Over the last few months, many customers have been testing and familiarizing themselves with vSphere 5.5 however deployment into a production environment is usually stalled until the availability of the first update or service pack. As we are nearing the typical time frame of when such an update or service pack may become available, I wanted to share some findings that may affect your deployment selection of vCenter Single Sign-On when deploying or upgrading to vCenter Server 5.5
During the installation of vCenter Single Sign-On server you are asked on the deployment option of the vCenter Single Sign-On instance. Below is the intended use case for each deployment option.
In Part 1 I covered how to upgrade vCenter Heartbeat to version 6.6 which is required for vCenter 5.5.
Once the Primary and Secondary nodes are upgraded to vCenter Heartbeat 6.6 we can begin upgrading to vCenter 5.5 and any optional components (such as VUM or AutoDeploy) that may be installed also.
The first decision before we move on is if Single Sign-on (SSO) will be installed locally to the vCenter (recommended for most customers) or if SSO will be deployed in a centralized fashion (recommended for customers with 8 or more vCenters in a single site). Continue reading →
A minor update to the vCenter Server 5.5 has been released
VMware vCenter Server™ 5.5.0a | 31 OCT 2013 | Build 1378901
vCenter Server Appliance 5.5.0a | 31 OCT 2013 | Build 1398493
Issues resolved with this release are as follows
Attempts to upgrade vCenter Single Sign-On (SSO) 5.1 Update 1 to version 5.5 might fail with error code 1603
Attempts to log in to the vCenter Server might be unsuccessful after you upgrade from vCenter Server 5.1 to 5.5
Unable to change the vCenter SSO administrator password on Windows in the vSphere Web Client after you upgrade to vCenter Server 5.5 or VCSA 5.5
VPXD service might fail due to MS SQL database deadlock for the issues with VPXD queries that run on VPX_EVENT and VPX_EVENT_ARG tables
Attempts to search the inventory in vCenter Server using vSphere Web Client with proper permissions might fail to return any results
vCenter Server 5.5 might fail to start after a vCenter Single Sign-On Server reboot
Unable to log in to vCenter Server Appliance 5.5 using domain credentials in vSphere Web Client with proper permission when the authenticated user is associated with a group name containing parentheses
Active Directory group users unable to log in to the vCenter Inventory Service 5.5 with vCenter Single Sign-On
Attempts to log in to vCenter Single Sign-On and vCenter Server might fail when there are multiple users with the same common name in the OpenLDAP directory service
Attempts to log in to vCenter Single Sign-On and vCenter Server might fail for OpenLDAP 2.4 directory service users who have attributes with multiple values attached to their account
Attempts to Log in to vCenter Server might fail for an OpenLDAP user whose account is not configured with a universally unique identifier (UUID)
Unable to add an Open LDAP provider as an identity source if the Base DN does not contain an “dc=” attribute
Active Directory authentication fails when vCenter Single Sign-On 5.5 runs on Windows Server 2012 and the AD Domain Controller is also on Windows Server 2012
The realese notes can be found here with full details, download now from www.vmware.com
Part of my role at VMware is to work closely with our customers and partners, sharing experiences and feedback with internal VMware Product Management and Engineers to help make our products better. One area that has been dominantly more focused than others over the last 12 months has obviously been vCenter Single Sign-On.
Due to this feedback, one of the drivers for the new vCenter Single Sign-On was to provide backwards compatibility and to highlight this, a recent Knowledge Base article released.
I was a little surprised how quickly these went live but can now share the VMworld vCenter Deep Dive and vSphere Upgrade series: Part 1 – vCenter Server breakout sessions from last weeks VMworld in Barcelona where my sessions were recorded and are now available for your viewing pleasure.
A common question that comes up when a new vCenter Server version is released is “How do I upgrade if I’m using vCenter HeartBeat?”.
The first thing we need to check is whether the version of vCenter HeartBeat we’re running is compatible with the version of vCenter we want to upgrade to. You can check this by visiting the VMware Product Interoperability Matrixes.
With the announcement at VMworld on the upcoming vSphere 5.5 release, one area that I have been greatly involved with (hence why I have been in stealth mode), has been the new and improved vCenter Single Sign-On. You may still say why do we need it? and why change something that wasn’t broke to begin with! but hang in there and let me highlight the changes and the benefits you will see as you begin to look at vCenter Server 5.5.
With the new release, this shows we heard you loud and clear! vCenter Single Sign-On 5.1 at release lacked some expected functionality (limited Active Directory integration), complex to manage (SSL Certificates) as well as lack of guidance on how to best deploy vCenter Single Sign-On. Not to knock the current version with vCenter Server 5.1 Update 1b which is now a very stable platform to build on and guidance available via a recent deployment whitepaper, vCenter Single Sign-On 5.5 builds on these challenges and now provides a rich and fully capable vSphere authentication experience with much of the complexity removed.