In my previous article, I showed you how to configure additional vSphere Web Client 5.1 Servers for a Windows environment. For those interested in using the VCSA (vCenter Server Appliance) instead to configure additional vSphere Web Client Servers, here is the process.
Disclaimer: This is for educational purposes only, this is not officially supported by VMware. Please test this in a development environment before using it on actual systems.
Before getting started, it is very important to ensure you have proper DNS resolution (forward / reverse working) on all your VCSA's.
Step 1 - You will need to know the IP Address or hostname of your vCenter SSO Server (If you are using the VCSA, then it is the same address as your vCenter Server). Next, deploy a brand new VCSA and go ahead and configure the IP Address, hostname, etc. in preparation for the next step.
Step 2 - Create a script called configureVCSAvSphereWebClientStandalone.sh (this script reside on the new VCSA itself or on a remote host) which contains the following
#!/bin/bash
# William Lam
# www.virtuallyghetto.com
# User Configurations
VCENTER_SSO_IPADDRESS=172.30.0.181
## DO NOT EDIT BEYOND HERE ##
echo "Adding Lookup Service URL to /etc/vmware/ls_url.txt & /etc/vmware-sso/ls_url.txt"
echo "https://${VCENTER_SSO_IPADDRESS}:7444/lookupservice/sdk" > /etc/vmware/ls_url.txt;echo "https://${VCENTER_SSO_IPADDRESS}:7444/lookupservice/sdk" > /etc/vmware-sso/ls_url.txt;
echo "Retrieving ${VCENTER_SSO_IPADDRESS} SSL Certificate"
echo "" | openssl s_client -connect ${VCENTER_SSO_IPADDRESS}:7444 2> /dev/null 1> /tmp/cert
echo "Storing ${VCENTER_SSO_IPADDRESS} SSL Certificate in /etc/ssl/certs/VMware-Lookup-Service-Root-CA.pem"
openssl x509 -in /tmp/cert > /etc/ssl/certs/VMware-Lookup-Service-Root-CA.pem
echo "Registering vSphere Web Client with ${VCENTER_SSO_IPADDRESS}"
/usr/lib/vmware-vsphere-client/vsphere-client-sso-hook install --ls-server https://${VCENTER_SSO_IPADDRESS}:7444/lookupservice/sdk --user root --password vmware
You will need to change the VCENTER_SSO_IPADDRESS variable to the address of your vCenter SSO Server.
Step 3 - Set the script to executable by running the following command:
chmod +x configureVCSAvSphereWebClientStandalone.sh
Step 4 - You can either execute the script locally on the VCSA or my preferred method is just to execute it remotely by running the following command:
ssh [email protected] < configureVCSAvSphereWebClientStandalone.sh
Note: Make sure to replace the IP Address with address of your VCSA
As part of the configuration, the vSphere Web Client service will automatically start up at the very end. Once the service has successfully started, you will be able to connect to the vSphere Web Client URL by going to https://[webclient-hostname-ip]:9443/vsphere-client and you now should be able to see all the vCenter Servers that have registered with the same vCenter SSO server.
Here is another view using the new VIN 1.2 (vSphere Infrastructure Navigator) to show that I have two vSphere Web Client servers (webclient1 and webclient2) registered to my primary vCenter SSO Server (vcenter51-1) as well as two additional vCenter Server (vcenter51-2 and vcenter51-3) that are also registered with the same SSO Server.
As you can see, if you need to add additional vSphere Web Client Servers, the VCSA can easily be configured to enable only this feature to help you scale out and provide additional capacity as well as redundancy. Stay tuned for some more details on configuring a Load Balancer to load balance multiple vSphere Web Client Servers.
Additional Resources:
- Automating VCSA 5.1 (vCenter Server Appliance) Configurations
- Automatically Join Multiple VCSA 5.1 using New vCenter SSO (Single Sign-On)
- Configuring Additional Windows vSphere Web Client 5.1 Servers
Hello William,nice post.Thanx for your sharing. i have one question, why its not supporting from VMware.Is there any reason behind.
Regards
Surya
Cool stuff William. I was attempting to script the first step, configuring the hostname, by using parts of the script from your post on "Automating VCSA 5.1 (vCenter Server Appliance) Configurations". It appears to complete successfully, but when the VCSA reboots, it fails to get the status of the vami-sfcb service and goes into a loop restarting that service over and over.
I can login to the VCVA web interface and the correct hostname is displayed on the Network Status page. If I go to Network->Address, the correct hostname is on that page as well, and I can click 'Save Settings' and then the vami-sfcb service starts working. Any idea what else is happening when the 'Save Settings' button is clicked?
########
echo "Accepting EULA ..."
/usr/sbin/vpxd_servicecfg eula accept
echo "Configuring vCenter hostname ..."
SHORTHOSTNAME=$(echo ${VCENTER_HOSTNAME} | cut -d. -f1)
/bin/hostname ${VCENTER_HOSTNAME}
echo ${VCENTER_HOSTNAME} > /etc/HOSTNAME
sed -i "s/localhost.localdom/${VCENTER_HOSTNAME}/g" /etc/hosts
sed -i "s/localhost/${SHORTHOSTNAME}/g" /etc/hosts
#########
I think I figured it out. The script was modifying /etc/hosts to the point where 'localhost' wouldn't resolve. That seems to break vami-sfcb. I modified the script to configure /etc/hosts the same way that results when clicking the 'Save Settings' button in the UI.
#######
echo "Accepting EULA ..."
/usr/sbin/vpxd_servicecfg eula accept
echo "Configuring vCenter hostname ..."
SHORTHOSTNAME=$(echo ${VCENTER_HOSTNAME} | cut -d. -f1)
/bin/hostname ${VCENTER_HOSTNAME}
echo ${VCENTER_HOSTNAME} > /etc/HOSTNAME
sed -i "s/localhost.localdom localhost/${VCENTER_HOSTNAME} ${SHORTNAME}/g" /etc/hosts
#######
Woah, publishing the comment did something weird to the spacing. All the tab-looking spaces are just a single space.
I don't know if you are monitoring this blog anymore, but this has been a very frustrating subject for me. My vCenter Servers were pre-configured and I can only see one server in one web client. I attempted to create and run your script, but all I get is "Command Not Found". Can you post an example of exactly what should be inside the file. All I put in the file is VCENTER_SSO_X.X.X.X. Thanks
Looks like the code did not import over. I've fixed the post, it should make sense now 🙂