With a single SSO instance I get a single pane of glass for multiple vCenter servers at our primary site. Best practices state that vCenter at a remote site would be better served by another SSO server at the same site. To gain a single pane of glass, the SSO servers need to be in multi-site mode and then linked. This setup requires maintaining two SSO databases and manually syncing data between the sites. I can’t be alone in thinking that things won’t always be this way.
Is it safe to assume SSO will automatically replicate DB changes to remote sites in the future? If so, I would also assume that connecting to any linked SSO servers would allow the single pane of glass view using the web client. If this is the future, linked mode and generation 1 multi-site SSO is dead.
If my above assumptions are correct and a redesign of SSO is in our near future, the best implementation of SSO (future proof, simple upgrade path, ease of initial installation and configuration) is to create SSO using the basic installer option and then join my remote vCenter server to a single SSO at the main site (the latency is under 12ms between sites). Until SSO supports database replication, SRM, Recoverpoint, or a VM clone could be used to bring SSO up on the remote site should the primary site fail (the sites use stretched VLANs).
I’d hate to build out the multi-site linked mode design only to have it ripped out from under me in the next release. What is the general consensus?