9.4. Installation and Configuration of VirtualCenter 1.2This section covers the system requirements of each component that makes up the VirtualCenter deployment. The components that make up a VirtualCenter deployment include the VirtualCenter Server, VirtualCenter database, managed host and the VirtualCenter client. This section also covers the database setup and installation of VirtualCenter 1.2. In addition, this section covers the installation and how to add licenses to the VirtualCenter Server. First, the following concepts will be discussed:
9.4.1. VirtualCenter Server 1.2 System RequirementsThis section covers the requirements for the VirtualCenter Server, clients and managed host. You will need to ensure these requirements are met so that VirtualCenter will function properly. 9.4.1.1. VirtualCenter ServerThe following section covers the requirements for the VirtualCenter Server, including hardware, supported OS versions, and supported databases and licenses. 9.4.1.1.1. Recommended HardwareVMware recommends the following hardware for your VirtualCenter Server, and it provides additional recommendations depending on the number of managed hosts and VMs you will manage in your virtual infrastructure:
9.4.1.1.2. Supported OS VersionsVirtualCenter Server 1.2 supports Windows 2003 Standard, Enterprise and Web Editions; Windows 2000 Standard and Advanced Editions; and Windows XP Professional. 9.4.1.1.3. Databases SupportVirtualCenter can reside on a remote system if SQL Server or Oracle is to be used. Microsoft Access (default) is not recommended for production use; Access is best for trial and demonstration purposes only. VirtualCenter can be installed on the following database platforms:
9.4.1.1.4. Licensing RequirementsYou'll need one license for each VirtualCenter Server. 9.4.1.2. VirtualCenter ClientThe VirtualCenter Client is the user interface used to manage the VirtualCenter Server. It can be installed on the VirtualCenter Server or on a Windows desktop. The following requirements should be met before installing the VirtualCenter Client:
9.4.1.3. VirtualCenter Managed Host RequirementsVirtualCenter 1.2 can be used to manage:
9.4.1.3.1. Licensing RequirementsVirtualCenter managed host and Vmotion have the following licensing requirements:
9.4.1.4. VirtualCenter Managed Virtual Machine RequirementsYour VMs must meet the following requirements to be managed by VirtualCenter:
9.4.2. Setting Up Microsoft SQL Server for VirtualCenter 1.2The previous section covered the supported databases for VirtualCenter 1.2. Although VirtualCenter will work with Access and Oracle, this section focuses on SQL Server. For more information on setting up VirtualCenter with Access or Oracle, check the VirtualCenter installation instructions found at the VMware Web site. The first step to setting up your VirtualCenter is to decide which architecture you will use for your installation. The options you have are to use a local database (that is, one that's installed on the same server with the VirtualCenter Server) or installed on a remote database server. Figure 9.1 shows the option that we'll use for our VirtualCenter installation in this chapter. Figure 9-1. VirtualCenter Tiered ArchitectureFor us to set up VirtualCenter with the configuration displayed in Figure 9.1, we'll need to configure our database and ODBC connection to use SQL authentication. Although we were able to get VirtualCenter to work with Windows authentication using a remote database, VMware documentation states you must use SQL authentication if you are going to use a remote database. If we were to install the VirtualCenter server on the same physical server running SQL Server, we could set up the ODBC connection to use Windows authentication. Note: In order to get the VirtualCenter Server to work with Windows authentication on a remote SQL Server, we had to change the VirtualCenter Server Service to use a service account (Active Directory user account) that had permissions on the VirtualCenter database we created. VMware specifically states in its documentation to use SQL Authentication for remote database setup, but we were able to get it to work successfully with Windows Authentication using this method. 