings.
--no-check-certs (Optional) Ignore certification validations.
--debug (Optional) Retrieves command execution detail.
-h, --help (Optional) Displays the help message for the cmsso-util
domain repoint command.
Understanding Tagging and Authorization Conflicts
When you run the domain repoint command in pre-check mode, data from the
Platform Services Controller is exported, examined, and conflicts are written to a file.
The following data is exported to the /storage/domain-data/ or
ProgramData/VMWare/vCenterServerdata/domain-data folder:
nAll_Privileges.json
nAll_Roles.json
nAll_TagCategories.json
nAll_Tags.json
These files contain the all the data (Authorization and Tagging) from the vCenter Server on which this
command was run.
If a secondary vCenter Server is provided using the -dvf or --dest-vc-fqdn option, any conflicts are
also exported to the same folder:
nConflicts_Roles.json
nConflicts_TagCategories.json
nConflicts_Tags.json
The following is a sample conflicts file:
<---- Sample Conflict file code block --->
{
"global" : {
"resolution" : "MERGE|SKIP|COPY",
"description" : "Default resolution option used to resolve Role Conflicts is COPY. The
conflicts list describes the differences between Role entities on source and target PSC. If
the source information represents an empty JSON array, it simply means that all the entity
attributes from source and target are identical. If the source lists few entries, it means
that only these entity attributes are missing from the target. If the target lists few entries,
it means that only these entity attributes are missing from the source. Though a global resolution
can be set, it can also be overridden at each conflict level by providing individual resolution
mode."
vCenter Server Installation and Setup
VMware, Inc. 150
},
"conflicts-count" : 1,
"conflicts-list" : {
"NoCryptoAdmin" : {
"source" : {
"privileges" : "[]"
},
"target" : {
"privileges" : "[Group-1.SamplePriv-1, Group-1.SamplePriv-4, Group-2.SamplePriv-10,
Group-2.SamplePriv-3, Group-2.SamplePriv-7, Group-3.SamplePriv-2, Group-3.SamplePriv-9]"
},
"resolution" : ""
}
}
<----- End of code block --->
The parts of the sample conflict files are:
ndescription. Provides the details on how the respective conflicts file is read and understood.
nsource and target. JSON objects that list only the differences between the source and target
Platform Services Controller objects.
nresolution. User supplies one valid resolution. Valid resolutions are MERGE, COPY, and SKIP.
To specify the resolution for handling conflicts, you can provide a default resolution option all conflicts in
the "global": "resolution" = "MERGE|SKIP|COPY" section. If you do not provide a valid global
resolution type for resolution or leave it unedited, the system uses COPY as the default resolution
option.
You can also provide a valid resolution option for each of the conflicts by editing the resolution property
at each conflict level which overrides the global resolution option.
The types of conflicts listed in Table 61.
vCenter Server Installation and Setup
VMware, Inc. 151
Table 61. Conflict Types
Conflict
Properties used to
compare Category
Objects Conflict Types
Conflicting
Properties Conflict Resolution Options
Role conflict nname: Name of the
category.
nprivilegeId: List of
privileges for the role.
RoleName conflict
occurs while
importing roles and a
role with the same
name exists in the
target
Platform Services
Controller but with
different privileges.
Properties that
can be conflicting
for RoleName
conflict type can
be Privileges.
nCOPY. A copy of the conflicting
role is created in the target
Platform Services Controller,
with –-copy appended to the
role name. The new role is
created with a new role ID with
the same set of privilege IDs.
The new role ID is updated in
the VPX_ACCESS table. The
new role ID is applicable for
both role name conflict and
role ID conflict.
Note
The default resolution option to
resolve Role conflicts is COPY.
nMERGE.The MERGE option is
resolved in the following
sequence:
a If the source
Platform Services
Controller has a role with
the same name and
privilege list as a role in the
target
Platform Services
Controller, but the role IDs
are different, the role ID
from the target
Platform Services
Controller is used and
updated in the
VPX_ACCESS table.
b If the source
Platform Services
Controller has a role with
the same name as a role in
the target
Platform Services
vCenter Server Installation and Setup
VMware, Inc. 152
Table 61. Conflict Types (Continued)
Conflict
Properties used to
compare Category
Objects Conflict Types
Conflicting
Properties Conflict Resolution Options
Controller, but with a
different privilege list, then
the privilege lists for both
roles are merged.
nSKIP. Do nothing. The specific
role is skipped.
