Configure vCenter HA with vSphere 7.0

vCenter HA is a high availability option for vCenter appliance which introduced with vSphere 6.5 and here I'll explain how to configure vCenter HA with vSphere version 7.0.

vCenter HA is different from vSphere HA. vSphere HA is a availability solution for the virtual machines in the cluster and during a HA fail-over the VM/s will be rebooted in other available ESXi hosts within the cluster. However vCenter can be protected using the vSphere HA but there are some scenarios where that restart time (downtime) is not acceptable. With vCenter HA, there is 3 nodes consists of the VCHA architecture called, Active, Passive and Witness.

vCenter HA topology

Active Node: This is the active appliance that serve all the client requests and appliance that expose to the end users via the vSphere web client. This node will be communicating with passive node for replication and with witness node for cluster status monitoring over the dedicated vCenter HA network.

Passive Node: This is initially a clone of the active vCenter and then continuously sync with the active node over the vCenter HA network. If any failures occurs in the active node, this will immediately take over the active node role.

Witness Node: This lightweight clone from the active node provide the quorum to the cluster. 

Software and Hardware Requirements

To configure VCHA the ESXi version should be 5.5 or higher and it's strongly recommended 3 ESXi node cluster. Also it's recommended to use DRS rules to put these 3 modes in separate ESXi hosts as well.

As I mentioned earlier the minimum vCenter version is 6.5 and this requires only one vSphere standard license. The recommended deployment size is small or bigger ones as tiny is not recommended for production environments. vCenter HA is supported and tested with VMFS, NFS, and vSAN datastores. 

The vCenter HA network must be on separate subnet than the management network and the latency between active, passive and witness node must be less than 10ms. 

vCenter 7.0 HA Configuration - Step by Step

As mentioned earlier this HA configuration needs a dedicated network for HA related traffice so I'm going to add a new NIC for the VCSA. 

1.  Log in to thr vCenter and find the VCSA appliance. Edit VM settings and add new NIC card and assign the vLAN created for the VCHA network.

2.  Login to VCSA appliance management interface using below URL.

https://<<your VC IP or FQDN>>:5480/#/login
3.  Navigate to networking tab from the left hand side menu and click edit link on the top right side for the newly added NIC.

VCSA network configuration.

4.  Once you click the edit link, it will ask you to select which interface you need to change and select the NIC added for the VCHA network.

Select Network Adaptor.

5.  These select Either automatic DNS and IP reservation or enter both details manually depending on your network configuration.

Edit NIC IP Settings.

6.  Then it will show the summary and click finish if you are happy with the network configuration.

Edit Network Settings

7.  Then NIC settings will show as follows. 


IP Settings Summary.

8.  Once VCSA appliance additional NIC configured for VCHA, navigate to vCenter web interface and select the vCenter from inventory menu in Left hand side, select Configure tab , vCenter HA and Click SET UP VCENTER HA button.

Set Up vCenter HA

9.  Then it will go through the guided process of configuring the VCHA. When configuring VCHA you can clone the vCenter appliance by your self for Passive and Witness nodes or you can simply let the vCenter to do that for you. in earlier versions this was called as Basic and Advanced mode. But with the vSphere 7 it's just a checkbox for you to select that automatic process. Since I'll be doing it that way tick the check box to automatically clone passive and witness node and then it will ask the relevant details for passive and witness nodes


Resource Settings.

 10.  To configure the required settings for passive node click Edit Icon as shown in below.

Passive Node Settings

11.  Then it will ask the name for the witness node, I'll leave it with default chosen name and we need to specify the location for this VM.

Passive Node Resource Settings.

12.  Then we need to select the compute resource for the passive node. As I mentioned earlier, it is recommended to separate these 3 nodes from each other so select a ESXi host which is currently the active VCSA is not running.

Passive Node Resource Settings.

13.  Select the datastore or datastore cluster. Also make sure the 3modes will not sitting on the same datastore to avoid single point of failures.

14.  Then select the correct port groups for both management network interface and VCHA network interface. 

Passive Node Resource Settings.

15.  Then review the settings and click Finish to save the settings.

Passive Node Resource Settings.

16.  Then Click the Edit button next to Witness node details to enter the details for witness node as well. In the witness node configuration it will not ask for management network interface as it will not take over the load during a failure, it's just here for quorum purpose only. 

Witness Node Resource Settings.

17. Click Next button to enter the IP settings for both passive and witness nodes. The IP settings will require only for the VCSA HA network and same Management IP will be used by the passive node during a failure. 

Network Settings for Passive and Witness Node.

Then click Finish to start the configurations. The progress will be shown in the same vCenter HA tab and also you can see the current progress in recent task list as well.


Once the HA setup is finished you can see the summary of current status of the VCHA and some other available options as well.


Post a Comment