I did an article on the vSphere 6 Platform Services Controller a while ago. After attending a session on changes in vSphere 6.5 at vFORUM, I thought it would be an idea to revisit this, and frame it in the context of vCenter 6.5 upgrades.
In vCenter 6.5, the architecture is a bit different to 5.x. With the PSC, you get:
VMware vCenter Single Sign-On
VMware Directory Services
VMware Certificate Authority
And the vCenter Server Service gives you:
VMware vSphere Web Client
VMware vSphere Auto Deploy
VMware vSphere ESXi Dump Collector
vSphere Syslog Collector on Windows and vSphere Syslog Service for VMware vCenter Server Appliance
vSphere Update Manager
There are some basic configurations that you can go with, but I generally don’t recommend these for anything outside of a lab or test environment. In these configurations, the PSC is either embedded or external to the vCenter Server. The choice here will be dependent on the sizing and feature requirements of your environment.
If you want to use Enhanced Linked Mode an external PSC is recommended. If you want it highly available, you’ll still need to use a load balancer. This VMware KB article provides some handy insights and updates from 6.0.
vCenter Upgrade Scenarios
Your upgrade architecture you’ll choose depends on where your vCenter services reside. If your vCenter server has SSO installed, it becomes a vCenter Server with an embedded PSC.
If, however, some of the vSphere components are installed on separate VMs then the Web Client and Inventory Service become part of the “Management Node” (your vCenter box) and the PSC (with SSO) is separate/external.
Note also that vSphere 6.5 still requires a load balancer for vSphere High Availability.
This is not something that’s necessarily going to come up each day. But if you’re working either directly with VMware, via an integrator or doing it yourself, your choice of vCenter architecture should be a key consideration in your planning activities. As with most upgrades to key infrastructure components, you should take the time to plan appropriately.
I’ve finally gotten some time to dig into the changes in vSphere 6 with regards to deployment options and architecture. I thought I’d do a few posts covering some key enhancements from VMware, paying particular attention to the Platform Service Controller (PSC) and VMware’s preferred deployment options. I haven’t received any briefings from VMware, so I can’t comment on what is coming in future releases. Note that most of this information was made available to me via access to VMware’s partner program, and I think it’s important that more people understand what’s going on when it comes to PSC and how it works.
The PSC is a new feature in vSphere 6.0. As background, I recommend you first check out this blog post – vCenter Server 6 Deployment Topologies and High Availability. There is also an excellent FAQ from VMware available here. I thought, before diving too much into PSC deployment options, it’s a good idea to revisit VMware’s semi-new approach to vSphere components.
The PSC contains the following services:
VMware vCenter Single Sign-On (SSO);
VMware Directory Service; and
VMware Certificate Authority (CA).
Everything else is now referred to as “vCenter Services”, providing the remainder of the vCenter Server functionality. This includes:
VMware vSphere Web Client;
vSphere Auto Deploy;
VMware vSphere ESXi Dump Collector; and
VMware vSphere Syslog Collector (Windows) / VMware Syslog Service (Appliance).
Enhanced Linked Mode with an External PSC Without HA
The PSC is configured on a separate VM and then the vCenter Servers are joined to that domain, providing Enhanced Linked mode functionality.
Enhanced Linked Mode with an External PSC in an HA Configuration
In this case, the PSCs are configured on separate VMs behind a load balancer to provide HA for the configuration. The vCenter Servers are then joined to that domain using the shared load balancer IP address, providing Enhanced Linked mode functionality that is fault-tolerant.
And here’s a few ways that you can do it that aren’t really recommended.
Enhanced Linked Mode with Embedded PSCs (Not Recommended)
In this scenario, vCenter is installed in an embedded configuration on the first server. Subsequent installations are then configured in embedded mode but joined to an existing SSO domain. Linking the embedded PSCs is possible, but VMware does not recommend this configuration.
Enhanced Linked Mode in Combination Deployment (Not Recommended)
In a combination deployment, the embedded and external PSC architectures are combined. While linking an embedded PSC and an external PSC is possible, VMware does not recommended this configuration.
Enhanced Linked Mode using only an Embedded PSC (Not Recommended)
In this case there is an embedded PSC and vCenter Server linked with an external standalone vCenter Server. Linking a second vCenter Server to an existing embedded vCenter Server and PSC is possible, but VMware does not recommended this configuration.
If you’re not going to use enhanced linked mode, use an embedded PSC. You still have availability via VMware HA. The failure domain is limited to a single vCenter Server, as there is no dependency on external component connectivity for PSC connectivity. This is most suitable for lab environments.
For sites that will use enhanced linked mode use external PSCs. The number of controllers depends on the size of the environment:
Between 2 and 4 VMware solutions – a single PSC for no HA, and 2 will be required for HA configured behind a single load balancer.
Between 4 and 8 VMware solutions – two PSCs linked together for no HA, and four will be required for HA configured behind two load balancers (two behind each load balancer).
Between 8 and 10 VMware solutions – three PSCs linked together for no HA, and six will be required for HA configured behind three load balancers (two behind each load balancer).
VMware maintain that, with the improvements to the vCenter appliance platform, the choice of Windows-based vs vCenter appliance is now a matter of preference rather than performance. I recommend the appliance wherever possible, but some people will feel more comfortable with a Windows-based platform. The cool thing is that, if you want to make things complicated, the PSC supports mixed-mode (i.e. appliance and Windows-based vCenter deployments).
This may have gone a bit beyond basics, and it’s not something that’s necessarily going to come up each day. But if you’re working either directly with VMware, via an integrator or doing it yourself, this new approach should be a key consideration in your planning activities. The addition of the PSC concept to the vCenter architecture improves the flexibility and availability options of the product, something that I think VMware has struggled with in the past. The key takeaway, in my opinion, is that if you’re upgrading from 5.5 or below, you need to take the time to plan appropriately, particularly if you want to leverage some of the new features that are available.