9.4.2.1. Creating the Database for VirtualCenter InstallationTo create the VirtualCenter database on SQL Server 2000 you'll start by opening the SQL Server Enterprise Manager application. Once you've opened SQL Server Enterprise Manager, you right-click on Databases and select New Database, as shown in Figure 9.2 Figure 9-2. Create a New Database in SQL Server for VirtualCenterSpecify a name for the database shown in Figure 9.3 We created a database with the prefix VC_ for VirtualCenter and the name of the VirtualCenter Server (in this case, VC_Server-02). Once you've specified the name of the database, you click OK. Figure 9.4 shows the new database created for VirtualCenter. Figure 9-3. Specify the VirtualCenter Database NameFigure 9-4. Database Is CreatedBecause we won't be installing the VirtualCenter Server locally on the same server as the SQL Server, we'll need to create a SQL login account that will be used for remote authentication from an ODBC connection on the VirtualCenter Server (see Figure 9.5). Figure 9-5. Create a Database Account for the VirtualCenter DatabaseWe'll then need to specify an account name, password, and the default database, which is VC_Server-02, shown in Figure 9.6 Figure 9-6. Specify the Account Name and Default DatabaseSelect the Database Access tab And then check the permit box next to the database you created. In this case, that would be VC_Server-02. Select db_owner in the Permit In Database Role section and then click OK (see Figure 9.7). Figure 9-7. The Database Access TabWe have now created our SQL Server login and assigned the default database of VC_Server-02 with the role of db_owner, shown in Figure 9.8 Figure 9-8. Screenshot Verifying That the SQL Account Is Assigned to the VirtualCenter DatabaseNow our database is set up and ready for the installation of the VirtualCenter Server. We can either create the ODBC Connection on the VirtualCenter Server now or wait until we're given the option during the installation of VirtualCenter. In this example we'll go ahead and create the System DSN for the remote VirtualCenter database. If you're working from a Windows 2003 Server, you can find the shortcut to the ODBC Data Source Administrator under Administrative Tools labeled Data Source (ODBC). Once you've opened the ODBC Data Source Administrator, select the System DSN tab shown in Figure 9.9 and click Add. Figure 9-9. Create an ODBC Connection on VirtualCenter ServerWe next need to select the SQL Server Driver for this ODBC connection. Scroll down to the bottom of the selection screen shown in Figure 9.10 and select SQL Server. Then click Finish. Figure 9-10. Select the SQL Server DriverWe now need to type in the name for this ODBC Connection. Make sure you record this name during your installation because you'll need it during the installation of VirtualCenter. You can also provide a description for this connection. Click the drop-down menu shown in Figure 9.11 and select the server that contains the VirtualCenter database we created. If the server does not show up, you can also type the name. Now click Next. Figure 9-11. Specify the ODBD Connection Name, Type Description, and Specify Remote SQL Server NameAs mentioned earlier we'll be using SQL Server Authentication. We'll need to specify the SQL Login ID we created earlier and type the password, as shown in Figure 9.12, and then click Next. Figure 9-12. Specify SQL Server Authentication and Type Login ID and PasswordWe'll go ahead and specify the default database as the VirtualCenter Database (see Figure 9.13) and then click Next. Figure 9-13. Set Default Database for ODBC ConnectionAccept the defaults on the screen shown in Figure 9.14 and click Finish. Figure 9-14. Keep the Default SettingsReview the connection settings shown in Figure 9.15 and click Test Data Source. Figure 9-15. Review Configuration Settings for ODBC Connection and Click Test Data SourceOur test was completed successfully (see Figure 9.16). Click OK. Figure 9-16. ODBC Test ResultsFigure 9.17 shows the new System DSN we created for the installation of VirtualCenter. Figure 9-17. The New ODBC System DSN Created for the VirtualCenter Database Connection9.4.3. VMware VirtualCenter 1.2 Installation ProceduresNow that you've completed the database setup and configured the ODBC connection, you're ready to install the VirtualCenter Server. You'll need the installation media, and it would be a good idea to have the license file created already as well. This step will be covered later in the chapter. Make sure your VirtualCenter server meets the minimum system requirements. Now you can start the installation by clicking on the VMware VirtualCenter EXE file shown in Figure 9.18 Figure 9-18. Click the VirtualCenter executable to Start the InstallationThe splash screen shown in Figure 9.19 disappears once installation starts. Figure 9-19. VirtualCenter Splash ScreenClick Next on the screen shown in Figure 9.20 Figure 9-20. Starting the Installation WizardTo proceed, accept the terms of the license agreement shown in Figure 9.21 and click Next. Figure 9-21. Accepting the License AgreementType your customer information into the screen shown in Figure 9.22 We'll type our fictitious user and organization name and click Next. Figure 9-22. Specify Customer InformationWe'll select Custom for the Setup Type shown in Figure 9.23 to see the options available. Table 9.2 lists various setup types. Note: If you want to install only the VirtualCenter client component, you would select the radio button next to Client on this screen. This is the option you would choose to install the VirtualCenter client on an administrative workstation. Figure 9-23. Selecting the Setup Type
