How To: Upgrade vCloud Director in Detail – Part 1

This outlines the steps for performing an “End-to-End” upgrade of a vCloud deployment. “End-to-End” for the purpose of this guide refers to all aspects of the installation from the vCloud Director cells all the way to the deployed virtual machines running inside the vCloud. What this document will not cover is the specific click through steps on certain components, as those are documented in their respective installation guides or release notes. What this will cover are the dependencies, additional steps and considerations needed to maintain the proper working condition of the system at certain stages in the upgrade process and facilitate a smoother process. It is recommended that there are “planned” pause periods between phases to allow for validation and user testing before moving onto the next phase. Although all phases could be completed in a “Big Bang” approach this may add risk and troubleshooting difficulty.

IMPORTANT NOTE: Some of these upgrades may be disruptive to end users, and will require that they do not have system access for a brief period. This is unavoidable, and precautions should be taken for informing users. Running virtual machines will remain available in most cases. This will also NOT address the process for migrating from an Oracle-based vCloud Director Database to MS SQL Server, the process which is currently not supported.

Installation References

The following publications contain information on upgrading each individual component discussed in this document.

Support and Assistance

Contact VMware Global Support for any assistance and always reference the available Knowledge Base Articles and product installation guides

High Level Process Outline

The upgrade has been divided into four major phases as shown in the order below. After completion of any phase, a customer can “park” indefinitely until they chose to move on.

Table 1 – Upgrade Phases

Phase Steps

I

Upgrade vCloud Director Cells from 1.0.1 to 1.5Upgrade vShield Manager and deployed vShield Edges from 1.0 to 5.0

Upgrade Chargeback from 1.6.1 to 2.0Optional)

Upgrade the Oracle Database versions

II

Upgrade vCenter Server from 4.x to 5.0Upgrade vCenter Orchestrator 4.x to 5.0

III

Upgrade ESXi hosts from 4.x to 5.0

IV

Upgrade VMFS-3 to VMFS-5Upgrade vNetwork Distributed Switches

Update vCloud Director configuration

Upgrade vApp hardware levels to HW8

Upgrade VMware Tools

Each of these phases will be addressed with considerations in separate sections in this document. In testing the upgrade process and considering potential variations in the order of steps, the methodology presented here provided the most stable and phased approach to an upgrade. For example, a customer could elect to only perform Phase I and II and wait on any vCenter or ESXi upgrades and subsequent changes until they wanted the additional functionality. The choice of when to proceed further can be left up to the customer to decide, and they are not left in a state of instability.

There has been a question of upgrading vCenter and ESX first. The downside with upgrading ESX and vCenter before vCloud Director is that the vCloud Director 1.0.1 agent simply will NOT install on an ESXi 5 host. This means if you start the upgrade process with ESX first you will be forced into upgrading vCloud Director planned or unplanned. This may not be the best option for customers that want a truly phased methodical and systematic approach. However, in our tests we observed that upgrading vCenter only to version 5 did not adversely affect vCloud Director in any noticeable way other than Custom Roles are modified and may need to be updated.

Additionally, some customers have mentioned they want to upgrade to vCloud Director specifically for Oracle 11gR2 support or Microsoft SQL Server support, and want to wait on upgrading the vSphere end until they can test it elsewhere. The main point is once you start with vSphere first you will be forced to continue all the way through and have no real phased approach.

Upgrade Checklist

VMware vSphere

Table 2 – VMware vSphere Checklist

Done Requirement
Have the HA capacity of at least N+2 in your provider clusters to maintain N+1 availability during the ESX host upgrades
Have Access to new hardware in case additional hosts are needed to maintain HA levels

Software

Table 3 – Software Checklist

Done Requirement
VMware vCloud Director VMware Cloud Director 1.5 Build #464915Supported OS and database(Red Hat Enterprise Linux 5 64-bit and Oracle 11g)
VMware vCenter Chargeback 1.6.2 Build #472877
VMware vShield Manager 5.0 Upgrade Package File Build #473791
VMware vSphere Installation files for vCenter and ESXi using VMware Update Manager.

  • vSphere vCenter Build #456005
  • vSphere ESXi Build #469512 (ISO Image)
vShield Edge 5.0 license keys
vCloud Director license keys
vSphere 5.0 license keys
Cell Management Tool for vCloud Director 1.0http://kb.vmware.com/kb/1033575
If vCenter Heartbeat is used for vCenter, vSphere vCenter HeartBeat 6.4 is required to upgrade before vCenter – Also add new KB that will cover upgrading to vCenter 5.0 that is protected by vCenter HeartBeat

Service Accounts

Be sure to have all the service accounts available with passwords that were used for the original installation. The following table is a reference table of accounts that could have been used during installation and their mapping. Your customer’s use of service accounts may be different, and the key is to understand for each component what account was used, as this can affect the upgrade functionality. In the test lab each component was given their own unique service account in Active Directory (AD) to test the connectivity to other components. Some customers may NOT have used service accounts depending on the installation, but many of the new security features especially in vShield Manager will require them. The table below lists the most common access requirements and the level of access they will need. If these are not in place, they should be created prior to upgrading.

 

Table 4 – Suggested Service Accounts Used

Access Required

Components that require Domain Service Accounts

vCloud Director

vCloud Connector

vCenter and Update Manager

vCenter Chargeback

vShield Manager

vCenter Role

Admin

Admin

N/A

Admin for Install then

Read Only Plus Storage Views

Admin

Local System Access

N/A

N/A

Log on as a Service

Log on as a Service

N/A

AD / LDAP Access

Read Only Access to AD

N/A

N/A

Read Only Access to AD

N/A

vCenter Database

N/A

N/A

DBA/DBO

Read Only

N/A

vCloud Database

RESOURCE, DBA,

N/A

N/A

Read Only

N/A

CONNECT, ETC

About Chris Colotti

Chris is active on the VMUG and event speaking circuit and is available for many events if you want to reach out and ask. Previously to this he spent close to a decade working for VMware as a Principal Architect. Previous to his nine plus years at VMware, Chris was a System Administrator that evolved his career into a data center architect. Chris spends a lot of time mentoring co-workers and friends on the benefits of personal growth and professional development. Chris is also amongst the first VMware Certified Design Experts (VCDX#37), and author of multiple white papers. In his spare time he helps his wife Julie run her promotional products as the accountant, book keeper, and IT Support. Chris also believes in both a healthy body and healthy mind, and has become heavily involved with fitness as a Diamond Team Beachbody Coach using P90X and other Beachbody Programs. Although Technology is his day job, Chris is passionate about fitness after losing 60 pounds himself in the last few years.

3 comments

  1. upgrade Cells ….. mostly
    eevrything OK ….
    except real world users has GBs of Catalog VMs and
    the upgrade proces copies them to different locations ….
    that time and sopace was not warned in any paper
    …..
    also remember the credntials you need on NFS ..
    other than that … Upgrade OK …..( we are in
    vCD 1.5 in both cells now …)
    vShield Manager Upgrade ….
    WHOA !!!! …….
    TIME …time … and more TIME …. !!!!!
    this is my … SMALL .vcenter … 5 Hosts …
    66 VMs …
    and it is taking WAY MORE than 10 minutes to return
    the connection to the vCenter ….
    right now is more that hour and half ……
    Audit log showing continous “modify” …
    like every 15 or 16 seconds …. so I think is doing something
    but is is painfully slow ….
    really do not want to think what to do tomorrow with my other “BIG” cluster
    …. 12 hosts, 530 VMs ….
    more resources to the vshield Manager ?!?!?

Leave a Reply

Your email address will not be published. Required fields are marked *