This week at VMworld 2013, I attended a few sessions directly related to vCenter 5.5 as well as its components, one of which is vCenter Single Sign On (SSO):
- VSVC5234 – Extreme Performance Series: vCenter of the Universe
- VSVC4830 – vCenter Deep Dive
First of all, both sessions were excellent and I highly recommend viewing them if you have access to the post conference recordings.
If you followed my session tweets or if perhaps you’ve read half a dozen or more already available blog posts on the subject, you know that several improvements have been made to vCenter SSO for the vSphere 5.5 release. For instance:
- Completely re-written from the ground
- Multi-master architecture
- Native replication mechanism
- SSO now has site awareness (think of the possibilities for HA stretched clusters)
- MMC based diagnostic suite available as a separately maintained download
- The external database and its preparation dependency has been removed
- Database patitioning to improve both scalability and performance (this was actually added in 5.1 but I wanted to call it out)
- Revamped multi-site deployment architecture
- Full Mac OS X web client support including remote console
- Improved certificate management
- Multi-tenant capabilities
- Drag ‘n’ Drop in the 5.5 web client
With some of the new features now identified and VMware’s blessing, have a look at the installation screens and see if you can spot the differences as compared to a vCenter 5.1 SSO installation. These stem from a manual installation of SSO, not an automated installation of all vCenter components (by the way, the next gen web client is now installed as part of an automated vCenter 5.5 installation whereas it was not in 5.1). Keep in mind these were pulled from a release candidate version and may change when vCenter 5.5 GAs at a future date.
I noticed one subtle change here – clicking on the Microsoft .NET 3.5 SP1 link in Windows 2008R2 actually installs the feature rather than just throwing up a dialogue box asking you to install the feature yourself.
As this is a manual installation, we have the option to use the default or specify the installation location. Best practice is to install all vCenter components together so that they can communicate at server bus speed and won’t be impacted by network latency. However, for larger scale environments, SSO should be isolated on a separate server with five or more vCenter Servers in the environment. On a somewhat related note, the Inventory Service may benefit from an installation on SSD, again in large infrastructures.
We won’t likely see this in the GA version.
We’re going through the process of installing vCenter version 5.5 but in terms of the SSO component, again this is a complete re-write and bears the respective version of 2.0.
We always read the EULA in full and agree to the license terms and conditions.
Big changes here. Note the differences in the deployment models compared to the previous 5.1 version – previous deployment models are honored through an upgrade to 5.5. Again, this is where the VMworld sessions noted above really go into detail.
the System-Domain namespace has been replaced with vsphere.local.
The new site awareness begins here.
I hope you agree that SSO installation in vCenter 5.5 has been simplified while many new features have been added at the same time.
As always, thank you for reading and it was a pleasure to meet and see everyone again this year at VMworld.
A Good thing SSO has been re-designed.
How about SSO HA ?
Is there still a need for a loadbalancer?
Jeroen: response here from Justin King:
http://wahlnetwork.com/2013/08/26/vsphere-5-5-improvements-part-7-single-sign-on-completely-redesigned/#comment-9707
Could you tell me how to get the mmc based diagnostic suite ?