VMware vCenter Server

VMware vCenter Server provides centralized management of vSphere environments and simplifies day-to-day tasks, greatly improving administrative management of the environment.

Advantages

• Quickly analyze and troubleshoot problems with detailed vSphere and infrastructure information at the heart.
• Improve IT responsiveness by proactively managing your vSphere environment with fast initialization, automated virtual machine load balancing, and ready-to-use automation workflows.
• Scale to meet the needs of the most demanding production environments with support for up to 10,000 virtual machines.

General information

VMware vCenter Server is a versatile management point for VMware vSphere environments. vCenter Server provides unified management of all data center nodes and virtual machines from a single console. vCenter Server enables administrators to improve control, simplify day-to-day tasks, and reduce the complexity and cost of managing their IT infrastructure.

Principles of work

VMware vCenter Server provides several critical components that combine to provide a scalable virtual infrastructure management center for your organization. Management servers serve as the central management points for nodes and virtual machines, and resource and performance data are stored in the database. The vCenter agent provides communication between the node and the management server. Administrators can connect to the vCenter server through the vSphere client from any Windows PC or use the vCenter Web Access portal for remote access using any web browser.

Roles and rights are replicated across all management servers. This gives administrators the ability to manage multiple vCenter servers from the same console, and the search engine helps them quickly find virtual machines, nodes, or any other hierarchy objects that may be in the enterprise anywhere.

Main opportunities

• Centralized management and full visual control at each level of virtual infrastructure
• Real-time monitoring of dynamic virtual elements. vCenter Server provides complete information about all virtual elements and related physical components, including server hardware, shared storage, and network. Use alert and event triggers to facilitate environment monitoring, diagnostics, and troubleshooting.

Administrators can use a visual representation of links between physical servers, virtual machines, network, and storage with dynamic topology maps that support validation of vSphere settings. vCenter Server monitors the efficiency and availability of virtual machines and other virtual infrastructure elements, such as resource pools, providing detailed statistics and graphs that are viewable in real time.

• Custom alert triggers. vCenter Server can create automatic notifications and alerts and run automated workflows to troubleshoot or prevent problems.
• Simplified navigation and hierarchy search. Use global search to access all resources in multiple vCenter servers from vCenter, including virtual machines, hosts, data warehouses, and networks. The enhanced user interface provides more convenient navigation.

VMware Proactive Management vSphere

• Quick initialization and simplified patch management. Creating new virtual machines or hosts using a wizard or template takes minutes and minimizes errors and downtime, and ensures compliance with configuration standards. Ease of use for virtual machine and host patches with vCenter Update Manager, and standardize and validate site settings through site profiles.
• Dynamic provisioning to meet SLAs. vCenter Server continuously monitors the use of components in resource pools using VMware DRS, which provides intelligent migration of virtual machines from one site to another without downtime or any impact on the implementation of a service level agreement. The result is a self-managed, optimized, and efficient IT environment with automatic load balancing. If excess power appears in the virtual machine resource pool, VMware Distributed Power Management (DPM) puts hosts on standby. This saves power without affecting service level agreements.
• Automation of workflows. vCenter Server includes vCenter Orchestrator, a powerful orchestration engine that simplifies management with the ability to automate more than 800 tasks using ready-to-use workflows or processes assembled by dragging in a special interface.
• Availability of VMware vCenter Server. The Service Control Panel displays the status of the vCenter components. This enables administrators to quickly identify and resolve infrastructure management issues. VMware vCenter Server Heartbeat (license purchased separately) provides increased availability, more complete data on all components of vCenter Server, and failover of the management server and database over the LAN or WAN to the standby server.

Scalability and expandability

• Large-scale management. vCenter Server was developed from the very beginning to interact with the largest IT environments. One instance of vCenter Server 4.0 can manage 300 nodes and 3000 virtual machines, and with Linked Mode from a single console, you can manage 1,000 nodes and 10,000 virtual machines on 10 instances of vCenter Server.
• Open architecture. The vCenter APIs and.NET extension allow integration between vCenter Server and other tools, as well as support for custom plug-ins for the vSphere client. This protects your investment and gives you the freedom to choose how to manage your environment.

2021: Troubleshooting CVE-2021-21972 and CVE-2021-21973

On February 24, 2021, VMware announced that it thanked Positive Technologies expert Mikhail Klyuchnikov for helping to eliminate two vulnerabilities in vCenter Server. This platform is designed to centrally manage and automate VMware vSphere, a key product in today's data centers. IDC estimates that the company occupies up to 80% of the virtual machine market.

VMware vCenter Server

According to the company, the most dangerous vulnerability belongs to the Remote Code Execution class, which as of February 2021 is one of the most significant threats according to the OWASP classification. The possibility of remote execution of code on the server in 100% of cases leads to a hack of the resource. The error received ID CVE-2021-21972 and a score of 9.8 on the CVSS v3 scale. A problem was detected in the vSphere Client functionality.

The main threat in the context of this vulnerability is internal attackers who have overcome the protection of the network perimeter using other methods (social engineering, web vulnerabilities, etc.) or have access to the internal network using previously installed backdoors. In 2020, the study "Results of External Pentests - 2020" was published, according to which 93% of companies managed to get inside the network perimeter and get access to local network resources by Positive Technologies specialists.

Although more than 90% of VMware vCenter devices are located entirely inside the perimeter (Positive Technologies Analytical Service Assessment), some of them are available remotely. According to threat intelligence monitoring by Positive Technologies, the number of VMware devices available from the Internet and containing the CVE-2021-21972 vulnerability vCenter as of February 2021 worldwide exceeds 6 thousand. A quarter of such devices are in the United States (26%). This is followed by Germany (7%), France (6%), China (6%), Great Britain (4%), Canada (4%), Russia (3%), Taiwan (3%), Iran (3%), Italy (3%).

