I’ve finally gotten some time to dig into the changes in vSphere 6 with regards to deployment options and architecture. I thought I’d do a few posts covering some key enhancements from VMware, paying particular attention to the Platform Service Controller (PSC) and VMware’s preferred deployment options. I haven’t received any briefings from VMware, so I can’t comment on what is coming in future releases. Note that most of this information was made available to me via access to VMware’s partner program, and I think it’s important that more people understand what’s going on when it comes to PSC and how it works.
vSphere Components
The PSC is a new feature in vSphere 6.0. As background, I recommend you first check out this blog post – vCenter Server 6 Deployment Topologies and High Availability. There is also an excellent FAQ from VMware available here. I thought, before diving too much into PSC deployment options, it’s a good idea to revisit VMware’s semi-new approach to vSphere components.
The PSC contains the following services:
- VMware vCenter Single Sign-On (SSO);
- License Service;
- Lookup Service;
- VMware Directory Service; and
- VMware Certificate Authority (CA).
Everything else is now referred to as “vCenter Services”, providing the remainder of the vCenter Server functionality. This includes:
- vCenter Server;
- VMware vSphere Web Client;
- Inventory Service;
- vSphere Auto Deploy;
- VMware vSphere ESXi Dump Collector; and
- VMware vSphere Syslog Collector (Windows) / VMware Syslog Service (Appliance).
Enhanced Linked Mode and PSC Deployment Options
Here are a few different ways you can do it. Some are good, some are bad. VMware has published a list of recommended topologies for VMware vSphere 6.0.x. The following section provides an overview of the options. Note that some of these options aren’t without their issues.
Enhanced Linked Mode with an External PSC Without HA
The PSC is configured on a separate VM and then the vCenter Servers are joined to that domain, providing Enhanced Linked mode functionality.
Enhanced Linked Mode with an External PSC in an HA Configuration
In this case, the PSCs are configured on separate VMs behind a load balancer to provide HA for the configuration. The vCenter Servers are then joined to that domain using the shared load balancer IP address, providing Enhanced Linked mode functionality that is fault-tolerant.
And here’s a few ways that you can do it that aren’t really recommended.
Enhanced Linked Mode with Embedded PSCs (Not Recommended)
In this scenario, vCenter is installed in an embedded configuration on the first server. Subsequent installations are then configured in embedded mode but joined to an existing SSO domain. Linking the embedded PSCs is possible, but VMware does not recommend this configuration.
Enhanced Linked Mode in Combination Deployment (Not Recommended)
In a combination deployment, the embedded and external PSC architectures are combined. While linking an embedded PSC and an external PSC is possible, VMware does not recommended this configuration.
Enhanced Linked Mode using only an Embedded PSC (Not Recommended)
In this case there is an embedded PSC and vCenter Server linked with an external standalone vCenter Server. Linking a second vCenter Server to an existing embedded vCenter Server and PSC is possible, but VMware does not recommended this configuration.
Sizing Considerations
If you’re not going to use enhanced linked mode, use an embedded PSC. You still have availability via VMware HA. The failure domain is limited to a single vCenter Server, as there is no dependency on external component connectivity for PSC connectivity. This is most suitable for lab environments.
For sites that will use enhanced linked mode use external PSCs. The number of controllers depends on the size of the environment:
- Between 2 and 4 VMware solutions – a single PSC for no HA, and 2 will be required for HA configured behind a single load balancer.
- Between 4 and 8 VMware solutions – two PSCs linked together for no HA, and four will be required for HA configured behind two load balancers (two behind each load balancer).
- Between 8 and 10 VMware solutions – three PSCs linked together for no HA, and six will be required for HA configured behind three load balancers (two behind each load balancer).
HA is provided by having multiple PSCs and a load balancer to provide failure protection. All components are still protected by VMware HA. This VMware KB has more information on how to set this up – Configuring PSC 6.0 High Availability for vSphere 6.0 using vCenter Server 6.0 Appliance.
vCenter Platform Choice
VMware maintain that, with the improvements to the vCenter appliance platform, the choice of Windows-based vs vCenter appliance is now a matter of preference rather than performance. I recommend the appliance wherever possible, but some people will feel more comfortable with a Windows-based platform. The cool thing is that, if you want to make things complicated, the PSC supports mixed-mode (i.e. appliance and Windows-based vCenter deployments).
Final Thoughts
This may have gone a bit beyond basics, and it’s not something that’s necessarily going to come up each day. But if you’re working either directly with VMware, via an integrator or doing it yourself, this new approach should be a key consideration in your planning activities. The addition of the PSC concept to the vCenter architecture improves the flexibility and availability options of the product, something that I think VMware has struggled with in the past. The key takeaway, in my opinion, is that if you’re upgrading from 5.5 or below, you need to take the time to plan appropriately, particularly if you want to leverage some of the new features that are available.