The previous 14 installments have all been leading up to this, installing vCenter. Yes, we are finally here. In this post we install vCenter, the windows vSphere client, fix profile driven storage, and configure vCenter to support a clustered SQL database. This post is not the end of the road, as we still need to secure vCenter with trusted SSL certificates and secure our ESXi servers.
SQL 2012 AlwaysOn Failover Cluster for vCenter
vSphere 5.5 Install Pt. 1: Introduction
vSphere 5.5 Install Pt. 2: SSO 5.5 Reborn
vSphere 5.5 Install Pt. 3: vCenter Upgrade Best Practices and Tips
vSphere 5.5 Install Pt. 4: ESXi 5.5 Upgrade Best Practices and Tips
vSphere 5.5 Install Pt. 5: SSL Deep Dive
vSphere 5.5 Install Pt. 6: SSL Certificate Template
vSphere 5.5 Install Pt. 7: Install SSO
vSphere 5.5 Install Pt. 8: Online SSL Minting
vSphere 5.5 Install Pt. 9: Offline SSL Minting
vSphere 5.5 Install Pt. 10: Update SSO Certificate
vSphere 5.5 Install Pt. 11: Install Web Client
vSphere 5.5 Install Pt. 12: Configure SSO
vSphere 5.5 Install Pt. 13: Install Inventory Service
vSphere 5.5 Install Pt. 14: Create Databases
vSphere 5.5 Install Pt. 15: Install vCenter
vSphere 5.5 Install Pt. 16: vCenter SSL
vSphere 5.5 Install Pt. 17: Install VUM
vSphere 5.5 Install Pt. 18: VUM SSL
vSphere 5.5 Install Pt. 19: ESXi SSL Certificate
Permalink to this series: vexpert.me/Derek55
Permalink to the Toolkit script: vexpert.me/toolkit55
1. If you are continuing from the last installment, then you should be logged into your vCenter server as the vCenter service account. If not, login as the vCenter service account. This is very important!
2. Launch the vSphere 5.5 installer and select vCenter Server.
3. Go through the wizard until you get to the license key window. Enter a valid vCenter 5.x license key. Or, you can skip that screen for evaluation mode.
4. On the database option screen change the option to use an existing database. Your DSN should be listed from the pull down menu.
5. Since we are logged in with out service account and using Windows authentication we can’t change any options here.
6. You may get a warning about the recover model for your SQL database. If you use Full Recovery mode then you need to do regular backups to clear the logs. If you are in a lab or home environment you may want to change it to simple. Consult your DBA for best practices in your production environment.
7. Enter the service account password.
8. Choose whether you want a standalone vCenter instance or linked mode. Remember Linked Mode can only interoperate with vCenters at the same release level.
9. Review the port numbers, but I would not change any of them.
10. Choose the inventory size based on your environment.
11. Enter the SSO password that you used during the SSO configuration.
12. Again, a thumbprint of the SSO certificate is shown. You should have memorized it by now and can verify it without referring back to the certificate.
13. I recommend leaving the ad***********@vs*****.local default. Later on we will configure a delegate group for vCenter access.
14. Confirm the Inventory Service settings.
15. Confirm the installation directory then click Install.
16. After several minutes vCenter should successfully install.
Install vSphere Client
Although VMware is really limiting what you can do with the Windows vSphere client, it is still needed for some functionality such as VUM remediation, SRM, and connecting to ESXi hosts. So go back to the vSphere 5.5 installer and install the vSphere Client.
After you install and launch the client you will see a big warning on the login window. Clearly, the Windows VI is going to suffer a mob hit in the near future and end up in an unmarked grave. So learn the web client, and remember HW v10 VMs can only be modified via the web client.
Profile Driven Storage
If you are installing vCenter under a Windows service account, then we need to make a tweak to the Profile Driven Storage service. The installer configures it to run under Local System privileges, but that doesn’t work to well.
Open the service properties and change the Log On to use your vCenter service account. Restart the service.
If you are clustering your SQL database, then we need to make a manual configuration change to vCenter. I’m assuming since supporting clustering was a last minute addition, they didn’t have time to add GUI option to the installer. If you are using a standalone SQL server, skip this section.
1. Navigate to C:\ProgramData\VMware\VMware VirtualCenter and make a backup of the vpxd.cfg file.
2. Stop the VMware VirtualCenter Server service. It make take a few minutes for it to stop.
3. Open the vpxd.cfg file in Wordpad (NOT Notepad). Scroll down and find the <vpxd> tag. Insert the three lines which I have highlighted below.
4. Save the file (without any text formatting), then restart the VMware VirtualCenter Server and VMware VirtualCenter Management Webserver services.
5. Log into the vSphere Web Client and verify that you can see your vCenter server and inventory.
In this post we installed vCenter, fixed a permission bug with the profile driven storage service, and enabled SQL clustering support. What’s left to do? Secure vCenter with trusted SSL certificates, install VUM, and secure our ESXi hosts. Check out vCenter SSL in Part 16.
Nice series! Definitely helped me power through the install and come out the other side with CA-signed certs. Thanks! Any chance you have experience swapping out the certs for the other services bundled with the installer, i.e. the dump collector, syslog collector, and autodeploy? Also, if you get a chance, would you be able to confirm an issue with nested Active Directory groups and SSO? I'm attempting to confirm a bug… What I'm finding is that if a user is a member of Group1, and Group1 is a member of GroupA, and GroupA is a member of the SSO Administrators… Read more »
Nice post as always. One issue that I came across that I did not see discussed is the ADAM creation during the vCenter installation on Windows Server 2012 or R2. Installation hangs indefinitely on "Installing Directory Service," which is discussed here, http://mtellin.com/2013/09/22/lab-post-installing… and in this forum, https://communities.vmware.com/message/2286756.
Trying to install LDAP for ADAM beforehand did not seem to work either, but placing the OCSetup.exe in the System32 before beginning the install of vCenter definitely did the trick.
Hi Derek, Thank you for the very thorough blog and installation instructions. I came across something strange and was wondering if yourself of the community could help. The scenario I am seeing is that when I log into the vSphere Web client as @vsphere.local I am able to see the vCenter Server, but when I log in under the Domain vCenter Service account which I have added as as the local admin, "act as part of the OS", and added to an AD Group which has been added to the Administrator's group within the vCenter Users and Groups section. Any… Read more »
Great article, I am following your blogs step by step.
One question, our current environment is vCenter 5.1 with database on seperate SQL2008 box , I am installing a fresh vcenter server 5.5 and will try to use the existing database, I have two options.
1. Create DSN and point to the existing database.
2. Backup and restore the database to another SQL 2008 cluster server.
What do you suggest? and do you think the second option will work fine?
Thanks a lot!
Hi Derek, really, a great blog series. Thanks for that. I only had to apply some environment specific changes, e.g. for using 2 intermediate CAs. Though, at this point of the installation I stumbled over the vCenter Server installation failing with "DBC connectivity to the database using the generated JDBC URL failed" and in the vimtool.log I could see "The login is from an untrusted domain and cannot be used with Windows authentication". Checking the "Errorlog" of SQL Server I found "The Channel Bindings from this client do not match the established Transport Layer Security (TLS) Channel. The service might… Read more »