vSphere provides several ways to ensure availability of your vSphere deployment with vCenter Single Sign-On.

vCenter Single Sign-On is merely an authentication component for vCenter Server. vCenter Single Sign-On protection does not provide any benefit without vCenter Server protection. Protecting one without the other does not provide an effective availability solution. The solution you choose to protect vCenter Server will provide the same protection for vCenter Single Sign-On without the additional complexity caused by including third-party technologies.

You can use a load balancer to provide high availability for vCenter Single Sign-On but not for vCenter Server. The following options vary in the level of protection afforded for vCenter Single Sign-On and vCenter Server, and in the recovery time required.

Backup and restore

Backup and restore should be an essential part of any availability solution, providing a granular recovery method, by tape, disk, or snapshot. However, the recovery time is typically measured in hours or days and requires manual intervention. Any backup solution must be independent of vCenter Server. Solutions like VMware Data Protection require an operational vCenter Server with a functioning vCenter Single Sign-On server to restore a virtual machine.

vSphere HA

vSphere HA is an industry standard for maintaining uptime of virtual machines and for detection of ESXi host failure. Also, with vSphere HA, a failed response to a configured VMware Tools heartbeat automatically reboots the virtual machine onto another operational host within the vSphere cluster. This detection usually occurs within seconds. A virtual machine can be fully rebooted within minutes, providing redundancy for vSphere host failures and virtual machine operating system crashes. vSphere HA does not have any knowledge of the application running inside the virtual machine.

vCenter Server Heartbeat

This separately licensed vCenter Server plug-in provides vCenter Server protection (physical or virtual) and can protect against failure of hosts. vCenter Server Heartbeat also adds application-level monitoring and intelligence of all vCenter Server components. vCenter Server Heartbeat is installed directly onto the vCenter Server or vCenter Server component, and replicates changes to a cloned virtual machine. The cloned virtual machine can take over when a failure event is triggered. The recovery can be accomplished by restarting the component, by restarting the entire application, or by the entire failover of the component or application to one or more paired virtual machines. Recovery time is measured in minutes.

To determine the best deployment mode for vCenter Single Sign-On availability, consider the environment that vCenter Single Sign-On will serve.

Single vCenter Server with local vCenter Single Sign-On in standalone deployment mode

In the simplest deployment of vCenter Single Sign-On for high availability, you install vCenter Single Sign-On in standalone deployment mode, local to vCenter Server, and then add the availability solution. If the single machine that hosts vCenter Server and vCenter Single Sign-On is virtual, you can place it in a vSphere HA-enabled cluster and protect it with no further configuration. If you require protection at the application level, you can use vCenter Server Heartbeat. If vCenter Server and vCenter Single Sign-On are hosted on a physical server, vCenter Server Heartbeat is the only solution for availability.

Multiple vCenter Server instances in a single location

In this environment, a dedicated, standalone vCenter Single Sign-On instance serves multiple vCenter Server instances in one physical location. If vCenter Single Sign-On is hosted on a virtual machine, you can place the standalone vCenter Single Sign-On server in a vSphere HA-enabled cluster and protect vCenter Single Sign-On with no further configuration. If you require application-level protection, you can use vCenter Server Heartbeat. vCenter Server Heartbeat is the only solution for availability if vCenter Single Sign-On is on a physical server. With either vSphere HA or vCenter Server Heartbeat, this deployment provides complete protection of the centralized vCenter Single Sign-On environment.

You can also install an additional vCenter Single Sign-On instance as a high-availability partner to the existing vCenter Single Sign-On instance and place both vCenter Single Sign-On instances behind a third-party load balancer. The load balanced vCenter Single Sign-On pair can serve as a centralized protection for vCenter Single Sign-On when multiple vCenter Server instances exist in the same geographic location.

Geographically dispersed vCenter Server instances

If your vSphere deployment includes vCenter Server instances in different locations, it is not advisable to use a remote centralized vCenter Single Sign-On environment for vCenter Server authentication. Instead, you can provide one or more vCenter Single Sign-On instances at each location. Depending on the deployment of the vCenter Server instances at each location, you can use one of the same availability strategies described above in the options "Single vCenter Server with local vCenter Single Sign-On in standalone deployment mode" and "Multiple vCenter Server instances in a single location with one vCenter Single Sign-On server."