Prepare & Setup VMware vCenter for ScaleGrid Integration

The ScaleGrid controller needs to access your VMware vCenter® in order to deploy and manage the VMs hosting your database. In this document we will take you through the steps required to prepare your vCenter for use with ScaleGrid Enterprise.

Please note that you’ll have to repeat these steps per datacenter/vCenter you plan to use.

1. Log in to your vCenter using admin credentials

For the configuration process, ensure you have admin access over your entire vCenter. Log-in to the vCenter UI or through VMware PowerCLI™ as an admin before proceeding to the next steps.

If you choose to use PowerCLI, please execute the following command:

Connect-VIServer -Server <your vCenter address> -User <your admin user name> -Password <admin password>

2. Create a dedicated inventory folder

Create a folder of 'VM and Template' type named ‘ScaleGrid’ under the root of your datacenter. All VMs deployed by ScaleGrid will be provisioned underneath this inventory folder.

You can use the following VMware PowerCLI command to create this:

(Get-View (Get-View -viewtype datacenter -filter @{"name"="$dcName"}).vmfolder).CreateFolder("ScaleGrid")

If you wish to use the UI, this vCenter doc will guide you through the process.

3. (Optional) Create a dedicated resource pool

We strongly recommend creating a dedicated resource pool for each of your ScaleGrid Cloud profiles. The resource pools doesn't need to be created directly under a compute resource - you can use whatever hierarchy suits your organization best.

The following snippet creates a resource pool named 'ScaleGridRP' directly under your chosen host, without any resource reservations.

$tgtVmHost = Get-VMHost "$tgtHostname" | Get-ResourcePool | Group-Object -Property ParentId | Sort-Object -Property {$_.Group.Count} | Select -First 1 | %{$_.Group[0].Parent}
New-ResourcePool -Name "$rpName" -Location $tgtVmHost

Please refer to the VMware Docs if you need more information on how to create resource pools. For optimal performance, please set up appropriate resource reservations on your resource pools.

4. Create the ScaleGrid Admin Role

We recommend creating a dedicated role for ScaleGrid Administration, and assign the role to users based on your requirements. If you need a refresher on the permissions model, please refer to the VMware documentation.

The ScaleGrid Admin requires the following privileges:

CategoryPrivilegesUsed to
DatastoreAllocate space
Browse datastore
Low level file operations
Remove file
Update virtual machine files
Update virtual machine metadata
Create and backup database machines
GlobalCancel taskCancel operations in the event of unexpected failures
Host.InventoryModify ClusterSet up VM/VM anti-affinity rules on DRS-enabled clusters. This ensures primary and secondary VMs of the same deployment are not hosted on the same hypervisors
NetworkAssign networkCreate database machines
ResourceAssign virtual machine to resource poolCreate database machines
vAppView OVF environment
vApp application configuration
vApp properties are used to pass information to guest-os
Virtual Machine.Change ConfigurationAllCreate and scale database machines
Virtual Machine.Edit InventoryAllCreate and backup database machines
Virtual Machine.Guest operationsAllCreate the base ScaleGrid template
Virtual Machine.InteractionBackup operation on virtual machine
Configure CD media
Connect devices
Defragment all disks
Drag and drop
Guest operating system management by VIX API
Install VMware Tools
Pause or Unpause
Perform wipe or shrink operations
Power off
Power on
Create VM template, Rolling Jobs that require VM stop/start
Virtual Machine.ProvisioningAllow disk access
Allow file access
Clone template
Clone virtual machine
Create template from virtual machine
Customize guest
Deploy template
Mark as template
Mark as virtual machine
Modify customization specification
Promote disks
Read customization specifications
Create base template, create VMs, backup
Virtual Machine.Snapshot ManagementAllBackup of database machines

If you are using PowerCLI, you can download the and execute the createScaleGridAdminRole.ps1 script. Alternatively, you can create the role from the vCenter UI - please refer to the vCenter documentation for further information.

5. (Optional) Create a dedicated user account for use with ScaleGrid

We strongly recommend creating a dedicated user account for use with ScaleGrid Enterprise. If you are using SSO, please refer to this document on how to add users. Or if you are using local users, refer here.

6. Assign ScaleGridAdmin role on resources

You must assign the ScaleGridAdmin role on the following resources, with “Propagate to Children” set to true.

  • The ‘ScaleGrid’ Folder you created in Step-2
Get-Folder ScaleGrid | New-VIPermission -Principal '<domain>\<user-name>' -Role 'ScaleGridAdmin' -Propagate $true
  • All the resource pools in which you will deploy database VMs
Get-ResourcePool <your-resource-pool-name> | New-VIPermission -Principal '<domain>\<user-name>' -Role 'ScaleGridAdmin' -Propagate $true
  • All the datastores in which you will deploy database VMs’ disks
  • All the datastores where you will store your database backups
Get-Datastore <your-datastore> | New-VIPermission -Principal '<domain>\<user-name>' -Role 'ScaleGridAdmin' -Propagate $true
  • Any network (or port group) you will use for your database VMs
Get-VirtualNetwork <your-network-resource> | New-VIPermission -Principal '<domain>\<user-name>' -Role 'ScaleGridAdmin' -Propagate $true

You must also assign the ScaleGridAdmin role on the following resources, with “Propagate to Children” set to false.

  • Any cluster that you wish to use to host your database VMs
Get-Cluster <your-cluster-name> | New-VIPermission -Principal '<domain>\<user-name>' -Role 'ScaleGridAdmin' -Propagate $false

Please refer to the VMware documentation for details on how to assign permissions for inventory objects via the UI.

7. Assign permissions for customization specs

If you wish to create SQL Server® deployments, the ScaleGrid user needs to be able to read and modify customization specs. Since customization specs are located outside of datacenter objects, these permissions need to be assigned at the vCenter root level (above datacenter).
Please create a new role with only the following permissions (or you can use the ScaleGridAdmin role):

  • Virtual Machine > Provisioning > Read Customization Specififications
  • Virtual Machine > Provisioning > Modify Customization Specififications

Then assign it at the vCenter level without propagate (i.e. Propagate to Children = false).
Please refer to this document for more details.

8. Assign ReadOnly role at the root-level

You must assign the built-in read-only role to the ScaleGrid user at your vCenter root level with Propage to Children set to true.

This is required for ScaleGrid UI to function properly, as well as to locate the ScaleGrid Template in the inventory, when deploying new database machines.

What’s Next

And that’s it - you’re now ready to create a VMWare Cloud Profile.