Deploying and
Configuring vCenter
© 2022 VMware, Inc.
Importance
vCenter helps you centrally manage multiple ESXi hosts and their virtual machines. If you do
not properly deploy, configure, and manage vCenter, your environment might experience
reduced administrative manageability of the ESXi hosts and virtual machines.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1-2
Module Lessons
1. Centralized Management with vCenter
2. Deploying vCenter Server Appliance
3. vSphere Licenses
4. Managing vCenter Inventory
5. vCenter Roles and Permissions
6. Monitoring vCenter Events
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1-3
Centralized Management with vCenter
© 2019 VMware Inc. All rights reserved.
Learner Objectives
• Describe the vCenter architecture
• Recognize ESXi hosts communication with vCenter
• Identify vCenter services
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1-5
About the vCenter Management Platform
vCenter acts as a central
administration point for ESXi
hosts and virtual machines.
The ESXi hosts and virtual
machines connected in a
network:
• Directs the actions of VMs
and hosts
• Runs on a Linux-based
appliance
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1-6
About vCenter Server Appliance
vCenter Server Appliance is a prepackaged Linux-based VM, optimized for running vCenter and
associated services.
The vCenter Server Appliance package contains the following software:
• Photon OS
• PostgreSQL database
• vCenter services
During deployment, you can select the vCenter Server Appliance size for your vSphere
environment and the storage size for your database requirements.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1-7
vCenter Services
vCenter services include:
• vCenter Server
• vSphere Client
• License service
• Content Library
• vSphere Lifecycle Manager
When you deploy vCenter
Server Appliance, all these
services are included.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1-8
vCenter Architecture
vSphere Client, vCenter database, and managed hosts supports vCenter.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1-9
About vCenter Single Sign-On
vCenter Single Sign-On allows vSphere components to communicate with each other through a
secure token mechanism.
vCenter Single Sign-On can authenticate users using built-in or external identity providers.
Built-in identity providers:
• By default, vCenter uses the vsphere.local domain as the identity source.
• You can configure vCenter to use Active Directory as the identity source using LDAP, LDAPS,
OpenLDAP, or OpenLDAPS.
External identity provider using federated authentication:
• vSphere supports Active Directory Federation Services (AD FS).
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 10
vCenter Single Sign-On with Built-In Identity Provider
The following is the user login flow when
vCenter acts as the identity provider:
1. User logs in to the vSphere Client.
2. vCenter Single Sign-On authenticates
credentials against a directory service (for
example, Active Directory).
3. A SAML token is sent back to the user's
browser.
4. The SAML token is sent to vCenter, and the
user is granted access.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 11
About Enhanced Linked Mode
With Enhanced linked mode, you can log in to the vSphere Client and manage the inventories
of all the vCenter instances in the group:
• You can link up to 15 vCenter instances in one vCenter Single Sign-On domain.
• You can create an enhanced linked mode group during the deployment of vCenter Server
Appliance.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 12
ESXi and vCenter Communication
The vSphere Client is the primary method to manage ESXi hosts. vSphere Client communicates
directly with vCenter.
If vCenter is not available, you use VMware Host Client to communicate directly with the ESXi
host.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 13
vCenter Scalability
Metric vCenter 8.0
Hosts per vCenter instance 2,500
Powered-on VMs per vCenter instance 40,000
Registered VMs per vCenter instance 45,000
Hosts per cluster 96
VMs per cluster 8,000
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 14
Review of Learner Objectives
• Describe the vCenter architecture
• Recognize ESXi hosts communication with vCenter
• Identify vCenter services
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 15
Deploying vCenter Server Appliance
© 2019 VMware Inc. All rights reserved.
Learner Objectives
• Deploy vCenter Server Appliance into an infrastructure
• Configure vCenter settings
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 17
Preparing for vCenter Server Appliance Deployment
Before deploying vCenter Server Appliance, you must complete several tasks:
• Verify that all vCenter Server Appliance system requirements are met.
• Get the fully qualified domain name (FQDN) or the static IP of the host machine on which
you install vCenter Server Appliance.
• Get FQDN and IP address to assign to vCenter Server Appliance.
• Ensure that date and time on all VMs in the vSphere network are synchronized.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 18
vCenter Server Appliance Native GUI Installer
The vCenter Server Appliance
Native GUI installer has
several features:
• With the GUI installer, you
can perform an interactive
deployment of vCenter
Server Appliance.
• The GUI installer is a native
application for Windows,
Linux, and macOS.
