NetApp VSC 4.2.1 Install on vCenter 5.5

I’m open to change, usually. New technology, new releases, new features, new options; I just like new. Though I do like new there is some “new” I struggle to get behind and that “new” is the vSphere Web Client. Even though it has been around awhile, with vSphere 5.5 there are things you have to use the web client for in order to administer your VMs (assuming they’re Harware Version 10). As a man not quite ready to make the leap to full-blown Web Client administration (and how can you since you still need the thick client to run Update Manager), I decided to install NetApp’s Virtual Storage Console 4.2.1 so I can continue to perform NetApp administration in the vSphere thick client.

As the primary VMware and NetApp engineer, having one place to create, mount, and resize volumes is a time saver. Plus the ability to create volume-level snapshots that quiesce the guest operating systems of your VMs provides a quick, point-in-time recovery time for your infrastructure. The steps below show how to install and configure the VSC 4.2.1 plugin in vSphere 5.5 connecting to an HA-pair of NetApps running ONTAP 8.1.2 in 7-mode.

Prerequisites:

1. A server that will run the VSC service (I usually install it on the Windows Server that hosts the vCenter Service or Update Manager as there are no port conflicts)
2. A domain account with “Administrator” rights to vCenter and local administrator on the Windows Server (this account will run the VSC service)
3. Credentials for the NetApps (I use ‘root’ for this, but a new user can be created on the NetApps with appropriate permissions)

 

Steps:

1. Run VSC-4.2.1-win64.exe as administrator
2. Click “Next”
VSC4052814-step2
3. Read through the “Shared Credentials” notes, click “I Understand” then click “Next”
VSC4052814-step3
4. Check the box for “Backup and Recovery” (if licensed) and click “Next”
VSC4052814-step4
5. Set the installation directory (I prefer to install to a non-OS drive) and click “Next”
VSC4052814-step5
6. Note the URL and click the “Install” button
VSC4052814-step6
7. When the installation completes click “Finish” and you should have a browser pop-up to the URL above
VSC4052814-step7
8. On the browser page, continue through any security warnings
VSC4052814-step8
9. Choose the IP of the local service the plugin will use to communicate with vCenter (This is the IP of the server you are installing VSC to)

  • a. Enter the IP of the vCenter server
  • b. Enter a service account username and password (this should not be your own credentials)
  • c. Click “Register”
    VSC4052814-step9c
  • d. You should see this message below if successful
    VSC4052814-step9d

10. On the server, go to “Start”, “Administrative Tools”, and click on “Services”
VSC4052814-step10
11. Locate the “Virtual Storage Console for VMware vSphere Server” service, right click and choose “Properties”
VSC4052814-step11
12. Click the “Log On” tab then click “This account”

  • a. Enter the account username and password used to connect to vCenter then click “OK”
    VSC4052814-step12a
  • b. Click “OK” for the message about granting Log On As A Service rights
  • c. Click “OK” about not taking affect until the service is restarted

13. Right-click on the service and click “Restart”
VSC4052814-step13
14. Login to the vSphere thick client to the vCenter server

  • a. You should receive a Security Warning pop up, click the box to install the certificate and click “Ignore”
    VSC4052814-step14a

15. Click “Plug-ins” then “Manage Plug-ins” at the top
VSC4052814-step15
16. Locate the “Virtual Storage Console” plugin, right click it and click “Enable” then click “Close”
VSC4052814-step16

17. Click the “Home” button towards the top left then click “NetApp” under “Solutions and Applications”
VSC4052814-step21

  • a. If you receive a Security Alert click “Yes” to proceed

18. Right-click on one of the storage controllers listed at the top and click “Modify Credentials”
VSC4052814-step22
19. Enter the management IP address, username (likely root) and password (try with SSL, but if it doesn’t work try without SSL) and click “OK”
VSC4052814-step23

  • a. Click “OK” for the controller privileges summary
  • b. Repeat for any additional Storage Controllers
  • c. Once completed this is what you should see
    VSC4052814-step23c

20. Click on “Provisioning and Cloning” towards to the bottom left
VSC4052814-step24
21. Click the link for “Storage controllers” and click the “Refresh” link towards the top right
22. Right click on one of the controllers and click “Resources”
VSC4052814-step26
23. Move the NFS/iSCSI network interface(s) to the right column, move any volumes that VMware will manage to the right column and move any aggregates to the right column to be managed as well. Click “Save” (The 10.32.22.x network is for management of the NetApp while the 192.168.10.x network is a private, non-routable network for NFS traffic. All volumes should be mounted on that network.)
VSC4052814-step27

  • a. Repeat for any other controllers

 

*The original documentation I posted showed changing the role in vCenter for the “netappvsc” user to “VSC Administrator” instead of just “Administrator”. Turns out this breaks the Virtual Storage Console. When you attempt to mount or provision datastores, you receive the following error; “HTTP ERROR 403. Problem accessing /kamino/index.html. Reason: Forbidden”
VSC4052814-error

At this point you are ready to manage your NetApp filers from the vSphere thick client. By right-clicking on your cluster in vCenter you can provision volumes to all the hosts in a cluster saving so much time of provisioning a new volume and then mounting it one host at time. Too bad you can mount a volume that’s already been created at the cluster level; it can only be done one host at a time.

