You shut down the components of the management domain in VMware Cloud Foundation in a specific order to keep components operational by maintaining the necessary infrastructure, networking, and management services as long as possible before shutdown.

After you shut down the components in all VI workload domains, you begin shutting down the management domain.

You can shut down the management domain in two ways - by using the user interface in a manner specific to each product.

Shutdown Order for the Management Domain

Note:

If your VMware Cloud Foundation instance is deployed with the consolidated architecture, shut down any customer workloads or additional virtual machines in the management domain before you proceed with the shutdown order of the management components.

You shut down Site Recovery Manager and vSphere Replication after you shut down the management components that can be failed over between the VMware Cloud Foundation instances. You also shut Site Recovery Manager and vSphere Replication down as late as possible to have the management virtual machines protected as long as possible if a disaster event occurs. The virtual machines in the paired VMware Cloud Foundation instance become unprotected after you shut down Site Recovery Manager and vSphere Replication in the current VMware Cloud Foundation instance.

You shut down vRealize Log Insight as late as possible to collect as much as log data for potential troubleshooting. You shut down the Workspace ONE Access instances after the management components they provide identity and access management services for.

Table 1. Shutdown Order for the Management Domain

Shutdown Order

SDDC Component

1

vRealize Automation cluster

2

vRealize Operations Manager analytics cluster and remote collectors

3

Clustered Workspace ONE® Access™ *

4

VMware vRealize® Suite Lifecycle Manager ™*

5

Site Recovery Manager for the management domain

6

vSphere Replication for the management domain

7

vRealize Log Insight cluster

8

NSX Edge nodes for the management domain *

9

NSX Manager nodes for the management domain *

10

SDDC Manager *

11

vSphere Cluster Services virtual machines in the management domain *

11

vCenter Server for the management domain *

12

Management ESXi hosts and vSAN *

13

  • External services, such as DNS, NTP and DHCP servers, that are hosted on an external location

  • Physical infrastructure, such as network switches.

* For information on the shutdown steps, see this article.

Save the Credentials for the ESXi Hosts and vCenter Server for the Management Domain

Before you shut down the management domain, get the credentials for the management domain hosts and vCenter Server from SDDC Manager and save them. You need these credentials to shut down the ESXi hosts and then to start them and vCenter Server back up. Because SDDC Manager is down during each of these operations, you must save the credentials in advance.

To get the credentials, log in to the SDDC Manager appliance by using a Secure Shell (SSH) client as vcf and run the lookup_passwords command.

Shut Down the Clustered Workspace ONE Access Virtual Machines

Use the vRealize Suite Lifecycle Manager user interface to shut down the Workspace ONE Access three-node cluster that provides identity and access management services to management components that are available across VMware Cloud Foundation instances .

Procedure

  1. Log in to vRealize Suite Lifecycle Manager at https://<vrealize_suite_lifecycle_manager_fqdn> as vcfadmin@local.
  2. On the My services page, click Lifecycle operations.
  3. In the navigation pane, click Environments.
  4. On the Environments page, on the globalenvironment card, click View details.
  5. In the VMware Identity Manager section, click the horizontal ellipsis icon and select Power off.
  6. In the Power off VMware Identity Manager dialog box, click Submit.
  7. On the Requests page, ensure that the request completes successfully.

Shut Down the vRealize Suite Lifecycle Manager Virtual Machine

Shut down the vRealize Suite Lifecycle Manager virtual machine in the management domain of VMware Cloud Foundation from the vSphere Client.

Procedure

  1. Log in to the management domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the VMs and templates inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  3. Right-click the vRealize Suite Lifecycle Manager virtual machine and select Power > Shut down Guest OS.
  4. In the confirmation dialog box, click Yes.

Shut Down the NSX Edge Nodes

You begin shutting down the VMware NSX-T™ Data Center infrastructure in the management domain or in a VI workload domain in VMware Cloud Foundation by shutting down the NSX Edge nodes that provide north-south traffic connectivity between the physical data center networks and the NSX SDN networks

Procedure

  1. Log in to vCenter Server for the management or VI workload domain at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the VMs and templates inventory, expand the tree of workload domain vCenter Server and expand data center for the workload domain.
  3. Right-click an NSX Edge virtual machine for the management domain or VI workload domain and select Power > Shut down Guest OS.
  4. In the confirmation dialog box, click Yes.