Tag Category
conflict: A
category name
must be unique in
a
Platform Services
Controller.
nname: Name of the
category.
ncardinality:
Cardinality of
Category, either
Single or Multiple.
nassociableEntityTy
pe: List of
vCenter Server object
that can be associated
with a tag from this
category. A value of
All indicates all
vCenter Server
objects.
Only one type of
conflict can be seen
while importing Tag
Categories,
CategoryName
conflict. This conflict
indicates that a
category with the
same name exists in
the target
Platform Services
Controller but with
different properties
(cardinality or
associableEntityT
ype).
Properties that
can be conflicting
for conflict type
CategoryName
can be at least
one of two types:
Cardinality or
AssociableType
s.
nCOPY. A copy of the conflicting
category is created in the
target
Platform Services Controller,
with –-copy appended to the
category name. The new
category is created with the
same property name as in the
source
Platform Services Controller.
All the tags that were present
under this category is imported
under the newly created
CategoryCopy.
Note
The default resolution option to
resolve CategoryName
conflicts is COPY.
nMERGE. Conflicting properties
are merged with the category
that is already present in the
SSO. Properties are merged
as follows:
aDescription. The
description that is already
present is used.
bCardinality. Cardinality
cannot shrink. If there is a
cardinality conflict, the
cardinality is set to
multiple. It cannot be
reduced to single.
vCenter Server Installation and Setup
VMware, Inc. 153
Table 61. Conflict Types (Continued)
Conflict
Properties used to
compare Category
Objects Conflict Types
Conflicting
Properties Conflict Resolution Options
cAssociableTypes.If either
the
associableEntityType
values are null, it is set to
null. Otherwise, Objects
types are merged.
nSKIP. Do nothing. All tags are
imported under the category
that exists.
Tags Conflict: A
tag object always
belongs to a
category Object.
A tag Name must
be unique only
inside a category.
nname
ndescription
Only one type of
conflict can be seen
while importing tags:
TagName conflict.
This conflict indicates
that a Tag with the
same name exists
under the same
category and in the
target
Platform Services
Controller but with
different properties.
Properties that
can be conflicting
for a conflict of
type: TagName
can be
Description.
nCOPY. A copy of the conflicting
tag is created in the target
Platform Services Controller,
with –-copy appended to the
tag name. Take the
MoRef(Internal tag ID) of the
newly created tag and update
the tag association if
necessary.
Note
The default resolution option to
resolve CategoryName
conflicts is COPY.
nMERGE.Keep the existing
description. Take the
MoRef(Internal Tag ID) and
update one or more Tag
Associations if necessary.
nSKIP. Do nothing. Do not
create this tag. Clean up any
Tag Associations.
vCenter Server Domain Repoint License Considerations
Domain repointing copies license keys to a new domain. Copying the license keys ensures that valid
licensing of all assets is maintained after repointing.
vCenter Server tracks license usage on a per domain basis. If a key is used in more than one domain,
you must ensure that the aggregate use of the key does not exceed its capacity. To simplify your license
management, remove each license copied to a second domain and assign a new license to assets.
Consider the following two cases:
nLicense keys that are no longer in use (that is, assigned to assets) in the original domain post
repointing.
nLicense keys that are in use (that is, assigned to assets) in multiple domains.
vCenter Server Installation and Setup
VMware, Inc. 154
License Keys Not in Use in a Domain
If after completing repointing, a license key appears in more than one domain, but is not in use in some of
those domains, you can remove the license key from any domain in which it is not in use. See "Remove
Licenses" in vCenter Server and Host Management for instructions on how to remove the licenses in
vCenter Server.
License Keys in Use in Multiple Domains
If after completing repointing, a license key is in use (that is, assigned to assets) in more than one
domain, to remove the license key from all but one domain, first a different license key must be assigned
to each asset in domains from which the license key will be removed. Two common approaches:
nIf you have other license keys available with sufficient unused capacity, you might use these other
keys in place of a license key to be removed. See "Assign a License to Multiple Assets" in vCenter
Server and Host Management to assign licenses in vCenter Server.
nYou might divide the license keys used in more than one domain into separate license keys, one for
each domain. To divide the license keys, see the VMware knowledge base article at
http://kb.vmware.com/kb/2006972. To determine the capacity to be included in each of the license
keys into which the original is divided, see "Viewing Licensing Information" in vCenter Server and
Host Management to view the usage of the license key in vCenter Server for each of the domains.
