A minor update to the vCenter Server 5.5 has been released
VMware vCenter Server™ 5.5.0a | 31 OCT 2013 | Build 1378901
vCenter Server Appliance 5.5.0a | 31 OCT 2013 | Build 1398493
Issues resolved with this release are as follows
Attempts to upgrade vCenter Single Sign-On (SSO) 5.1 Update 1 to version 5.5 might fail with error code 1603
Attempts to log in to the vCenter Server might be unsuccessful after you upgrade from vCenter Server 5.1 to 5.5
Unable to change the vCenter SSO administrator password on Windows in the vSphere Web Client after you upgrade to vCenter Server 5.5 or VCSA 5.5
VPXD service might fail due to MS SQL database deadlock for the issues with VPXD queries that run on VPX_EVENT and VPX_EVENT_ARG tables
Attempts to search the inventory in vCenter Server using vSphere Web Client with proper permissions might fail to return any results
vCenter Server 5.5 might fail to start after a vCenter Single Sign-On Server reboot
Unable to log in to vCenter Server Appliance 5.5 using domain credentials in vSphere Web Client with proper permission when the authenticated user is associated with a group name containing parentheses
Active Directory group users unable to log in to the vCenter Inventory Service 5.5 with vCenter Single Sign-On
Attempts to log in to vCenter Single Sign-On and vCenter Server might fail when there are multiple users with the same common name in the OpenLDAP directory service
Attempts to log in to vCenter Single Sign-On and vCenter Server might fail for OpenLDAP 2.4 directory service users who have attributes with multiple values attached to their account
Attempts to Log in to vCenter Server might fail for an OpenLDAP user whose account is not configured with a universally unique identifier (UUID)
Unable to add an Open LDAP provider as an identity source if the Base DN does not contain an “dc=” attribute
Active Directory authentication fails when vCenter Single Sign-On 5.5 runs on Windows Server 2012 and the AD Domain Controller is also on Windows Server 2012
The realese notes can be found here with full details, download now from www.vmware.com
I was a little surprised how quickly these went live but can now share the VMworld vCenter Deep Dive and vSphere Upgrade series: Part 1 – vCenter Server breakout sessions from last weeks VMworld in Barcelona where my sessions were recorded and are now available for your viewing pleasure.
With the announcement at VMworld on the upcoming vSphere 5.5 release, one area that I have been greatly involved with (hence why I have been in stealth mode), has been the new and improved vCenter Single Sign-On. You may still say why do we need it? and why change something that wasn’t broke to begin with! but hang in there and let me highlight the changes and the benefits you will see as you begin to look at vCenter Server 5.5.
With the new release, this shows we heard you loud and clear! vCenter Single Sign-On 5.1 at release lacked some expected functionality (limited Active Directory integration), complex to manage (SSL Certificates) as well as lack of guidance on how to best deploy vCenter Single Sign-On. Not to knock the current version with vCenter Server 5.1 Update 1b which is now a very stable platform to build on and guidance available via a recent deployment whitepaper, vCenter Single Sign-On 5.5 builds on these challenges and now provides a rich and fully capable vSphere authentication experience with much of the complexity removed.
VMware vCenter Multi-Hypervisor Manager is a component that enables support for heterogeneous hypervisors in a VMware vCenter Server environment. It provides the following benefits to your virtual environment:
An integrated platform for managing VMware and third-party hypervisors from a single interface.
A hypervisor choice for the different business units in your organization to accommodate their specific needs.
No single hypervisor vendor lock-in.
When you add a third-party host to vCenter Server, all virtual machines that exist on the host are discovered automatically, and are added to the third-party hosts inventory.
The ability of vCenter Multi-Hypervisor Manager to migrate virtual machines from third-party hosts to ESX or ESXi hosts is implemented by exposing the capabilities of vCenter Converter Standalone in the vSphere Client. See VMware KB article 2048927 for information about dependency between vCenter Multi-Hypervisor Manager and vCenter Converter Standalone.
vCenter Multi-Hypervisor Manager 1.1 introduces the following set of basic management capabilities over third-party hosts:
Third-party host management including add, remove, connect, disconnect, and view the host configuration.
Ability to migrate virtual machines from third-party hosts to ESX or ESXi hosts.
Ability to provision virtual machines on third-party hosts.
Ability to edit virtual machine settings.
