VMware vCenter Configuration Manager - 5.6 Installation Manual
VMware vCenter Configuration Manager
Advanced Installation Guide
vCenter Configuration Manager 5.6
This document supports the version of each product listed and supports all
subsequent versions until the document is replaced by a new edition. To
check for more recent editions of this document, see
http://www.vmware.com/support/pubs.
EN-001036-00
vCenter Configuration Manager Advanced Installation Guide
You can find the most up-to-date technical documentation on the VMware Web site at:
http://www.vmware.com/support/
The VMware Web site also provides the latest product updates.
If you have comments about this documentation, submit your feedback to:
docfeedback@vmware.com
© 2006–2012 VMware, Inc. All rights reserved. This product is protected by U.S. and international copyright and
intellectual property laws. VMware products are covered by one or more patents listed at
http://www.vmware.com/go/patents.
VMware is a registered trademark or trademark of VMware, Inc. in the United States and/or other jurisdictions. All
other marks and names mentioned herein may be trademarks of their respective companies.
VMware, Inc.
3401 Hillview Ave.
Palo Alto, CA 94304
www.vmware.com
2
VMware, Inc.
Contents
About This Book 7
Achieving a Successful VCMInstallation 10
VCM Collector and Agent OS Platform Support 10
Hardware Requirements for Collector Machines 12
Determine the Size of Your Environment 12
Identify Your Specific Hardware Requirements 13
Database Sizing for Managed vCenter Server Instances 13
Hardware and Disk Requirements By Number of Managed Machines 14
Software and Operating System Requirements for Collector Machines 16
Sizing Impacts on Software Requirements 16
Software Installation and Configuration Overview 16
VCM Upgrades and Migrations 17
Preparing for Installation 18
VCM Installation Configurations 18
System Prerequisites to Install VCM 20
Establish Local Administration Rights 21
Verify Browser Compatibility 22
Verify the Default Network Authority Account 22
Verify the SQL Server Service Account 22
Specify the Collector Services Account 23
Verify the VMware Application Services Account 23
Verify the VCM Agent is Not Installed 24
Verify the SQLXML Version 25
Configure Resources to Install VCM on a Virtual Machine 26
Configure the Disk to Install VCM on a Virtual Machine 27
Configure the CPU to Install VCM on a Virtual Machine 27
Configure the Memory to Install VCM on a Virtual Machine 28
Secure Communications Certificates 30
Authenticating the Server to the Client 30
Enterprise and Collector Certificates 31
Delivering Initial Certificates to Agents 31
Single-Tier Server Installation 34
Configure a Single-Tier Installation Environment 36
Verify that the Installing User is an Administrator 37
Install and Configure a Windows Server 2008 R2 Operating System 38
Configure the Operating System Locale Settings 39
Disable the Remote Desktop Session Host 40
Enable DCOM 40
Install the .NET Framework 40
Verify the ASP.NET Client System Web Version 41
VMware, Inc.
3
vCenter Configuration Manager Advanced Installation Guide
Verify the ASPRole Service 41
Verify the ASP.NETRole Service 41
Configuring the Database Components of the VCM Collector 42
Install SQL Server on the VCMCollector 42
Verify and Configure the SQL Server Properties 44
Verify Matching SQL Server and Computer Names 45
Verify the SQLServer Agent Service Account is a sysadmin 45
Select the SQLServer Agent Service Account 46
Establish SQL Server Administration Rights 46
Configure the Web Components 47
Configuring IIS 49
Verify the ISAPI Extensions 50
Configure SSRS on the VCMCollector 51
Back Up Your SSRS Key 51
Disable IE Protected Mode for SSRS 51
Configure SSRS 52
Configure Basic Authentication on the Report Server 53
Configure Kerberos Authentication 54
Configure the VCM Collector Components 57
Two-Tier Split Installation 60
Configuring a Two-Tier Split Installation Environment 61
Verify that the Installing User is an Administrator 62
Install and Configure a Windows Server 2008 R2 Operating System 62
Configure the Operating System Locale Settings 64
Disable the Remote Desktop Session Host 64
Enable DCOM 64
Configuring the VCM Database Server 65
Disable the Firewall or Add an Exception for SQL Server Port 1433 65
Install SQL Server on the Database Server 66
Verify and Configure the SQL Server Properties 68
Verify Matching SQL Server and Computer Names 68
Verify the SQLServer Agent Service Account is a sysadmin 69
Select the SQLServer Agent Service Account 69
Establish SQL Server Administration Rights 70
Configure the Combined VCM Collector and Web Server 71
Install the .NET Framework 71
Configure the Web Components 72
Installing and Configuring SSRS on the Combined VCM Collector and Web Server 77
Configure Kerberos Authentication 81
Configure the VCM Collector Components 84
Three-Tier Split Installation 86
Configuring a Three-Tier Split Installation Environment 87
Verify that the Installing User is an Administrator 87
Install and Configure a Windows Server 2008 R2 Operating System 88
Configure the Operating System Locale Settings 89
Disable the Remote Desktop Session Host 90
Enable DCOM 90
Configure the VCM Database Server 90
Install SQL Server on the Database Server 91
Verify and Configure the SQL Server Properties 93
Verify Matching SQL Server and Computer Names 93
Verify the SQLServer Agent Service Account is a sysadmin 94
Select the SQLServer Agent Service Account 95
Establish SQL Server Administration Rights 95
Configure the Web Server 96
4
VMware, Inc.
