vCenter Build : Installation Steps
1 vCenter 4.1 does not support 32-bit OS; use Windows 2008 R2 x64 Standard
2 Install / Configure a SQL 2008 R2 Cluster Database (outside the scope of this document), set the Instance port to 2126
3 Execute the following SQL to allow DP backups:
CREATE LOGIN [DOMAIN\svc_DP-agent] FROM WINDOWS
sp_addsrvrolemember @loginame = [DOMAIN\svc_DP-agent], @rolename = 'sysadmin'
4 Create two databases on the HA database cluster:
VCDB1
VCUMDB1
5 Create a sevrice account for the vCenter cluster:
- svc_euvcenter01 (Note each vCenter must have a unique account (offline vCenter shares the same as online))
6 Using secpol.msc or Group Policy grant the service account tothe following user rights on both VCENTER servers:
- Act as part of the Operating System
- Logon as a Service
8 Execute the following SQL to add the user to the SQL instance:
CREATE LOGIN [DOMAIN\svc_euvcenter01] FROM WINDOWS
9 Execute the following SQL:
ALTER LOGIN [DOMAIN\svc_euvcenter01] WITH DEFAULT_DATABASE = VCDB1
10 On VCDB1 execute the following SQL:
EXEC sp_changedbowner @loginname='svc_euvcenter01' @map='true'
11 On VCUMDB1 execute the following SQL:
EXEC sp_grantdbaccess 'DOMAIN\svc_euvcenter01', 'svc_euvcenter01' EXEC sp_addrolemember 'db_owner', 'svc_euvcenter01'
12 Grant the service account db_owner permissions on the MSDB database:
USE MSDB; GO EXEC sp_grantdbaccess 'spicerseu\svc_euvcenter01', 'svc_euvcenter01' EXEC sp_addrolemember 'db_owner', 'svc_euvcenter01'
13 Create the following SQL Maintenence Tasks:
- Daily 21:00 Check Integrity, Backup and Cleanup old BAK Files VCDB1
- Daily 22:00 Check integrity, Backup and Cleanup old BAK Files VCUMDB1
- Weekly 00:00 Sunday Check Integrity, Backup and Cleanup BAK Files SYSTEM Database
14 Make the svc_euvcenter01 account a local administrator on the vCenter server
15 Install SQL 2008 Native Client on both vCenter Servers
16 Create a 64-bit ODBC DSN for VCDB1:
- Select SQL Native Client as driver
- Server: EUVCDBCL1I1\I1,2126
- Use Windows Authentication (do not define SPN)
- Change default database to be VCDB1
17 Create a 32-bit ODBC DSN for VCUMDB1:
- Select SQL Native Client as driver
- Server: EUVCDBCL1I1\I1,2126
- Use Windows Authentication (do not define SPN)
- Change default database to be VCUMDB1
18 Create a exclusion policy for McAfee and apply to vCenter servers: \Device\vstor*
19 Create firewall exceptions on EUVCENTER01/02:
netsh advfirewall firewall add rule name="vCenter HTTP" dir=in action=allow protocol=TCP localport=80
netsh advfirewall firewall add rule name="vCenter AD Services" dir=in action=allow protocol=TCP localport=389
netsh advfirewall firewall add rule name="vCenter Client Listener" dir=in action=allow protocol=TCP localport=443
netsh advfirewall firewall add rule name="vCenter Linked Mode SSL" dir=in action=allow protocol=TCP localport=636
netsh advfirewall firewall add rule name="vCenter Management" dir=in action=allow protocol=TCP localport=902
netsh advfirewall firewall add rule name="vCenter Console" dir=in action=allow protocol=TCP localport=903
netsh advfirewall firewall add rule name="vCenter Management WebService" dir=in action=allow protocol=TCP localport=9080
netsh advfirewall firewall add rule name="vCenter HTTPS" dir=in action=allow protocol=TCP localport=9443
netsh advfirewall firewall add rule name="vCenter SDK" dir=in action=allow protocol=TCP localport=60099
20 Enable ICMP Echo Request on both vCenter Servers
21 Install .NET 3.5.1 via Server manager > Features
22 Install J# x64 from VMware-VIMSetup-all-4.1.0-259021\redist\vjredist
23 Install Visual C++ 2005, 2008 (x64 and x86) from VMware-VIMSetup-all-4.1.0-259021\redist\vcredist\2005
24 Logon as service account
25 Install vCenter:
- Ensure that Web Server HTTP/HTTPS ports are changed from 8443 and 8080 to 9443 and 9080 this is because these ports conflict with McAfee EPO
- Create dependency on MacAfee Framework Service for vpxd (due to conflict)
26 Restart server, check all VMWare services start
27 Remove MSDB permissions for svc_euvcenter01 account (when second sever is completed)
28 Configure Virtual Connect profiles for all VM servers
