Install & Configure vCSA and vCenter 5.5

The steps below are to install and configure the vCenter Server Appliance, configure SSO to lookup users in a specific OU in Active Directory, add an Administrator, add your first host, and configure email server settings.

Prerequisites:

  1. Download the latest version of the vCenter Server Appliance (5.5.0.5201 for this writing) and place it some where that is accessible by the client hosting the vSphere client
  2. Have the vSphere Thick client installed
  3. Have a datastore created for the appliance (VM_Appliances for this writing)
  4. Identify the Fully Qualified Domain name and IP address of the server ahead of time

Steps

      1. Login to the vSphere client, choose File then Deploy OVF Template
        step1
      1. Click “Browse”, locate the OVF/OVA, and click “Open”, then click “Next”
        step2
      1. Click “Next” after reviewing the template details
        step3
      1. Name the vCSA, choose the inventory location, and click “Next”
        step4
      1. Choose the datastore and click “Next”
        step5
      1. Verify the datastore name and size and click “Next” (Size is not adjustable)
        step6
      1. Select the appropriate “Destination Network” and click “Next”
        step7
      1. Enter the following information and click “Next”
        1. Hostname = Name of Appliance
        1. Default Gateway = IP of the gateway of  the Destination Network
        1. DNS = IP of the DNS Server (Separate each DNS server with commas, though it didn’t seem to apply these settings)
        1. Network 1 IP Address = IP address of the vCenter Server Appliance
        1. Network 1 Netmark = Subnet mask of the Destination Network
      1. Verify the settings and click “Finish” to begin deployment of the vCSA
      1. Once deployment is finished, click “Close”
      1. Right click on the vCSA in the vSphere client and choose “Upgrade Virtual Hardware” then click “Yes” to upgrade the configuration
        step11
      1. Right click on the vCSA and choose “Open Console”
      1. Click the “Power On” button in the console
        step13
      1. Once the appliance has finished booting, open a browser and connect to the web interface (https:// ipaddress:5480)
      1. Click “Continue” to the security warning on your web browser
      2. Enter the default username and password for the vCSA (username: root, password: vmware)
      1. After login, accept the licensing agreement and click “Next” (this part may take awhile)
        step17
      1. Once you get to “Configure Options” press the “Cancel” button (After a few unsuccessful attempts to configure through the wizard, it is easier setting it up manually)
        step18
      1. At the home page of the vCSA admin page, click on the “Database” tab
        step19
      •  Change the “Database type” to “embedded” and click “Save Settings” (may take a minute or 2)
        step19a
      1. Click on the “SSO” tab
        • Change the “SSO deployment type” to “embedded”
        • Set the admin password for the “administrator@vsphere.local” account (Save this information immediately!)
        • Click “Save Settings” (will take a few  minutes)
          step20c
        • Once you see the message “Operation was successful” you can move on to the next step
          step20d
      1. Click on the “Network” tab
        • Ensure the Hostname (must be a FQDN if adding to a domain), IPv4 gateway, preferred & alternate DNS servers, and IPv4 static IP addressing is set. If any entries is missing, add them now
        • Once saved, click on the “System” tab and click on “Reboot”
          step21b
      1. Log back in (if necessary and continue with the next step)
      1. Click on “Authentication” tab
        • Check the box for “Active Directory Enabled”
        • Enter the domain name
        • Enter a domain admin account for “Administrative user” (Domain admin)
        • Enter the password for this account and click “Save Settings” (This will add the appliance to the domain)
          step23d
      1. Click on the “Update” tab then click “Check Updates” to see if there are any available updates
        • Install any updates that are available
        • Click on “Settings” under “Update”
        • Choose “Automatic check for updates”
        • Set your frequency (usually once a week) and then click “Save Settings”
          step24d
      1. Click on the “Admin” tab
        • Enter the current administrator password (default is “vmware”)
        • Enter the new administrator password and immediately save it (I use keepass for my passwords)
        • Click “Yes” for administrator password expiration
        • Enter the password validity time in days
        • Enter a group account for email expiration warning
        • Click “Submit”
          step25f
      1. Once the settings are saved, click on “System” tab then choose “Reboot”
      1. Once the vCSA is back up, you should be able to login to the vSphere Web Client (https:// IPofvCSA:9443)
      2. Download and install the “Client Integration Plug-in”
        step28

