Deploy Clustered Workspace ONE Access
Instance Using vRealize Suite Lifecycle Manager
To provide identity and access management services to the cross-instance SDDC
components, you create a global environment in
vRealize Suite Lifecycle Manager
in which you deploy a 3-node clustered Workspace
ONE Access
instance.- In a web browser, log in tovRealize Suite Lifecycle Managerwith thevcfadmin@localuser by using the user interface (https://<vrslcm_fqdn>).
- On theMy Servicespage, clickLifecycle Operations.
- On theDashboardpage, clickCreate environment.
- On theCreate environmentpage, configure the settings and clickNext.SettingValueInstall Identity ManagerSelectedDefault passwordglobal-env-adminDatacenterSelect the cross-instance datacenter.JSON configurationDeactivatedJoin the VMware customer experience improvement programSelected
- On theSelect productpage, select the check box forVMware Identity Manager, configure these values, and clickNext.SettingValueInstallation typeNew installVersionSelect a version.vRealize Suite Lifecycle Managerwill only display supported versions.Deployment typeCluster
- On theAccept license agreementspage, scroll to the bottom and accept the license agreement, and then clickNext.
- On theCertificatepage, from theSelect certificatedrop-down menu, select theClustered Workspace One Certificate, and clickNext.
- On theInfrastructurepage, verify and accept the default settings, and clickNext.
- On theNetworkpage, verify and accept the default settings, and clickNext.
- On theProductspage, configure the deployment properties of clustered Workspace ONE Access and clickNext.
- In theProduct propertiessection, configure the settings.SettingValueCertificateWorkspace One AccessNode sizeMedium (vRealize Automation recommended size)Admin passwordSelect thexint-wsa-adminDefault configuration admin emailEnter a default email.Default configuration admin user nameconfigadminDefault configuration admin passwordSelect thexint-wsa-configadminSync group membersSelected
- In theCluster VIP FQDNsection, configure the settings.SettingValueFQDNEnter the FQDN of theNSXload balancer virtual server for clusteredWorkspace ONE Accessinstance.Locker certificateClusteredWorkspace ONE AccessCertificateDatabase IP addressEnter the IP address for the embedded Postgres database.The IP address must be a valid IP address for the cross-instance NSX segment.
- In theComponentssection, configure the three cluster node.SettingValue for vidm-primaryValue for vidm-secondary-1Value for vidm-secondary-2VM NameEnter a VM Name for vidm-primary.Enter a VM Name for vidm-secondary-1.Enter a VM Name for vidm-secondary-2.FQDNEnter the FQDN for vidm-primaryEnter the FQDN for vidm-secondary-1.Enter the FQDN for vidm-secondary-2.IP addressEnter the IP Address for vidm-primary.Enter the IP Address for vidm-secondary-1.Enter the IP Address for vidm-secondary-2.
- For each node, click advanced configuration and clickSelect Root Password.Selectxint-wsa-rootand clickSave.
- On thePrecheckpage, clickRun precheck.
- On theManual validationspage, select theI took care of the manual steps above and am ready to proceedcheck box and clickRun precheck.
- Review the validation report, remediate any errors, and clickRe-run precheck.
- Wait for all prechecks to complete withPassedmessages and clickNext.
- On theSummarypage, review the configuration details. To back up the deployment configuration, clickExport configuration.
- To start the deployment, clickSubmit.TheRequest detailspage displays the progress of deployment.
- Monitor the steps of the deployment graph until all stages becomeCompleted.