Contents
Configuring IIS 98
Verify the ISAPI Extensions 100
Place the Web Server in the Internet Explorer Trusted Zone 100
Access to Patch Download Folder for Windows Patch Deployment 101
Installing and Configuring SSRS on the Web Server 102
Configure Kerberos Authentication 107
Modify the SQLCMD Path Variable 109
Configure the VCM Collector 110
Install the .NET Framework 111
Using VCM Remote 112
Installing VCM 116
DCOM and Port Requirements for VCM 117
Use Installation Managerto Install VCM 117
Install VCM 117
File System Permissions 118
Change Permissions On Machine Certificate Keys 119
Verify VCM Remote Virtual Directory Permissions 120
Configuring SQL Server for VCM 122
SQL Server Database Settings 122
SQL Server Processor Settings 123
SQL Server IO Configuration 123
Using the RAID Levels with SQLServer 124
Disk Interface and Disk Drive Performance 125
Use SQLIO to Determine IO Channel Throughput 126
Upgrading or Migrating VCM 128
Upgrading VCM and Components 128
Upgrade VCM 129
Upgrade Existing Windows Agents 130
Upgrade Existing VCM Remote Clients 130
Red Hat Server and Workstation Licensing 131
Upgrade Existing UNIX Agents 131
Upgrading Virtual Environments Collections 134
Upgrade the Managing Agent 134
Upgrading the vSphere Client VCM Plug-In 134
Upgrading Agent Proxy Machines 135
Migrating VCM 137
Prerequisites to Migrate VCM 138
Migrate Only Your Database 140
Replace Your Existing 32-Bit Environment with a Supported 64-bit Environment 141
Migrate a 32-bit Environment Running VCM 5.3 or Earlier to VCM 5.6 142
Migrate a 64-bit Environment Running VCM 5.3 or Earlier to VCM 5.6 143
Migrate a Split Installation of VCM 5.3 or Earlier to a Single-Tier, Two-Tier, or Three-Tier
Server Installation 145
How to Recover Your Collector Machine if the Migration is not Successful 147
Maintaining VCM After Installation 150
Customize VCM and Component-Specific Settings 150
Configure Database File Growth 152
Database Recovery Models 152
Configure Database Recovery Settings 153
Create a Maintenance Plan for SQL Server 2008 R2 154
Incorporate the VCM Database into Your Backup and Disaster Recovery Plans 156
Hardware and Operating System Requirements for VCM Managed Machines 158
VMware, Inc.
5
vCenter Configuration Manager Advanced Installation Guide
VCM Agent Support on Non-English Windows Platforms 158
VCM Managed Machine Requirements 158
Windows Custom Information Supports PowerShell 2.0 160
Supported OS Provisioning Target Systems 161
Software Provisioning Requirements 161
UNIX and Linux Patch Assessment and Deployment Requirements 162
Support for VMware Cloud Infrastructure 163
Cloud and Virtualization Infrastructure Platforms 163
Managing Agent Requirements 163
Agent Proxy Requirements for VMware ESX and ESXi 163
vCenter Operations Manager Integration Features 165
FIPS Requirements 165
FIPS for Windows 165
FIPS for VCM Agent Proxies 167
Agent Sizing Information 167
Windows Machines 167
UNIX and Linux Machines 169
Mac OS X Machines 169
Hardware and Software Requirements for the Operating System Provisioning Server 170
Supported OS Provisioning Server Platform 170
OS Provisioning Server System Requirements 170
OS Provisioning Server Software Requirements 171
Required Packages 171
Disallowed Packages 171
OS Provisioning Server Network Requirements 171
Provisioning Network Interface 171
Configure the OS Provisioning Server Firewall 172
Installing, Configuring, and Upgrading the OS Provisioning Server and Components 174
Restricted Network Environment 174
Install and Configure the OS Provisioning Server 174
Install the Operating System Provisioning Server 175
Uninstall the OS Provisioning Server 176
Configure DHCP 177
Configure a DHCP Server Other Than the OS Provisioning Server 178
Configure TFTP 178
Create a Windows Boot Image 179
Copy the VCM Certificate to the OS Provisioning Server for Linux Provisioning 180
Import Distributions into the OS Provisioning Server Repository 181
Create Directories for Windows Distributions 181
Import Windows Distributions 182
Import Linux Distributions 183
Using the basicimport Command Options 185
Working with Custom Linux ISO Distributions 185
Upgrade the OS Provisioning Server to 5.5 186
Managing the OS Provisioning Server System Logs 188
ospctrl Command Options 189
Index 190
6
VMware, Inc.
About This Book
The VCM Advanced Installation Guide describes the steps to install VCM in all supported installation
configurations. This document includes detailed information that does not appear in the VCM Installation
Guide.
This document contains the following information:
n
Hardware requirements for VCM Collector machines
n
Software and operating system requirements for VCM Collector machines
n
System prerequisites to install VCM
n
Secure Communication Certificates
n
Single-tier, two-tier, and three-tier installation configurations
n
Configuring SQLServer for VCM
n
Hardware requirements for VCM managed machines
n
Hardware and software requirements for the OSProvisioning Server
Read this document and follow the procedures to successfully install VCM on existing physical or virtual
machines in your environment.
The VCM Advanced Installation Guide applies to VCM 5.6, Foundation Checker 5.6, and Service Desk
Connector 1.3.0.
Intended Audience
This information is written for experienced Windows or UNIX/Linux/Mac OSX system administrators
who are familiar with managing network users and resources and with performing system maintenance.
To use this information effectively, you must have a basic understanding of how to configure network
resources, install software, and administer operating systems. You also need to fully understand your
network topology and resource naming conventions.
Document Feedback
VMware welcomes your suggestions for improving our documentation. If you have comments, send
your feedback to docfeedback@vmware.com.
