Upgrades can be scary times with any enterprise product. The more your critical infrastructure relies on a particular solution, or set of solutions, the more imperative it is you fully understand and test the new product. Prior vSphere releases has taught us that thorough testing cannot be skipped and you should not rush a new product into production. No product is bug free, and each environment is different.
Normally for my vSphere installation series I do not cover upgrades, or go through an upgrade process in the series. Why? Customer environments wildly vary and a simple lab upgrade will likely not look like or behave like your environment. That’s why its so critical for you to test in your environment. My upgrade would not look like your upgrade. The more complex your topology, such as multiple SSO services, the more critical testing becomes.
But, what I am doing in this post and the next installment is covering upgrade best practices to help you understand your road ahead and things to keep in mind. This post covers vCenter only, and the next installment covers VMs, VMFS, and ESXi hosts.
vSphere 6.0 Install Pt. 1: Introduction
vSphere 6.0 Install Pt. 2: Platform Services Controller
vSphere 6.0 Install Pt. 3: Certificate Management
vSphere 6.0 Install Pt. 4: vCenter Upgrade Best Practices
vSphere 6.0 Install Pt. 5: ESXi Upgrade Best Practices
vSphere 6.0 Install Pt. 6: Install Windows PSC
vSphere 6.0 Install Pt. 7: Config SQL DBs
vSphere 6.0 Install Pt. 8: Toolkit Configuration
vSphere 6.0 Install Pt. 9: SSL Templates
vSphere 6.0 Install Pt. 10: Install VCSA PSC
vSphere 6.0 Install Pt. 11: VMCA as Subordinate
vSphere 6.0 Install Pt. 12: PSC Machine Certificate
vSphere 6.0 Install Pt. 13: Directory Services Certificate
vSphere 6.0 Install Pt. 14: Windows vCenter Install
vSphere 6.0 Upgrade Overview
- Plan your upgrade – Extremely important. KB on update sequence is here.
- Read the full vSphere 6.0 release notes here
- Five major steps: vCenter, VUM, ESXi, VMs, VMFS
- Key VMware Sites to bookmark: Documentation Center, Compatibility Guide, Interop matrix
- If you upgrade Windows with a service pack or other system changes and get locked out of SSO, read this KB to regain access
- Great KB on vCenter 6.0 topologies is here
Prior to 5.1 life was simple. You had vCenter Server, vCenter Database server, and vSphere web client. The vCenter server is NOT stateless, meaning the database is not all inclusive. The local vCenter server has SSL certificates and the ADAM database. ADAM is not just for linked mode but holds data such as licenses, roles, and permissions. If you are using vSphere 5.1, then ‘tags’ are also stored locally on the vCenter server and thus not in the database.
Starting with vSphere 5.1 and continuing with 5.5 you now have more roles, such as SSO, and you could even have a distributed topology. This makes upgrades more complex, and requires additional planning. vSphere 6.0 changes that up by adding the Platform Services Controller (PSC), which consumes the SSO service and adds new functionality. ADAM is now gone, replaced by an internal LDAP service.
- In-place upgrade supports vCenter 4.x, 5.0.x, 5.1.x, and 5.5
- VMware does NOT support directly migrating an existing 5.x or earlier vCenter Server to a new machine during the upgrade process
- vCenter Server 6.0 can manage ESX/ESXi 5.x and higher hosts.
- Check out the vSphere Upgrade Center here
- Embedded install – 2 vCPUs, 8GB RAM (tiny environment), 100GB disk Recommended. For 400 hosts or 4000 VMs: 8 vCPU, 24GB RAM, 200GB disk. See this link for more Windows sizing details.
- vCenter OS Support: Only supports Windows Server 2008 SP2 and later (including WS2012 R2). See this KB for the full support matrix.
New Install vs. In Place Upgrade
VMware recommends a fresh install, but sometimes its not just possible. However, do check out the “Inventory Snapshot” Fling, which is a great (unsupported) tool to migrate hosts, VM, and permissions from one Windows vCenter instance to another. It does NOT appear to support tags and currently has some vDS issues. Tags are not stored in the SQL database, so if you use tags then be sure to find a way to migrate them. If you are in a regulated industry and have strict audit requirements you may be legally required to maintain the historical data in your vCenter database and unable to start fresh.
