Skip to main content

vcenter 8 installation

Preconditions

  • You've deployed the vcsa.iso to shared storage

    image-20221209112255688

  • You've built your vcenter management VM

  • You've built your domain controller and certificate server

  • On your DC Create A and PTR records for

    • your esxi boxes
    • your vcenter box (not built yet)
    • a PTR record for your domain controller

  • You've mounted the vcsa iso file. If you do this right, you can navigate to esxi1 by host name and see your mounted .iso file within your management system.

    image-20221209165804603

  • hunt down and invoke the lin64 installer

    image-20221209170120481

Installation Notes

  • ESXi host or vCenter Server name: esxi1.range.local

  • enter esxi1's root password

  • Give your future vcenter a name, and root password

  • We will do a tiny deployment. It is nice to have at least 64GiB RAM or 2 32GiB hosts or better

  • Ideally this would run on your NAS, however mine is slow. I'm picking esxi1's datastore1 for now

  • make sure you can ping dc and vcenter or this install will go south pretty quickly

    image-20221209172003611

    • once stage 1 is complete, move on to stage 2

      image-20221209175106019

    • create the sso domain: vsphere.local

    • provide an administrator password

    • ceip, is up to you.

Logging in to vcenter

image-20221209181159311

Create the DataCenter

Create a new DataCenter called range and add your two hosts to it. Note, that one of my hosts has secure boot turned off in UEFI, hence the TPM alarm.

image-20221209182350917

Integrate Active Directory

  • Head to Admin->SSO

image-20221214184044341

  • One needs to reboot vcenter

    image-20221214184823891

  • Go get coffee

  • log back in as administrator@vsphere.local

  • on your domain controller create an normal user for ldap binding, note the OU.

    !image-20221214191742762

  • grab your domain controller cert

    openssl s_client -connect dc1.range.local:636 -showcerts

image-20221214191246498

  • Fill out the form like so

    image-20221214192149222

  • set AD as default SSO provider

    image-20221214192240512

  • Add the vcenter-administrators group from range.local to the vcenter Administrators group.

    image-20221214192834592

  • logout

  • log back in as albus.dumbledore-adm

    image-20221214193108532

    image-20221214193128195

Why no Distributed Switches?

  • For purposes of our reference architecture we will stick with standard switches. We will use VM Network on each esxi host for access to the corporate network (192.168.1.0/24) in the example. DSwitches are more useful when you have several esxi hosts and want to have a common mechanism to configure switches and associated port groups.