VMware, Inc.
7
vCenter Configuration Manager Advanced Installation Guide
VMware VCM Documentation
The vCenter Configuration Manager (VCM) documentation consists of the VCM Installation Guide, VCM
Administration Guide, VCM Advanced InstallationGuide, VCM online help, and other associated
documentation.
8
VMware, Inc.
vCenter Configuration Manager Advanced Installation Guide
Technical Support and Education Resources
The following technical support resources are available to you. To access the current version of this book
and other books, go to http://www.vmware.com/support/pubs.
Online and Telephone
Support
To use online support to submit technical support requests, view your
product and contract information, and register your products, go to
http://www.vmware.com/support.
Customers with appropriate support contracts should use telephone support
for priority 1 issues. Go to http://www.vmware.com/support/phone_
support.html.
Support Offerings To find out how VMware support offerings can help meet your business
needs, go to http://www.vmware.com/support/services.
VMware Professional
Services
VMware Education Services courses offer extensive hands-on labs, case study
examples, and course materials designed to be used as on-the-job reference
tools. Courses are available onsite, in the classroom, and live online. For
onsite pilot programs and implementation best practices, VMware Consulting
Services provides offerings to help you assess, plan, build, and manage your
virtual environment. To access information about education classes,
certification programs, and consulting services, go to
http://www.vmware.com/services.
9
VMware, Inc.
Achieving a Successful VCMInstallation
Perform the requirements to successfully install VMware vCenter Configuration Manager (VCM), and
then install VCM in any of the supported single-tier, two-tier, or three-tier installation configurations.
Determine your specific hardware and software requirements for VMware vCenter Configuration
Manager (VCM). Perform the preparatory steps to install and configure your physical and virtual
machines for a successful VCM installation.
To determine your hardware and software requirements, begin by answering several questions.
n
How many vCenter Server, UNIX, Linux, and Windows servers and workstations will you license?
n
How often will you collect data?
n
How much data will you collect?
n
How long will you retain the collected data and change data?
n
What additional VCM components will you use? For available VCM components, see the Download
VMware vCenter Configuration Manager Web site.
n
Do you understand the VCM security requirements? See the VCM Security Guide.
1
To achieve a successful VCM installation, you must understand the hardware and software requirements
for VCM Collector machines and VCM managed machines, prepare your environment for VCM
installation, then install VCM.
Before you install VCM, use the following chapters to prepare for VCM installation. Perform the
prerequisite steps and procedures in the order presented, configure resources, configure your installation
environment, then install VCM.
After you install VCM, set the file growth for your VCMdatabase, then create a maintenance plan.
VCM Collector and Agent OS Platform Support
All Agent and Collector OS platform support is specific to versions and editions indicated in the supported
platforms table. Some configurations can reduce or block the performance or functionality of VCM
components, such as configurations by vendors, third-party, custom lock downs, endpoint security
products, policies, and restricted system. Troubleshooting and support of VCM components in lockeddown or reconfigured environments is not included under the standard product maintenance agreement.
Support in these environments is available through an additional Professional Services engagement.
All testing is performed in a hardened environment, as documented in the VCM Security Guide. Testing
with OS vendor hardening applied for the VCM Collector is part of the supported configurations.
VMware, Inc.
10
vCenter Configuration Manager Advanced Installation Guide
For details about VCM Collector machines, see Hardware Requirements for Collector Machines and
Software and Operating System Requirements for Collector Machines in the VCM Installation Guide.
For details about VCM managed machines, see Hardware and Operating System Requirements for
Managed Machines in the VCM Installation Guide.
11
VMware, Inc.
Hardware Requirements for Collector Machines
Your VCM Collector hardware requirements depend on the number of physical and virtual managed
machines in your environment.
Use this information to determine how many machines you plan to manage. You can determine the
individual hardware requirements to ensure a successful VCM installation.
Disk space requirements vary based on the following factors.
n
Number of machines from which you collect data
n
Type of data collected and filters used
n
Frequency of collections
n
Data retention
Determine the Size of Your Environment
VCM hardware requirements are recommended based on whether your environment contains 1–1000,
1000–2000, 2000–5000, or more managed machines. To determine the number of managed machines on
which to base your collector size, consider the number of vCenter Server instances, Windows servers and
workstations, UNIX or Linux machines, and virtual machines that you are licensing. Identify any other
VCM components that you are licensing. To determine your total number of managed machines, enter
data for your enterprise in the sizing worksheet.
2
In VCM, the term “managed machines” refers to the servers and workstations that VCM manages, and
from which VCM collects data. If you use VCM for Microsoft Active Directory (AD), this definition
includes AD objects that you plan to have in your environment in the next 12 to 24 months.
Use the formulas in the worksheets to determine how your AD objects will increase your managed
machine count and affect your final sizing requirements. After you complete the worksheet and
determined the number of managed machines, size your Collector machine. Use the blank worksheet to
record the managed machines in your environment.
VMware, Inc.
12
vCenter Configuration Manager Advanced Installation Guide
Table 2–1. Sizing Worksheet
Product Description Anticipated Number o f Managed
VCM Windows Servers
ESXi Servers
Guest Virtual Machines
Linux or UNIX
Mac
Windows Workstations
Machin es in th e Next 12-24
Months
VCM
for AD
Divide total number of AD objects by 100 to determine the
approximate "machine count" for your AD environment.
Total Managed Machines: _______
In the following example, an enterprise environment contains machines and objects that represent 1377
managed machines, which places it in the 1000–2000 managed machines category.
Table 2–2.