    This operation takes several minutes to complete.

  5. Repeat the steps for the remaining NSX Edge nodes for the domain.

Shut Down the NSX Manager Nodes

You continue shutting down the NSX-T Data Center infrastructure in the management domain and a VI workload domain by shutting down the three-node NSX Manager cluster by using the vSphere Client.

Procedure

  1. Log in to the management domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the VMs and templates inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  3. Right-click the primary NSX manager virtual machine and select Power > Shut down Guest OS.
  4. In the confirmation dialog box, click Yes.

    This operation takes several minutes to complete.

  5. Repeat the steps for the remaining NSX Manager virtual machines.

Shut Down the SDDC Manager Virtual Machine

Shut down the SDDC Manager virtual machine in the management domain by using the vSphere Client.

Procedure

  1. Enable SSH on the ESXi hosts in the management domain by using the SoS utility of the SDDC Manager appliance.
    When you shut down these hosts, you run commands over SSH to prepare the vSAN cluster for shutdown and place each management host in maintenance mode. Because at the management ESXi shutdown SDDC Manager is already down, you must enable SSH on the hosts before you shut down SDDC Manager.
    1. Log in to the SDDC Manager appliance by using a Secure Shell (SSH) client as vcf.
    2. Switch to the root user by running the su command and entering the root password.
    3. Run this command. 
      /opt/vmware/sddc-support/sos --enable-ssh-esxi
  2. Log in to the management domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  3. In the VMs and templates inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  4. Expand the Management VMs folder.
  5. Right-click the SDDC Manager virtual machine and click Power > Shut down Guest OS.
  6. In the confirmation dialog box, click Yes.
    This operation takes several minutes to complete.

Shut Down the vSphere Cluster Services Virtual Machines

To shut down the vSphere Cluster Services (vCLS) virtual machines in a cluster in the management domain or in a VI workload domain in VMware Cloud Foundation, you put the cluster in retreat mode. The retreat mode triggers clean-up of the vCLS virtual machines.

Procedure

  1. Log in to vCenter Server for the management or VI workload domain at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the Hosts and clusters inventory, expand the tree of the VI workload domain vCenter Server and expand the data center for the VI workload domain.
  3. Select the cluster on which vCLS must be shut down.
  4. Copy the cluster domain ID domain-c(cluster_domain_id) from the URL of the browser.

    When you navigate to a cluster in the vSphere client, the URL is similar to this one:

    https://<fqdn-of-vCenter-server>/ui/app/cluster;nav=h/urn:vmomi:ClusterComputeResource:domain-c8:eef257af-fa50-455a-af7a-6899324fabe6/summary

    You copy only domain-c8.

  5. In the Host and Clusters inventory, select the vCenter Server instance for the management domain or the VI workload domain and click the Configure tab.
  6. Under Advanced Settings, click the Edit Settings button.
  7. Locate the config.vcls.clusters.domain-c(number).enabled property for the domain cluster ID from Step 4 and set it to false.

    If the property is not present, add it. The entry for the cluster cannot be deleted from the vSphere Client then. However, keeping this entry is not an issue.

  8. Click Save.

Results

The vCLS monitoring service initiates the clean-up of vCLS VMs. If vSphere DRS is activated for the cluster, it stops working and you see an additional warning in the cluster summary. vSphere DRS remains deactivated until vCLS is re-activated on this cluster.

Shut Down the vCenter Server Instance in the Management Domain

You check the vSAN cluster health and shut down the vCenter Server virtual machine from the first management ESXi host by using the VMware Host Client.

To shut down the management domain vCenter Server, it must be running on the first management ESXi host in the default management cluster.
Caution: Before you shut down vCenter Server, migrate any virtual machines that are running infrastructure services like Active Directory, NTP, DNS and DHCP servers in the management domain to the first management host by using the vSphere Client. You can shut them down from the first ESXi host after you shut down vCenter Server.

