Technical

Understanding the vCenter Server Converge Tool

Announced in November 2018, the External Platform Services Controller (PSC) is being deprecated. Previously, many customers have deployed the External PSC to take advantage of features such as Enhanced Linked Mode (ELM) or PSC HA. With the removal of the External PSC, VMware has provided a Converge Tool to be able to migrate from an External Deployment to an Embedded deployment. The Converge Tool does require you to be on vSphere 6.5 Update 2d or greater or vSphere 6.7 Update 1 or greater and be running the vCenter Server Appliance (VCSA).

Planning your Convergence

Prior to executing your migration from an External to Embedded Platform Services controller, the first thing we need to do is analyze our current SSO domain to understand the solutions and servers we are dealing with. We need to review our SSO environment and identify which solutions are registered with the SSO Lookup Service, such as NSX and Site Recovery Manager (SRM). These and other solutions need to be manually repointed to the embedded vCenter Server once convergence is complete. If you are unsure what solutions are registered to your SSO Server, you can use the following KB2043509 to find out what services are registered with the SSO lookup service.

Also, if you are unsure which Platform Services Controller your vCenter Server is pointed to—you have two ways to check. The first option is utilize the vSphere Client and review the Advanced Settings. Navigate to your vCenter Server and choose the Configuration tab. Proceed to Advanced Settings and search for config.vpxd.sso.admin.url and this will show your connected PSC.

If you prefer to go the CLI route, you can run the following command to identify the connected PSC.

We will also log into our NSX Manager’s and validate which External PSC and vCenter Server they are currently registered with.

In my example environment I have drawn out the following diagram to understand my architecture based on information I gathered.  I currently have two External PSC’s in Enhanced Linked Mode with two External vCenter Servers. I also have 2 separate NSX Manager instances registered with my External PSC’s that will need to be re-registered once the Converge Tool is ran.

Executing the Converge Tool

Once we have our target environment planned out, we can look to the execution of the Converge Tool. If you are familiar with the VCSA CLI based installer currently used with vSphere 6.5 and vSphere 6.7 the Converge Tool will look quite familiar. To run the Converge Tool you must download and mount the VCSA iso, and first prepare your JSON templates. You will have one template to run the Converge Tool to migrate from an External to Embedded PSC and there will be a second template used to decommission the external PSC which will shut it down and remove it from the SSO domain.

First up is the converge template, within this template there are four sections:

  1. Information about the Managing vCenter or ESXi Host.
  2. Information about the vCenter Server you wish to Converge to Embedded.
  3. (Optional) Active Directory Information if you wish to join the Embedded vCenter to AD.
  4. (Optional) Replication Partner Information. If this vCenter Server is the first converged node within the SSO domain you will leave this blank, but if it is not the first you will need to fill it out for additional nodes.

Now that we understand what the JSON template fields do, let’s review what a prepared converge template looks like. In this example my first external deployment was not joined to Active Directory and it is the first one I am converging in my SSO domain so I only have two sections to fill out.

My second external deployment was also not joined to Active Directory and since I already have one Embedded vCenter Server I must point to it as the replication partner. If I choose to leave this blank, it would automatically create a replication back to its External PSC and when we go to decommission those we would’ve actually created two separate SSO domains because of the lack of replication.

Now, that we have our JSON templates filled out properly, we can proceed to executing them. We will run the Converge Tool against our first vCenter Server and proceed until all vCenter Servers within the SSO domain are complete. You will be unable to decommission an external PSC until all remaining vCenter Servers in the SSO domain are converged to Embedded.

To understand all the parameters available with the Converge Tool we can run the following command to learn more.

To execute the Converge Tool against our vCenter Server we will run the following command.

Note: We can only run the Converge Tool against one vCenter Server Appliance at a time.

At this step, we have now consolidated our environment and have two Embedded vCenter Servers, however our NSX Manager’s are still pointing to our External PSC’s.

To correct this registration we need to log into our NSX Managers and re-register the lookup service with our new Embedded vCenter Servers.

At this point our external solutions are now registered properly, and we can move forward with decommissioning our External PSC’s.

Note: You will be unable to decommission your external PSC’s until all vCenter Servers within your SSO domain have been migrated to Embedded Deployments

Next up we will review the decommission template. Within this template there are four sections:

  1. Information about the Managing vCenter or ESXi Host of the External PSC.
  2. Information about the Platform Services Controller you wish to Decommission.
  3. Information about the Managing vCenter or ESXi Host of an Embedded vCenter in the SSO Domain.
  4. Information about the Embedded vCenter in the SSO Domain.

Here is an example of our prepared JSON template for decommission.

We will run the Converge Tool using the decommission option to remove our External PSC’s, repeating for each remaining node.

At this point we have now successfully ran the Converge Tool to migrate all External PSC’s to Embedded PSC’s and decommissioned our External PSC’s leaving us with our preferred deployment as seen below.

Additional Resources

vSphere Documentation

KB59907

KB65129

KB59508

vCenter Server 6.7 Update 1 Convergence Tool – Emad Younis

Conclusion

VMware has announced the deprecation of the External PSC and customers should begin the migration to the Embedded PSC Deployment as soon as they are able to. The Embedded deployment simplifies patching, upgrading and management of our environment not only from an architecture standpoint but also with less servers to manage. I hope this blog prepared you to properly plan and execute running the Converge Tool within your environment.

If you have any feedback or questions feel free to post below.