Example of Sizing Worksheet with Sample Data
Product Description
Anticipat ed Number o f Managed
Machin es in th e Next 12-24 Months
VCM Windows Servers 92
vSphere/ESX/ESXi Servers 5
Virtual Machines (VM) 50
Linux or UNIX 100
Mac 100
Windows Workstations 920
VCM
for
AD
Divide total number of AD objects by 100 to determine
the approximate "machine count" for your AD
environment.
10,000 AD Objects/100 = 100 managed
machines to accommodate VCM for
AD
Total Managed Machines: 1377
Identify Your Specific Hardware Requirements
Size your VCM Collector and database based on the requirements for managed vCenter Server instances
and the number of machines managed by VCM.
Database Sizing for Managed vCenter Server Instances
Use the following requirements to size your SQLServer database depending on the number of hosts and
guests per vCenter Server managed by VCM. These requirements are in addition to the base VCM
storage requirements, and are based on an estimated 10% data change per day times 15 days of data
retention.
13
VMware, Inc.
Hard ware Requirements for Collector Machines
Table 2–3. VCMDatabase Sizing per vCenter Server Instance
Host s Guests Est. Daily Ch ange Data Retent ion in Days Data Size
25 250 10% 15 3GB
50 500 10% 15 6GB
250 2500 10% 15 30GB
The best practice in production environments is to have the Managing Agent process requests for a single
vCenter Server. Dedicate one Managing Agent machine for each vCenter Server. In a single vCenter
Server instance environment, the VCM Collector can be the Managing Agent.
A single Managing Agent can manage multiple vCenter Server instances depending on your collection
schedules and when potential job latency is not an issue, such as when a single Managing Agent must
process multiple requests serially. A single Managing Agent can manage multiple vCenter Server instances
as long as only one vCenter Server is collected at a time.
When job latency is not a problem, and depending on your collection schedules, you might dedicate a
single Managing Agent for every five vCenter Server instances or 100 hosts. You could dedicate one
Managing Agent to a vCenter Server that manages 100 hosts, or a collection of four vCenter Server
instances that each manage 10 hosts could share a Managing Agent.
Hardware and Disk Requirements By Number of Managed Machines
Use the Minimum Hardware Requirements and Minimum Disk Configuration Requirements tables to
determine your hardware and disk configuration requirements for a single-tier server installation.
Use the total number of managed machines from the Sizing Worksheet to locate your environment size
(1–1000, 1000–2000, 2000–5000, or more). If you have more than 5000 machines in your environment,
contact VMware Technical Support to help you determine your hardware requirements.
If you run SQLServer on a virtual machine, see Microsoft SQL Server on VMware Best Practices Guide at
http://www.vmware.com/files/pdf/sql_server_best_practices_guide.pdf. If you run SQL Server in a Hyper-
V environment, see Best Practices and Performance Considerations for Running SQL Server 2008 in a Hyper-V
Environment on the Microsoft Web site.
The requirements listed in the following tables are based on the following assumptions.
n
Daily VCM collections using the default filter set with additional Microsoft AD security descriptors
collected using VCM for AD.
n
15 days retention of change data.
n
Simple recovery mode only.
n
Daily VCM Patching collections.
n
No applications other than VCM are running on your server.
VCM for AD collections cause the TempDB database to grow significantly. If you have a fully populated
Microsoft Active Directory and plan to perform frequent AD collections, increase your hardware
requirements.
Longer data retention, additional WMI, registry filters, and custom information collections also add to the
requirements.
The following table provides hardware requirements for a single-tier server installation of VCM. If you
are installing VCM in a two-tier or three-tier environment, approximate sizing requirements are provided
in the VMware Knowledge Base. See http://kb.vmware.com/kb/2033894.
VMware, Inc.
14
vCenter Configuration Manager Advanced Installation Guide
Table 2–4. Minimum Hardware Requirements by Number of Managed Machines for Single-Tier
Server Installations
Requ irements Number of VCM Manag ed Machines
1–1000 1000–2000 2000+
Processors Dual Xeon or single Dual
Core 2GHz minimum
Quad Xeon or two Dual
Core 2GHz minimum
Eight-way Xeon or four
Dual Core 2GHz minimum
RAM 8GB+ minimum 12GB+ minimum 16GB+ minimum
Number of
2 3 4
Separate Disk
Channels
The space allocations in the following table do not include space for backups. Allocate backup space that is
equal to the size of the VCM data for a single full backup, or larger to keep multiple partial backups.
Table 2–5. Minimum Disk Configuration Requirements by Number of Managed Machines
Number of VCM Manag ed
Machin es
RAID Channel and RAID Level Partitions Usable
Space
1–500 Channel 0 – RAID 1 OS 36GB
Collector Data
36GB
Files
TempDB 36GB
SQL Log Files 28GB
Channel 1 – RAID 0+1 (recommended) or
SQL Data Files 56GB
RAID 10
501–1000 Channel 0 – RAID 1 OS 36GB
Collector Data
36GB
Files
Channel 1 – RAID 1 TempDB 56GB
SQL Log Files 56GB
Channel 2 – RAID 0+1 (recommended) or
SQL Data Files 113GB
RAID10
1001–2000 Channel 0 – RAID 1 OS 36GB
Collector Data
54GB
Files
Channel 1 – RAID 1 TempDB 113GB
Channel 2 – RAID 1 SQL Log Files 113GB
Channel 3 – RAID 0+1 (recommended) or
SQLData Files 227GB
RAID 10
15
VMware, Inc.
Software and Operating System Requirements for Collector Machines
Your VCM environment software configuration must meet the requirements to install VCM 5.6. The
software requirements are based on the number of managed machines in your environment and your
installation configuration.
