You start the management components for the management domain in a specific order to provide the necessary infrastructure, networking, and management services before powering on the components for cloud management.

You start the management components for the management domain first. Then, you start the management components for the VI workload domains and the customer workloads.

Startup Order for the Management Domain

You the virtual infrastructure of the management domain first. Then, you start the components providing identity and access management and life cycle management to the relevant cloud management components.

You start vRealize Log Insight as early as possible to collect log data that helps troubleshooting potential issues. You also start Site Recovery Manager and vSphere Replication as early as possible to protect the management virtual machines if a disaster event occurs.

Table 1. Startup Order for the Management Domain

Startup Order

SDDC Component

1

Management ESXi hosts and vSAN *

2

 vCenter Server for the management domain *

3

vSphere Cluster Services (vCLS) virtual machines *

4

SDDC Manager *

5

NSX Manager nodes for the management domain *

6

NSX Edge nodes for the management domain *

7

vRealize Log Insight cluster
8 vSphere Replication for the management domain
9 Site Recovery Manager for the management domain

10

vRealize Suite Lifecycle Manager *

11

Clustered Workspace ONE Access *

12

 vRealize Operations Manager analytics cluster and remote collectors

13

 vRealize Automation cluster

* For information on the startup steps, see this article.

Verify the Operational State of the Management Domain

After you start up the management domain, verify that the main functionality of the management components is working according to the requirements. See the following documentation:

Start the ESXi Hosts and vSAN

You start the ESXi hosts using an out-of-band management interface, such as, ILO or iDRAC to connect to the hosts and power them on. You then exit maintenance mode for the ESXi hosts and prepare the vSAN cluster for startup.

Procedure

  1. Power on the first ESXi host in the workload domain.
    1. Log in to the first ESXi host in the workload domain by using the out-of-band management interface.
    2. Power on the ESXi host according to the hardware vendor guide.
  2. Repeat the previous step to start all the remaining ESXi hosts in the workload domain.

    This operation takes several minutes to complete.

  3. If your VMware Cloud Foundation environment has several VI workload domains, start all ESXi hosts in all VI workload domains to save time because the vSAN scan operation which takes place at ESXi startup requires some time to complete.
  4. If you are starting up the management domain, enable SSH on each management ESXi host by using the VMware Host Client.
    1. Log in to the first management ESXi host at https://<esxi_host_fqdn>/ui as root.
    2. In the navigation pane, right-click Host and, from the drop-down menu, select Services > Enable Secure Shell (SSH).
    3. Repeat the steps on the other hosts in the management domain.
  5. If you are starting up a VI workload domain, enable SSH on all hosts in the domain by using the SoS utility of the SDDC Manager appliance.
    1. Log in to the SDDC Manager appliance by using a Secure Shell (SSH) client as vcf.
    2. Switch to the root user by running the su command and entering the root password.
    3. Run this command. 
      /opt/vmware/sddc-support/sos --enable-ssh-esxi --domain domain-name
  6. Log in to the first ESXi host in the domain as root by using a Secure Shell (SSH) client.
  7. Take the ESXi host out of maintenance mode by running the command. 
    esxcli system maintenanceMode set -e false
  8. Repeat 6 and 7 on all the remaining ESXi hosts in the domain.
  9. On the first ESXi host in each vSAN cluster, run the command to prepare the vSAN cluster for starting. 
    python /usr/lib/vmware/vsan/bin/reboot_helper.py recover

    The command returns Cluster reboot/poweron is completed successfully!

  10. Verify that all hosts in the vSAN cluster are available by running the command. 
    esxcli vsan cluster get

    Look for the following strings in the output:

    • Local Node Type: NORMAL

    • Local Node Health State: HEALTHY

  11. Enable vSAN cluster member updates by running the command. 
    esxcfg-advcfg -s 0 /VSAN/IgnoreClusterMemberListUpdates

    The command returns Value of IgnoreClusterMemberListUpdates is 0.