• The GUI installer performs
validations and prechecks
during the deployment.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 19
vCenter Server Appliance Installation
The vCenter Server Appliance
installation is a two-stage
process:
• Stage 1: Deployment of OVF
• Stage 2: Configuration
The deployment can be fully
automated by using JSON
templates with the CLI installer
on Windows, Linux, or macOS.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 20
vCenter Server Appliance Installation: Stage 1
Stage 1 begins with the UI phase:
1. Accept the EULA.
2. Connect to the target ESXi host or vCenter
system.
3. Define the vCenter Server Appliance name
and root password.
4. Select compute size, storage size, and
datastore location (thin disk).
5. Define networking settings.
Stage 1 continues with the deployment phase:
6. OVF is deployed to the ESXi host.
7. Disks and networking are configured.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 21
vCenter Server Appliance Installation: Stage 2
Stage 2 is the configuration
phase:
• Configure time
synchronization mode and
SSH access.
• Create a vCenter Single
Sign-On domain or join an
existing SSO domain.
• Join the Customer
Experience Improvement
Program (CEIP).
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 22
Getting Started with vCenter
After you deploy vCenter Server Appliance, use the vSphere Client to log in and manage your
vCenter inventory: https://<vCenter_FQDN_or_IP_address>/ui.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 23
Configuring vCenter Using the vSphere Client
Using the vSphere Client, you can configure vCenter, including settings such as licensing,
statistics collection, and logging.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 24
vCenter Management Interface
Using the vCenter
Management Interface, you
can configure and monitor
your vCenter instance.
Tasks include:
• Monitoring resource use by
the appliance
• Backing up the appliance
• Monitoring vCenter services
• Adding additional network
adapters
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 25
Multi-homing the vCenter Server Appliance
With vCenter Server Appliance
multi-homing, you can
configure multiple NICs to
manage network traffic.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 26
Demonstration: Deploying vCenter Server Appliance
Your instructor will run a demonstration.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 27
Review of Learner Objectives
• Deploy vCenter Server Appliance into an infrastructure
• Configure vCenter settings
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 28
vSphere Licensing
© 2019 VMware Inc. All rights reserved.
Learner Objectives
• View licensed features for vCenter or an ESXi host
• Add license keys to vCenter
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 30
About vSphere Licenses
VMware provides a number of vSphere products to suit your needs.
vSphere Essential vSphere Essential vSphere Standard vSphere Enterprise
Kit Plus Kit Plus
For small businesses For small businesses Entry-level solution Full range of features
(up to three hosts (up to three hosts for basic server for transforming your
with up to two CPUs with up to two CPUs consolidation data center into a
each) each) simplified cloud
infrastructure
vCenter and ESXi vCenter and ESXi vCenter and ESXi vCenter and ESXi
vSphere vMotion, vSphere vMotion, vSphere vMotion,
vSphere Storage vSphere Storage vSphere Storage
vMotion, vSphere HA, vMotion, vSphere vMotion, vSphere
vSphere Data HA, vSphere HA, vSphere Trust
Protection, vSphere Replication Authority, VM
Replication encryption,
vSphere
Replication
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 31
vSphere Licensing Overview
Licensing vSphere components is a two-step process:
1. Add a license to the vCenter License Service
2. Assign the license to the ESXi hosts, vCenter instances, and other vSphere components
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 32
vSphere License Service
The vSphere License Service
runs on vCenter.
The vSphere License Service
performs the following
functions:
• Provides centralized license
management
• Provides an inventory of
vSphere licenses
• Manages the license
assignments for products
that integrate with vSphere,
such as Site Recovery
Manager.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 33
Adding License Keys to vCenter
You must assign a license to
vCenter before its 60-day
evaluation period expires.
In the vSphere Client from the
main menu, select
Administration > Licenses
to open the Licenses pane.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 34
Assigning the License to the vSphere Component
You can assign a license to an asset, such as vCenter.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 35
Viewing Licensed Features
You manage licenses using the License pane in vCenter's Configure tab. This pane shows the
type of license and available features.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 36
Lab 1: Adding vSphere Licenses
Use the vSphere Client to add vSphere licenses to vCenter and assign a license to vCenter:
1. Add vSphere Licenses to vCenter
2. Assign a License to the vCenter Instance
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 37
Review of Learner Objectives
• View licensed features for vCenter or an ESXi host
• Add license keys to vCenter
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 38
Managing vCenter Inventory
© 2019 VMware Inc. All rights reserved.