NetApp VSC 4.2.1 Install on vCenter 5.5

Create vCenter 5.5 Upgrade Baseline

I have a preference to do brand new installs of ESXi for each new release. With new releases there are new options, new features, and caveats with existing functionality. This means the migration process takes longer, but it helps ensure that I’m applying current best practices each and every time instead of applying upgrades to a flawed design.

In some instances this isn’t a concern and we can use vCenter with Update Manager to upgrade hosts to the latest version of ESXi and preserve our current configuration (name, IP, storage, etc). I use this process when remotely upgrading Hosts in my colo facility without having console access to the physical servers.

This is a step by step guide to creating an upgrade baseline to upgrade an existing ESXi Host (5.0 for this writing) to 5.5 and begin the upgrade process on a Host.

Prerequisites:

1. Existing host running 5.0 or 5.1 connected to vCenter Server 5.5
2. vCenter Server 5.5 with Update Manager installed
3. Downloaded .ISO of ESXi 5.5

Steps:

1. Using the vSphere thick client (not web client), connect to the vCenter server and click the “Home” button followed by “Update Manager” under “Solutions and Applications”
UPG052714-step1
2. Click on “ESXi Images” tab
UPG052714-step2
3. Click the link for “import ESXi Image” to wards the top right corner
UPG052714-step3
4. Click “Browse” and locate the .ISO of ESXi, click “Open” then click “Next”
UPG052714-step4

  • a. If you receive a security warning, click the check box to install the certificate and click “Ignore”
  • b. The ISO should upload. When completed click “Next”
    UPG052714-step4b

5. Enter the name of this upgrade baseline identifying the version in the name or description then click “Finish”
UPG052714-step5
6. Click the “Home” button followed by “Hosts and Clusters”
UPG052714-step6
7. Click on the Host to be upgraded and then click the “Update Manager” tab
UPG052714-step7
8. Click the “Attach” link towards the top right corner
UPG052714-step8
9. Place a check in just the upgrade baseline created and then click “Attach”
UPG052714-step9
10. Click the “Remediate” button towards the lower right corner

  • a. Confirm Upgrade baselines and the ESXi 5.5 baseline are selected then click “Next”
    UPG052714-step10a
  • b. Accept the license agreement and click “Next”
  • c. Leave “Remove installed third-party software” unchecked and click “Next”
  • d. Leave the schedule as “Immediate” and click “Next”
  • e. Since this host is not in a cluster, choose “Power off virtual machines” and click “Next” (THIS WILL POWER OFF ANY VMS THAT ARE ON THAT HOST)
    UPG052714-step10e
  • f. Click the “Finish” button

11. This process takes awhile and you’ll lose access to the server while it is remediating. If you have access to the console during this time, it is a good idea to have it open and watch the progress.

Once the upgrade is complete the Host will be available within vCenter and will be running ESXi 5.5. Once completed, make sure you double-check your settings (time, network, DNS) to ensure all your settings are still there. Also, take this time to attach your patches baseline and get the latest patches applied to this Host.

Create vCenter 5.5 Upgrade Baseline

Unregister Plugin from vCenter

Sometimes the uninstallation of a plugin in vCenter will not remove it from the list of available plugins. Once you’ve confirmed the plugin can be removed, follow these steps to unregister it and remove it from the list.

1. Currently, the Virtual Storage Console for NetApp has been uninstalled, but it is still showing up as an available Plugin
rmplugin052114-step1
2. Open a web browser and navigate to https://vCenterAddress/mob

a. Ignore any security warnings

3. Login with your normal vCenter credentials
rmplugin052114-step3
4. After login, click on the “content” link under Properties
rmplugin052114-step4
5. Click on the link for “ExtensionManager”
rmplugin052114-step5
6. You’ll have a list of extensions to choose from under “extensionList” and “VALUE”

a. Click the link of the extension to be unregistered
rmplugin052114-step6a
i. If the name isn’t obvious, click each one until you see the correct one

7. Once you’ve clicked on the correct plugin, you’ll want to copy the Value (without the quotes) in the row labeled “key”
rmplugin052114-step7
8. Press the Back button in your browser and then click on “UnregisterExtension” under the Methods table
rmplugin052114-step8
9. Paste the string copied from step 6 into the “VALUE” text box and click “Invoke Method” at the bottom
rmplugin052114-step9
10. Restart the vsphere client and click on “Plug-ins” then “Manage Plug-ins” and the plugin should be gone
rmplugin052114-step10
11. Now we see that the Plugin has been removed
rmplugin052114-step11

Unregister Plugin from vCenter

vCenter Server 5.5 Custom Install

In order to install the 4 components of vCenter (SSO, Web Client, Inventory Service, and vCenter Server) onto a secondary drive on the same Server, you must perform a “Custom Install”. This guide will walk you through the process of installing each of these components as well as SQL 2008 Express to the secondary drive of a Server. This can also be used to install the individual components on separate servers. In total, this is just over 100 steps to walk through so it will take some time.

