VCSA: Deployed with no external DNS?

External DNS is a documented requirement for vCenter in a supported deployment model [read the documentation.] However, are there are times when you want to set up vCenter without any DNS?
When on earth would you want that?

  • Small lab or POC
  • Tiny Environments for an initial standup prior to providing DNS
  • DR scenarios when services (including DNS) are down you may need to manage multiple hosts and simply get recovery VM’s running (this can be avoided through good design, but it can happen.)
  • Home Labs, of course

When do you NOT want vCenter without DNS?

  • Anytime you need to count on VCSA long-term. Just don’t.
  • Any deployment of vCSA with an external PSC or any of the extended features like Linked Mode/Enhanced Linked Mode, Stretched Clusters, etc.
  • Also, don’t expect to get LDAP integration working.

So you still want to deploy vCSA and don’t want to depend on DNS forward/reverse lookups? Read on… it’s pretty easy.

The Key Thing…

The bottom line here is that there are a few configuration points you have to diverge from. It’s simplest to explain this from the scripted installer configuration because these variables are clearly laid out. (William Lam writes up the whole process over at Virtually Ghetto. )

It’s also a good bit easier to deploy with the scripted installer if your skills permit it. Again, see William Lam’s posts for a primer.

The JSON looks like this and we’re after the network settings.

If you read carefully you will notice a few things that are unusual.

  • The DNS server (only one) is the same as the system IP
  • The System Name is also using this same address

Both these are deliberate and required for a no-external-DNS VCSA.

What’s happening here? This is declaring that VCSA is going to be it’s own DNS server, and that seems to work just fine.

UI Installer

Stage 1 of the installer is straightforward. In my screenshots I’m deploying an embedded PSC model and the only critical piece that’s unusual here is to keep the System Name, IP address, and DNS Servers all at the same address you’re deploying vCSA to.

 

 

 

 

 

Once you’ve deployed stage 1, Stage 2 is straightforward, but Stage 2 WILL NOT proceed without a functioning network. So if you blew it in Stage 1, you’ll know it right at the start of Stage 2.

In this example I’ve deployed VCSA 6.7, the lastest-greatest at the time of writing. However, I’ve done this with success all the way back to VCSA 6.0.

Recap

Don’t deploy a no-dns VCSA if you expect it to scale or you want to grow the environment.

Don’t deploy a no-dns VCSA if you expect it to be supported. VMware will point you to the documentation and likely leave you alone with your problems.

But do you want to stand up a VCSA for a nested ESXi or other lab use with minimal effort? Give this a spin and reach out on twitter if you have trouble–I’d be interested to hear.

 

Upgrading vSphere 5.5: what version should I settle with?

In April, VMware blogs posted an article for those who need to upgrade from 5.5 before end of support (documented: September 19, 2018). The article pushed users to consider:

Should I upgrade to 6.5 or 6.7?

The VMware blog article says this: consider the features and value of 6.7–do you need the new gadgets or should you stick with a more time-tested release in 6.5? (those are my words.)

What else to consider?

There’s a good bit more to consider than just features and value. Those are great starting points and will help initiate the project, but there are constraints that administrators had better consider before the upgrade. The cost of up-fitting for these constraints could push the upgrade to a lower version than the latest, shiniest 6.7.

Requirements

Do we even need to say this? If you haven’t kept up with the major changes, it could be a surprise that there are several changes in 6.7 that may not even be compatible in your infrastructure:

  • The Release notes give us a list of CPU’s you cannot use with 6.7 found under the ominous heading “Upgrades and Installations Disallowed for Unsupported CPUs
    (see another article on CPU compatibility)
  • There are similar CPU lists for vSphere 6.5, so awareness of hardware compatibility is key. You could need to only upgrade to 6.0 while you figure out your hardware plan.
  • There are many storage changes in vSphere 6.7. I’m seeing that while hardware may be compatible it can require updated firmware. Storage controllers are particularly likely to need an updated firmware. vSAN makes storage controller firmware updates easy for a lot of storage controllers, but if you’re not using vSAN it may be more of an effort.

Other VMware Products

  • VMware Horizon 7.4 is incompatible with vSphere 6.7. Using Horizon 7.4 or earlier? Stick with vSphere 6.5. The upgrade to Horizon 7.5 warrants it’s own writeup.
  • VMware NSX for vSphere 6.4 is also incompatible with vSphere 6.7. The HCL makes this clear. The Product Interpretability Matrices help here.

Backups?

How about your Backup/DR/Replication solution? Many don’t support vSphere 6.7 yet and who wants to be the one who upgraded, but now has no current backups?

For backups, the variety of solutions is worth considering. This is where a solution that runs on the Hypervisor typically has to be updated when the hypervisor gets a major release. On the other hand, a solution that runs within the virtual environment guest operating system using an agent or other mechanism can typically receive updates outside the hypervisor update cycle.

Other constraints:

There’s more to consider than just what’s here, and that’s close to the point: a thorough review of hardware, firmware, other VMware solutions and third-party solutions needs to go in prior to upgrading 5.5, and upgrading to 6.0x may be a path forward depending on your environment.

Plan and Strategize

Another strategy worth considering: it is normal to have ESXi and vCenter versions out of sync as part of a larger effort. Most of the constraints above are related to ESXi, not vCenter. Horizon and NSX can be exceptions, of course, depending on the versions.

If you’re moving from vCenter on Windows 5.5x and are making the jump to vCSA, then there’s paths forward, and you can usually bump vCenter up to your latest version before touching ESXi. In any case, vCenter always gets the upgrade before ESXi.

Here’s a simple example. You could have ESXi 5.5 / vCenter 5.5 and hardware that is–without some overhaul–incompatible with vSphere 6.5. You could plan your upgrade to run roughly this way:

  1. Upgrade vCenter to 6.5U2
  2. Upgrade ESXi to 6.0U3a.
  3. Plan your hardware upgrades to achieve compatibility to ESXi 6.5.

This would get you off 5.5 and could have you moving forward quickly.

Again, spend some quality time with the VMware Product Interoperability Matrices to validate where you want to go and your best path may make itself clear.