        • You’ll need to close your current browser to complete installation. Reopen and enable the Plugins after revisiting the URL above
      1. Login using the username “administrator@vsphere.local” and the password setup in step 20
      1. Click on “Administration”
        step30
      1. Click on “Configuration”, then click the “Identity Sources” tab and press the “+” button
      1. Choose the following for setting up Active Directory Auth for a specific group using a service account
        • Choose “Active Directory as a LDAP Server”
        • Enter the name (Just a reference name)
        • Enter the Distinguished name of the OU where users will be located
        • Enter the Domain name
        • Enter the Domain alias
        • Enter the Distinguished name for groups (for us, it’s the same as for users)
        • Enter the primary server URL (Format: ldap:\\Dcname.domainname.com:389)
        • Enter the secondary server URL (same format as above)
        • Username: A domain account in the OU above (do not use a users account, make it a service account)
        • Password: Password for domain account
        • Press “Test Connection” to ensure it all works and then click “OK”
          step32k

 

      1. Under “Single Sign-On” on the left, click on “Users and Groups”
        step33
      1. Click the “Groups” tab, then click on “Administrators”
        step34
      1. Click the “Add Members” button
        step35
      1. Change the Domain to the Domain that was just added. Search for the Domain users/groups that need Administrator access, click on each one and click “Add” followed by “OK”
        step36
      1. Once the users have been added, click on the “Home” button towards the top left
        step37
      1. Click on “vCenter”
        step38
      1. Under “Inventory Lists”, click on “vCenter Servers”
        step39
      1. Click on the name of your vCenter Server
        step40
      1. Click the “Manage” tab, followed by the “Permissions” button
        step41
      1. Click the “+” button to add a new administrator.
        • When the “Add Permission” box appears, click the “Add” button at the bottom
        • Change the Domain to Domain added earlier
        • Search for the same users/groups added as vCSA admins, select each one and click “Add” followed by “OK” when completed
          step42c
        • Under “Assigned Role” change from “No access” to “Administrator”. Ensure “Propogate to children” is selected and click “OK”
          step42d
      1. Once Domain permissions have been assigned, sign out of the web interface as “administrator@vsphere.local” and login with domain credentials (domain\username)
      1. Once logged in as Domain account, click on “vCenter”
        step44
      1. If you see the number “1” next to “vCenter Servers” under “Inventory Lists” then permissions were assigned correctly.
      2. Click on vCenter Servers, then click on the vCenter server and click the “Manage” button in the middle pane
        step46
      1. Under the “Settings” tab click on “Advanced Settings”
        step47
      1. Locate the key “config.registry.key_managedIP” and if the Value is “–“,  click the “Edit” button towards the top right
        step48
      • Scroll down to that key and enter the IP address of the vCenter Server appliance and click “OK” (Without this entry, in the event of a DNS failure, the hosts will not be able to check in with the vCenter server and could become disconnected. Thanks to Virtual Barker for pointing this out)
      1. Click on on the “vCenter” link towards the top left
        step49
      1. Click on “Datacenters”
        step50
      1. Click the “Create a new datacenter” button
        step51
      1. Choose a name of the Datacenter (I usually use location), click on the vCenter server instance and click “OK”
        step52
      1. Click on “vCenter” towards the top left
        step53
      1. Click on “Hosts” under “Inventory Lists”
        step54
      1. Click the “Add a host” button
        step55
      1. Follow these steps to add a host to your newly created datacenter
        • Enter the fully qualified domain name of your host
        • Click on the destination datacenter and then click “Next”
          step56b
        • Enter the username and password for the “root” account then click “Next” (Click “Yes” for the security alert)
          step56c
        • Review the details of the Host then click “Next”
          step56d
        • Assign a license key (if available) and click “Next”
        • Make sure “Enable lockdown mode” is unchecked and click “Next”
        • Click “Next” through “VM location” as we haven’t created a new tag yet
          step56g
        • Click “Finish”
      1. Click on “vCenter” button towards the top left
        • Click on “vCenter Servers” under “Inventory Lists”
        • Click on the name of the vCenter server
        • Click the “Manage” tab
          step57c
        • Under “vCenter Server Settings” on the General page, click the “Edit” button
          step57d
        • Click the “Mail” link and enter your mail server address and the mail sender address and then click “OK”
          step57e

At this point you are ready to start adding more hosts, creating clusters and deploying virtual machines. Before you are ready for production, ensure that you create alerts for monitoring VM and Host health such as CPU and memory usage, CPU ready latency, storage latency and VM snapshot size. I’ll address the common alerts I create in each new build in a later post.

Advertisements
Image

2 thoughts on “Install & Configure vCSA and vCenter 5.5

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s