 

Prerequisites:

1. Create a new virtual machine and add it to the domain
2. Add a second hard disk to install vCenter on
3. Add the update manager and vCenter service domain users as a local admins (vudatemanager, vmwareservice for this writing)
4. Mount the ISO for vCenter 5.5
5. Ensure User Account Control is turned off and the server has been rebooted (SQL will fail without this)

 

Install:

1. Open computer, right click on the VMware VIM disk and choose “Open”
VC051814-step1
2. Navigate to \redist\SQLEXPR and double click “SQLEXPR_x64_ENU”
VC051814-step2
3. After files are extracted, choose “New installation or add features to an existing installation”
VC051814-step3
4. Check the box to accept the license terms and click “Next”
VC051814-step4
5. Uncheck “SQL Server Replication” and change the share feature directories to the “D:\” drive and click “Next”
VC051814-step5
6. Name the Instance and change the instance root directory to the D:\ drive. Click “Next”
VC051814-step6
7. SQL Database Engine can run as Network Service, but I prefer using a named account. Click “Next”
VC051814-step7
8. Click on the “Data Directories” tab to ensure all directories are pointed at the secondary drive
VC051814-step8
9. Click on the “Account Provisioning” tab and change the authentication to “Mixed Mode”. Enter an “sa” password (save it immediately), then add any SQL Admins that are required and click “Next”
VC051814-step9
10. Click “Next” through Error Reporting screen
11. Click “Close” once the installation finishes
12. Click Start, then type “cmd”, right-click on cmd.exe and choose “Run as administrator”
VC051814-step12
13. Ensure your current path is “C:\Windows\system32” and type “sqlcmd.exe -S DEN-vCenter01\VCENTERSQLEXPR” (This is to connect to the instance named “VCENTERSQLEXPR” on the server “DEN-vCenter01” which is the server I am currently connected to)
VC051814-step13
14. Run the following commands pressing “enter” after each line (this will create the vCenter Database, add domain\vmwareservice as a use and db_owner, then add as user and db_owner of the msdb database)
CREATE DATABASE [vCenterDB]
GO
ALTER DATABASE [vCenterDB] SET COMPATIBILITY_LEVEL = 100
GO
ALTER DATABASE [vCenterDB] SET RECOVERY SIMPLE
GO
USE [vCenterDB]
GO
CREATE USER [domain\vmwareservice] FOR LOGIN [domain\vmwareservice]
GO
EXEC sp_addrolemember 'db_owner', 'domain\vmwareservice'
GO
USE msdb
GO
CREATE USER [domain\vmwareservice] FOR LOGIN [domain\vmwareservice]
GO
EXEC sp_addrolemember 'db_owner', 'domain\vmwareservice'
GO