Figure 9.24 shows that we'll install the Client, Server and the VirtualCenter Web Service in the C:\Program Files\VMware\VMware VirtualCenter\ directory. Click Next. Figure 9-24. Program Features and Installation DirectoryWe'll be using SQL Server for the VirtualCenter database, so select the Use A Custom SQL Server Database Vonnection radio button, as shown in Figure 9.25, and click Next. Figure 9-25. The Database SetupWe're now prompted to configure the ODBC connection shown in Figure 9.26 Because we already did this earlier, you can just click OK to close this screen (unless you still need to configure the connection for your setup). Figure 9-26. Prompt to Create ODBC ConnectionWe'll next need to specify the ODBC connection settings for the VirtualCenter installation, as shown in Figure 9.27 In our example the System DSN was VC_Server-02, and the SQL Login ID was VCDBO. Type these values along with the password and click Next. Figure 9-27. Specify ODBC Connection Settings for VirtualCenter SetupTo complete the installation click on Finish, as shown in Figure 9.28 Figure 9-28. The VirtualCenter Installation Completed Screen9.4.4. Configuring VirtualCenter 1.2With VirtualCenter installed, you can now start configuring you virtual infrastructure. If you're planning to roll this out into production, you should do some thorough planning and design prior to deployment so that you get it right the first time. The time and effort you put into your preparations will more than pay for itself in the long run. Items to consider during your VirtualCenter Design are listed in the following sidebar.
9.4.4.1. Logging In to VirtualCenterIf you're running the VirtualCenter client from a remote workstation, you'll need to specify the name of the VirtualCenter server in the login box (see Figure 9.29). Figure 9-29. The VirtualCenter Client Remote Login ScreenIf you're running the VirtualCenter client on the VirtualCenter Server, you should specify localhost, as shown in Figure 9.30 Figure 9-30. VirtualCenter Client Login from VirtualCenter ServerThe first time you launch Virtual Center you will be prompted for licensing information. Without valid license keys, you won't be able to manage anything. Have your license keys available. The keys can be entered into a text file and then added to your VirtualCenter server. This is covered in a few steps. In Figure 9.31 you would click on Add Licenses. Figure 9-31. The Licensing Screen for VirtualCenterYou would then browse to the location of the file containing your license keys, as shown in Figure 9.32 Figure 9-32. The License FileFigure 9.33 shows the format of the license keys in the file (sorry, the keys are bogus). Once you have selected the license file and clicked Open, you will then be able to see your licensing information. Figure 9-33. The License File FormatClick Done on the image shown in Figure 9.34 once you've have imported your license keys. You'll then be presented with the VirtualCenter Client management console shown in Figure 9.35 Initially, you'll see only the Server Farms container. The sample shown in Figure 9.35 is presented to explain the different components of the console and the screen layout. Figure 9-34. The VirtualCenter Licensing ScreenFigure 9-35. VirtualCenter Client Main Screen9.4.4.2. Creating Farm GroupsTo create a new farm group select either the Server Farms container or another farm group. Then right-click and select New Farm Group, as shown in Figure 9.36 You can make the farm group a child container of another farm group, but you won't be able to create a farm group under a farm container. Figure 9.37 shows a new farm group called DataCenter under the server farms container. Figure 9-36. Create a New Farm GroupFigure 9-37. New Farm Group under the Server Farms Container9.4.4.3. Creating FarmsYou can create farm containers underneath "Server Farms" or under any farm group within your VirtualCenter hierarchy. To create a new farm, right-click a farm group or server farms and select New Farm, as shown in Figure 9.38 Figure 9-38. The New Farm TaskFigure 9.39 shows an example of a farm called Center-01 under the DataCenter farm group. Figure 9-39. The New Farm Called Center-019.4.4.4. Adding a New Host to a FarmOnce you've created a farm container you can now add either a VMware GSX Server or an ESX Server host as long as they meet the version requirements covered at the beginning of the chapter. To add a new host to a farm container, right-click the farm and select Add Host, as shown in Figure 9.40 Figure 9-40. Add a Host to a Farm ContainerYou'll then be run through the Add Host Wizard. In this example we'll be adding a new ESX Server as a managed host to the Center-01 farm created earlier. Hosts can be added only to farms; they can't be added to farm groups (you aren't even given the option anyway). Note: When you add a new ESX Server