Lesson 1 - Module 4 Introduction
Video Activity
Introduction to Module 4 This lesson focuses on the objectives of the module. Participants will learn about the following: vCenter server architecture ESX Host Communication w/ vCenter V center components and modules Single sign on (SSO) components In this first lesson, participants learn about the vCenter server and all the options that are availa...
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Description
Introduction to Module 4 This lesson focuses on the objectives of the module. Participants will learn about the following:
-
vCenter server architecture
-
ESX Host Communication w/ vCenter
-
V center components and modules
-
Single sign on (SSO) components
In this first lesson, participants learn about the vCenter server and all the options that are available; you can join a vCenter host to a domain and many users. You can also use an embedded or external database to keep track of all objects and configuration details.
Video Transcription
00:04
Hello and welcome to Cyber Harry. This is module for Lesson one
00:09
of the virtual ization installation configuration management
00:13
course,
00:16
and this lesson will be covering several items. Will first look at the Centre Server architecture,
00:22
then the communication that the SX I host has with the center itself.
00:28
Well, look at the different components and modules that comprised the center
00:33
and then the components that are part of a single sign on.
00:38
So, starting with RV center architecture
00:41
we saw in previous discussions,
00:44
the center can talk with various hosts and how we have our virtual machines
00:49
with their applications and their guest operating systems running on those hosts,
00:55
the center supports up to 1000 hosts, so it's quite generous as faras
01:00
capabilities you could enjoy
01:03
and up to 10,000 powered on V EMS.
01:07
So you can imagine how larger environment would have to be before you would exceed
01:11
the capability of one V Center server.
01:15
We can link various
01:18
of the central service together. They used to be a
01:21
a mod called link mode,
01:23
where you could have these under servers and various different geographic locations and be able to see all of their inventory through one be center
01:32
through one V sphere client
01:34
that's actually not required anymore. We couldn't do that without using Link. No, we'll talk about that in a moment.
01:42
But the center itself has very different components that we can utilize.
01:49
I discussed previously using an active directory or domain controller
01:53
joining the center to the main. Joining all of your hosts to a domain
02:00
makes life a lot easier for dealing with
02:02
the centralized authentication of those users,
02:07
as well as
02:08
not having to worry about managing local accounts and the headaches that go with that.
02:16
The centre gives you a couple of different options. When you do the installation, you can either pick the embedded database,
02:23
which is perfect for small environments where you might only have
02:27
five hosts. 50 PM's
02:30
you know relatively, relatively small,
02:31
but you can also use an external database like Oracle or D B to post dress
02:37
as additional option.
02:39
To keep track of all of your objects, keep track of all of your configuration details and so on.
02:46
We know that there's an application programming interface for view spear,
02:51
and that could be utilized by various developers
02:54
and other vendors to create different products
02:58
and technical solutions to add into the environment to make your job easier.
03:04
We don't really talk too much about those kinds of
03:07
Adams to be center, But just to be aware of that,
03:10
the A p I and also the SdK, for that matter
03:17
can help the developers
03:20
get all the tools that they need to bring new products to the market.
03:25
Then we have our distributed service's
03:28
and a distributed service is something like the motion or storage of emotion.
03:32
So it's distributing. Resource is among different hosts or different data stores within your environment,
03:40
so full tolerance would also qualify.
03:45
So we're able to
03:46
movie EMS around or move their storage around based on changing requirements in the environment.
03:52
And that's considered a distributed service. And that's very powerful future
03:55
or a set of features that be spared supports the center server supports,
04:01
and then we also have the ability to manage the hosts.
04:05
So those are some components that are built into the center,
04:10
putting the hosts and to standby mode for patching or
04:14
huh,
04:15
being able to move them in and out of clusters.
04:17
These are some of the functionality that we're referring to there
04:23
and we can't forget about plug ins.
04:26
One plug in that we'll see towards the end of the class, deals with the update manager
04:30
and the update manager lets you
04:33
create patch baselines and attached them to a host and then re mediate that host.
04:38
And so that's ah,
04:40
really neat feature that's available when you when you installed the center you install plug in or the update manager from
04:47
the E s s E S X I home page
04:51
which, if you remember I mentioned, was reachable through a Web browser by using the I. P address of the host
05:00
appointed manager.
05:02
Lets you add enable disable plug ins.
05:06
Once we once we install update Manager will be able to go the plugin manager to see that the update manager plug in is available. Then you have to install it downloaded and install it.
05:17
Another one that might be of use is the site recovery manager.
05:20
This is used for disaster recovery scenarios
05:24
and for high availability business planning purposes,
05:30
huh?
05:31
Then moving on to the host communication
05:35
on your host. You have a couple of different components here.
05:40
1st 1 is Host D
05:43
Host D is used for servicing
05:46
connections from the V Center server in from the Vic client.
05:50
In order to
05:53
give hosting the proper privileges to run on your host,
05:57
a user called V P X A gets created when the host is joined to the center.