Learner Objectives
• Use the vSphere Client to manage the vCenter inventory
• Create and organize vCenter inventory objects
• Add data center and organizational objects to vCenter
• Add ESXi hosts to the inventory
• Create custom inventory tags for inventory objects
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 40
vSphere Client Main Menu
From the vSphere Client main menu, you can manage your vCenter system inventory, manage
your infrastructure environment, and complete system administration tasks.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 41
Navigating the Inventory
You can use the navigation pane to browse and select objects in the vCenter inventory.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 42
Views for Hosts, Clusters, VMs, and Templates
Host and cluster objects
appear in one view, and VM
and template objects are
displayed in another view.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 43
Views for Storage and Networks
The storage inventory view
shows all the details for
datastores in the data center.
The networking inventory view
shows all the port groups on
standard switches and
distributed switches.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 44
Viewing Object Information
Because you can view object information and access related objects, monitoring and managing
object properties is easy.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 45
About Data Center Objects
A virtual data center is a logical organization of all the inventory objects. Those inventory
objects are required to complete a fully functional environment for operating VMs:
• You can create multiple data centers to organize sets of environments.
• Each data center has its own hosts, VMs, templates, datastores, and networks.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 46
Organizing Inventory Objects into Folders
You can place Objects in a data center in folders. You can create folders and subfolders to
better organize systems.
Each of the four inventory views has its own folder structure.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 47
Adding a Data Center and Organizational Objects to vCenter
You can add a data center, a host, a cluster, and folders to vCenter.
You can use folders to group objects of the same type for easier management.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 48
Adding ESXi Hosts to vCenter
You can add ESXi hosts to vCenter using the vSphere Client.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 49
Creating Custom Tags for Inventory Objects
You can use tags to attach metadata to objects
in the vCenter inventory. Tags help make these
objects more sortable.
You can associate a set of objects of the same
type by searching for objects by a given tag.
You can use tags to group and manage VMs,
clusters, and datastores, for example:
• Tag VMs that run production workloads.
• Tag VMs based on their guest operating
system.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 50
Lab 2: Creating and Managing the vCenter Inventory
Use the vSphere Client to create and configure objects in the vCenter inventory:
1. Create a Data Center Object
2. Add Two ESXi Hosts to the Inventory
3. View Information About the ESXi Hosts
4. Configure an ESXi Host as an NTP Client
5. Create a Folder for the ESXi Hosts
6. Create Folders for VMs and VM Templates
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 51
Review of Learner Objectives
• Use the vSphere Client to manage the vCenter inventory
• Create and organize vCenter inventory objects
• Add data center and organizational objects to vCenter
• Add ESXi hosts to the inventory
• Create custom inventory tags for inventory objects
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 52
vCenter Roles and Permissions
© 2019 VMware Inc. All rights reserved.
Learner Objectives
• Define the term permission in the context of vCenter
• Recognize the rules for applying permissions
• Create a custom role
• Assign global permission to a user
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 54
About vCenter Permissions
Using the access control system, the vCenter administrator can define user privileges to
access objects in the inventory.
The following concepts are important:
• Privilege: An action that can be performed
• Role: A set of privileges
• Object: The target of the action
• User or group: Indication of who can
perform the action
• Permission: Gives one user or group a role
(set of privileges) for the selected object
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 55
About Roles
Privileges are grouped into
roles:
• A privilege allows access to
a specific task and is
grouped with other
privileges related to it.
• Roles allow users to perform
tasks.
vCenter provides a few system
roles, which you cannot
modify.
Sample roles are also
provided. You can clone them
to create custom roles.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 56
About Objects
Objects are entities on which actions are performed. Objects include data centers, folders,
clusters, hosts, datastores, networks, and virtual machines.
All objects have a Permissions tab. The Permissions tab shows which user or group and role
are associated with the selected object.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 57
Assigning Permissions
To assign a permission:
1. Select an object
2. Select a Domain
3. Select a User/Group
4. Select a Role
5. Propagate the permission to
the child objects
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 58
Viewing Roles and User Assignments
The Roles pane shows which users are assigned the selected role on a particular object.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 59
Applying Permissions: Scenario 1
A permission can propagate down the object hierarchy to all sub-objects, or a permission can
apply only to a specific object.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 60
Applying Permissions: Scenario 2
When a user is a member of multiple groups with permissions on the same object, the user is
assigned the union of privileges assigned to the groups for that object.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 61
Activity: Applying Group Permissions (1)
If Group1 has the Administrator role and Group2 has the No Access role, what permissions
does Greg have?
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 62
Activity: Applying Group Permissions (2)
Greg has Administrator privileges.
