Enhanced Linked Mode connects multiple vCenter Server systems together by using one or more Platform Services Controllers. Enhanced Linked Mode lets you view and search across all linked vCenter Server systems and replicate roles, permissions, licenses, policies, and tags.
When you install vCenter Server or deploy the vCenter Server Appliance with an external Platform Services Controller, you must first install the Platform Services Controller. During installation of the Platform Services Controller, you can select whether to create a new vCenter Single Sign-On domain or join an existing domain. You can select to join an existing vCenter Single Sign-On domain if you have already installed or deployed a Platform Services Controller and have created a vCenter Single Sign-On domain. When you join an existing vCenter Single Sign-On domain, the data between the existing Platform Services Controller and the new Platform Services Controller is replicated, and the infrastructure data is replicated between the two Platform Services Controllers. We have already created a blog on above mentioned configuration and you can refer this link for same
In this blog I am trying to explain how to configure enhanced linked mode (ELM) between two vCenter server appliance with embedded platform service controller which is already deployed and configured. This configuration is only supporting from vCenter 6.7 U1 and above.
Configure Enhanced Linked Mode
I have deployed and configured two vCenter servers 6.7 Update 2 for this demo with embedded platform service controller and each appliance has its own SSO domain (vsphere. Local). Before starting the configuration make sure you have taken backup of the existing appliance and snapshot is in place for both vCenter appliance. Below are the names of my two appliances and we will be joining the second appliance to the SSO domain of the first appliance and this can be only done through command line.
vCenter 1: – vxpertvc01.vxpert. local
vCenter 2: – vxpertvc02.vxpert. local
As a prerequisite login to appliance shell console of second vCenter and run the pre-check by using below command
cmsso-util domain-repoint --mode pre-check --src-emb-admin administrator --replication-partner-fqdn vxpertvc01.vxpert.local --replication-partner-admin administrator --dest-domain-name vsphere.local
Note: – You can use below commands to get bash shell or appliance shell
Executing the pre-check command will give you below warnings like you will have to reconfigure the Global Permission on the second vCenter.
Press Y to proceed with pre-check and you can see the output of pre-check like below
The conflict data will be written on /storage/domain-data/Conflict*.json
To proceed with domain join, execute the below command. This command will uninstall and install Platform service controller service in second vCenter server and join to the SSO of first vCenter server.
cmsso-util domain-repoint --mode execute --src-emb-admin administrator --replication-partner-fqdn vxpertvc01.vxpert.local --replication-partner-admin administrator --dest-domain-name vsphere.local
Also, if you get any error you can check the below logs on second appliance for more details.
Before re-running above command again in second appliance login to first appliance shell and run below command to remove the all entries of second vCenter appliance from the first vCenter
cmsso-util unregister --node-pnid Platform_Services_Controller_System_Name --username administrator@your_domain_name --passwd 'vCenter_Single_Sign_On_password'
Once complete the above domain join you can run below command on second vCenter server to know the replication partner details
#/usr/lib/vmware-vmdir/bin/vdcrepadmin -f showpartners -h localhost -u administrator
Now if you login to any vCenter server you can see both vCenter servers in single management window and you can manage any objects as before.
If you have any comments, please drop me a line.
I hope this article was informative, and don’t forget to buy me a coffee if you found this worth reading.