Very recently released is the VCS to VCVA Converter. What is it? This is an unsupported (officially) method to migrate from a Windows vCenter to the Linux vCenter appliance. It’s released under the technical preview license. It looks very promising, and I’ve seen a lot of buzz on Twitter about it. So check it out, if you want to migrate to the vCenter appliance. I think the vCenter appliance is now production ready at-scale, so this is an excellent time to migrate off Windows.
If you are starting with a fresh install do take a close look at the VCSA. It now supports the same number of VMs and hosts as the Windows version, and is simple to deploy. New to vSphere 6.0 is the ability to do linked mode between VCSA instances. This is due to the removal of ADAM as a Linked Mode dependency. So if you’ve always been a Windows vCenter shop, now is a good time to evaluate going down the VCSA road. It has a new guided install, and pre-check installer too, so VMware is really trying to make it a full replacement. There’s still no external SQL server support, due to the lack of a GA Microsoft ODBC connector. But the embedded database is very scalable, so that shouldn’t be a big factor.
Installation – Then and Now
vSphere 6.0 features a new install sequence with a bit more guidance than previous versions. Gone is the “Simple Install” option and instead a scenario driven installer is used. For example, one of the first screens you will see presents several PSC deployment options. It also features a hard check for 2 vCPUs and at least 8GB of RAM. The following screen then presents you with SSO configuration options, such as creating a new SSO domain or joining an existing one. This is great for upgrades as you can connect to an existing SSO instance.
New to vSphere 6.0 is the embedded vPostgres database, which replaces the prior SQL express option. Don’t worry, you can still specify an external database, such as SQL or Oracle. I also like the new DSN refresh button, so you don’t have to remember to create your DSN before launching the installer. Unlike prior “simple” installer options, this new wizard prompts you for directory paths such as the base vCenter directory and a separate directory for the vCenter/PSC data. Nice!
Before you embark on your vCenter 6.0 install, a MUST read is the VMware vCenter Server 6.0 Deployment guide. It’s in excess of 100 pages, and goes through a lot of upgrade scenarios, deployment topologies, etc. I know it’s long, but after all this is an enterprise product with new topology options. Read thoroughly!
Linked mode adds additional complications to the upgrade process. As you may recall you can’t link vCenters of different versions. So you first need to unjoin all vCenters from the linked mode group. Once you upgrade two vCenters to 6.0, you can then re-establish Linked Mode and add other 6.0 vCenters as they come online. The biggest problems with Linked Mode include DNS and NTP failures. It’s critical name resolution works (forward AND reverse) and that the server clocks are all synchronized. All vCenter servers that are linked must also be a part of the same SSO authentication domain. New to vSphere 6.0 is the ability to do linked mode between the VCSA and a Windows based vCenter. You can also do linked mode between VCSAs as well!
The VCSA has undergone major scalability increases in 6.0. In 5.1 it was only rated for 5 hosts and 50 VMs when using the embedded database. With 6.0 that is increased to parity with the Windows scalability limits. So that makes it a much more viable solution for enterprise customers. You can NOT migrate from the Windows vCenter to the VCSA, officially. But as previously mentioned, you can try out the VCS to VCVA fling here.
Contrary to some rumors, VUM has not gone away in vSphere 6.0. Apparently the VUM replacement was not quite ready for prime time, so VUM still exists in 6.0. You can upgrade VUM from 4.x, 5.0 and 5.1 versions. VUM is still Windows only, so if you do deploy the VCSA you will still need a Windows server to host VUM. The web client in 6.0 also has limited VUM functionality, so the C# is still needed to do things like pushing patches and configuring baselines. During the upgrade you can’t change the installation or download paths. Scheduled tasks remain, but patch baselines are removed.
You need to carefully plan your upgrades, and understand all of the moving components. Generally you would start by upgrading vCenter, then your ESXi hosts. But you may have other products that depend on vCenter which need upgrading first. Thoroughly map out all of your dependencies, read the VMware documentation, then plan in an organized fashion how you are going to upgrade.