The software requirements are organized into steps. You must perform the steps in the order specified to
ensure a successful VCM installation.
All software requirements apply to the server in your single-tier installation. For more information about
installation configurations, see "VCM Installation Configurations" on page 18.
Sizing Impacts on Software Requirements
Use the total number of managed machines that you identified in "Determine the Size of Your
Environment" on page 12 to locate your environment size (1–1000, 1000–2000, 2000–5000, or more). If you
have more than 5000 machines in your environment, contact VMware Technical Support for your specific
requirements.
VCM supports Standard and Enterprise editions of SQL Server 2008 R2.
3
CAUTION If your Windows machine has an evaluation version of SQLServer StandardEdition or
Enterprise Edition, use it only for evaluation purposes. Do not use an evaluation version in a
production environment, because it is not officially supported for production.
Table 3–1. Minimum Software Requirements by Number of VCM Managed Machines
Soft ware
Compo nent
Operating
System
SQL Version SQL Server 2008 R2 Standard
SSRS Version SQL Server 2008 Reporting
Number of Manag ed Machines
1–1000 1000–2000 2000–5000
Windows Server 2008 R2 Windows Server 2008 R2 Windows Server 2008 R2
Edition (64-bit)
Services
SQL Server 2008 R2 Standard
Edition (64-bit)
SQL Server 2008 Reporting
Services
Software Installation and Configuration Overview
VCM supports the Collector running on a Windows Server 2008 R2 operating system. Complete the
preparatory steps to prepare your Windows Server 2008 R2 machine for a successful VCM installation.
When you use VCM Installation Manager to install VCM, the system checks will run without error,
indicating that you have met all of the requirements to install VCM.
Enterprise Edition
SQL Server 2008 R2
Standard Edition (64-bit)
SQL Server 2008 Reporting
Services
VMware, Inc.
16
vCenter Configuration Manager Advanced Installation Guide
VCM supports several installation configurations including single-tier, two-tier, and three-tier. You use
Installation Manager to install VCM in these configurations.See "Preparing for Installation" on page 18.
To understand the requirements to upgrade or migrate your environment to the latest version of VCM,
see "VCM Upgrades and Migrations" on page 17.
VCM Upgrades and Migrations
To upgrade your version of VCM to the current version, you must have VCM 5.5, 5.5.1, 5.4, or 5.4.1. To
migrate your environment to the current version of VCM, you must have version 4.11.1 or later installed
and running.
CAUTION VCM 5.6 does not include the Patch Administrator role. If you previously assigned the
Patch Administrator role to a user, either reassign a different role to the user or let the user know
that the role no longer exists.
What to do next
To upgrade VCM, see the upgrade and migration examples at "Upgrading or Migrating VCM" on page
128.
17
VMware, Inc.
Preparing for Installation
Prepare your environment for a VCMinstallation by performing the prerequisites to include hardware,
software, and physical and virtual machines before you install VCM components and tools.
VCM Installation Configurations
VCM supports several installation configurations including single-tier, two-tier, and three-tier. Use
Installation Manager to install VCM in these configurations.
n
Single-Tier Server Installation
In a single-tier server installation, the VCM database server, Web server, and the VCM Collector
components reside on a single Windows Server 2008 R2 machine, which is referred to as the VCM
Collector. The installation installs all of the core VCM components, including the databases, console,
and services. This configuration enables integrated security by default.
n
Two-Tier Split Installation
In a two-tier split installation, the VCM database resides on the Windows Server 2008 R2 database
server machine, and the VCM Collector and Web components reside on the second Windows Server
2008 R2 machine.
4
n
Three-Tier Split Installation
In a three-tier split installation, the VCM databases, the Web applications, and the VCM Collector
components reside on three different Windows Server 2008 R2 machines.
To perform the prerequisite steps for VCM installation, see "System Prerequisites to Install VCM" on page
20.
VMware, Inc.
18
vCenter Configuration Manager Advanced Installation Guide
19
VMware, Inc.
System Prerequisites to Install VCM
Perform the system prerequisites to prepare your physical or virtual machine for VCM installation. The
prerequisites ensure that your machine meets the requirements for your environment to support a
successful VCM installation.
After you perform the system prerequisites, during VCM installation the Installation Manager runs
system checks on the database server, Web server, and VCM Collector machine in your installation
configuration. These system checks verify that you have satisfied all of the prerequisites for a successful
VCM installation. During the system checks, Foundation Checker verifies component-specific issues
against VCM, captures common issues, and identifies any problems with the version of VCM being
installed.
Foundation Checker might generate warnings, which you must review. In some cases, you might need to
resolve the warnings before you install VCM, even though the warnings will not prevent you from
starting the installation.
If Foundation Checker generates errors, you must resolve them before you install VCM. For more
information about Foundation Checker, see the VCM Foundation Checker User's Guide.
Use the following topics to verify your system requirements.
5
n
Verify that your environment meets the security requirements. See the VCM Security Guide.
n
"Establish Local Administration Rights" on page 21
Verify that the user account of the person who performs the VCM installation, upgrade, or migration
has all of the required rights.
n
"Verify Browser Compatibility" on page 22
Verify that the target VCM Collector machine, and any other machines that will access the VCM Web
console interface on the VCM Collector, have a compatible Web browser installed.
n
"Verify the Default Network Authority Account" on page 22
Define the network authority account in the Local Administrators group on the Collector machine
before you install VCM. The network authority account must be a domain account. VCM uses the
default network authority account to collect data from Windows Agent machines.
n
"Specify the Collector Services Account" on page 23
Specify the Collector Service account to use during VCM installation. The account can be a system
administrator account and must exist in the Local Administrators group on the Collector machine. The
account must not be the Local System account.
n
"Verify the VMware Application Services Account" on page 23
VMware, Inc.