Each of the resulting license keys can then be added to a different domain and assigned in
vCenter Server to assets previously licensed with the original license key. See "Create New Licenses"
in vCenter Server and Host Management to create licenses and "Assign a License to Multiple Assets"
in vCenter Server and Host Management to assign a license to multiple assets.
After different licenses are assigned to all assets, the original license key, which is no longer valid,
can be removed from all the domains using vCenter Server. See "Remove Licenses" vCenter Server
and Host Management.
Reconfigure a Standalone vCenter Server with an
Embedded Platform Services Controller to a
vCenter Server with an External
Platform Services Controller
If you have deployed or installed a standalone vCenter Server instance with an embedded
Platform Services Controller and you want to extend your vCenter Single Sign-On domain with more
vCenter Server instances, you can reconfigure and repoint the existing vCenter Server instance to an
external Platform Services Controller.
vCenter Server Installation and Setup
VMware, Inc. 155
Figure 61. Reconfiguration of a Standalone vCenter Server Instance with an Embedded
Platform Services Controller and Repointing it to an External Platform Services Controller
Platform Services Controller А
VM or Physical Server
vCenter Server А
Platform Services Controller А
VM or Physical Server
Platform Services Controller А
VM or Physical Server
VM or Physical Server
vCenter Server А
Platform Services Controller А
VM or Physical Server
vCenter Server А
Deploy or install Platform Services Controller A’ as a
replication partner of Platorm Services Controller A
Reconfigure and repoint the vCenter Server
instance to Platform Services Controller A
Table 62. Legend
Arrow or line Description
Replication agreement between two Platform Services Controller
instances
vCenter Server registration with an external
Platform Services Controller
Transition step
Note The reconfiguration of a vCenter Server instance with an embedded Platform Services Controller
and repointing it to an external Platform Services Controller instance is a one-way process after which
you cannot switch back to vCenter Server with an embedded Platform Services Controller.
vCenter Server Installation and Setup
VMware, Inc. 156
Prerequisites
nDeploy or install the external Platform Services Controller instance as a replication partner of the
existing embedded Platform Services Controller instance in the same vCenter Single Sign-On site.
Note You can determine the current vCenter Single Sign-On site by using the vmfad-cli command.
nFor a vCenter Server Appliance with an embedded Platform Services Controller, log in to the
appliance shell as root and run the command.
/usr/lib/vmware-vmafd/bin/vmafd-cli get-site-name --server-name localhost
nFor a Windows installation of vCenter Server instance with an embedded
Platform Services Controller, log in to the Windows machine as an administrator, open the
Windows command prompt, and run the command.
C:\Program Files\VMware\vCenter Server\vmafdd\vmafd-cli get-site-name --server-name localhost
nCreate snapshots of the vCenter Server with an embedded Platform Services Controller and the
external Platform Services Controller instance, so that you can revert to the snapshots if the
reconfiguration fails.
nIf you want to reconfigure a vCenter Server Appliance with an embedded Platform Services Controller
that is configured in a vCenter HA cluster, remove the vCenter HA configuration. For information
about removing a vCenter HA configuration, see vSphere Availability.
Procedure
1Log in to the vCenter Server instance with an embedded Platform Services Controller.
Option Steps
For a vCenter Server Appliance with
an embedded
Platform Services Controller
Log in to the appliance shell as root.
nIf you have direct access to the appliance console, press Alt+F1.
nIf you want to connect remotely, use SSH or another remote console connection
to start a session to the appliance.
For a Windows installation of
vCenter Server with an embedded
Platform Services Controller
Log in to the Windows machine as an administrator, open the Windows command
prompt, and navigate to C:\Program Files\VMware\vCenter Server\bin.
2Verify that all Platform Services Controller services are running.
Run the service-control --status --all command.
The Platform Services Controller services that must be running are VMware License Service,
VMware Identity Management Service, VMware Security Token Service, VMware Certificate Service,
and VMware Directory Service.
3Run the cmsso-util reconfigure command.
cmsso-util reconfigure --repoint-psc psc_fqdn_or_static_ip --username username --
domain-name domain_name --passwd password [--dc-port port_number]
vCenter Server Installation and Setup
VMware, Inc. 157
where the square brackets [ ] enclose optional items.
