So with vSphere 6.5 now GA, I decided to upgrade my lab to vSphere 6.5. In my environment, I use a vCenter with an external Platform Services Controller (PSC). So as part of the upgrade, I have to upgrade the PSC first.
When you run the UI installer provided within the VCSA 6.5 Appliance ISO, you have the option to “Upgrade” a vCenter Server Appliance or a Platform Services Controller. The installer detects the component that you are trying to upgrade and prompts for settings appropriate to that upgrade.
Container technology has been around for quite a while now. Most people would by now have heard about Docker, and a lot of people are using Docker. What about VMware Photon? What’s that? Well again, I’d say that it’s been around for a while, however while people have been raving on about Docker and the container revolution, VMware has been working on their own implementation of container technologies as well as products that utilise and integrate with existing container technologies, such as Docker. At VMworld Europe 2016, VMware announced vSphere 6.5 and one feature that has caught my attention in this release (apart from the long overdue vSphere HTML5 Client) is vSphere Integrated Containers, or simply, VIC. At the moment I’m trying to make sense of all these technologies, how (and if) they fit together and where you would want to use each one.
vSphere 6 makes managing SSL certificates a lot easier than previous releases. It ships with its own Certificate Authority, (VMCA) that issues certificates for all components on your behalf, rather than having to replace each service certificate manually, or relying on self-signed certificates. This new VMCA comes with the Platform Services Controller (PSC) that can be installed as a separate appliance, or embedded within the vCenter Server installation or Appliance.
By default, the VMCA will self-sign its own certificate to be used as a CA certificate that will sign all requests for certificates. This self-signed CA certificate can be replaced by a certificate that is signed by a 3rd party root CA or your own root CA. Any certificate signed by the VMCA, which is an intermediate CA to your root CA, can then be validated by clients with the root CA and VMCA certificates installed.