In our opinion, the RCE vulnerability in vCenter Server can be no less a threat than the sensational vulnerability of Citrix (CVE-2019-19781). The error allows an unauthorized user to send a specially generated request, which will later allow him to execute arbitrary commands on the server. After this opportunity, the attacker can develop an attack, successfully advance through the corporate network and gain access to the data stored on the attacked system (information about virtual machines, about system users, etc.). If access to vulnerable software is from a wide area network, then this will allow an external attacker to overcome the external perimeter of the organization and also gain access to confidential information. Once again, the vulnerability is dangerous, as it can be used by any unauthorized user. told by Mikhail Klyuchnikov

Another vulnerability (CVE-2021-21973 with a rating of 5.3) allows an unauthorized user to send requests on behalf of the server being attacked. This error can help the attacker develop further attacks. In particular, using these disadvantages, it is possible to scan the internal network of the organization and receive information about open ports of various services.

Positive Technologies experts recommend that you must install updates from the vendor, as well as remove vCenter Server interfaces from the perimeter of organizations, if they are there, and in the internal network - allocate them to a separate VLAN with a limited access list.

To resolve vulnerabilities, you must also follow the guidelines provided in VMware's official notification. Earlier, Positive Technologies expert Yegor Dimitrenko discovered a high-risk vulnerability in VMware vSphere Replication data replication.

2020: vCenter Server 7.0.0b

On June 25, 2020, it became known that VMware released the vCenter Server 7.0.0b.

VMware vCenter Server 7.0.0b

Changes and additions to vCenter Server 7.0.0b marked by the developer:

• Alerts: vCenter Server 7.0.0b received another alert for vCenter Server Appliance that is triggered when the replication state changes to READ_ONLY. The alarm is extinguished if the state returns to Normal. This alert detects replication problems between sites vCenter on one or more sites.
• With vCenter Server 7.0.0b, you can use the "Show only rollup updates" button to filter and select patches that the user wants to include in the baseline for vSphere Lifecycle Manager. The button is available on the Updates tab of the Lifecycle Manager panel. This option is also available in the New Baseline Wizard.
• Resolved several problems and fixed some errors. You can view information about them in VMware's Release Notes.^[1]
• Updated VMware vSphere with Kubernetes engine.^[2]

2015: vCenter Server Appliance 6.0 Release

The vCSA deployment will now require an ISO image that can be downloaded directly from the vSphere Web Client. The virtual module itself is deployed from the OVF package, you will need to install Client Integration Plug-in.

From the point of view of the vCenter itself, a new Platform Services Controller (PSC) service appears, replacing the existing Single Sign-On services. If the SSO was previously part of the vSphere and was updated only with the platform, now the PSC can be updated separately (for example, if new authentication sources have appeared or errors have been fixed).

vCenter Server Appliance Installation Window, 2015

Platform Services Controller can be allocated for each vCenter service, and several vCenter services can use one dedicated PSC (this mode is called External PSC).

• Supports most vCenter features for Windows. vCSA supports the following features:

• Full Hardware version 11 support.

• Built-in and configured DBMS vPostgres (supported as external base). Oracle

• Native replication instead of Microsoft ADAM.

• Replication of policies and tags in Linked Mode.

• Patch Portal Upgrades

Support not implemented

• VMware Update Manager
• Microsoft SQL Server
• SQL Server Migration Tools to vPostgres

2013

vCenter 5.1 Update 1c

On October 17, 2013, VMware announced the release of the update - vCenter 5.1 Update 1c. Build 1364037.

In this assembly, the functionality is not expanded, only errors are corrected.

VMware vCenter Server Summer Upgrade

VMware vCenter Server Enhancements

• vCenter Single Sign-On server 5.5 - updated mechanism of single authentication services.

The new version of VMware Unified Product Authentication now provides enhanced and new support for the following components:

• vSphere
• vCenter Orchestrator
• vSphere Replication
• vSphere AppHA (new product to be announced on VMworld)
• vCloud Director
• vCloud Networking and Security (vCNS)

In addition, SSO can now use the Micrsoft SQL Server database directly under the account of the machine where it is launched.

• vSphere Web Client - thin client enhancement. Mac OS X is now fully supported for access to vSphere Web Client 5.5, and Firefox and Chrome browsers are also fully supported.

Significant improvements were made to the interface and usability: support for the Drag and drop mechanism appeared, new filters for the withdrawal of infrastructure objects appeared, convenient access to the last used objects was organized. Also made improvements in the response time of the interface, it became possible to manage a large number of objects.

vCenter Server Appliance Enhancements

The virtual module for managing virtual infrastructure has been significantly redesigned and now uses vPostgres database with support for up to 500 VMware vSphere hosts and 5,000 virtual machines.

New App HA vSphere mechanism for monitoring application availability

If you used VM Monitoring to detect the inaccessibility of an individual VM and restart it in the event of a failure, then you can now monitor the availability of individual applications with agent tools written with VMware vSphere Guest SDK.

vSphere App HA supports:

• Microsoft SQL 2005, 2008, 2008R2, 2012
• Tomcat 6.0, 7.0
• TC Server Runtime 6.0, 7.0
• Microsoft IIS 6.0, 7.0, 8.0
• Apache HTTP Server 1.3, 2.0, 2.2

• The Affinity Rules of the mechanisms vSphere HA and vSphere DRS are for the VM-VM bundle.

If VMware HA had previously ignored the machine hosting rules set in DRS in the event of a VM failure and recovery on hosts, it now takes these rules into account for co-location or incompatible VM hosting when restoring them.

• vSphere Big Data Extensions - extensions for Big Data (Hadoop).

Notes