20
vCenter Configuration Manager Advanced Installation Guide
Verify that the VMware Application Services Account is a domain user.
n
"Verify the VCM Agent is Not Installed" on page 24
The target Windows machine must not have a VCM Agent installed before you install VCM. If an
Agent is installed, you must uninstall the Agent for VCM to install.
n
"Verify the SQLXML Version" on page 25
SQLXML provides client-side XML functionality and enhancements to existing SQL features. SQLXML
4.0 SP1 is installed with SQL Server 2008 R2. Verify that the correct version is installed.
Establish Local Administration Rights
Verify that the user account of the person who performs the VCM installation, upgrade, or migration has
all of the required rights.
The following rights are required.
n
System administrator on the machines on which the installation or upgrade is performed.
n
System administrator on the database instance to be used.
n
Member of a domain.
The installing user account should not be the account used for VCM services, because the login of the
VCM service account is disabled during installation.
After installation, do not create a VCM user that uses the SQL Server services account credentials.
What to do next
Verify the compatibility of your browser. See "Verify Browser Compatibility" on page 22.
21
VMware, Inc.
Verify Browser Compatibility
Verify that the target VCM Collector machine, and any other machines that will access the VCM Web
console interface on the VCM Collector, have a compatible Web browser installed.
VCM supports the following browsers.
n
Internet Explorer version 8 and 9.
n
Internet Explorer version 10 in compatibility mode.
n
Mozilla Firefox version 6.0 or later with the Internet Explorer IE Tab add-on. This add-on requires
Internet Explorer 6.0 to be installed on the machine.
What to do next
Verify the default Network Authority account. See "Verify the Default Network Authority Account" on
page 22.
Verify the Default Network Authority Account
Define the network authority account in the Local Administrators group on the Collector machine before
you install VCM. The network authority account must be a domain account. VCM uses the default
network authority account to collect data from Windows Agent machines.
System Prerequisites to Install VCM
You specify the default network authority account during VCM installation. The default network authority
account can be a system administrator account, such as a Domain Admin in the Local Admin Group.
It is acceptable, but not preferred, to use the same account for the Application services account, Collector
service account, VCM Remote account, and the Tomcat Services account. If you use a single account, the
permissions required for the Collector service account will be sufficient. The account must be a local
administrator, should not be a domain administrator, has bulk-insert permissions in SQL, and is a dbo of
the VCM databases. In general, the Default Network Authority should be a different account, possibly a
Domain Administrator with rights on more systems in the environment.
Procedu re
1. On the Collector, right-click Computer and select Manage to open Server Manager.
2. Expand Configuration, expand Local Users and Groups, and click Groups.
3. Double-click Administrators and verify that the network authority account is listed as a member of the
Administrators group.
If the user or administrator’s group is not listed, add the user or group to the list. Verify that the user
has Windows administrator rights issued by the network administrator.
To change the network authority account after installing VCM, click Administration and select Settings >
Network Authority.
What to do next
Keep Server Manager open to specify the Collector Services account. See "Specify the Collector Services
Account" on page 23.
Verify the SQL Server Service Account
The SQL Server service account, under which the service for the SQL Server instance runs to manage the
VCM databases, must be LocalSystem or an account that has local administrative privileges.
VMware, Inc.
22
vCenter Configuration Manager Advanced Installation Guide
CAUTION Do not use Network Service for the SQL Server service account. If you use the Network
Service account for your SQL Server instance, VCM installation could fail. Foundation Checker does
not check for this account during VCM installation.
The LocalSystem account, NT AUTHORITY\System, has unrestricted access to all local system resources.
This account is a member of the Windows Administrators group on the local machine.
If the NT AUTHORITY\System account does not have access to the VCM installation binary files, the
installation results in an access denied error. This situation is not common, but could occur if the
installation files are copied to or extracted in a user's home directory. In this case, you must grant access to
the NT AUTHORITY\System account from the installation source directory, then run the installation
again. A user or user’s group has access when they have full control of the file or folder.
Specify the Collector Services Account
Specify the Collector Service account to use during VCM installation. The account can be a system
administrator account and must exist in the Local Administrators group on the Collector machine. The
account must not be the Local System account.
Logging in to VCM using a service account can lead to unexpected or inconsistent behavior. Services that
use the same account as a logged in user might modify the logged in user's current role or the machine
group, or log the user out of the system.
If the password for the account changes, you must change the password in the Services Management
console and the Component Services DCOM Config console.
Procedu re
1. In Server Manager, verify that the Groups menu is open.
If not, expand Configuration, expand Local Users and Groups, and click Groups.
2. Double-click Administrators and verify that the account used for Collector Services is listed as a
member of the Administrators group.
If the user or administrator’s group is not listed, to ensure that the user has Windows administrator
rights issued by the network administrator, add the user or group to the list.
What to do next
Keep Server Manager open to specify the VCM Application Services account in Server Manager. See
"Verify the VMware Application Services Account" on page 23.
Verify the VMware Application Services Account
Verify that the VMware Application Services Account is a domain user.
IMPORTANT Never use this account as a VCM login or for any other purpose. Logging in to VCM using a
service account can lead to unexpected or inconsistent behavior. Services that use the same account as a
logged in user might modify the logged in user's current role or the machine group, or log the user out of
the system.
23
VMware, Inc.