29 Deploy ESXi to all virtual hosts using HP ESXi media
30 Configure TCP/IP, hostname and root password to XXXXXXXXX and set management VLAN (if applicable)
31 Configure forward and reverse DNS entries for vCenter Servers
32 Login to vSphere Client
33 Add licenses to vCenter
34 Create a new Datacenter
35 Import vSphere Hosts
36 Set Time Server Settings
37 Create a vSphere cluster
38 Drag and drop nodes imported into cluster
39 Create the following distributed switches:
- dvSwitch_Management/vMotion
- dvSwitch_Ecommerce
- dvSwitch_Internal
40 Create the following dvPortGroups under dvSwitch_Management/vMotion:
- dvPortGroup_Internal_VLAN120
- dbPortGroup_Internal_VLAN121
- dbPortGroup_Internal_VLAN121
41 Create the followingdvPortGroups under dvSwitch_Internal:
- dvPortGroup_Internal_VLAN1
- dvPortGroup_Internal_VLAN90
- dvPortGroup_Internal_VLAN110
- dvPortGroup_Internal_VLAN115
42 Create the followingdvPortGroups under dvSwitch_Ecommerce:
- dvPortGroup_Ecommerce_VLAN1
- dvPortGroup_Ecommerce_VLAN10
- dvPortGroup_Ecommerce_VLAN20
- dvPortGroup_Ecommerce_VLAN35
- dvPortGroup_Ecommerce_VLAN70
43 On dvSwitch_Internal change teaming and failover settings so that VLAN120 is preferred on adapter dvUplink1 and VLAN121 and VLAN122 are preferred on dvUplink2
44 Migrate server console to dvSwitch_ManagementvMotion
45 Define host level vmk1 and vmk2 Virtual Adapter and enable vMotion – this is a manual process on each host individually
46 Create host profile and validate all nodes against this
47 Present shared storage to all cluster nodes
48 Configure datastores and ensure availability on all hosts; odds sys side, evens cdc side
49 Create Windows and Linux VM’s
50 Test vMotion Host move
51 Test vMotion Datastore Move
52 Test VMWare HA
53 Test vVMWare DRS
54 Test DR scenarios:
- Controlled shutdown
- Storage failover
- VMHA – Poweroff Node and wait for VM startup on another node
- SAN Storage Failover
55 Configure Network IO correctly on each Distributed Switch
56 Configure vCenter Mail Settings
57 Configure Exchange CAHT relay permissions
58 Configure alarms to send emails for the following host related issues:
- Host connection failure
- Host Storage Status
- Network connectivity lost
- Network uplink redundancy degraded
- Host CPU Usage
- Host Memory Usage
59 Modify c:\Program Files\VMware\Infrastructure\VirtualCenter Server\extensions\com.vmware.vim.stats.report\extension.xml
- Replace * with server FQDN this will resolve the ‘Navigation to the webpage was cancelled Refresh the page’ error
Setup Standby vCenter Server
1 Stop live vCenter VMWare Services, shutdown live vCenter
2 Perform full database backup
3 Make the svc_euvcenter01 account a local administrator on the vCenter server
4 Install SQL 2008 Native Client
5 Create a 64-bit ODBC DSN for VCDB1:
- Select SQL Native Client as driver
- Server: EUVCDBCL1I1\I1,2126
- Use Windows Authentication (do not define SPN)
- Change default database to be VCDB1
6 Create a 32-bit ODBC DSN for VCUMDB1:
- Select SQL Native Client as driver
- Server: EUVCDBCL1I1\I1,2126
- Use Windows Authentication (do not define SPN)
- Change default database to be VCUMDB1
7 Create a exclusion policy for McAfee and apply to vCenter servers: \Device\vstor*
8 Install .NET 3.5.1 via Features
9 Install J# x64 from VMware-VIMSetup-all-4.1.0-259021\redist\vjredist
10 Install Visual C++ 2005, 2008 (x64 and x86) from VMware-VIMSetup-all-4.1.0-259021\redist\vcredist\2005
11 Logon as service account: svc_euvcenter01 p/w:XXXXXXXXX
12 Install vCenter, using the same license key as the other vCenter
- Ensure that WebServer HTTP/HTTPS ports are changed from 8443 and 8080 to 9443 and 9080 this is because these ports conflict with McAfee EPO
13 Restart server, check all VMWare services start
14 Modify c:\Program Files\VMware\Infrastructure\VirtualCenter Server\extensions\com.vmware.vim.stats.report\extension.xml
- replace * with EUVCENTER01.spicers.europeThis will resolve the ‘Navigation to the webpage was cancelled Refresh the page’ error
15 Configure same IP address as EUVCENTER01 – YES
16 Login to the Standby vCenter
17 Re-connect each ESXi host
18 Create dependency on mcAfee framework service for vpxd