Procedure

  1. Log in to the management domain vCenter Server at https://<vcenter_server_fqdn>/ui as [email protected].
  2. In the Hosts and clusters inventory, expand the management domain vCenter Server tree and expand the management domain data center.
  3. Set the vSphere DRS automation level of the management cluster to manual to prevent vSphere HA migrating the vCenter Server appliance.
    1. Select the default management cluster and click the Configure tab.
    2. In the left pane, select Services > vSphere DRS and click Edit.
    3. In the Edit cluster settings dialog box, click the Automation tab, and, from the drop-down menu, in the Automation level section, select Manual
    4. Click OK.
  4. If the management domain vCenter Server is not running on the first ESXi host in the default management cluster, migrate it there.
  5. Verify the vSAN health and resynchronization status.
    1. Select the default management cluster and click the Monitor tab.
    2. In the left pane, under vSAN > Resyncing objects, verify that all synchronization tasks are complete.
  6. Stop vSphere HA to avoid vSphere HA initiated migrations of virtual machines after vSAN is partitioned during the shutdown process.
    1. Select the management cluster and click the Configure tab.
    2. In the left pane, select Services > vSphere Availability and click the Edit button.
    3. In the Edit Cluster Settings dialog box, deactivate vSphere HA and click OK.

    This operation takes several minutes to complete.

  7. Log in to the first management ESXi host at https://<first_esxi_host_fqdn>/ui as root by using VMware Host Client.
  8. In the navigation pane, click Virtual machines.
  9. Right-click the management domain vCenter Server and select Guest OS > Shut down.
  10. In the confirmation dialog box, click Yes.

Shut Down vSAN and the ESXi Hosts in the Management Domain or for vSphere with Tanzu

You shut down vSAN and the ESXi hosts in the management domain or in a VI workload domain with vSphere with Tanzu by preparing the vSAN cluster for shutdown, placing each ESXi host in maintenance mode to prevent any virtual machines being deployed to or starting up on the host, and shutting down the host.

In a VI workload domain with vSphere with Tanzu, the vCenter Server instance for the domain is already down. Hence, you perform the shutdown operation on the ESXi hosts by using the VMware Host Client.

Procedure

  1. For the VI workload domain with vSphere with Tanzu, enable SSH on the ESXi hosts in the workload domain by using the SoS utility of the SDDC Manager appliance.
    You enable SSH on the management ESXi hosts before you shut down SDDC Manager.
    1. Log in to the SDDC Manager appliance by using a Secure Shell (SSH) client as vcf.
    2. Switch to the root user by running the su command and entering the root password.
    3. Run this command. 
      /opt/vmware/sddc-support/sos --enable-ssh-esxi --domain domain-name
  2. Log in to the first ESXi host for the management domain or VI workload domain cluster by using a Secure Shell (SSH) client as root.
  3. For a vSAN cluster, deactivate vSAN cluster member updates by running the command. 
    esxcfg-advcfg -s 1 /VSAN/IgnoreClusterMemberListUpdates

    The command returns Value of IgnoreClusterMemberListUpdates is 1

  4. Repeat Step 2 and Step 3 on the remaining hosts in the management domain or the VI workload domain cluster.
  5. On the first ESXi host per vSAN cluster, prepare the vSAN cluster for shutdown by running the command. 
    python /usr/lib/vmware/vsan/bin/reboot_helper.py prepare

    The command returns Cluster preparation is done!

  6. Place the ESXi host in maintenance mode by running the command. 
    esxcli system maintenanceMode set -e true -m noAction

    Ensure the prompt comes back after the command is complete.

  7. Verify that the host is in maintenance mode. 
    esxcli system maintenanceMode get
  8. Repeat Step 6 and Step 7 on the remaining hosts in the management domain or VI workload domain cluster, proceeding to the next host after the operation on the current one is complete.
  9. Shut down the ESXi hosts in the management domain or VI workload domain cluster.
    1. Log in to the first ESXi host for the workload domain at https://<esxi_host_fqdn>/ui as root.
    2. In the navigation pane, right-click Host and, from the drop-down menu, select Shut down.
    3. In the confirmation dialog box, click Shut down.
    4. Repeat the steps for the remaining hosts in the management domain or VI workload domain cluster.