VC051814-step14
15. Type “exit” and then close CMD window
16. Login as the vCenter Service account which should be added as a local administrator
17. Go to start, administrative tools, and chooce “Data Source (ODBC)”
VC051814-step17
18. Click the “System DSN” tab and click “Add”
VC051814-step18
19. Choose “SQL Server Native Client 10.0” and click “Finish”
VC051814-step19
20. Enter a useful name, description and browse for the local Instance
VC051814-step20
21. Choose “With Integrated Windows authentication” and click “Next”
VC051814-step21
22. Change the default database to the newly created vCenterDB and click “Next”
VC051814-step22
23. Click “Finish”
VC051814-step23
24. Click “Test Data Source” to ensure connection then click “OK” and “OK”
VC051814-step24
(Running the vCenter Components install failed when logged in as the VMware Service account for me so the rest of these steps can be performed by another admin account for this server.)
25. Open computer and double-click on the VMware VIM disc
VC051814-step25
26. Click “vCenter Single Sign-On” under “Custom Install” and click “Install”
VC051814-step26
27. Click “Next” for vCenter Single Sign-On
VC051814-step27
28. Accept the license agreement and click “Next”
VC051814-step28
29. Review the SSO information and check the box for “Add [DOMAIN] as a Native Active Directory identity source” and click “Next”
VC051814-step29
30. Choose “vCenter Single Sign-On for your first vCenter Server” and click “Next”
VC051814-step30
31. Enter the password for the local account for SSO (this is not the domain admin or your own account, this is a local account to administer SSO in the event the domain is unavailable). Save the password immediately and click “Next”
VC051814-step31
32. Enter a site name (if needed) and click “Next”
VC051814-step32
33. Note the HTTPS port and click “Next”
VC051814-step33
34. Change the destination folder to the secondary drive (D: for this writing) and click “Next”
VC051814-step34
35. Review the options and click “Install”
VC051814-step35
36. Click “Finish” when it’s done installing
VC051814-step36
37. Now click on “vSphere Web Client” under “Custom Install” and click “Install”
VC051814-step37
38. Choose “English” and click “OK”
VC051814-step38
39. Click “Next”
VC051814-step39
40. Accept the license agreement and click “Next”
VC051814-step40
41. Change the install directory to the “D:\” drive and click “Next”
VC051814-step41
42. Note the web client ports and click “Next”
VC051814-step42
43. Enter the password for the administrator@vsphere.local account and click “Next”
VC051814-step43
44. Click “Yes” for the SSL fingerprint
45. Click “Install certificates” when you see the “Certificate Installation for Secure Connection”
VC051814-step45
46. Click “Install”
VC051814-step46
47. Click “Finish”
VC051814-step47
48. Click “OK” for this message about access time for the Web Client
VC051814-step48
49. Click on “vCenter Inventory Service” under “Custom Install” then click “Install”
VC051814-step49
50. Choose “English” and click “OK”
VC051814-step50
51. Click “Next” to begin the Inventory Service installation
VC051814-step51
52. Accept the license agreement and click “Next”
VC051814-step52
53. Change the install directory to the “D:\” drive and click “Next”
VC051814-step53
54. Ensure the FQDN is correct and click “Next”
VC051814-step54
55. Note the ports and click “Next”
VC051814-step55
56. Select the appropriate Inventory size and click “Next”
VC051814-step56
57. Enter the password for the administrator@vsphere.local account and click “Next”
VC051814-step57
58. Click “Yes” for the SSL fingerprint
59. Click “Install” to begin installation
VC051814-step59
60. Click “Finish” once the installation is complete
VC051814-step60
61. Click “vCenter Server” under “Custom Install” and then click “Install”
VC051814-step61
62. Choose “English” and click “OK”
VC051814-step62
63. Click “Next” to begin installation wizard
VC051814-step63
64. Accept the license agreement and click “Next”
VC051814-step64
65. Enter the license key (if available) and then click “Next”
VC051814-step65
66. Click “Use an existing supported database” and select the ODBC connection created earlier and click “Next”
VC051814-step66
67. Click “Next”
VC051814-step67
68. If the JDBC URL fails, restart the SQL Service (Administrative Tools -> Services and locate “SQL Server (InstanceName)”) on the local server and attempt the connection again
VC051814-step68
69. Enter your password to run the vCenter service (but we’ll change this after creation)
VC051814-step69
70. Select “Create a standalone VMware vCenter Server instance” and click “Next”
VC051814-step70
71. Note the provisioned ports and click “Next”
VC051814-step71
72. Select the appropriate inventory size and click “Next”
VC051814-step72
73. Enter the administrator@vsphere.local SSO password and click “Next”
VC051814-step73
74. Click “yes” for the SSL fingerprint
75. Click “Next” to register administrator@vsphere.local as an Administrator
VC051814-step75
76. Confirm the vCenter Inventory URL and click “Next”
VC051814-step76
77. Change the installation to the “D:\” drive and click “Next”
VC051814-step77
78. Click “Install”
VC051814-step78
79. Once installation completes, click “Finish”
VC051814-step79
80. Click Start, Administrative Tools, then choose “Services”
VC051814-step80
81. Locate “VMware VirtualCenter Server” service, right-click and choose “Properties”
VC051814-step81
82. Click on the “Log On” tab and then click on the “Browse” button
VC051814-step82
83. Change the “Location” to your domain then enter the name of the user account that will run the vCenter Service (vmwareservice for this writing) and click “OK”
VC051814-step83
84. Enter the password for this account and then click “OK”
VC051814-step84
85. Click “OK” to grant log on as a service rights then click “OK” about it not taking affect until a service restart
VC051814-step85
86. Locate the “VMware VirtualCenter Management Webservices” service and change it’s logon account to same account we just used for the VirtualCenter Server service (vmwareservice for this writing)
VC051814-step86
87. Right-click on “VMware VirtualCenter Server” service and choose “Restart”. You will be prompted that the “Vmware VirtualCenter Management Webservices” needs to be restarted as well. Click “Yes” for that prompt
VC051814-step87a
VC051814-step87b
88. After the services restart, open your browser and connect to https:// IPofvCenter:9443/vsphere-client and login as administrator@vsphere.local with the password assigned earlier
89. Once logged in, click on “Administrator” on the left pane
VC051814-step89
90. Click on “Users and Groups” under “Single Sign-On”
VC051814-step90
91. Click the “Groups” tab then click on”Administrators” under “Group Name”
VC051814-step91
92. Click the “Add Member” button under “Group Members”
VC051814-step92
93. Change the Domain to your domain, then search for the Active Directory user or group to be added as an Administrator. Click the user/group then click the “Add” button followed by “OK”
VC051814-step93
94. Click the “Home” button towards the top left corner
VC051814-step94
95. Click on “vCenter”
VC051814-step95
96. Click on “vCenter Servers”
VC051814-step96
97. Click on your vCenter server
VC051814-step97
98. Click the “Manage” tab followed by “Permissions”
VC051814-step98
99. Click the “Add Permission” button
VC051814-step99
100. Click the “Add” button towards the lower left then search for the Active Directory user/group to be added as a vCenter Administrator (ensure the Domain is set to your domain). Click the user/group, then click “Add” followed by “OK”
VC051814-step100
101. Changed “Assigned Role” to “Administrator” from the drop-down and then click “OK”
VC051814-step101

 

At this point your vCenter server is installed and configured with an Administrator account added for SSO as well as vCenter itself. To install the Update Manager service, click here to view the steps to install and configure. Your steps will differ as those instructions are for connecting to a mirrored database for Update Manager, but the rest of the steps are similar. You will just need to provision a database and grant the update manager user account db_owner to msdb and the Update Manager database. This can be done the same way as in step 14, just change the database name and the user name.

