WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Resources
    • Nested Virtualization
  • VMware Nostalgia
  • Apple
You are here: Home / Automation / Deploying a vCenter Server Appliance (VCSA) in VMC-A?

Deploying a vCenter Server Appliance (VCSA) in VMC-A?

05.07.2019 by William Lam // 2 Comments

During the VMware Cloud on AWS (VMC-A) Customer Summit last week, I received an interesting question from one of our field folks on whether it was possible to deploy a vCenter Server Appliance (VCSA) to VMC-A for testing purposes? This was not a use case I had heard of before but it would enable the team to quickly prototype a solution to demonstrate to their customer.

I figured this should work and you should be able to just point the VCSA Installer to an existing VMC-A environment for deployment. It was mentioned that they had attempted to run the installer but ran into a permission issue where it required a full administrator role, which in VMC-A, customers do not have.

In taking a look for myself in one of my VMC-A environment using the VCSA UI Installer, I did indeed run into the same permission issue as shown in the screenshot below.

User has no administrative privileges


This surprised me as the VCSA Installer does not actually require administrative privileges to deploy a VCSA, just the privileges for deploying a regular VM. I captured the logs and screenshots and have shared this with the VCSA PM for further investigation.

UPDATE (01/01/2023) - The workaround shared here is also officially documented in this VMware KB 90922 and deploying VCSA within VMC-A vCenter Server to manage external ESXi hosts such as those residing in an external datacenter or edge location is fully supported by VMware. At the end of the day, VCSA is just another workload running in VMC-A

I was not ready to give up, I had one more idea which was to attempt the deploying using the VCSA CLI Installer. In the past, I have ran into issues where the logic between the UI and CLI differ slightly and I was wondering if this was true here? Well, it turns out the check indeed passes or perhaps it was not being checked at all. I was able to successfully deploy a VCSA into a VMC-A environment when using the CLI Installer and you can find the instructions below.

Step 1 - You will need to setup a jumphost VM (Linux or Windows) running within the Compute Network to perform the deployment, as it needs to be able to access the VM during the setup. In my example, I used a Windows 10 VM but you can use any supported GuestOS that the VCSA CLI Installer supports.

Step 2 - You will need to configure both the Management (MGW) and Compute (CGW) Firewall within VMC-A to allow connectivity for deployment, which is outlined in this blog post here.

Step 3 - Deploy the VCSA using the CLI Installer just like you normally would, here is an example JSON for installing an Embedded VCSA to VMC-A which you can adjust to your environment.

{
    "new_vcsa": {
        "vc": {

            "hostname": "vcenter.sddc-a-b-c-d.vmwarevmc.com",
            "username": "*protected email*",
            "password": "FILLMEIN",
            "deployment_network": "sddc-cgw-network-1",
            "datacenter": [
                "SDDC-Datacenter"
            ],
            "datastore": "WorkloadDatastore",
            "target": [
                "Cluster-1",
                "Resources",
                "Compute-ResourcePool"
            ]
        },
        "appliance": {
            "thin_disk_mode": true,
            "deployment_option": "tiny",
            "name": "VCSA-67u2"
        },
        "network": {
            "ip_family": "ipv4",
            "mode": "dhcp"
        },
        "os": {
            "password": "VMware1!",
            "time_tools_sync": true,
            "ssh_enable": true
        },
        "sso": {
            "password": "VMware1!",
            "domain_name": "vsphere.local"
        }
    },
    "ceip": {
        "settings": {
            "ceip_enabled": false
        }
    }
}

As you can see from the screenshot below, I have a VCSA 6.7 Update 2 successfully deployed to VMC-A and accessible from within the jumphost VM, which is also running within VMC-A!

More from my site

  • Integrating VMware Cloud Notification Gateway with VMware Event Broker Appliance (VEBA)
  • Custom notification and automation based on host failure in VMware Cloud on AWS
  • ESX 3.x on VMware Cloud on AWS? 
  • Configuring Standalone vRealize Orchestrator with VMware Cloud on AWS
  • Automating HCX Multi-Site Service Mesh configuration using the new HCX PowerCLI cmdlets

Categories // Automation, VCSA, VMware Cloud on AWS Tags // VCSA, VMC, VMware Cloud on AWS

Comments

  1. *protectedNitin Rawat says

    12/12/2019 at 3:52 am

    Nice blog. I understood the concept very well. This blog is very informative. And it's very interesting topic. Visit to get more knowledge. How To Upgrade Esxi Server To 6.7 On HP Proliant DL380 Gen9 Server https://www.hex64.net/how-to-upgrade-esxi-server-to-6-7-on-hp-proliant-dl380-gen9-server

    Reply
  2. *protectedMark Litton says

    11/11/2022 at 5:05 pm

    Would the same issue exist in AVM and would the same steps resolve it as well?

    Reply

Thanks for the comment!Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025
  • Quick Tip - Validating Broadcom Download Token  05/01/2025
  • Supported chipsets for the USB Network Native Driver for ESXi Fling 04/23/2025
  • vCenter Identity Federation with Authelia 04/16/2025
  • vCenter Server Identity Federation with Kanidm 04/10/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...