Here, psc_fqdn_or_static_ip is the system name used to identify the external
Platform Services Controller instance. This system name must be an FQDN or a static IP address.
Note The FQDN value is case-sensitive.
The options username and password are the administrator user name and password of the vCenter
Single Sign-On domain_name.
Use the --dc-port option if the external Platform Services Controller runs on a custom HTTPS port.
The default value of the HTTPS port is 443.
For example, if the external Platform Services Controller runs on a custom HTTPS port 449, you must
run:
cmsso-util reconfigure --repoint-psc psc.acme.local --username administrator --
domain-name vsphere.local --passwd Password1! --dc-port 449
4Log in to the vCenter Server instance by using the vSphere Web Client to verify that the
vCenter Server instance is running and can be managed.
The vCenter Server with an embedded Platform Services Controller is demoted, and the vCenter Server
is redirected to the external Platform Services Controller.
What to do next
nYou can deploy or install additional vCenter Server and Platform Services Controller instances in the
vCenter Single Sign-On domain.
nIf you reconfigured a vCenter Server Appliance with an embedded Platform Services Controller that
was configured in a vCenter HA cluster, you can reconfigure the vCenter HA cluster. For information
about configuring vCenter HA, see vSphere Availability.
vCenter Server Installation and Setup
VMware, Inc. 158
Troubleshooting vCenter Server
Installation or Deployment 7
The vCenter Server installation or deployment troubleshooting topics provide solutions to problems that
you might encounter during the vCenter Server installation or vCenter Server Appliance deployment
process.
This chapter includes the following topics:
nCollecting Logs for Troubleshooting a vCenter Server Installation or Upgrade
nAttempt to Install a Platform Services Controller After a Prior Installation Failure
nMicrosoft SQL Database Set to Unsupported Compatibility Mode Causes vCenter Server Installation
or Upgrade to Fail
Collecting Logs for Troubleshooting a vCenter Server
Installation or Upgrade
You can collect installation or upgrade log files for vCenter Server. If an installation or upgrade fails,
checking the log files can help you identify the source of the failure.
You can choose the Installation Wizard method or the manual method for saving and recovering log files
for a vCenter Server for Windows installation failure.
You can also collect deployment log files for vCenter Server Appliance.
nCollect Installation Logs by Using the Installation Wizard
You can use the Setup Interrupted page of the installation wizard to browse to the generated .zip
file of the vCenter Server for Windows installation log files.
nRetrieve Installation Logs Manually
You can retrieve the installation log files manually for examination.
nCollect Deployment Log Files for the vCenter Server Appliance
If the vCenter Server Appliance deployment fails, you can retrieve the log files and examine them for
the reason of the failure.
nExport a vCenter Server Support Bundle for Troubleshooting
You can export the support bundle of the vCenter Server instance in the vCenter Server Appliance
for troubleshooting using the URL displayed on the DCUI home screen.
VMware, Inc. 159
Collect Installation Logs by Using the Installation Wizard
You can use the Setup Interrupted page of the installation wizard to browse to the generated .zip file of
the vCenter Server for Windows installation log files.
If the installation fails, the Setup Interrupted page appears with the log collection check boxes selected by
default.
Procedure
1Leave the check boxes selected and click Finish.
The installation files are collected in a .zip file on your desktop, for example, VMware-VCS-logs-
time-of-installation-attempt.zip, where time-of-installation-attempt displays the year, month,
date, hour, minutes, and seconds of the installation attempt.
2Retrieve the log files from the .zip file on your desktop.
What to do next
Examine the log files to determine the cause of failure.
Retrieve Installation Logs Manually
You can retrieve the installation log files manually for examination.
Procedure
1Navigate to the installation log file locations.
n%PROGRAMDATA%\VMware\vCenterServer\logs directory, usually
C:\ProgramData\VMware\vCenterServer\logs
n%TEMP% directory, usually C:\Users\username\AppData\Local\Temp
The files in the %TEMP% directory include vc-install.txt, vminst.log, pkgmgr.log, pkgmgr-
comp-msi.log, and vim-vcs-msi.log.
2Open the installation log files in a text editor for examination.
Collect Deployment Log Files for the vCenter Server Appliance
If the vCenter Server Appliance deployment fails, you can retrieve the log files and examine them for the
reason of the failure.
The full path to the log files is displayed in the vCenter Server Appliance deployment wizard.
