Introduction to vCenter Server

As the size of a virtual infrastructure grows, the ability to manage the infrastructure from a central location becomes significantly more important. vCenter Server is a Windows-based application that serves as a centralized management tool for ESX/ESXi hosts and their respective virtual machines. vCenter Server acts as a proxy that performs tasks on the individual ESX/ESXi hosts that have been added as members of a vCenter Server installation. Although vCenter Server is licensed and sold as an "optional" component in the vSphere product suite, it is required in order to leverage some features of the vSphere product line, and I strongly recommend including it in your environment. Specifically, vCenter Server offers core services in the following areas:

Resource management for ESX/ESXi hosts and virtual machines

Template management Virtual machine deployment Virtual machine management Scheduled tasks Statistics and logging Alarms and event management ESX/ESXi host management

Most of these core services are discussed in later chapters. There are two other key items about vCenter Server that you can't really consider core services. Instead, these underlying features support the core services provided by vCenter Server. In order to more fully understand the value of vCenter Server in a vSphere deployment, you need to take a closer look at the centralized user authentication and extensible framework that vCenter Server provides.

Centralizing User Authentication

Centralized user authentication is not listed as a core service of vCenter Server, but it is essential to how vCenter Server operates, and it is essential to the reduction of management overhead that vCenter Server brings to a VMware vSphere implementation. Without vCenter Server, you would need a separate user account on each ESX/ESXi host for each administrator who needed access to the server. As the number of ESX/ESXi hosts and the number of administrators who need access to those hosts grows, the number of accounts to manage grows exponentially.

In a virtualized infrastructure with only one or two ESX/ESXi hosts, administrative effort is not a major concern. Administration of one or two servers would not incur incredible effort on the part of the administrator, and the creation of user accounts for administrators would not be too much of a burden.

vCenter Server requirement

Strictly speaking, vCenter Server is not a requirement for a vSphere deployment. However, to utilize the advanced features of the vSphere product suite-features such as Update Manager, VMotion, VMware DRS, VMware HA, vNetwork Distributed Switches, host profiles, or VMware IT vCenter Server must be licensed, installed, and configured accordingly.

In situations like this, vCenter Server might not be missed from a management perspective, but it will certainly be missed from a feature set viewpoint. In addition to its management capabilities, vCenter Server provides the ability to perform VMware VMotion, configure VMware Distributed Resource Scheduler (DRS), establish VMware High Availability (HA), and use VMware Fault Tolerance (FT). These features are not accessible using ESX/ESXi hosts without vCenter Server. Without vCenter Server, you also lose key functionality like vNetwork Distributed Switches, host profiles, and vCenter Update Manager. I consider vCenter Server a requirement for any enterprise-level virtualization project.

But what happens when the environment grows? What happens when there are 10 ESX/ESXi hosts and five administrators? Now, the administrative effort of maintaining all these local accounts on the ESX/ESXi hosts becomes a significant burden. If a new account is needed to manage the ESX/ESXi hosts, you must create the account on 10 different hosts. If the password to an account needs to change, you must change the password on 10 different hosts. vCenter Server addresses this problem. vCenter Server installs on a Windows Server-based operating system and uses standard Windows user accounts and groups for authentication. These users and groups can reside in the local security accounts manager (SAM) database for that specific Windows-based server, or the users and groups can belong to the Active Directory domain to which the vCenter Server computer belongs. With vCenter Server in place, you can use the vSphere Client to connect to vCenter Server using a Windows-based account or to connect to an ESX/ESXi host using a local account.

vSphere Client

Logging on to an ESX/ESXi host using the vSphere Client requires the use of an account created and stored locally on that host. Using the same vSphere Client to connect to vCenter Server requires the use of a Windows user account. Keep in mind that vCenter Server and ESX/ESXi hosts do not make any attempt to reconcile the user accounts in their respective account databases.

Using the vSphere Client to connect directly to an ESX/ESXi host that is currently being managed by vCenter Server can cause negative effects in vCenter Server. A successful logon to a managed host results in a pop-up box that warns you of this potential problem..

Although the vSphere Client supports authenticating to both vCenter Server and ESX/ESXi hosts, organizations should use a consistent method for provisioning user accounts to manage their vSphere infrastructure because local user accounts created on an ESX/ESXi host are not reconciled or synchronized with the Windows or Active Directory accounts that vCenter Server uses.

For example, if a user account named Shane is created locally on an ESX/ESXi host named and the user account is granted the permissions necessary to manage the host, Shane will not be able to utilize the vSphere Client connected to vCenter Server to perform his management capabilities. The inverse is also true. If a Windows user account named Elaine is granted permissions through vCenter Server to manage an ESX/ESXi host named, then Elaine will not be able to manage the host by using the vSphere Client to connect directly to that ESX/ESXi host.


rvices of vCenter Server.

Providing an Extensible

Like centralized authentication, I don't include vCenter Server's extensible framework as a core service. Rather, this extensible framework provides the foundation for vCenter Server's core services and enables third-party developers to create applications built around vCenter Server.

Following figure shows some of the components that revolve around the core s*

A key aspect for the success of virtualization is the ability to allow third-party companies to provide additional products that add value, ease, and functionality to existing products. By building vCenter Server in an extensible fashion and providing an application programming interface (API) to vCenter Server, VMware has shown its interest in allowing third-party software developers to play an integral part in virtualization. The vCenter Server API allows companies to develop custom applications that can take advantage of the virtual infrastructure created in vCenter Server. For example, Vizioncore's vRanger Pro is a simplified backup utility that works off the exact inventory created inside vCenter Server to allow for advanced backup options of virtual machines. Other third-party applications use the vCenter Server APIs to provide management, monitoring, lifecycle management, or automation functionality.