Greg is assigned the union of privileges assigned to Group1 and Group2.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 63
Applying Permissions: Scenario 3
A user can be a member of multiple groups with permissions on different objects. In this case,
the same permissions apply for each object on which the group has permissions, as though the
permissions were granted directly to the user.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 64
Applying Permissions: Scenario 4
A user (or group) is given only one role for any given object.
Permissions defined explicitly for the user on an object take precedence over all group
permissions on that same object.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 65
Creating a Role
Create roles with only the necessary
privileges.
For example, you can create a Provision VMs
role that allows a user to deploy VMs from a
template.
Use folders to contain the scope of
permissions. For instance, you can assign the
Provision VMs role to user
nancy@company.com and apply it to the
Production VMs folder.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 66
About Global Permissions
Global permissions support assigning privileges across solutions from the global root object:
• Span solutions, such as vRealize Orchestrator, and multiple vCenter instances
• Give a user or group privileges for all objects in all vCenter hierarchies
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 67
Lab 3: Adding an Identity Source
Add vclass.local as an LDAP identity source:
1. Add vclass.local as an LDAP Identity Source
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 68
Lab 4: Users, Groups, and Permissions
Assign roles and permissions so that an LDAP user can perform functions in vCenter:
1. View LDAP Users
2. Assign Root-Level Global Permission to an LDAP User
3. Assign Object Permission to an LDAP User
4. Verify that the cladmin User Can Access Content Library
5. Verify that the studentadmin User Can Create a Virtual Machine
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 69
Review of Learner Objectives
• Define the term permission in the context of vCenter
• Recognize the rules for applying permissions
• Create a custom role
• Assign global permission to a user
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 70
Monitoring vSphere Events
© 2019 VMware Inc. All rights reserved.
Learner Objectives
• Monitor tasks and events that occur on objects in the vCenter inventory
• Recognize the vCenter log levels for controlling the amount of data collected in the vCenter
database
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 72
About vSphere Tasks
Every action that you perform in vSphere as a part of your day-to-day operations is called a
task, for example:
• Powering on a virtual machine
• Updating the network configuration
• Modifying the configuration of hosts and virtual machines
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 73
About vSphere Events
vSphere events are records of user actions or system actions that occur on objects in the
vCenter inventory:
• User-action information includes the user’s account and specific event details.
• Event details are reported, such as the event's date and time, type, description, and the
object on which the event occurred.
• Events and alarms are displayed to alert the user to changes in the vCenter service health
or when a service fails.
The vCenter Tasks and Events panes provide an audit trail, maintaining a 30-day history, by
default.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 74
About vCenter Log Levels
vCenter services create their own log files, which can be used for troubleshooting purposes.
You can set log levels to control the quantity and type of information stored by vCenter.
Examples of when to set log levels:
• When troubleshooting complex issues, set the log level to verbose or trivia.
• For controlling the amount of information being stored in the log files.
Option Description
None Turns off logging
Error (errors only) Displays only error log entries
Warning (errors and Displays warning and error log entries
warnings)
Info (normal logging) Displays information, error, and warning log entries
Verbose Displays information, error, warning, and verbose log entries
Trivia (extended verbose) Displays information, error, warning, verbose, and trivia
log entries
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 75
Setting Log Levels
You can configure the amount of log information detail that vCenter collects in log files:
• Edit the log levels in the vSphere Client.
• More verbose logging requires more space on your vCenter system.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 76
Forwarding vCenter Log Files to a Remote Host
vCenter can stream its log
information to a remote Syslog
server.
You can activate this feature in
the vCenter Management
Interface.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 77
Forwarding ESXi Host Log Files to a Remote Host
For ESXi hosts, specify the
remote Syslog server name in
the Advanced System Settings
pane in the vSphere Client.
You can further analyze ESXi
host log files with log analysis
products, such as vRealize Log
Insight.
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 78
Review of Learner Objectives
• Monitor tasks and events that occur on objects in the vCenter inventory
• Recognize the vCenter log levels for controlling the amount of data collected in the vCenter
database
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 79
Key Points
• vCenter Server Appliance uses the Photon operating system and the PostgreSQL database.
• You can use the vCenter Management Interface to manage vCenter, including vCenter
networking and vCenter services.
• You use the vSphere Client to connect to vCenter instances and manage vCenter inventory
objects.
• A permission, defined in vCenter, gives one user or group a role (set of privileges) for a
selected object.
• Global permission allows access to all vCenter objects, including content libraries, vCenter
instances, and tags.
• You can control the vCenter logging level. Changing the logging level affects the vCenter's
filesystem usage.
Questions?
© 2022 VMware, Inc. M04_Deploying and Configuring vCenter | 1 - 80