  12. Repeat Step 10 and Step 11 for the remaining ESXi hosts in the workload domain.
  13. If you are starting up the VI workload domain, disable SSH on the ESXi hosts in the domain from the SDDC Manager appliance.
    You disable the SSH access to the ESXi hosts in the management domain after you start SDDC Manager appliance.
    1. Log in to the SDDC Manager appliance by using a Secure Shell (SSH) client as vcf.
    2. Switch to the root user by running the su command and entering the root password.
    3. Run this command. 
      /opt/vmware/sddc-support/sos --disable-ssh-esxi --domain domain-name

Start the vCenter Server Instance in the Management Domain

The management domain vCenter Server resides on the first ESXi host in the first management cluster. You log in to this ESXi host by using the VMware Host Client and start the vCenter Server virtual machine.

Note:

Start any virtual machines that are running infrastructure services like Active Directory, NTP, DNS and DHCP servers in the management domain before you start vCenter Server.

Procedure

  1. Log in to the first management ESXi host at https://<esxi_host_fqdn_for_management_domain> as root.

    When you shut down the management domain vCenter Server, you migrate its appliance to the first management ESXi host. See Shut Down the vCenter Server Instance in the Management Domain.

  2. In the navigation pane, click Virtual machines.
  3. Right-click the management domain vCenter Server, and, from the drop-down menu, select Power > Power on.

    The startup of the virtual machine and the vSphere services takes some time to complete.

  4. Log in to the management domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  5. In the Hosts and clusters inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  6. Verify the vSAN health and resynchronization status.
    1. Select the management cluster and click the Monitor tab.
    2. In the left pane, navigate to vSAN > Skyline health and verify the status of each vSAN health check category.
    3. In the left pane, navigate to vSAN > Resyncing objects and verify that all synchronization tasks are complete.
  7. Start vSphere HA on the management cluster.
    1. Select the vSAN cluster under the management domain data center and click the Configure tab.
    2. In the left pane, select Services > vSphere Availability and click the Edit button.
    3. In the Edit Cluster Settings dialog box, enable vSphere HA and click OK.
  8. Set the vSphere DRS automation level of the management cluster to automatic.
    1. Select the default management cluster and click the Configure tab.
    2. In the left pane, select Services > vSphere DRS and click Edit.
    3. In the Edit cluster settings dialog box, click the Automation tab, and, from the drop-down menu, in the Automation level section, select Fully automated.
    4. Click OK.

Start the vSphere Cluster Services

You start the vSphere Cluster Services (vCLS) virtual machines in the management domain or in a VI workload domain to provide the availability of vSphere DRS and vSphere HA to the workloads running on the clusters in the workload domain.

Procedure

  1. Log in to vCenter Server for the management or VI workload domain at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the Hosts and clusters inventory, expand the tree of the VI workload domain vCenter Server and expand the data center for the VI workload domain.
  3. Select the cluster on which vCLS must be started.
  4. Copy the cluster domain ID domain-c(cluster_domain_id) from the URL of the browser.

    When you navigate to a cluster in the vSphere Client, the URL is similar to this one:

    https://<fqdn-of-vCenter-server>/ui/app/cluster;nav=h/urn:vmomi:ClusterComputeResource:domain-c8:eef257af-fa50-455a-af7a-6899324fabe6/summary

    You copy only domain-c8.

  5. In the Host and Clustersinventory, select the vCenter Server instance for the management domain or the VI workload domain and click the Configure tab.
  6. Under Advanced Settings, click the Edit Settings button.
  7. Locate the config.vcls.clusters.domain-c(number).enabled property for the domain cluster ID from 4 and set it to true.
  8. Click Save
  9. Repeat the procedure on all clusters in the other workload domains.

Start the SDDC Manager Virtual Machine

Start the SDDC Manager virtual machine by using the vSphere Client.

Procedure

  1. Log in to the management domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the VMs and templates inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  3. Expand the Management VMs folder.
  4. Right-click the SDDC Manager virtual machine and click Power > Power on.

    This operation takes several minutes to complete.