06:02
Mmm,
06:03
this user has us appropriate privilege levels to allow Host D to do its work.
06:10
So these two components will talk with each other.
06:12
V p X a is the the center agent effectively
06:16
and that runs on the host in facilitates communication with the central server.
06:24
So when you're restarting your management network, for instance, you're restarting host be perhaps V P X A
06:31
or or the V's painter agent as well.
06:34
And you would only do that when you're having problems communicating between the host and the
06:39
and the the central server.
06:40
So it's good to know. But that injured player looks like
06:46
another recent feature for
06:48
view. Center environments
06:50
believe starting with Version five. That one
06:55
is the ability to use a single sign on mechanism.
06:59
And of course, this gives a lot of advantages.
07:00
We know that it's much quicker to log into the single sign on environment when you properly configure the server with the central Server,
07:10
then you don't have to re authenticate
07:13
to various other components within the center. Once that's completed,
07:16
so makes your environment less complex to deal with, because you
07:20
you configure es eso
07:24
do your first time registration. And then from that point on, you just log in once
07:29
through the vic or the Web client,
07:30
and you've got full access to all the inventory objects and features that you are entitled to.
07:39
Another benefit is being able to support non active directory users,
07:45
so we do this
07:46
by creating local accounts
07:48
or having some other
07:51
of groups of users that are local to the to the host.
07:56
Typically, you want to use active directory of its available
07:59
because it does provide a lot of advantages
08:01
for managing larger groups of users. That way, you don't have to deal with the maintenance headache of of local accounts and all of your different hosts, which could be a nightmare to keep track of. If somebody knew, joins the organization or somebody leaves.
08:18
Single Sign also provides trust between the components,
08:22
and this is needed because if I signing with single sign on
08:28
the reason, I can get authenticated to all the other components without having to do anything. Extras, because those components now trust each other, so trust relationship gets built.
08:37
When SSO is active and operating correctly,
08:41
it supports an open standard.
08:45
So it's extensible
08:46
and, uh,
08:48
friendly to developers.
08:50
Some of the features
08:54
Additional week for a single sign on our the auto automatic discovery of five that one or 55 starters.
09:03
So if you've got more than one, the center server in your environment,
09:07
you're single sign on configuration should be able to help you
09:11
get access to those other servers without having to do a lot of extra work.
09:16
As I mentioned, there's a onetime registration
09:18
step, and it's as we'll see in the lab that follows,
09:22
uh,
09:24
single sign on registrations. Very, very straightforward.
09:26
Once that's done, I can see all of my V Center server instances,
09:31
whereas before I needed link mode to do this. Now a single sign on I no longer need link mode,
09:37
so it's definitely an additional advantage to make life easier
09:41
and less complex. For for management purposes,
09:46
Single sign on supports identity sources that are above and beyond what are provided by default
09:54
for instance, in the environment that was built for these labs, I had to add my active directory server
10:01
as an additional identity source.
10:03
If you don't do that, then you won't be able to authenticate properly because single sign on doesn't know where your credentials should be verified.
10:11
If you are using Active Directory 2003 and later is supported
10:18
if you're using open L DAP,
10:20
you can use our version 2.4 later.
10:22
And then for nous or local users,
10:26
you just use those in the in the traditional straightforward manner.
10:31
But being able to add an additional identity sources a powerful future,
10:35
since you could have more than one and be able to, uh,
10:39
deal with authentication of users that come from lots of different kinds of environments,
10:46
single sign on as its own components.
10:48
It has a lookup service,
10:52
which can be a little problematic if it's not configured correctly.
10:56
But this allows you to
10:58
be able to identify
11:00
different components within your overall the center,
11:05
uh,
11:05
architecture, so you could do some searching.
11:09
There's also a administrative server for single sign on,
11:13
and in most cases, in the case of the labs that will do. The single sign on feature can be run by
11:20
taking an embedded
11:22
database.
11:24
That's the simplest option. It's good for smaller environments.
11:26
You can create a dedicated single sign on server if you wish for larger environments, but we don't need to do that for a small set up like the one we're using.
11:37
There's also the, uh, security token service,
11:41
and this is another feature of single sign on
11:43
that facilitates the trust relationship that I spoke about so the tokens can get exchanged. And as long as the token is valid and has the right parameters than the other, components
11:54
within that architecture can can trust each other.
12:01
And there's also the security support provider service
12:05
additionally, available for developers to make sure that there
12:09
components can can work or interoperate more,
12:15
more seamlessly with each other.
12:18
And two more features to think about are the features of object tagging.
12:24
So once we look at the lab and see objects in the inventory, you can assign a tag to those objects,
12:31
and that becomes very useful because now you could do searches for things that have a certain tag,
12:37
or you can use the tags for other tasks based on their value.
12:43
All right, So the next test
12:46
would be to go to Lesson two, where we manage the V Center server inventory.
Up Next
Similar Content
