Overview
vCenter Enhanced Linked Mode was introduced in vSphere 6.0 and allows you to link multiple vCenters (up to a maximum of 15) to a single SSO domain. This is a great feature as it means you only need to log into one vCenter to manage any resource on all vCenters (ie single pane of glass), and you only need to configure users or add a license once, and it replicates across all vCenters in the SSO domain.
Configuring Enhanced Linked Mode
You can only configure Enhanced Linked Mode during Stage 2 of a vCenter deployment. During the Setup phase, you can choose to create a new, or join an existing SSO domain. If you are joining an existing SSO domain on an existing vCenter, this is when Enhanced Linked Mode is configured. You cannot join an enhanced Linked Mode domain on an already configured vCenter..
Replication
vCenters that are in an Enhanced Linked Mode configuration typically replicate their data every 30 seconds, but it can be longer if no changes need replicating.
Data that is replicated includes Roles and Global Permisssions, Certificates, Licences, Tags and Storage Policies
Replication Database path: /storage/db/vmware-vmdir/data.mdb
Replication Log path: /var/log/vmware/vmdird/vmdird-syslog.log
Troubleshooting
On occasion you may need to troubleshoot replication. For proper guidance you'll probably want to raise a support ticket to be on the safe side, but the following information will help you see what's happening behind the scenes, and may help pinpoint any issues.
This troubleshooting section assumes you are running the VCSA instance of vCenter, version 6.7 and later.
The following commands are all run via SSH to the vCenter appliance. Once logged in, type shell to reach the bash shell
You may first wish to view the replication log for clues
cat /var/log/vmware/vmdird/vmdir-syslog.log | less
Various commands for checking replication partners, configuration and status
When running showpartner status, ensure Changes behind is showing 0, also check for either missing vCenters, or extra vCenters that should not be there. The output of these commands should help you build up a picture of your replication configuration and status.
/usr/lib/vmware-vmdir/bin/vdcrepadmin -f showservers -h localhost -u administrator
/usr/lib/vmware-vmdir/bin/vdcrepadmin -f showpartners -h localhost -u administrator
/usr/lib/vmware-vmdir/bin/vdcrepadmin -f showpartnerstatus -h localhost -u Administrator
/usr/lib/vmware-vmafd/bin/dir-cli nodes list
/usr/lib/vmware-vmdir/bin/vdcadmintool » option 6
/usr/lib/vmware-vmafd/bin/dir-cli state get (should be Normal see VMwareKB if Standalone)
/usr/lib/vmware-vmafd/bin/vmafd-cli get-ls-location --server-name localhost
Remove an unwanted Replication partner
(eg to remove vc-site1 as a partner of vc-site3, run the following from vc-site3 vCenter)
cmsso-util unregister --node-pnid vc-site1.vmwarelab.local --username administrator@vsphere.local
Comments