  5. Deactivate the SSH access to the management ESXi hosts.
    1. Log in to the SDDC Manager appliance by using a Secure Shell (SSH) client as vcf.
    2. Switch to the root user by running the su command and entering the root password.
    3. Run this command. 
      /opt/vmware/sddc-support/sos --disable-ssh-esxi

Start the NSX Manager Virtual Machines

You begin powering on the NSX-T Data Center infrastructure in the management domain or in a VI workload domain by starting the three-node NSX Manager cluster by using the vSphere Client.

Procedure

  1. Log in to the management domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the VMs and templates inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  3. Power on the NSX Manager nodes for the management domain or the VI workload domain.
    1. Right-click the primary NSX Manager node and select Power > Power on.

      This operation takes several minutes to complete until the NSX Manager node becomes fully operational again and its user interface - accessible.

    2. Repeat the steps to power on the remaining NSX Manager nodes.
  4. Log in to NSX Manager for the management domain or VI workload domain at https://<nsxt_manager_cluster_fqdn> as admin.
  5. Verify the system status of NSX Manager cluster.
    1. On the main navigation bar, click System.
    2. In the left pane, navigate to Configuration > Appliances.
    3. On the Appliances page, verify that the NSX Manager cluster has a Stable status and all NSX Manager nodes are available.

Start the NSX Edge Nodes

You continue powering on the NSX-T Data Center infrastructure in the management domain or in a VI workload domain by starting the NSX Edge nodes by using the vSphere Client.

Procedure

  1. Log in to vCenter Server for the management or VI workload domain at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the VMs and templates inventory, expand the tree of workload domain vCenter Server and expand data center for the workload domain.
  3. Right-click an NSX Edge virtual machine from the edge cluster and select Power > Power on.

    This operations takes several minutes to complete.

  4. Repeat these steps to power on the remaining NSX Edge nodes.

Start the vRealize Suite Lifecycle Manager Virtual Machine

Start the vRealize Suite Lifecycle Manager virtual machine in the management domain by using the vSphere Client.

Procedure

  1. Log in to the management domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the VMs and templates inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  3. Right-click the vRealize Suite Lifecycle Manager virtual machine and select Power > Power on.

Start the Clustered Workspace ONE Access Virtual Machines

You start the three-node Workspace ONE Access cluster by using the vRealize Suite Lifecycle Manager user interface.

Procedure

  1. Log in to vRealize Suite Lifecycle Manager at https://<vrealiaze_suite_lifecycle_manager_fqdn> as vcfadmin@local.
  2. Power on the Workspace ONE Access cluster and verify its status.
    1. On the My services page, click Lifecycle operations.
    2. In the navigation pane, click Environments.
    3. On the Environments page, in the globalenvironment card, click View details.
    4. In the VMware Identity Manager section, click the horizontal ellipsis icon and select Power on.
    5. In the Power on VMware Identity Manager dialog box, click Submit.
    6. On the Requests page, ensure that the request completes successfully.
  3. Configure the domain and domain search parameters on the Workspace ONE Access appliances.
    1. Log in to the first appliances of the Workspace ONE Access cluster by using a Secure Shell (SSH) client as sshuser.
    2. Switch to the super user by running the su command.
    3. Open the /etc/resolv.conf file for editing. 
      vi /etc/resolv.conf
    4. Add the following entries to the end of the file and save the changes. 
      Domain <domain_name>
search <space_separated_list_of_domains_to_search>
    5. Repeat this step to configure the domain and domain search parameters on the remaining Workspace ONE Access appliances.
  4. In the vRealize Suite Lifecycle Manager user interface, check the health of the Workspace ONE Access cluster.
    1. In the navigation pane, click Environments.
    2. On the Environments page, in the globalenvironment card, click View details.
    3. In the VMware Identity Manager section, click the horizontal ellipsis icon and select Trigger cluster health.
    4. In the Trigger health collection dialog box, click Submit.
    5. On the Requests page, ensure that the request completes successfully.