as a managed host, the vmwareserverd daemon on the ESX Server is replaced with the vmware-ccagent, which is VirtualCenter aware. It also creates a user account called vpxuser and a group called vpxuser. Click Next on the screen shown in Figure 9.41 Figure 9-41. The VirtualCenter Add Host WizardSpecify the connection settings to your ESX Server (see Figure 9.42). Change the default port of 902 if you're using a different port. You must specify the root account and password for the installation to succeed. Once you've typed the required information, click Next. Figure 9-42. Specify the Connection SettingsIf you plan on using Vmotion, you can enable it now. The screen in Figure 9.43 shows you the settings you'll need to specify. You can also enable VMotion later if you choose not to enable it now. In this example, we'll enable it. You'll need to specify the label of a network that's used by the VMkernel and that will be used to transfer VMs during VMotion migrations. You'll also need to specify a unique IP address and gateway address, which is accessible from the VMkernel NIC. Once you entered the required information, Click Next. Figure 9-43. Enable VMotionYou've now completed the wizard for adding a managed host to your VirtualCenter server. Click Finish on the screen shown in Figure 9.44 Figure 9-44. Complete the Add Host WizardOnce you've added a new managed host, you'll see a screen similar to the one shown in Figure 9.45 Note all the VMs that exist on the ESX Server under the virtual machine group Discovered VMs shown in Figure 9.45 If you have already created your virtual machine groups, you can simply drag and drop them to the designated VM Group. Figure 9-45. New ESX Server Host and Discovered VMs9.4.5. Configuring Security Settings in VirtualCenterWe'll now cover the security options you have within VirtualCenter. By default, the local administrators group on the VirtualCenter server has the role of VirtualCenter Administrator starting at the server farms level and inherited down throughout the hierarchy. Depending on your requirements, you may wish to create a new local group on your VirtualCenter server, assign it the role of VirtualCenter Administrator, and add members to that group. Changing the default permissions will allow you to maintain better control of who holds the role of VirtualCenter Administrator. You could change the permissions of the local administrators group to one of the less authoritative roles shown in Table 9.3. Otherwise, everyone who has local administrator privileges on your server will also have full administrative access to VirtualCenter. This may or may not be desirable. Once you've created a new local group, you can add members from Active Directory to it. You also have the option to add Active Directory groups to VirtualCenter without using the local security groups on your VirtualCenter server. The roles shown in Table 9.3 can be assigned at any level in the VirtualCenter hierarchy. So you could have a user or group that has the role of Read-Only User at the server farms container, but that same user or group has the Virtual Machine Administrator role assigned to a virtual machine group at a lower level within VirtualCenter. That user would be then able to view all farms, hosts, and VMs in VirtualCenter, but could administer only the VMs within the virtual machine group for which he or she has been assigned the role of Virtual Machine Administrator. At each level in the hierarchy you can have one of four different VirtualCenter permission levels or roles.
To assign a new permission, select the object you wish to assign permissions to. It can be server farms, farm group, farm, VM group, or VM. Once you've selected the object, right-click and select Add Permission. Figure 9.46 shows the permissions interface used in VirtualCenter. After you select the source of the user or group in the Look in: drop-down menu, You'll have the option to select the local server or select a Windows domain. You can also use the search function by typing in the first few characters of the user or group you wish to find and clicking Search. Once you have found the object you wish to assign permissions to, select the object and click Add. Then, set the appropriate permissions for the object and click OK. Figure 9-46. The Set Permissions Window in VirtualCenterFigure 9.47 shows the permissions that are set for the virtual machine group named Windows 2003 Servers. Remember that permissions are inherited down. If you notice the column titled Defined in, this tells you where the permissions are coming from within VirtualCenter. In the example from Figure 9.47, you can see that there are four sets of permissions that are being inherited from server farms and one is Defined in This object, which means it was set on the virtual machine group itself, not inherited. Figure 9-47. Permissions Settings for Window 2003 Servers Virtual Machine Group |