Procedu re
1. In Server Manager, verify that the Groups menu is open.
If not, expand Configuration, expand Local Users and Groups, and click Groups.
2. Double-click Administrators and verify that the application services account is listed as a member of
the Administrators group.
If the user or administrator’s group is not listed, add the user or group to the list. Ensure that the user
has Windows administrator rights issued by the network administrator.
What to do next
Verify that the VCM Agent is not installed on the Collector machine. See "Verify the VCM Agent is Not
Installed" on page 24.
Verify the VCM Agent is Not Installed
The VCM Collector installation includes an updated Agent. The target Windows machine must not have a
VCM Agent installed before you install VCM. If an Agent is installed, you must uninstall the Agent for
VCM to install.
Procedu re
System Prerequisites to Install VCM
1. To determine whether a VCM Agent is installed on the Windows machine, verify whether the
following folder exists.
%windir%\CMAgent
The %windir% environment variable specifies the directory where Windows is installed. This folder is
the default location. The Agent installation directory is accessible in the registry at the following
location.
HKLM\Software\Configuresoft\ECM\4.0\Common\PathsRootDir
2. If a VCM Agent is installed, remove the Agent from the target Windows machine.
a. If a working VCM Collector exists, use the VCM Web console to unlicense this machine and
remove the VCM Agent.
b. If a working VCM Collector does not exist, uninstall the Agent manually.
3. To uninstall the Agent manually, determine if the Agent was installed using the MSI installer.
a. Search for the string CMAgent under the following registry key.
HKEY_LOCAL_
MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall
If an Uninstall registry subkey exists that has a GUID-named key and reference to the VCM
Agent, such as {7C51E2CA-C932-44EF-8B77-3C03356A24CC}, the VCM Agent was installed
using the MSI Installer.
b. Examine the uninstall data to confirm that this is the VCM Agent.
VMware, Inc.
c. Open the setting UninstallString and copy the value.
An example value is as follows.
MsiExec.exe /X{7C51E2CA-C932-44EF-8B77-3C03356A24CC}
d. If an Uninstall GUIDregistry key that references the VCM Agent does not exist, the Agent was
installed using the manual installer.
24
vCenter Configuration Manager Advanced Installation Guide
4. Uninstall the VCM Agent.
a. If the Agent was installed using the MSI installer, to uninstall the Agent click Start and click Run to
execute the command line using the UninstallString registry value.
An example value is as follows.
MsiExec.exe /X{7C51E2CA-C932-44EF-8B77-3C03356A24CC}.
b. If the Agent was installed using the manual installer, run the following command to uninstall the
Agent.
%windir%\CMAgent\Uninstall\Packages\CMAgentInstall\UnCMAgentInstall.exe /S
INSTALL.LOG
What to do next
Verify that the correct version of SQLXML is installed. See "Verify the SQLXML Version" on page 25.
Verify the SQLXML Version
SQLXML provides client-side XML functionality and enhancements to existing SQL features. SQLXML 4.0
SP1 is installed with SQL Server 2008 R2. Verify that the correct version is installed.
Procedu re
1. Click Start and click Control Panel.
2. Click Programs and select Programs and Features.
3. Verify that SQLXML 4.0 SP1 appears in the list of installed programs.
4. If SQLXML 4.0 SP1 does not appear, install it from the Microsoft Download Center.
What to do next
n
If you will install VCM on a virtual machine, configure the disk, CPU, and memory resources. See
"Configure Resources to Install VCM on a Virtual Machine" on page 26.
n
Understand the use of secure communications certificates and be prepared to specify the certificates
during VCM installation. See Secure Communications Certificates in the VCM Installation Guide.
25
VMware, Inc.
Configure Resources to Install VCM on a Virtual Machine
To install VCM on a virtual machine, you must prepare the virtual machine to be used as a VCM Collector.
Because VCM can place heavy workloads on the database, you must understand your environment
workloads to determine the resource requirements.
For the VCM Collector to operate properly on a virtual machine, the virtual machine must satisfy several
prerequisites to run SQL Server on a VMware virtual machine.You should provision the VCM virtual
machine similar to a high throughput OLTP database application.
Use these guidelines to install VCM in development, test, or IT environments. For large scale
environments, you might need to alter the requirements.
IMPORTANT Do not install VCM on an ESX server that has over-allocated resources.
Prerequisit es
n
Follow the requirements for physical hardware.See the VCM Installation Guide.
n
Perform the system prerequisite tasks. See the VCM Installation Guide.
6
n
Follow the best practices to install SQLServer. See the Microsoft SQL Server on VMware Best Practices
Guide available on the VMware Web site at http://www.vmware.com.
Procedu re
1. "Configure the Disk to Install VCM on a Virtual Machine" on page 27
Configure the disk for the virtual machine. For large scale environments, you might need to alter the
requirements.
2. "Configure the CPU to Install VCM on a Virtual Machine" on page 27
Configure the CPU for the virtual machine. For large scale environments, you might need to alter the
requirements.
3. "Configure the Memory to Install VCM on a Virtual Machine" on page 28
Allocate the memory for the virtual machine. For large scale environments, you might need to alter
the requirements.
What to do next
Familiarize yourself with the certificate names in advance so that you can select them during installation.
See the VCM Installation Guide.
VMware, Inc.
26
vCenter Configuration Manager Advanced Installation Guide
Configure the Disk to Install VCM on a Virtual Machine
Configure the disk for the virtual machine. For large scale environments, you might need to alter the
requirements.
