In the last couple of projects, I was tasked with designing a new Platform Services Controller (PSC) and vCenter Server Appliance (vCSA) topology based on specific availability requirements. One of the things I noticed is that admins tend to forget that you need to create a PSC ring topology in a multi-site PSC & vCS design. Let’s have a look why this is important and how to create a PSC ring topology in vSphere 6.5.

PSC Ring Topology Design

Let’s consider the following scenario.

Multi-site (3) vSphere environment

One single SSO domain (vSphere.local)

Each site needs PSC redundancy

As depicted above, this set up will create a redundant PSC topology as all PSC’s will replicate with its respective neighbour providing redundancy. However, the replication between the last and the first PSC needs to be created manually to achieve this setup.

Configure PSC Ring Topology

When PSC-01 is deployed, and configured, deploy PSC-02, PSC-03 etc. It is important to do this in sequence and register with the previous PSC when deploying the next one. So, if you deploy PSC-02, you register it with PSC-01 during the setup. PSC-03 with PSC-02 etc. Once you deployed PSC-06, you will need to set up the replication with PSC-01 manually. This will create the PSC ring topology. Also, make sure you create/join the designated site during the setup!

Open SSH to the PSC and log in with the root account. Go to the /usr/lib/vmware-vmdir/bin Run the following command to show the current PSC replication partners: #./vdcrepadmin -f showpartners -h <FQDN_PSC> -u administrator -w <Password> Example: #./vdcrepadmin –f showpartners –h psc-01.dr.local –u administrator –w VMware123!

Notice that PSC-01 only replicates with PSC-02. Compare it with the output on PSC-06. To set up replication between PSC-06 and PSC-01, run the following command on the PSC-06: #./vdcrepadmin -f createagreement -2 -h <FQDN_Source_PSC> -H <FQDN_Destination_PSC> -u administrator -w <Password> Example: #./vdcrepadmin –createagreement -2 –h PSC-06.dr.local –H PSC-01.dr.local –u administrator –w VMware123!

Verify the replication between the PSC’s again with the command from step 3. Close the SSH session.

Alternatively, you can verify the replication status an all PSC’s with the vcdrepadmin –f showpartners command. Each PSC should have 2 replication partners.

This procedure is also available for PSC’s running on a Windows machine. See KB 2127057 for more details. This KB article will also give you additional vcrdepadmin tool commands as well as a procedure to remove a replication partner from a PSC.

Cheers!

– Marek.Z