An external Platform Services Controller (PSC) can provide scalability and high availability across sites. A vCenter Server initially deployed with an embedded PSC can be reconfigured to use an external PSC by following the steps outlined below. Multiple external Platform Services Controllers can be deployed and an environment can be mixed between the appliance and Windows versions of vCenter Server and PSC.
- The vCenter Server must be running at least version 6.0 Update 1.
- The process involves the installation of an external PSC as a new target for vCenter Server. The PSC must be in the same Single Sign-On site and domain as the vCenter Server.
- Ensure you have good backups of your vCenter Server. If the vCenter Server is virtual take a snapshot before starting the process, likewise after deploying the new PSC take a snapshot.
- If the process fails for any reason revert back to the snapshots.
- An external PSC deployment model cannot be converted into an embedded PSC.
- If vCenter HA is enabled then disable and reconfigure after the process is complete. For more information see Configuring vCenter 6.5 High Availability.
- The commands outlined below are the same for the vCenter Server Appliance and Windows vCenter Server, unless specified. Take into account the following environmental variables:
- For Windows all commands should be run as an administrator in an elevated command prompt.
- For the appliance use the root account for all commands, enable BASH and launch the shell by running
shell.set -enabled Truefollowed by
The first step is to determine the Single Sign-On site by running the following commands on the vCenter Server: vCenter Server Appliance:
/usr/lib/vmware-vmafd/bin/vmafd-cli get-site-name --server-name localhost. Windows vCenter Server:
"C:\Program Files\VMware\vCenter Server\vmafdd\vmafd-cli" get-site-name --server-name localhost.
Make a note of the SSO site. Next deploy the new external Platform Services Controller, if you require assistance with this see the Deploying an External Platform Services Controller post. The new PSC must be configured with the same Single Sign-On site and domain as the vCenter Server you want to reconfigure.
Once the external PSC is up and running go back to the vCenter Server. Confirm the Platform Services Controller services are running, for Windows first navigate to the correct directory by using:
cd "C:\Program Files\VMware\vCenter Server\bin".
For both the appliance and Windows versions run the following command:
service-control --status --all
Check that the VMware License Service, VMware Identity Management Service, VMware Security Token Service, VMware Certificate Service, and VMware Directory Services are running.
To reconfigure the vCenter Server to use the new PSC use the following command, replacing
newpsc with the IP or FQDN (case sensitive) of the new PSC,
password with the relevant SSO domain and user details.
cmsso-util reconfigure --repoint-psc newpsc --username username --domain-name domainname --passwd password
If the external PSC is configured to use a custom port then add
[--dc-port port] where
port is the port number. Check the configuration results.
Confirm the vCenter is accessible by logging in to the vSphere web client. The process is complete, if you disabled vCenter HA then you can now go ahead and reconfigure.