To complete the vCenter configuration (create a datacenter, add hosts), click here to open the step-by-step guide and scroll to step 44.

vCenter Server 5.5 Custom Install

vCenter 5.5 Update Manager Install with SQL Mirroring

When I first started at my current job we were a company with a few standalone SQL Servers. There were development and production instances on both SQL 2005 and 2008. This isn’t a problem, but we lacked any kind of High Availability for these databases. One of the first projects I took on was creating a SQL 2012 Failover Cluster. The setup was relatively painless and it provided us the ability to patch SQL hosts without having to take down any of the applications that depending on it. The drawback was every time I did a cluster failover vCenter Update Manager would stop working and the service needed to be restarted. A minor annoyance, but something that always bothered me.

To alleviate this (and with available SQL licenses), I implemented a new SQL 2012 Mirrored instance and while I was building our brand new ESXi 5.5 environment it was the perfect time to move the vCenter Update Manager database to SQL mirroring. While I don’t have a blog post about how to setup SQL Mirroring (but I do have the process documented), this shows the process of provisioning the databases on the Principle and the Mirror and the commands to mirror the database with automatic failover (with a Witness server). In the future I hope to blog about the setup of SQL Mirroring.

 

Prerequisites:

  1. Have vCenter 5.5 already installed and running
  2. Download the ISO for vCenter 5.5 from VMware which will need to be mounted on the server that will host vCenter Update Manager (VUM).
  3. Have an additional Disk drive added to the destination server hosting Update manager because I prefer leaving the OS drive for the OS and all programs are installed on the secondary data disk.
  4. 3 Servers with SQL installed and configured for mirroring (Principle, Mirror, Witness).
  5. Install the 64-bit SQL 10 Native Client from the SQL 2008 install .ISO (sqlncli.msi) on the server hosting VUM.
  6. A domain user account to run the VUM service and connect to SQL (domain\vupdatemanager for this writing)

 

SQL Mirroring Configuration:

  1. Connect to the principle SQL server (SQLMir-01 for this writing)
  2. Expand Security and Logins. Right click “Logins” and click “New Login”
    DB051314-step2
  3. Enter the login name for the Update Manager Active Directory account, choose “Windows Authentication”
    1. Change the “Default database” to “msdb” and click “OK”
      DB051314-step3a
    2. Click on “User Mapping” and place a check next to “msdb” then under “Database role membership” place a check next to “db_owner”
      DB051314-step3b
  4. Right click on “Databases” and choose “New Database”
    DB051314-step4

    1. Enter the database name
      DB051314-step4a

      1. Click the “…” button next to “Owner” and browse for the login we just created, place a check mark for it and click “OK” and “OK”
        DB051314-step4ai
    2. Click the “Options” link on the left side and ensure that Recovery Model is set to “Full” and Compatibility level is set to “SQL Server 2012 (110)” then click “OK”
      DB051314-step4b
  5. Right click on the newly created database and go to “Tasks” followed by “Back Up”
    DB051314-step5

    1. Name the backup file and note the location of the backup file and click “OK”
      DB051314-step5a
    2. Navigate to that Location and copy the backup
      DB051314-step5b
    3. Paste this file on to the Mirror Server
      DB051314-step5c
  6. Connect to the Mirror SQL Server (SQLMir-02 for this writing) and create the Update Manager account just like in Step 3 on that server as well (Do not create the database)
  7. Right click on “Databases” and choose “Restore Database”
    DB051314-step7

    1. Click “Device” for the source, then click the “…” button, click the “Add” button and it locate the .BAK file. Click on it and click “OK”, then “OK” again.
      DB051314-step7a
    2. Click the “Options” link on the left side and change “Recovery state” to “RESTORE WITH NORECOVERY” then click “OK”
      DB051314-step7b
  8. On the Mirror SQL server (SQLMir-02), click on “New Query” and run the following command: (This is creating the connection for the Mirror to allow mirroring from the Principle)
    DB051314-step8

    1. ALTER DATABASE vCenterUpdateManager
      SET PARTNER = 'TCP://SQLMIR01-Mirror.domain.com:5022'
  9. Back on the primary SQL server, click on “New Query” and run the following commands:
    1. ALTER DATABASE vCenterUpdateManager
      SET PARTNER = 'TCP://SQLMIR01-Mirror.domain.com:5022'
      GO
      ALTER DATABASE vCenterUpdateManager
      SET WITNESS = 'TCP://SQLWIT01-Mirror.domain.com:5022'

The SQL Servers (Principle, Mirror, Witness) have multiple network connections (Production, Mirror, and Backup). A DNS entry was created for their Mirror network IPs to allow them to communicate over a non-routable network to minimize latency. Mirroring would work if I set the string to “TCP://SQLMir-01.domain.com:5022” if a private network isn’t available.