Integrated vCenter Server authorization mechanism across ESX/ESXi and third-party hosts inventories for privileges, roles, and users.
Automatic discovery of pre-existing third-party virtual machines
Ability to perform power operations with hosts and virtual machines.
Ability to connect and disconnect DVD, CD-ROM, and floppy drives and images to install operating systems.
This release of VMware vCenter Server 5.1 Update 1 offers the following improvements:
vCenter Server is now supported on Windows Server 2012
Additional vCenter Server Database Support: vCenter Server now supports the following databases.
Microsoft SQL Server 2012
Microsoft SQL Server 2008 R2 SP2
Additional Guest Operating System Customization Support -vCenter Server now supports customization of the following guest operating systems:
Windows Server 2012
vCenter Essentials no longer enforces vRAM usage limit of 192 GB With vSphere 5.1 Update 1, the Essentials and Essentials Plus licenses no longer restrict virtual machine power-on operations when the vRAM usage limit of 192 GB is met.
Resolved Issues – This release delivers a number of bug fixes that have been documented in the Resolved Issues section.
The installation of vSphere vCenter Sign-On is a relatively a straight forward process when planned correctly and as there are many factors of the environment that the installation process will touch, it is important to review the vCenter Single Sign-On Server prerequisites prior to deployment, preferably during the initial design phase. It is important to note that the vCenter Single Sign-On server is the first component to be installed prior to vCenter Server install or upgrade.
Before we continue with the pre-requisites and installation of SSO we need to complete the planning of our vSphere install/upgrade design and this includes the desired level of availability required, if any.
When speaking to partners and customers I am often stumbled by the amount of attention and time that is placed on individual SSO availability. My response is bluntly why? followed by the question on what do you use today to protect vCenter server? to which the response is typically nothing or vSphere HA, sometimes vCenter Heartbeat. Don’t get me wrong my background is in business continuity and the way I look at it, SSO is an authentication component of the vCenter server, nothing more, nothing less and so when looking to protect SSO, the solution you choose for protecting vCenter server will provide the best protection of all vCenter components. If you choose not to protect the vCenter server then no protection of SSO is required, if SSO goes down, you bring down the vCenter server management, if only vCenter server goes down, you’re in the same situation, without vCenter server your not going to have much use for an SSO server unless shared with multiple vCenter servers (see below). There are solutions that enable themselves with SSO but these all have a dependency on the vCenter server to be operational. I understand that when reading up on SSO at the excellent vSphere 5.1 Documentation Center, there is a configuration called SSO HA (not to be confused with vSphere HA) and as this is an installable configuration, some believe this is the only option for SSO availability which is not correct. While this solution works, it can be very complex to setup, requires the use of third party technologies but does it give me anymore protection than say vSphere HA? I hope to answer this for you.
If your going to be in Las Vegas for the annual 2013 VMware Partner Exchange, why don’t you come and check out my sessions on vSphere 5.1 covering the vSphere web client and vCenter components like Single Sign-On
Thursday, Feb 28, 9:00 AM – 10:00 AM CI1544 - vSphere Web Client - Technical Walkthrough With the release of vSphere 5.1 was a new primary client for the management of vSphere Solutions. With this session we will build competency in the adoption of the vSphere Web Client by highlighting the differences, easing the initial reaction to a Web Client and show you how to wow your customers with real world use cases
Thursday, Feb 28, 10:15 AM – 12:15 PM CI1545 - vSphere – Deployment Best Practices With the new technologies introduced with vSphere 5.1 many unanswered questions exist with designing and deploying the vSphere 5.1 environment. This session will share best practices learned from the field and provide common scenarios with recommended configurations of vCenter, Single Sign-On, Inventory Service and the web client that will future proof your customers environment. This session has now been extended to include Kyle Gleed (@VMwareESXi) discussing best practices on deploying and working with vSphere hosts (ESXi)
Now you understand what vCenter Single Sign-On (SSO) provides, as you start to design or upgrade to your vSphere 5.1 environment, particular attention needs to be given in the planning stages around the placement and configuration of the SSO server. This will always be the first component to be installed; regardless of fresh install or upgrading from a previous version. The SSO server can be deployed in a number of configurations and I will explain these options and too why you may use each option.
During the installation process you will be presented with the below screen which is a key decision on which deployment method of SSO you would like to deploy. It is very important that you have planned your SSO deployment as changing this configuration later is possible but not an easy achievement. Continue reading →