This post will cover configuring the vCenter and VUM databases (using SQL Server 2008 R2), and the vCenter DSN. This must be done prior to starting the vCenter installation, as one of the first prompts is selecting the vCenter DSN, which must be tied back to a database in SQL server.
Let's get started creating the vCenter and VUM databases, then the vCenter DSN.
1. On your vCenter server you must install the appropriate SQL Native Client. The ODBC configuration uses the Native Client to communicate back to your SQL server. Since vCenter requires a 64-bit server you need the 64-bit native SQL client. If you followed my blog post here to create a SQL 2008 R2 SP2 slipstream media, you can find the SP2 native client at this path: \SP\1033_enu_lp\x64\setup\x64\sqlncli.msi.Or if you didn't make slipstreamed media you can download the 64-bit Microsoft SQL Server 2008 R2 SP2 native client from here.
2. Install the SQL Server 2008 R2 native client on your vCenter server using all default values.
3. On your SQL 2008 R2 server you need to create the vCenter and VUM databases. I've included a sample script below that does the trick. Of course you will need to modify the vCenter service account name, database names and paths to suit your environment.
Cut and paste the script into SQL Server Management Studio and execute it. If you use the same service account here as you did for the SSO installation you can either comment out the CREATE LOGIN statement below, or just ignore the warning when you run the script since the login already exists. No harm done trying to add a login that already exists.
----
/* Creates vCenter server and VUM databases. */
/* Change login name to vCenter service account */
EXEC('CREATE LOGIN [contoso\svc-vctr02-001]FROM WINDOWS')
USE MSDB
EXEC sp_grantdbaccess 'contoso\svc-vctr02-001'
EXEC sp_addrolemember db_owner, 'contoso\svc-vctr02-001'
USE master
create database "D001-vCenter Server"
on
( name = 'D001-vCenter Server',
filename = 'K:\Microsoft SQL Server\MSSQL\Data\D001-vCenter_Server.mdf',
size = 10000MB,
filegrowth = 1000MB )
log on
( name = 'D001-vCenter Server log',
filename = 'L:\Microsoft SQL Server\MSSQL\Data\Logs\D001-vCenter_Server.ldf',
size = 200MB,
filegrowth = 20MB )
COLLATE SQL_Latin1_General_CP1_CI_AS;
create database "D001-vCenter VUM"
on
( name = 'D001-vCenter VUM',
filename = 'K:\Microsoft SQL Server\MSSQL\Data\D001-vCenter_VUM.mdf',
size = 250MB,
filegrowth = 25MB )
log on
( name = 'D001-vCenter VUM log',
filename = 'L:\Microsoft SQL Server\MSSQL\Data\Logs\D001-vCenter_VUM.ldf',
size = 25MB,
filegrowth = 2MB )
COLLATE SQL_Latin1_General_CP1_CI_AS;
EXEC('ALTER AUTHORIZATION ON DATABASE::"D001-vCenter Server" TO [contoso\svc-vctr02-001]')
EXEC('ALTER AUTHORIZATION ON DATABASE::"D001-vCenter VUM" TO [contoso\svc-vctr02-001]')
GO
---
4. Back on the vCenter server you now must create a 64-bit DSN for vCenter to use. You can create it manually through the ODBC GUI, but for consistency I like to script it, so I've included a sample PowerShell script below. I saved the script as vCenter-DSN.ps1. The script requires two arguments, the first one is the FQDN of the SQL server and the second is the database name, enclosed in quotes if it has spaces in it. Run the script from an elevated PowerShell command window.
NOTE: If you have configured your SQL server to allow encrypted connections you can change the Encrypt value to YES. If want a quick guide on configuring SQL transport encryption you can check out my article here. Again, for security I would strongly suggest you use SQL SSL encryption.
---
## Creates a 64-bit System DSN for vCenter Server.
$DSNName = $args[1]
$DBName = $args[1]
If($args[0] -eq $NULL) { echo "Must specify FQDN of SQL server."; Exit}
If($args[1] -eq $NULL) { echo "Must specify Database name."; Exit}
$HKLMPath1 = "HKLM:\SOFTWARE\ODBC\ODBC.INI\" + $DSNName
$HKLMPath2 = "HKLM:\SOFTWARE\ODBC\ODBC.INI\ODBC Data Sources"
md $HKLMPath1 -ErrorAction silentlycontinue
set-itemproperty -path $HKLMPath1 -name Driver -value "C:\WINDOWS\system32\sqlncli10.dll"
set-itemproperty -path $HKLMPath1 -name Description -value $DSNName
set-itemproperty -path $HKLMPath1 -name Server -value $args[0]
set-itemproperty -path $HKLMPath1 -name LastUser -value "Administrator"
set-itemproperty -path $HKLMPath1 -name Trusted_Connection -value "Yes"
set-itemproperty -path $HKLMPath1 -name Encrypt -value "No"
set-itemproperty -path $HKLMPath1 -name Database -value $DBName
## This is required to allow the ODBC connection to show up in the ODBC Administrator application.
md $HKLMPath2 -ErrorAction silentlycontinue
set-itemproperty -path $HKLMPath2 -name "$DSNName" -value "SQL Server Native Client 10.0"
---
Running the script is shown below, and you should see similar output.