 

vCenter Update Manager Install/Config:

  1. Login to the server as the user account that will connecting to vCenter/update manager database (domain\vupdatemanager for this writing)
  2. Create a 32bit ODBC connection to the SQL database
    a. Navigate to C:\Windows\SysWOW64 and open “odbcad32.exe”
    VUM051314-step2a
    b. Click the “System DSN” tab then click the “Add” button
    VUM051314-step2b
    c. Scroll to the bottom and choose “SQL Server Native Client 10.0” and click “Finish”
    VUM051314-step2c
    d. Enter the name of the connection and find the SQL Server\Instance and click “Next”
    VUM051314-step2d
    e. Choose “With Integrated Windows authentication” and click “Next”
    f. Change the default database to the Update Manager Database then set the Mirror Server as the SQL Server Name\Instance. Click “Next”
    VUM051314-step2f
    g. Click “Finish” then click “Test Data Source”. If test is successful, click “OK” then “OK” again and again
    VUM051314-step2g
  3. After the ISO has been mounted on the virtual machine, open “Computer” and open the CD
  4. If the installer doesn’t automatically open, locate the “autorun” application and double-click it.
  5. At the installer screen, choose “vSphere Update Manager” under the “VMware vCenter Support Tools” section. Then click “Install”
    VUM051314-step5
    a. Choose the appropriate language and click “OK”
    b. Click “Next” to begin the install process
    c. Accept the license agreement and click “Next”
    d. Leave the box for “Download updates from default sources” checked and click “Next”
    VUM051314-step5d
    e. Enter the FQDN or IP of the vCenter server to be connected to as well as the username/password for the account you’re currently logged in as (I’ve made this account an Administrator in vCenter at the Datacenter level)
    VUM051314-step5ei
    f. Choose “Use an existing supported database” and then choose the DSN connection created in step 2 and click “Next”
    VUM051314-step5f
    g. Click “Next” to confirm the database information and click “OK” to ignore the warning about Full recovery
    h. Choose the IP address and note the ports being used then click “Next”
    VUM051314-step5h
    i. Change the Install directory from C: to D: and then click “Next”
    VUM051314-step5i
    j. Click “Install”
    k. Click “Finish”
  6. After installation completes, press the Start button, Administrative Tools, then Services
    VUM051314-step6
    a. Locate the “VMware vSphere Update Manager Service”, right click and choose “Properties”
    VUM051314-step6a
    b. Click the “Log On” tab and click the “This account” button then enter the login information for the domain account used for update manager then click “Apply”
    VUM051314-step6b
    c. Click “OK” for the dialog box about granting log on as a service rights
    d. After the new service account has been applied, click the “General” tab then click the “Stop” button. Once the service has stopped, hit the “Start” button. Then click “OK”
  7. Open up the vSphere client (not the web interface) and login to the vCenter server
    a. Click the “Home” button
    VUM051314-step7a
    b. Click the “Update Manager” button under “Solutions and Applications”
    VUM051314-step7b
    c. Click on the “Baselines and Groups” tab
    VUM051314-step7c
    d. Click the “Create” link towards the top right corner under “Compliance View”
    VUM051314-step7d
    e. Select “Host Baseline Group” and give it a name (“All Patches” for this example). Click “Next”
    VUM051314-step7e
    f. Click “Next” through “Upgrades” page
    g. Select both Critical and Non-critical patches and click “Next”
    VUM051314-step7g
    h. Click “Next” through the “Extensions” page
    i. Review the settings and click “Finish”
    VUM051314-step7i
  8. Click the “Home” button again then choose “Hosts and Clusters”
    VUM051314-step8
    a. (For this writing, we’ll attach the baseline group to the Datacenter, but I usually apply this at the cluster level)
    b. Click on the Datacenter then click on the “Update Manager” tab
    VUM051314-step8b
    c. Click the “Attach” link towards the top right corner
    VUM051314-step8c
    d. Under “Baseline Groups” choose the name of the Baseline group created and click “Attach”
    VUM051314-step8d
    e. Once attached, all the Hosts will display under “All Groups and Independent Baselines”. Click the “scan” button towards the top right corner
    VUM051314-step8e
    f. Click the “Scan” button on the pop up box
    VUM051314-step8f
    g. Once scanning is completed, click the “Stage” button towards the bottom right corner
    VUM051314-step8g
    h. Ensure both Critical and Non-critical patches are selected as well as the host and click “Next”
    VUM051314-step8h
    i. Click “Next” after reviewing the patches to be applied
    VUM051314-step8i
    j. Then click “Finish” (All patches that can be staged will be placed on the host, some that can’t be staged will be loaded once you choose “Remediate”)
    k. Once staged, click the “Remediate” button towards the bottom right corner
    l. Click the baseline group created earlier then click “Next”
    VUM051314-step8l
    m. Review the patches and click “Next”
    VUM051314-step8m
    n. Choose “Immediately” for the remediation time and click “Next”
    VUM051314-step8n
    o. Choose your VM power state options (In a multi-host cluster choosing “Do Not Change VM Power State” will cause VMs to be vMotioned to another host when entering maintenance mode)
    VUM051314-step8o
    p. Click Finish (This will cause the Host to enter maintenance mode, apply patches, and reboot if necessary)
  9. After the host finishes rebooting we’ll see the new build number
    VUM051314-step9