Prerequisit es
n
Prepare the virtual machine to be used as a VCM Collector. See "Configure Resources to Install VCM
on a Virtual Machine" on page 26.
n
Keep the spindle count consistent and allocate a sufficient number of spindles to the database files when
you migrate VCM from a physical machine to a virtual machine.
n
Place the database data files on multiple logical unit numbers (LUNs).
n
Create a TEMPDB data file for each virtual CPU that is allocated to the VCM Collector.
n
Use paravirtual SCSI (PVSCSI) controllers for the database disks to provide greater throughput and
lower CPU utilization, which improves VCM performance.
n
Maintain a 1:1 mapping between the number of virtual machines and the number of LUNs on a single
ESX host to avoid disk I/O contention.
Procedu re
1. Start vCenter Server.
2. Select your virtual machine.
3. Click the Resource Allocation tab.
4. In the CPU pane, click Edit.
5. In the Virtual Machine Properties dialog box, click the Resources tab.
6. In the Resource Allocation pane, click Disk and update the disk resource allocation to meet the needs
of your environment.
7. Click OK.
What to do next
Configure the CPUfor the virtual machine. See "Configure the CPU to Install VCM on a Virtual Machine"
on page 27.
Configure the CPU to Install VCM on a Virtual Machine
Configure the CPU for the virtual machine. For large scale environments, you might need to alter the
requirements.
Prerequisit es
n
Prepare the virtual machine to be used as a VCM Collector. See "Configure Resources to Install VCM
on a Virtual Machine" on page 26.
n
Test the workload in your planned virtualized environment to verify that the physical CPU resources
on the ESX host adequately meet the needs of guest virtual machines.
n
Provision multiple virtual CPUs only if the anticipated workload will use them. Over-provisioning
might result in higher virtualization overhead.
n
Install the latest version of VMware Tools on the guest operating system.
27
VMware, Inc.
Configure Resources to Install VCM on a Virtual Machine
Procedu re
1. Start vCenter Server.
2. Select your virtual machine.
3. Click the Resource Allocation tab.
4. In the CPU pane, click Edit.
5. In the Virtual Machine Properties dialog box, click the Resources tab.
6. In the Resource Allocation pane, click CPU and change the CPU resource allocation.
7. Click OK.
What to do next
Configure the memory for the virtual machine. See "Configure the Memory to Install VCM on a Virtual
Machine" on page 28.
Configure the Memory to Install VCM on a Virtual Machine
Allocate the memory for the virtual machine. For large scale environments, you might need to alter the
requirements.
Prerequisit es
n
Prepare the virtual machine to be used as a VCM Collector. See "Configure Resources to Install VCM
on a Virtual Machine" on page 26.
n
Verify that the ESX host has sufficient cumulative physical memory resources to meet the needs of the
guest virtual machines. Do not install VCM on an ESX server that has over allocated resources.
n
On the ESX host, enable memory page sharing and memory ballooning to optimize memory.
n
To reduce or avoid disk I/O, increase the database buffer cache.
Procedu re
1. Start vCenter Server.
2. Select your virtual machine.
3. Click the Resource Allocation tab.
4. In the Memory pane, click Edit.
5. In the Virtual Machine Properties dialog box, click the Resources tab.
6. In the Resource Allocation pane, click Memory and change the memory resource allocation.
7. Click OK.
What to do next
Prepare your single-tier, two-tier, or three-tier installation configuration. See "Single-Tier Server
Installation" on page 34, "Two-Tier Split Installation" on page 60, or "Three-Tier Split Installation" on page
86.
VMware, Inc.
28
vCenter Configuration Manager Advanced Installation Guide
29
VMware, Inc.
Secure Communications Certificates
During VCM installation, specify the Collector and Enterprise certificates. VCM uses Transport Layer
Security (TLS) to secure all UNIX Agents and all Windows Agents using HTTP, and TLS uses certificates to
authenticate the Collector and Agents to each other.
If you use your own certificates, you must familiarize yourself with the certificate names in advance so
that you can select them during installation.
A valid Collector certificate must have the following attributes.
n
Located in the local machine personal certificate store.
n
Valid for Server Authentication. If any Enhanced Key Usage extension or property is present, it must
include the Server Authentication OID 1.3.6.1.5.5.7.3.1. If the Key Usage extension is present, it
must include DIGITAL_SIGNATURE.
n
Active, and not expired.
If you do not want to use your own certificates, you can have Installation Manager generate the Collector
and Enterprise certificates for you, select the Generate option during the installation.
7
If you install more than one Collector that will communicate with the same Agents, or if you plan to
replace or renew your certificates, follow the special considerations to generate and select certificates in
VCM Installation Manager. See the VCM Security Guide.
Authenticating the Server to the Client
VCM supports Server Authentication to authenticate the server to the client. In VCM environments where
TLS is used, VCM Agents verify the identity of the Collectors by verifying the certificates. If you use your
own certificates, you must familiarize yourself with the certificate names in advance so that you can select
them during installation.
The server typically authenticates a client or user by requiring information such as a user name and
password. When Server Authentication is used, the client or user verifies that the server is valid. To
accomplish this verification, the server provides a certificate issued by a trusted authority, such as Verisign.
If your client Web browser has the Verisign Certified Authority certificate in its trusted store, the Web
browser can trust that the server is actually the Web site you access.
To guarantee the identity of servers and clients, TLS uses certificates that are managed by a public key
infrastructure (PKI). A certificate is a package that contains a public key, information that identifies the
owner and source of that key, and one or more certifications (signatures) to verify that the package is
authentic. To sign a certificate, an issuer adds information about itself to the information that is already
contained in the certificate request. The public key and identifying information are hashed and signed
using the private key of the issuer’s certificate.
VMware, Inc.
30
Loading...