5. At this point I would recommend you test the ODBC connection to avoid any vCenter installation issues. In the Windows Start menu search box type ODBC and select Data Sources (ODBC). When the ODBC Administrator appears click on System DSN and you should see the DSN the script created.
Click on the Configure button and run through the wizard (without changing any settings) and you should arrive at the summary screen below. In my case I require data encryption, so that option is set to Yes. Since most people probably don't have SQL setup for encryption (you should!) this will be a No for you.
Click on Test Data Source.. and you should see a successful connection message. If you have configured SQL transport encryption it will also note that the connection was encrypted and that the server certificate was validated (not self-signed).
At this point you have now successfully configured vCenter and VUM databases and setup the vCenter DSN. We will configure the VUM DSN when we do the VUM installation. Part 7 in this series is installing the vCenter 5.1 server using the database and DSN you created.
I think everyone have problem with sql database config for the SSO, can you have your success step for sqlserver for the SSO port on here. Thanks
ReplyDeleteI covered the SSO database configuration in part 1 of my guide:
ReplyDeletehttp://derek858.blogspot.com/2012/09/vmware-vcenter-51-installation-part-1.html
Derek, thanks for the articles.... the VMware guides are not as straight forward to follow as yours.
ReplyDeleteKeep them coming!
Hi Derek,
ReplyDeleteVery nice articles and allot of help thank you. I assume that the vCenter one is taking time as you are running into the same problem everyone that is not using self-signed certs in that the Inventory and vCenter services cannot register to SSO with certificates that have the same common name in them?
This has caused me allot of frustration!
Terafirma, yes this installation has been quite frustrating to try and use trusted certificates. I too am having issues with the vCenter Server install and have an open case with VMware.
ReplyDeleteVery helpful articles so far. Really helped get me out of a jam! Thanks :)
ReplyDeleteWow, this is a first for VMware to make an install this difficult. I'm punting for now so I can do some testing, hopefully the self signed certs will work better. Early looking forward to VMware resolving this one!
ReplyDeleteHey mate,
ReplyDeleteWhenever I try to read the VMWare articles and KBs, I always get confused, dizzy, angry, sad and then crying, in that order. However, your articles give me strength, confidence, potency, happiness and laughter... Keep them coming!
Xiao Feng
Great blog posts! Keep 'em coming! I was thinking about going forward with self-signed certs for now, and then adding trusted certs later. Do you see any issues with that, assuming Vmware fixes the vCenter cert issues, doing it in this fashion? I plan on coming back to your blog and checking for updates and then using your posts to complete the trusted cert install.
ReplyDeleteGiven all of the problems with using trusted certificates I would recommend using self-signed certificates for now. Others have gotten it to work, but I still have vCenter installation issues.
DeleteIs SQL Server 2008 R2 SP2 supported for vCenter 5.1?
ReplyDeleteAnonymous, R2 SP2 is NOT listed as a choice in the VMware Interop matrix. But given that R2 SP1 is listed, I would feel confident in just a newer service pack. I would not go from 2008 R2 to SQL 2012, for example.
DeleteWhere can I download 64bit iso for VMware Vcenter 5.1.0a? I have been looking on vmware but cannot find it.
ReplyDeleteI believe vCenter is x64 only.
DeleteThank you so much Derek !!
ReplyDeletethis is really helping me ^^
I have juste one question : can i use the same SQL server for the SSO service and the Vcenter service ? I mean : i have no choice, the SSO, inventory service and Vcenter have to be on the same VM, could it be a problem ?
@Anonymous: Yes you can use a single SQL server for all of the vCenter/SSO/VUM databases.
DeleteHi Derek, for me its not 100% clear why you use svc account for VCDB and VUM. Most people installed both with local admin and the owner was the same. I have seen problems with jdbc, where running VC and SQL, and webservices under local admin instead of local system solved the issue. Is it that you do the same, but you don't want to use admin, but a svc account?
ReplyDeleteThanks
I've always used a service account for vCenter/VUM and haven't had any problems. I don't like processes running as LocalSystem if I can help it.
DeleteHoly mother of Christ, VMware makes this difficult.
ReplyDeleteBy the time I got to this page I forgot what my vCenter service account was. Had to go backwards page by page (ended up on page 1) and follow the steps until I remembered that I created a domain account for vcenter.