Applying baselines at the cluster level will help to ensure all your hosts are running the same builds/patches and help prevent version mismatch issues. I prefer to created one baseline for all my hosts that includes any required extensions. In my environment we run NetApp storage which requires a host component to take advantage of VAAI. By adding this into my required patching I make sure all my hosts are able to take advantage of this.

vCenter 5.5 Update Manager Install with SQL Mirroring

Install & Configure vCSA and vCenter 5.5

The steps below are to install and configure the vCenter Server Appliance, configure SSO to lookup users in a specific OU in Active Directory, add an Administrator, add your first host, and configure email server settings.

Prerequisites:

  1. Download the latest version of the vCenter Server Appliance (5.5.0.5201 for this writing) and place it some where that is accessible by the client hosting the vSphere client
  2. Have the vSphere Thick client installed
  3. Have a datastore created for the appliance (VM_Appliances for this writing)
  4. Identify the Fully Qualified Domain name and IP address of the server ahead of time

Steps

      1. Login to the vSphere client, choose File then Deploy OVF Template
        step1
      1. Click “Browse”, locate the OVF/OVA, and click “Open”, then click “Next”
        step2
      1. Click “Next” after reviewing the template details
        step3
      1. Name the vCSA, choose the inventory location, and click “Next”
        step4
      1. Choose the datastore and click “Next”
        step5
      1. Verify the datastore name and size and click “Next” (Size is not adjustable)
        step6
      1. Select the appropriate “Destination Network” and click “Next”
        step7
      1. Enter the following information and click “Next”
        1. Hostname = Name of Appliance
        1. Default Gateway = IP of the gateway of  the Destination Network
        1. DNS = IP of the DNS Server (Separate each DNS server with commas, though it didn’t seem to apply these settings)
        1. Network 1 IP Address = IP address of the vCenter Server Appliance
        1. Network 1 Netmark = Subnet mask of the Destination Network
      1. Verify the settings and click “Finish” to begin deployment of the vCSA
      1. Once deployment is finished, click “Close”
      1. Right click on the vCSA in the vSphere client and choose “Upgrade Virtual Hardware” then click “Yes” to upgrade the configuration
        step11
      1. Right click on the vCSA and choose “Open Console”
      1. Click the “Power On” button in the console
        step13
      1. Once the appliance has finished booting, open a browser and connect to the web interface (https:// ipaddress:5480)
      1. Click “Continue” to the security warning on your web browser
      2. Enter the default username and password for the vCSA (username: root, password: vmware)
      1. After login, accept the licensing agreement and click “Next” (this part may take awhile)
        step17
      1. Once you get to “Configure Options” press the “Cancel” button (After a few unsuccessful attempts to configure through the wizard, it is easier setting it up manually)
        step18
      1. At the home page of the vCSA admin page, click on the “Database” tab
        step19
      •  Change the “Database type” to “embedded” and click “Save Settings” (may take a minute or 2)
        step19a
      1. Click on the “SSO” tab
        • Change the “SSO deployment type” to “embedded”
        • Set the admin password for the “administrator@vsphere.local” account (Save this information immediately!)
        • Click “Save Settings” (will take a few  minutes)
          step20c
        • Once you see the message “Operation was successful” you can move on to the next step
          step20d
      1. Click on the “Network” tab
        • Ensure the Hostname (must be a FQDN if adding to a domain), IPv4 gateway, preferred & alternate DNS servers, and IPv4 static IP addressing is set. If any entries is missing, add them now
        • Once saved, click on the “System” tab and click on “Reboot”
          step21b
      1. Log back in (if necessary and continue with the next step)
      1. Click on “Authentication” tab
        • Check the box for “Active Directory Enabled”
        • Enter the domain name
        • Enter a domain admin account for “Administrative user” (Domain admin)
        • Enter the password for this account and click “Save Settings” (This will add the appliance to the domain)
          step23d
      1. Click on the “Update” tab then click “Check Updates” to see if there are any available updates
        • Install any updates that are available
        • Click on “Settings” under “Update”
        • Choose “Automatic check for updates”
        • Set your frequency (usually once a week) and then click “Save Settings”
          step24d
      1. Click on the “Admin” tab
        • Enter the current administrator password (default is “vmware”)
        • Enter the new administrator password and immediately save it (I use keepass for my passwords)
        • Click “Yes” for administrator password expiration
        • Enter the password validity time in days
        • Enter a group account for email expiration warning
        • Click “Submit”
          step25f
      1. Once the settings are saved, click on “System” tab then choose “Reboot”
      1. Once the vCSA is back up, you should be able to login to the vSphere Web Client (https:// IPofvCSA:9443)
      2. Download and install the “Client Integration Plug-in”
        step28