In case of firstboot failure, you can download the support bundle on a Windows host machine and
examine the log files to determine which firstboot script failed. See Export a vCenter Server Support
Bundle for Troubleshooting.
vCenter Server Installation and Setup
VMware, Inc. 160
Procedure
1On the Windows machine that you use for deploying the vCenter Server Appliance, navigate to the
log files folder.
If you are logged in as an administrator, by default this is the
C:\Users\Administrator\AppData\Local\VMware\CIP\vcsaInstaller folder.
2Open the installation log files in a text editor for examination.
Export a vCenter Server Support Bundle for Troubleshooting
You can export the support bundle of the vCenter Server instance in the vCenter Server Appliance for
troubleshooting using the URL displayed on the DCUI home screen.
You can also collect the support bundle from the vCenter Server Appliance Bash shell by running the vc-
support.sh script.
The support bundle is exported in .tgz format.
Procedure
1Log in to the Windows host machine on which you want to download the bundle.
2Open a Web browser and enter the URL to the support bundle displayed in the DCUI.
https://appliance-fully-qualified-domain-name:443/appliance/support-bundle
3Enter the user name and password of the root user.
4Click Enter.
The support bundle is downloaded as .tgz file on your Windows machine.
5(Optional) To determine which firstboot script failed, examine the firstbootStatus.json file.
If you ran the vc-support.sh script in the vCenter Server Appliance Bash shell, to examine the
firstbootStatus.json file, run
cat /var/log/firstboot/firstbootStatus.json
Attempt to Install a Platform Services Controller After a
Prior Installation Failure
When you want to replicate Platform Services Controller data, you might not be able to join a vCenter
Single Sign-On domain in an existing Platform Services Controller.
Problem
When you try to install a Platform Services Controller, either embedded or external, and join the
Platform Services Controller to a vCenter Single Sign-On domain or site, the installation might fail and the
failure might leave incomplete data in the Platform Services Controller federation.
vCenter Server Installation and Setup
VMware, Inc. 161
Cause
The Platform Services Controller data is not cleaned up when an installation of a
Platform Services Controller fails. Consider the following scenario:
1 Install Platform Services Controller A.
2 When you try to install Platform Services Controller B and join it to the same domain as
Platform Services Controller A, the installation fails.
3 Second attempt to install Platform Services Controller B and join it to the same domain as
Platform Services Controller A fails, because Platform Services Controller A contains incomplete
data.
Solution
1Log in as an administrator to the machine on which you install Platform Services Controller A.
2At the command prompt navigate to the vdcleavefed command.
The vdcleavefed command is located at C:\Program Files\VMware\vCenter Server\vmdird\
on Windows and /usr/lib/vmware-vmdir/bin/ on Linux.
3Run the vdcleavefed command to delete the data.
vdcleavefed -h Platform-Services-Controller-B-System-Name -u Administrator
4Install Platform Services Controller B.
Microsoft SQL Database Set to Unsupported
Compatibility Mode Causes vCenter Server Installation or
Upgrade to Fail
vCenter Server installation with a Microsoft SQL database fails when the database is set to compatibility
mode with an unsupported version.
Problem
The following error message appears: The DB User entered does not have the required
permissions needed to install and configure vCenter Server with the selected DB.
Please correct the following error(s): %s
Cause
The database version must be supported for vCenter Server. For SQL, even if the database is a
supported version, if it is set to run in compatibility mode with an unsupported version, this error occurs.
For example, if SQL 2008 is set to run in SQL 2000 compatibility mode, this error occurs.
Solution
uMake sure the vCenter Server database is a supported version and is not set to compatibility mode
with an unsupported version. See the VMware Product Interoperability Matrixes at
http://partnerweb.vmware.com/comp_guide2/sim/interop_matrix.php?.
vCenter Server Installation and Setup
VMware, Inc. 162
Uninstall vCenter Server 8
You must have administrator privileges to uninstall VMware vCenter Server.
Important If you are using the embedded PostgreSQL database, uninstalling vCenter Server causes the
embedded database to be uninstalled, and all data is lost.
Prerequisites
If you are uninstalling the vCenter Server system, remove the hosts from the Hosts and Clusters
inventory.
Procedure
1As an administrator user on the Windows system, click Start > Control Panel > Programs and
Features.
2Select VMware vCenter Server from the list and click Remove.
3Click Remove to confirm that you want to remove the program.
4Click Finish.
5Reboot the system.
VMware, Inc. 163

Navigation menu