
close
close
One of the biggest improvements in the recently announced vSphere 5.5 is the updates to Single Sign-On (SSO). This new version of SSO makes me extremely happy and I think it will have the same affect for the customers I work with. The initial SSO attempt in vSphere 5.1 was… well, lets just say it could have been better. Today I’ll cover the changes to this SSO update and why it makes for a better product.
Multi-master – No more working with a primary and secondary architecture with strict database rules. The new SSO product uses a multi-master model for the SSO servers.
advertisment
Built in replication – Replication is now built in and happens automatically between SSO servers within the same domain.
Site awareness – There is now the ability within an SSO domain to define sites. Sites would typically be physical data center locations. This makes the architecture a little easier to understand and design for.
The big news here is that there is no SSO database any more. This change allows for the improved architecture covered earlier. While the database was not impossible, it did give many admins a rash while trying to setup the first couple of attempts.
With the updated version of SSO there is now just a single deployment method. This simplifies things a great deal. The previous version confused many people about when should they use simple, HA, or multi-site configurations.
advertisment
New install options are as follows:
VMware has also package a set of diagnostic and troubleshooting tools with this release of SSO. I welcome this because even when talking with VMware people and their support staff there was a huge void in SSO experience. Having a set of tools that can aide in resolving SSO issues.
For a large portions of customers VMware recommends them to KISS (Keep It Simple SSO!) when architecting and installing their SSO environment. This means that for data centers with one to five vCenters the primary architecture choice would be to install all the components for a vCenter on a single server as shown below. This keeps things simple and still performs very well for environments with up to 1000 hors or 10,000 VMs. This model keeps all the services local and does not create any new external dependencies.
advertisment
The alternative architecture for larger data centers with more than five vCenters should consider the following model. This model uses a centralized SSO and vSphere Web Client install that all vCenters will access. This model supports a mixed vCenter version of both vCenter 5.1 and 5.5. This will be welcome for customers that have mixed requirements or long upgrade processes.
To support the high availability of this model the following are some requirements and options for consideration:
More from Brian Suhr
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in VMware
Amazon Announces the General Availability of VMware Cloud on AWS Outposts
Oct 12, 2021 | Michael Otey
VMworld 2019 Day 2 – VMware Demos Project Pacific, Tanzu Missional Control and More
Aug 28, 2019 | Michael Otey
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group