vCenter Server 6 Deployment Topologies and High Availability

Architectural changes to vSphere 6:

vCenter Server 6 has some fundamental architectural changes compared to vCenter Server Server 5.5. The multitude of components that existed in vCenter Server 5.x has been consolidated in vCenter Server 6 to have only two components vCenter Management Server and Platform Services Controller, formerly vCenter Server Single Sign-On.

The Platform Services Controller (PSC) provides a set of common infrastructure services encompassing

  • Single Sign-On (SSO)
  • Licensing
  • Certificate Authority

The vCenter Management Server consolidates all the other components such as Inventory Service & Web Client services along with its traditional management components. The vCenter Server components can be typically deployed in with either embedded or external PSC. Care should be taken to understand the critical differences between the two deployment models. Once deployed one cannot move from one mode to another in this version.

Deployment Models:

vCenter Server with Embedded PSC:

The embedded PSC is meant for standalone sites where vCenter Server will be the only SSO integrated solution. In this case a replication to another PSC is not necessary.

  • Sufficient for most environments. Easiest to deploy and maintain
  • Aimed at minimizing fault domains. Use in conjunction with only one of VMware Product or Solution.
  • Multiple standalone instances supported
  • Replication between embedded instances not supported
  • Supports Windows & Appliance




Figure 1: Embedded mode vCenter Server 6

vCenter Server with External PSC:

In this configuration the PSC is external to the vCenter Server. This configuration allows multiple  vCenter Servers to link to a PSC.

  • Recommend this if deploying/growing to multiple vCenter Server instances that need to be linked
  • Reduces footprint by sharing Platform Services Controller across several vCenter Servers
  • Deploy more than one PSC to provide resilience within the environment
  • Supports Windows & Appliance


Figure 2: vCenter Server 6 with External PSC

Options available for vCenter Server failure protection:

Backup (VDP / Third Party VADP):

vCenter Server deployed in embedded mode can be backed up with VDP or third party backup software that leverage VADP. Currently there is no simple mechanism available to backup the PSC when is external to the vCenter Server. Multiple instances of PSC should be leveraged to protect against an individual external PSC failure.

VMware HA

Majority of the customers have virtualized their vCenter server and leverage VMware HA to protect against Hardware failure.  VMware HA can also protect against guest OS failure through the use of heartbeat and watchdog services.

Third Party Solutions that layer on top of VMware HA:

Third party solutions like Symantec ApplicationHA layer on top of VMware HA and can also monitor and restart vCenter services in the event of any failure. Using a solution like Symantec ApplicationHA, one can monitor all of the  components of vCenter server. In the event it is unable to resolve issues by restarting services, it interacts VMware HA to reset the virtual machine. Symantec ApplicationHA has a specific agent for vCenter agent that helps monitor and protect all aspects of vCenter.


With the release of vSphere 6, SMP Fault tolerance is available for up to 4 vCPU. This can also protect against hardware failure, but is applicable only to vCenter Server instances that can fit within the 4 vCPU virtual machine size.  Any application failure is not protected by SMP-FT.

Database Clustering:

For vCenter servers backed by Microsoft SQL databases, SQL clustering can be leveraged to provide reduced downtime for unplanned events and for OS patching.

Platform Service Controller

Multiple External PSC instances can be used for a single site to service one or more vCenter servers. A load balancer is required to frontend the PSC instances. The PSC instances replicate state information between each other.

vCenter Server High Availability:

With vCenter Server 5.5 Update 3 and later, Windows Server Failover Cluster is supported as an option for providing vCenter Server availability. Two instances of vCenter Server are in a MSCS cluster, but only one instance is active at a time. VMware only supports 2 node clusters.

Use cases for this solution:

  • This solution helps reduce downtime for maintenance operations, such as patching or upgrades, on one node in the cluster without taking down the vCenter Server database.
  • Another potential benefit of this approach is that MSCS uses a type of “shared-nothing” cluster architecture. The cluster does not involve concurrent disk accesses from multiple nodes. In other words, the cluster does not require a distributed lock manager. MSCS clusters typically include only two nodes and they use a shared SCSI connection between the nodes. Only one server needs the disks at any given time, so no concurrent data access occurs. This sharing minimizes the impact if a node fails.
  • Unlike the vSphere HA cluster option, the MSCS option works only for Windows virtual machines and does not support the vCenter Server Appliance.
  •  Before you can set up MSCS for vCenter Server availability, you must create a virtual machine with one of the following guest operating systems:
    • Windows 2008 SP2
    • Windows 2012 R2 Datacenter

    Additionally, you must add two RDM disks to this VM. These disks must be mounted and when they are added, you must create a separate SCSI controller with the bus sharing option set to physical. The RDM disks must also be independent and persistent.

    In this configuration all vCenter Server services can be protected individually. The backend Microsoft SQL database can also be protected separately with SQL Clustering.


Figure 3: Clustering based high availability for Windows based vCenter Server

Deployment Modes for vCenter Server:

Local vCenter Server & PSX High Availability:

  • This model protects the platform service controller service by having multiple instances of PSC locally behind a load balancer. Failure of a PSC does not impact the usage of the infrastructure. The PSCs should also be separated from each other physically using anti-affinity rules. The PSCs replicate state information vCenter Server nodes are individually clustered with WSFC for HA. The  vCenter Servers interact with the PSCs through a load balancer.


Figure 4: Local vCenter and PSC high availability

Multiple Site vCenter Server and PSC basic Architecture:

In this configuration each site is independent with PSC replication between sites. The vCenter Server is aware of the site topologies and use the local PSC under normal circumstances. Customers are able to seamlessly move the vCenter Servers between PSCs when necessary. This topology allows for Enhanced Linked Mode (ELM) which is facilitated by the PSC. Enhanced Linked Mode provides for a single point of management for all vCenter Servers in the same vSphere domain. In vSphere 6 the Windows-based and Virtual Appliance-based vCenter Servers have the same operational maximums and can belong to the same linked mode configuration. The configuration replicates all license, global permissions, tags and roles across all sites.



Figure 5: Multi-site vCenter Server and PSC basic architecture

Multiple Site vCenter Server & PSC with High Availability Architecture:

Combining the high availability configuration in a local site with the multi site configuration. Each site is populated with at least two PSCs for high availability. vCenter Server nodes are individually clustered with WSFC for HA.



Figure 6: Multi-site vCenter Server and PSC high availability architecture


vCenter Server 6 has a new deployment architecture. In this blog we have discussed the deployment modes for vCenter Server based on different requirements. The modes of deployment can go from a minimal local deployment to a multi site high availability deployment. There are many high availability options available for vCenter Server and one can mix and match these based on customer requirements.