When designing a vSphere 6.0 environment with multiple vCenter servers you will - in most cases - end up with the need to deploy external Platform Services Controllers (PSCs). If you are unsure what topology to choose then you should take a look at the
PSC Topology Decision Tree that was recently published by VMware. It will guide you to the topology that suits your requirements best.
Since the PSC hosts the critical Single-Sign-On (SSO) component a specific requirement is to make an external PSC highly available so that you are still able to log on to vCenter even if one PSC fails. Currently the only supported way to implement a seamless automatic failover from a failing PSC to another one is to put multiple PSCs (of the same SSO domain and site) behind a load balancer. The process of properly configuring the load balancer and the vCenter servers behind it is quite complex, so most people refrain from it and just deploy a secondary PSC to that they manually re-point the vCenter servers if the primary one should fail (as per
KB2113917). But this is a manual process (although it can of course be automated as William Lam explained in
this post) and it takes a restart of all vCenter services during which vCenter will be unavailable.
This is why I wanted to try out in the lab how complicated it really is to implement load balanced PSCs and how well they work. However, I did not have a
supported load balancer available in the lab - currently only
Citrix Netscaler, the
F5 BIG-IP and VMware's own
NSX-v are officially supported for vSphere 6.0. All quite expensive options and no quick and easy deployments. So I decided to try my luck with
the standard Open Source load balancer:
haproxy. It turned out that this works very well and can be implemented quite quickly. Here is how: