Options
Tricky vShield Manager Situation
jibbajabba
Member Posts: 4,317 ■■■■■■■■□□
We have an environment which we need to clear up.
We have one vCenter Server which is used to manage three sites.
Each site has a vCloud infrastructure. Now the problem we have now is that the infrastructure is not really supported.
Each vCenter should only have one vShield Manager - we got three.
So
vCenter
- Site 1
-- vCloud Director
-- vShield Manager
- Site 2
-- vCloud Director
-- vShield Manager
- Site 3
-- vCloud Director
-- vShield Manager
As I say - this is a non-supported scenario and we need to consolidate our vShield Manager as only one vShield Manager per vCenter is supported.
I have been in contact with VMware and it seems there is no easy way to re-point the deployed Edges to a new vShield Manager without re-creating the Org Networks.
Given the infrastructure is massive, this is not really an (easy) option.
Now I wonder, ignoring this environment. How would you recover from a failed vShield Manager - my thought is -whilst you can't move Edges easy to other Manager, what happens if a vShield Manager dies - surely you must be able to recover from this scenario without having to re-create all the networks in order to re-point the Edges to the newly deployed vShield Manager ?
I hope that makes sense and someone here has some experience with it
We have one vCenter Server which is used to manage three sites.
Each site has a vCloud infrastructure. Now the problem we have now is that the infrastructure is not really supported.
Each vCenter should only have one vShield Manager - we got three.
So
vCenter
- Site 1
-- vCloud Director
-- vShield Manager
- Site 2
-- vCloud Director
-- vShield Manager
- Site 3
-- vCloud Director
-- vShield Manager
As I say - this is a non-supported scenario and we need to consolidate our vShield Manager as only one vShield Manager per vCenter is supported.
I have been in contact with VMware and it seems there is no easy way to re-point the deployed Edges to a new vShield Manager without re-creating the Org Networks.
Given the infrastructure is massive, this is not really an (easy) option.
Now I wonder, ignoring this environment. How would you recover from a failed vShield Manager - my thought is -whilst you can't move Edges easy to other Manager, what happens if a vShield Manager dies - surely you must be able to recover from this scenario without having to re-create all the networks in order to re-point the Edges to the newly deployed vShield Manager ?
I hope that makes sense and someone here has some experience with it
My own knowledge base made public: http://open902.com 