Prepare & Setup VMware vCenter for ScaleGrid Integration
The ScaleGrid controller needs to access your VMware vCenter® in order to deploy and manage the VMs hosting your database. In this document we will take you through the steps required to prepare your vCenter for use with ScaleGrid Enterprise.
Please note that you’ll have to repeat these steps per datacenter/vCenter you plan to use.
1. Log in to your vCenter using admin credentials
For the configuration process, ensure you have admin access over your entire vCenter. Log-in to the vCenter UI or through VMware PowerCLI™ as an admin before proceeding to the next steps.
If you choose to use PowerCLI, please execute the following command:
Connect-VIServer -Server <your vCenter address> -User <your admin user name> -Password <admin password>
2. Create a dedicated inventory folder
Create a folder of 'VM and Template' type named ‘ScaleGrid’ under the root of your datacenter. All VMs deployed by ScaleGrid will be provisioned underneath this inventory folder.
You can use the following VMware PowerCLI command to create this:
$dcName="<your-datacenter-name>"
(Get-View (Get-View -viewtype datacenter -filter @{"name"="$dcName"}).vmfolder).CreateFolder("ScaleGrid")
If you wish to use the UI, this vCenter doc will guide you through the process.
3. (Optional) Create a dedicated resource pool
We strongly recommend creating a dedicated resource pool for each of your ScaleGrid Cloud profiles. The resource pools doesn't need to be created directly under a compute resource - you can use whatever hierarchy suits your organization best.
The following snippet creates a resource pool named 'ScaleGridRP' directly under your chosen host, without any resource reservations.
$tgtHostname="<your-host-name>"
$rpName="ScaleGridRP"
$tgtVmHost = Get-VMHost "$tgtHostname" | Get-ResourcePool | Group-Object -Property ParentId | Sort-Object -Property {$_.Group.Count} | Select -First 1 | %{$_.Group[0].Parent}
New-ResourcePool -Name "$rpName" -Location $tgtVmHost
Please refer to the VMware Docs if you need more information on how to create resource pools. For optimal performance, please set up appropriate resource reservations on your resource pools.
4. Create the ScaleGrid Admin Role
We recommend creating a dedicated role for ScaleGrid Administration, and assign the role to users based on your requirements. If you need a refresher on the permissions model, please refer to the VMware documentation.
The ScaleGrid Admin requires the following privileges:
| Category | Privileges | Used to |
|---|---|---|
| Datastore | Allocate space Browse datastore Low level file operations Remove file Update virtual machine files Update virtual machine metadata | Create and backup database machines |
| Global | Cancel task | Cancel operations in the event of unexpected failures |
| Host.Inventory | Modify Cluster | Set up VM/VM anti-affinity rules on DRS-enabled clusters. This ensures primary and secondary VMs of the same deployment are not hosted on the same hypervisors |
| Network | Assign network | Create database machines |
| Resource | Assign virtual machine to resource pool | Create database machines |
| vApp | View OVF environment vApp application configuration | vApp properties are used to pass information to guest-os |
| Virtual Machine.Change Configuration | All | Create and scale database machines |
| Virtual Machine.Edit Inventory | All | Create and backup database machines |
| Virtual Machine.Guest operations | All | Create the base ScaleGrid template |
| Virtual Machine.Interaction | Backup operation on virtual machine Configure CD media Connect devices Defragment all disks Drag and drop Guest operating system management by VIX API Install VMware Tools Pause or Unpause Perform wipe or shrink operations Power off Power on Reset Suspend | Create VM template, Rolling Jobs that require VM stop/start |
| Virtual Machine.Provisioning | Allow disk access Allow file access Clone template Clone virtual machine Create template from virtual machine Customize guest Deploy template Mark as template Mark as virtual machine Modify customization specification Promote disks Read customization specifications | Create base template, create VMs, backup |
| Virtual Machine.Snapshot Management | All | Backup of database machines |
If you are using PowerCLI, you can download the and execute the createScaleGridAdminRole.ps1 script. Alternatively, you can create the role from the vCenter UI - please refer to the vCenter documentation for further information.
5. (Optional) Create a dedicated user account for use with ScaleGrid
We strongly recommend creating a dedicated user account for use with ScaleGrid Enterprise. If you are using SSO, please refer to this document on how to add users. Or if you are using local users, refer here.
6. Assign ScaleGridAdmin role on resources
You must assign the ScaleGridAdmin role on the following resources, with “Propagate to Children” set to true.
- The ‘ScaleGrid’ Folder you created in Step-2
Get-Folder ScaleGrid | New-VIPermission -Principal '<domain>\<user-name>' -Role 'ScaleGridAdmin' -Propagate $true
- All the resource pools in which you will deploy database VMs
Get-ResourcePool <your-resource-pool-name> | New-VIPermission -Principal '<domain>\<user-name>' -Role 'ScaleGridAdmin' -Propagate $true
- All the datastores in which you will deploy database VMs’ disks
- All the datastores where you will store your database backups
Get-Datastore <your-datastore> | New-VIPermission -Principal '<domain>\<user-name>' -Role 'ScaleGridAdmin' -Propagate $true
- Any network (or port group) you will use for your database VMs
Get-VirtualNetwork <your-network-resource> | New-VIPermission -Principal '<domain>\<user-name>' -Role 'ScaleGridAdmin' -Propagate $true
You must also assign the ScaleGridAdmin role on the following resources, with “Propagate to Children” set to false.
- Any cluster that you wish to use to host your database VMs
Get-Cluster <your-cluster-name> | New-VIPermission -Principal '<domain>\<user-name>' -Role 'ScaleGridAdmin' -Propagate $false
Please refer to the VMware documentation for details on how to assign permissions for inventory objects via the UI.
7. Assign permissions for customization specs
If you wish to create SQL Server® deployments, the ScaleGrid user needs to be able to read and modify customization specs. Since customization specs are located outside of datacenter objects, these permissions need to be assigned at the vCenter root level (above datacenter).
Please create a new role with only the following permissions (or you can use the ScaleGridAdmin role):
- Virtual Machine > Provisioning > Read Customization Specififications
- Virtual Machine > Provisioning > Modify Customization Specififications
Then assign it at the vCenter level without propagate (i.e. Propagate to Children = false).
Please refer to this document for more details.
8. Assign ReadOnly role at the root-level
You must assign the built-in read-only role to the ScaleGrid user at your vCenter root level with Propage to Children set to true.
This is required for ScaleGrid UI to function properly, as well as to locate the ScaleGrid Template in the inventory, when deploying new database machines.
Updated over 2 years ago
And that’s it - you’re now ready to create a VMWare Cloud Profile.