Repoint vCenter server to a another platform service controller is quite easy. Recently I needed to repoint a vCenter in a different site to it’s dedicated platform services controller. The current setup was an enhanced linked mode of two vCenters pointing to the same platform service controller. By deploying an additional platform service controller in the second site, you can avoid the failure of a single vCenter site. It is also possible to point the vCenter server appliances to an VIP (Virtual IP) hosted on a load balancer that is backed by two platform services controllers. But In this example, we will only show you the steps that are required to repoint a vCenter appliance to another platform service controller (without an load balancer).

Current topology

The vCenter and platform service controller topology shown below is what we have in place right now. As you can see we have a single platform service controller in site A, that is serving the vCenter server appliances in both sites. If the current platform service controller fail, it will impact both vCenter servers and authentication towards the SSO will not work.

Note: the term site in this example is a physical location (datacenter).

repoint vcenter

Temporary topology

In the desired setup we have two platform service controllers, one in site A and the other in site B within the same vSphere domain. The platform service controllers will be replication partners from each other. VMware already announced that the external platform service controllers will be deprecated, but this is a temporary setup I need to have before using the converge utility. In order to have this setup, we need to deploy a second platform service controller that has joined the SSO domain of site A. Click on this link for more information on how to deploy a second platform service controller in the same SSO domain

how to repoint vcenter

Desired topology

As mentioned before, VMware announced that the external platform service controller will be deprecated. The desired topology as shown below, will be the next phase. We can even implement VCHA (vCenter high availability) on both vCenters to have a redundant setup. This will be explained in the follow-up blog post.

platform service controller

Verify the current SSO members

First of all, we need to make sure that the platform service controller in site B is replicating with the platform service controller in site A. To verify this we need to logon to the platform service controller in site B with SSH. The following command will show you all the current members that participating in the vSphere SSO domain:

cd /usr/lib/vmware-vmdir/bin
./vdcrepadmin -f showservers -h PSC_FQDN -u administrator -w Administrator_Password
how to repoint
The output is showing us the expected results of two platform service controllers

Verify partnership

Even though we already know the platform service controller topology, there is a command to check the partnership of each platform service controller. Run the following command on each platform service controller to determine all of the partnerships:

cd /usr/lib/vmware-vmdir/bin
./vdcrepadmin -f showpartners -h PSC_FQDN -u administrator -w Administrator_Password
vcenter

Verify replication status

Before proceeding with the repoint task of the vCenter server to the platform service controller in site B, we need to verify the replication between the two nodes. This can easily be done with the following command:

Note: This CLI is limited to execution only against the local PSC. Using the command to query the replication status from one PSC to a different PSC is not yet supported.

cd /usr/lib/vmware-vmdir/bin
./vdcrepadmin -f showpartnerstatus -h PSC_FQDN -u administrator -w Administrator_Password
how to repoint vcenter

Repoint the vCenter to another platform service controller

The final task is repointing the vCenter server in site B to the platform service controller in site B. Use SSH to login to the vCenter server in site B and use the following command to perform the repoint task.

Note: Use the –dc-port port_number option if the Platform Services Controller runs on a custom HTTPS port. The default value of the HTTPS port is 443.

cmsso-util repoint --repoint-psc psc_fqdn_or_static_ip
platform service controller
The repoint task completed successfully

Time to test

After the successful repoint task of the vCenter server, we should now test and verify if the vCenter server is using the platform service controller in site B. This can easily be done by opening a browser and browse to the URL of the vCenter server in site B. Launch the HTML5 or FLEX client and verify if you are redirected to the platform service controller in site B.

Final words

One of the follow-up post will be about the desired topology as mentioned previously. If you have any questions about this topic or if you need any help, please use the comment section below or send me a mail via the contact page.