Apologize for a lengthy explanation of the environment I am working on. Please go thru it fully for a complete understanding.
Okay, lets get directly on to the topic
We have 3 Physical Sites
Site-A
Site-B
Site-C
SSO Info
A separate VM called Master-SSO-VM
vCenter info (Please don;t ask why we have so many VCs in the environment )
Site-A
Site-B
Site-C
Here is our SSO design,
I have a separate VM designated for Master SSO VM in Site-A.
All my VC will have SSO, Inventory, Web Client Installed on them. The SSO on each VC will point to master SSO in Site-A.
Why I decided to have a separate VM for Master SSO? There is no big reason for that, I just wanted to have a separate SSO VM where all other VC’s SSO can point to instead of pointing to a SSO installed on a specific VC.
Here is the attached diagram explaining SSO-Design.PNG
So my question is
1. Is this the appropriate design for my environment considering we want to have linked vCenters for all of them in the entire environment?
2. The other issue I encountered is, when I installed my first vCenter server VC3, the vCenter service won’t start and the vpxd.log would throw SSO errors. I fixed it after changing the SSO to the local vCenter address in vpxd.cfg file. It was pointing to the Master-SSO-VM address. Here is the Vmware KB article on the error http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=205808...
Note:
It looks ok. Did you install it in a lab environment?
I installed this both in LAB and Production environment.
In production i have just installed the Master SSO VM and another VC (VC3) so i wanted a 2nd view before proceeding further in production.
Also both in LAB and Production whenever i installed the SSO, Integration Service, WebClient on the first VC (SSO pointing to the master SSO VM) the vCenter service won't start and i had to modify the vpxd.cfg to point to the local SSO fqdn/ip, then the issue got resolved, i had no clue why that happened.
I haven't created as complex an SSO environment as that, but for that method you need a load balancer for HA mode. If you want them to be linked I would use the multisite mode option When you install the "Master-SSO" your first VC is pointed to it as a new site correct? Is that VC1?
vSphere 5.5 Documentation Center