vSphere 6 – Consolidation & Migration

By | January 13, 2017

Scope

This particular customer wanted to move away from Windows vCenter 5.5 and migrate to vCenter 6.0 using the appliance.  This seems fairly straight forward, but the existing implementation\configuration and customer requirements started to muddy the water.

Basically to meet future requirements, architectural changes are needed here to transition to external Platform Services Controllers.

Note: To help you decide on recommended topologies or walk you through the decision process step by step, I highly recommend the following resources.

vSphere 6.0 PSC Topology – Decision Tree

Recommended vSphere 6.0 Topologies

Existing Topology

The challenge here is that two SSO domains exist with the same name (vsphere.local), but these are not joined together (to make use of Linked Mode for example). They are completely standalone vCenter implementations. Therefore, the two SSO domains required consolidation before the vCenter migration(s) coukd occur.  Below provides a quick overview of the current state.

  • x1 SSO Site – Physically the customer has two datacenters and would like to join additional VCs in the future across multi-site in a single SSO domain.
  • x2 vCenter 5.5 using Windows Server 2008 with embedded SSO
  • x2 SSO domain – Both called vSphere.local.  However these are not combined \ using Linked Mode.

Screen Shot 2017-01-13 at 13.15.12
Target Topology

  • x1 Site
  • x1 SSO domain
  • x2 External PSCs for HA. Load Balancing is out of scope, plus it doesn’t really provide what most people think it will.  See this excellent blog post if you haven’t already – Blog

Screen Shot 2017-01-13 at 13.15.36

Planning and Prepration

Below are some of the steps you need to walk through to plan accordingly.  The links provided go into much greater detail and provide much more information.  At a high-level these are ‘must do’s’ before proceeding any further.

Review recommended vSphere 6.0 Topologies KB
Review Migration Tool FAQ KB
Review vSphere 6.0 Pubs – vSphere Migration section Pubs
Review VMware vCenter Server 6.0 Update 2 Migration Release Notes KB
Does Source vCenter and vCenter Orchestrator share the same database? KB
Review vCenter health – Windows OS, all vCenter Services are running & DB server is contactable
Source Windows VC – Installed products? 3rd party or VMware – NSX, VUM, vRO?

Update Manager was un-installed from both vCenter’s.  If Update Manager installation is external, that’s no issue.  See above articles.

Source Windows VC – Installed products – VMware: ESXi Dump Collector, Auth Proxy, Auto Deploy, Syslog?
vCenter Servers have a valid FQDN and static IP address
vCenter Windows Service account and SSO credentials for migration
Compatibility of 3rd party solutions?
vSphere 5.5 U3d and earlier (migration compatibility)
vCenter Deployment model – Simple v Custom (distributed)
New IP addresses and DNS records for appliances (PSC & VC)
Define new VM names for appliances to be deployed (PSC & VC)
Temporary IP address required for migration
AD account to joined VC appliance to domain – Same account used to joined Win VC to domain? KB
vCenter 6.0 licenses (myvmware.com)
vSphere 6.0 U2m ISO – 2.8GB
Time Sync – Windows VCs, External Windows SSO and External PSC
Check vCenter SSL Certs (rui.crt format supported) KB
Snapshot and backup Windows vCenter A & B
Backup databases for vCenter (database tools). All other usual steps before an upgrade.

Deploy a new external SSO Domain + consolidate both SSO domains from x2 vCenter’s

Deploy new Windows Server 2008 VM
Mount ISO to VM>Install vCenter 5.5 SSO and create new SSO domain
vCenter A – Repoint Inventory Service to new external SSO

Fixed by updating the certificate on the new SSO server with correct DNS entry.

KB

 

vCenter A – Repoint vCenter to new external SSO Blog

 

vCenter A – Re-register vCenter Server with Inventory Service
vCenter A – Repoint Web Client to new external SSO
vCenter A – Restart services and verify

Services failed to start but resolution (certificate) in the KB fixed this.

KB

 

vCenter A – Removed embedded SSO domain
vCenter B – Repoint Inventory Service to new external SSO

This procedure resulted in – Error:1 – ssl handshake problem.

Fixed by updating the certificate on the new SSO server with correct DNS entry.

KB

 

vCenter B – Repoint vCenter to new external SSO Blog

 

vCenter B – Re-register vCenter Server with Inventory Service
vCenter B – Repoint Web Client to new external SSO
vCenter B – Restart services and verify

Services failed to start but resolution (certificate) in the KB fixed this.

KB

 

vCenter B – Removed embedded SSO domain

Migrate External SSO

Verify the vCenter Server appliance is downloaded
Copy Migration Assistant folder from ISO to source SSO Windows Server
Run Migration Tool on external SSO Windows server – Pre-reqs check Blog

 

Run vcsa-setup.html from a Mgmt VM – Migrate External SSO instance to a PSC appliance KB

 

Migrate vCenter A and B

Use the following KB to estimate the migration time

Copy Migration Assistant folder from ISO to source vCenter Windows Server

KB
Run Migration Tool – Pre-reqs check  

 

Run vcsa-setup.html from a Mgmt VM and use Migrate option for vCenter
Repeat for VC B

Deploy 2nd external PSC + re-configure vCenter

Run vcsa-setup.html from Mgmt VM
Deploy PSC appliance and join to existing SSO domain which is the 1st External PSC appliance

Note: You may need to add the 2nd PSC to AD if you want to login with domain accounts. See this post

Re-point one of the vCenter’s to the new external PSC Blog

Pubs

KB

Check PSC replication\partner status KB
Rollback steps KB

Summary

Leave a Reply