The vCenter Server 5.1 release includes significant architectural changes. One of those major changes is the introduction of Single Sign-On (aka SSO) as a solution to manage all users authentications to the increasing number of third part products VMWare is putting into its bundle. By using SSO authorized vCenter Server, users will be able to access multiple vCenter Server systems with a single login. See this link for more on vCenter Single Sign-On.
As you might have heard through the forums, vCenter 5.1 had many major bugs which discouraged many system administrators from upgrading their infrastructure. I was one of those sysadmins.
Starting from october 25, 2012 a more stable release (named VMware vCenter Server 5.1.0a) has been published, and therefore I decided to upgrade my vCenter to it.
I didn't go far with this plan. In fact, when I read the support matrix, I discovered that ESX 3.5 was no more supported under vCenter 5.1, and I have still many of them out there which I cannot upgrade yet for several reasons.
What I decided is to install a completely new vCenter infrastructure to host all the newer ESX 4.1 and ESXi5. And the first step to pass to vCenter 5.1 is to install an SSO instance.
There are already a few of those procedures out there describing the whole process of configuring SSO, but they are way too complex for such an easy task. Here's the procedure I followed. I hope it will be simpler than the one I had to go through myself. Do not hesitate to suggest any improvement in readability!
STEP 1: OS Installation
I started with deploying a new Windows 2008 R2 SP1 virtual machine which is aimed to host the aforementioned SSO service. The requirements for the basic SSO service are 3GB of RAM and 2GB of disk space, but if the database is on this same machine you may need to increase this values. For the moment there is no feedback on this from the community, but I will be glad to share as soon as I know.
Open a remote connection to that VM, open Server Manager and add the feature named .NET Framework 3.5.1. You don't need anything else, unless you want to use the bundled SQL 2008 express installation, in which case you should also install Windows Installer 4.5.
Edit your virtual machine settings and add a secondary disk to host the database files. As I said before there are no guidelines on the size for the SSO database but I reckon that 10GB should be largely sufficient for any installation.
Initialize and format this disk under Disk Management and there you create a folder named Databases and a subfolder named SSO (ie e:\Databases\SSO\).
STEP 2: SQL Installation
Now install Microsoft SQL Server 2008 and configure the services to start with the Local system account. Also tell the system to automatically start the SQL Server and SQL Server agent services at start-up.
|Microsoft SQL server services configuration|
Set the authentication to Mixed (this is important!) and specify a secure password for the SA account. You will need this account later to start SQL Management Studio and create the SSO databases.
A little note: when you choose the collation, you must select Latin1_General if you live in a English speaking country or in any other country using the basic latin alphabet without special accents.
For the rest leave the default parameters unless you are a DBA and have the knowledge to customize more.
STEP 3: SQL Pre-configuration with two VMWare scripts
Once SQL is installed, move to the D:\Single Sign On\DBScripts\SSOServer\schema\mssql folder on your mounted DVD drive and double-click on rsaIMSLiteMSSQLSetupTablespaces.sql. SQL Management Studio will start and you will connect to it with the SA account and modify the three lines of that script that specify the location where to store the database, then click on Execute!:
- FILENAME='C:\CHANGE ME\RSA_DATA.mdf' to FILENAME='E:\Databases\SSO\RSA_DATA.mdf'
- FILENAME='C:\CHANGE ME\RSA_INDEX.mdf' to FILENAME='E:\Databases\SSO\RSA_INDEX.mdf'
- FILENAME='C:\CHANGE ME\translog.idf' to FILENAME='E:\Databases\SSO\translog.idf'
Go back to D:\Single Sign On\DBScripts\SSOServer\schema\mssql folder on your DVD drive and double-click on rsaIMSLiteMSSQLSetupUsers.sql. It will open in SQL Management Studio as well. Change the password inside the quotes for the two accounts and click on Execute! once again:
- CREATE LOGIN RSA_DBA WITH PASSWORD = '
yourpassword', DEFAULT_DATABASE = RSA
- CREATE LOGIN RSA_USER WITH PASSWORD = ' yourpassword', DEFAULT_DATABASE = RSA
STEP 4: Single Sign-On installation
|Choosing Single Sign-On type|
Choose then to use an existing database. The installer will tell you to create the RSA database first, but we already went there and done that, so let's keep on.
At this point we have to enter the information about the database and the users we created before. In the database type choose MSSQL. Enter RSA as database name, RSA_USER as Database user name and RSA_DBA as Database DBA user name. Leave the JDBC url empty.
|Database connection information window|
That's all for the installation of vCenter SSO on a brand new Windows 2008 R2 with Microsoft SQL. For more details check out the release notes by VMWare as stated at the beginning of this post. Do not hesitate to leave comments or ask questions if you had any problem with the configuration. I also wholeheartedly suggest to read the VMWare FAQ, where the main difficult points are clearly and quickly given an explanation.