How to configure PSC ring topology

In the last couple of projects, I was tasked with designing a new Platform Services Controller (PSC) and vCenter Server Appliance (vCSA) topology based on specific availability requirements. One of the things I noticed is that admins tend to forget that you need to create a PSC ring topology in a multi-site PSC & vCS design. Let’s have a look why this is important and how to create a PSC ring topology in vSphere 6.5.

PSC Ring Topology Design

Let’s consider the following scenario.

  • Multi-site (3) vSphere environment
  • One single SSO domain (vSphere.local)
  • Each site needs PSC redundancy

PSC ring topology F

As depicted above, this set up will create a redundant PSC topology as all PSC’s will replicate with its respective neighbour providing redundancy. However, the replication between the last and the first PSC needs to be created manually to achieve this setup.

Configure PSC Ring Topology

When PSC-01 is deployed, and configured, deploy PSC-02, PSC-03 etc. It is important to do this in sequence and register with the previous PSC when deploying the next one. So, if you deploy PSC-02, you register it with PSC-01 during the setup. PSC-03 with PSC-02 etc. Once you deployed PSC-06, you will need to set up the replication with PSC-01 manually. This will create the PSC ring topology. Also, make sure you create/join the designated site during the setup!

  1. Open SSH to the PSC and log in with the root account.
  2. Go to the /usr/lib/vmware-vmdir/bin
  3. Run the following command to show the current PSC replication partners:
    #./vdcrepadmin -f showpartners -h <FQDN_PSC> -u administrator -w <Password>
    Example: #./vdcrepadmin –f showpartners –h psc-01.dr.local –u administrator –w VMware123!
  1. Notice that PSC-01 only replicates with PSC-02.PSC Ring Topology 01
  2. Compare it with the output on PSC-06.PSC Ring Topology 02
  3. To set up replication between PSC-06 and PSC-01, run the following command on the PSC-06:
    #./vdcrepadmin -f createagreement -2 -h <FQDN_Source_PSC> -H <FQDN_Destination_PSC> -u administrator -w <Password>
    Example: #./vdcrepadmin –createagreement -2 –h PSC-06.dr.local –H PSC-01.dr.local –u administrator –w VMware123!
  1. Verify the replication between the PSC’s again with the command from step 3.PSC Ring Topology 03PSC Ring Topology 04
  2. Close the SSH session.

Alternatively, you can verify the replication status an all PSC’s with the vcdrepadmin –f showpartners command. Each PSC should have 2 replication partners.

This procedure is also available for PSC’s running on a Windows machine. See KB 2127057 for more details. This KB article will also give you additional vcrdepadmin tool commands as well as a procedure to remove a replication partner from a PSC.

Cheers!

– Marek.Z

4 Comments

  1. Hi Marke, What if we have Load Balanced PSC pairs on each of the 3 sites.How does load balancing of PSCs fits in with this ring topology? For many organizations, load balancing is a must to ensure high availability to the PSC provided services.
    Thanks.

    • Hi Vipin,

      The load balancing does not affect the ring topology setup. You have to configure it if you want to ensure replication between the PSC’s. Load Balancers are placed before the 2 PSC’s on each site and the vCenter Server(s) register on the Load Balancer VIP address.

      Hope this helps.

      Cheers!

Leave a reply...