In Part 1 I covered how to upgrade vCenter Heartbeat to version 6.6 which is required for vCenter 5.5.
Once the Primary and Secondary nodes are upgraded to vCenter Heartbeat 6.6 we can begin upgrading to vCenter 5.5 and any optional components (such as VUM or AutoDeploy) that may be installed also.
The first decision before we move on is if Single Sign-on (SSO) will be installed locally to the vCenter (recommended for most customers) or if SSO will be deployed in a centralized fashion (recommended for customers with 8 or more vCenters in a single site).
If you fall into the category that most customers do and have less then 8 vCenters in a site you’ll want to install SSO on each vCenter and during the install of your 2nd and subsequent SSO instances, make sure to select additional SSO server in the same site so it will join the existing vsphere.local security domain. To install SSO on a Heartbeat protected server you’ll need to download SSOupgradeUtil.exe from KB 2059820 and put it on both nodes.
If you fall into the category of customers that has 8 or more vCenters in a site and want to go with a centralized SSO and Web Client model you don’t need to worry about the SSOupgradeUtil.exe steps below, but you do need to setup the centralized SSO and Web Client server(s) before proceeding.
The first step in upgrading is to backup your databases (SSO, vCenter, VUM), we’ll be restoring them at a later step so keeping them on disk is recommended, you also need to backup the SSL folder from your secondary server, this folder is located at C:\programdata\VMware\VMware VirtualCenter\SSL. Once the backups are complete move the vCenter services onto the Secondary node and follow the steps below:
- Shut down vCenter Heartbeat, ensure the option “Do not stop protected applications is selected”.
- Set the vCenter Heartbeat service to Manual startup mode on both servers.
- Ensure User Account Control is disabled or run open a command prompt as an administrator, run the SSOUpgradeUtility.exe with the pre option such as: SSOUpgradeUtil.exe pre
- Start the SSO installer, verify that the IP shown is the Public IP, if your management or channel IP is shown remove the IP’s from the NIC and start the install again and add them back once SSO install is complete.
- Ensure DNS resolution is working, indicated by the green check mark.
- If SSO is currently on the server the setup process will detect it and upgrade it, if it is not you will need to add your identity sources after you’ve installed the web client, in both cases you are asked to provide a password for the email@example.com account. If you are using the custom installer you will also be able to choose if this is your first SSO server, additional SSO server in the same site or additional SSO server in a new site.
- Once the SSO installer finishes go back to your command prompt and run SSOUpgradeUtil.exe with the post options such as: SSOUpgradeUtil.exe post
- Next upgrade the Web Client, you will be asked for a SSO administrator username and password, firstname.lastname@example.org is pre-populated, enter the password for that account, accept the SSL certificate when prompted and finish the upgrade.
- Next upgrade the Inventory Service. You will be given the option to keep your existing database or start with a new one. The Inventory Service serves as a read cache for the Web Client, but it also stores the tags you’ve created in the 5.1 Web Client so it’s recommended that you choose to upgrade your existing database. You’ll also be asked for a SSO administrator username and password, email@example.com is pre-populated, enter the password for that account, accept the SSL certificate when prompted and finished the upgrade.
- Next upgrade vCenter Server. You’ll be asked if you want to upgrade your existing database (yes you do!) you’ll have to check a box stating you’ve backed up your database and SSL keys, you’ll also be asked for a SSO administrator username and password, firstname.lastname@example.org is pre-populated, enter the password for that account, accept the SSL certificate when prompted. Verify the URL for the Inventory Service is correct and finish the upgrade.
- Upgrade any additional components you have such as VUM, AutoDeploy, Syslog collector, etc.
- Open the configure server vCenter Heartbeat utility, navigate to the machine tab and select that the Primary server should be the Active server.
- Start the vCenter Heartbeat service on the Secondary node, leaving the startup mode as manual, once the service is started reboot the server.
- Restore your vCenter and VUM databases from the backup taken earlier, its not necessary to restore the SSO database as no changes were made to it.
- On the Primary node open the configure server vCenter Heartbeat utility, navigate to the machine tab and select that the Primary server should be the Active server.
- Start the vCenter Heartbeat service on the Primary node.
- Now repeat the same upgrade process, including running SSOUpgradeUtil.exe, on the Primary node.
- Once finished, change the vCenter Heartbeat service to Automatic on both nodes and reboot the Primary.
- Once the Primary is available, open the vCenter Heartbeat Manage Server snap-in.
- Click on the Applications tab and then Tasks, right click the “Protected Service Discovery” task and choose Run Now.
- Click on Services, ensure the list is updated with the new 5.5 SSO services .
- Click on the Server tab and then Summary and then click the Start Replication button and choose “Do not attempt to start protected applications”.
- Click on the Application tab and the Plug-ins.
- Click on “VirtualCenterNFPlugin.dll” and then click the uninstall button.
- Click on the install button and navigate to C:\Program Files\VMware\VMware vCenter Server Heartbeat\R2\plugins\VMwareVirtualCenter\18.104.22.16806 and select VirtualCenterNFPlugin.dll.
- Click on “VirtualCenterNFPlugin.dll” and then click the Edit button and enter the username and password of the account used to connect to vCenter.