        • You’ll need to close your current browser to complete installation. Reopen and enable the Plugins after revisiting the URL above
      1. Login using the username “administrator@vsphere.local” and the password setup in step 20
      1. Click on “Administration”
        step30
      1. Click on “Configuration”, then click the “Identity Sources” tab and press the “+” button
      1. Choose the following for setting up Active Directory Auth for a specific group using a service account
        • Choose “Active Directory as a LDAP Server”
        • Enter the name (Just a reference name)
        • Enter the Distinguished name of the OU where users will be located
        • Enter the Domain name
        • Enter the Domain alias
        • Enter the Distinguished name for groups (for us, it’s the same as for users)
        • Enter the primary server URL (Format: ldap:\\Dcname.domainname.com:389)
        • Enter the secondary server URL (same format as above)
        • Username: A domain account in the OU above (do not use a users account, make it a service account)
        • Password: Password for domain account
        • Press “Test Connection” to ensure it all works and then click “OK”
          step32k

 

      1. Under “Single Sign-On” on the left, click on “Users and Groups”
        step33
      1. Click the “Groups” tab, then click on “Administrators”
        step34
      1. Click the “Add Members” button
        step35
      1. Change the Domain to the Domain that was just added. Search for the Domain users/groups that need Administrator access, click on each one and click “Add” followed by “OK”
        step36
      1. Once the users have been added, click on the “Home” button towards the top left
        step37
      1. Click on “vCenter”
        step38
      1. Under “Inventory Lists”, click on “vCenter Servers”
        step39
      1. Click on the name of your vCenter Server
        step40
      1. Click the “Manage” tab, followed by the “Permissions” button
        step41
      1. Click the “+” button to add a new administrator.
        • When the “Add Permission” box appears, click the “Add” button at the bottom
        • Change the Domain to Domain added earlier
        • Search for the same users/groups added as vCSA admins, select each one and click “Add” followed by “OK” when completed
          step42c
        • Under “Assigned Role” change from “No access” to “Administrator”. Ensure “Propogate to children” is selected and click “OK”
          step42d
      1. Once Domain permissions have been assigned, sign out of the web interface as “administrator@vsphere.local” and login with domain credentials (domain\username)
      1. Once logged in as Domain account, click on “vCenter”
        step44
      1. If you see the number “1” next to “vCenter Servers” under “Inventory Lists” then permissions were assigned correctly.
      2. Click on vCenter Servers, then click on the vCenter server and click the “Manage” button in the middle pane
        step46
      1. Under the “Settings” tab click on “Advanced Settings”
        step47
      1. Locate the key “config.registry.key_managedIP” and if the Value is “–“,  click the “Edit” button towards the top right
        step48
      • Scroll down to that key and enter the IP address of the vCenter Server appliance and click “OK” (Without this entry, in the event of a DNS failure, the hosts will not be able to check in with the vCenter server and could become disconnected. Thanks to Virtual Barker for pointing this out)
      1. Click on on the “vCenter” link towards the top left
        step49
      1. Click on “Datacenters”
        step50
      1. Click the “Create a new datacenter” button
        step51
      1. Choose a name of the Datacenter (I usually use location), click on the vCenter server instance and click “OK”
        step52
      1. Click on “vCenter” towards the top left
        step53
      1. Click on “Hosts” under “Inventory Lists”
        step54
      1. Click the “Add a host” button
        step55
      1. Follow these steps to add a host to your newly created datacenter
        • Enter the fully qualified domain name of your host
        • Click on the destination datacenter and then click “Next”
          step56b
        • Enter the username and password for the “root” account then click “Next” (Click “Yes” for the security alert)
          step56c
        • Review the details of the Host then click “Next”
          step56d
        • Assign a license key (if available) and click “Next”
        • Make sure “Enable lockdown mode” is unchecked and click “Next”
        • Click “Next” through “VM location” as we haven’t created a new tag yet
          step56g
        • Click “Finish”
      1. Click on “vCenter” button towards the top left
        • Click on “vCenter Servers” under “Inventory Lists”
        • Click on the name of the vCenter server
        • Click the “Manage” tab
          step57c
        • Under “vCenter Server Settings” on the General page, click the “Edit” button
          step57d
        • Click the “Mail” link and enter your mail server address and the mail sender address and then click “OK”
          step57e

At this point you are ready to start adding more hosts, creating clusters and deploying virtual machines. Before you are ready for production, ensure that you create alerts for monitoring VM and Host health such as CPU and memory usage, CPU ready latency, storage latency and VM snapshot size. I’ll address the common alerts I create in each new build in a later post.

Image