View Only
  • 1.  vCenter HA

    Posted Jan 22, 2024 06:43 AM

    To fulfill 3 node pre-requisite to enable vCenter HA, is the DMZ cluster node can be use to act as a witness node? 

    In my environment i have only 2 node in DMZ cluster, another 2 node in Internal Database cluster. By using a solely purpose vCenter of heatbeat datastore and heartbeat network will it raise any security concern?

    DMZ will be about my webserver, and internal was my database.



  • 2.  RE: vCenter HA

    Posted Jan 22, 2024 08:42 PM

    Hmm. I think you still need to find 3rd host.

  • 3.  RE: vCenter HA

    Posted Jan 23, 2024 01:32 AM

    Hi Maksym, 

    Does it mean by adding internal host as witness node will allow data or packet or database expose on risk?


    Because even all ESXi already exist in the same vCenter datacenter just different cluster? Btw is this datacenter recommended?

  • 4.  RE: vCenter HA

    Broadcom Employee
    Posted Jan 23, 2024 11:44 AM

    Yes, you can have the witness in a completely different datacenter/cluster. Only the ports 22 and 8182 has to be open between all the nodes. 5432 between the active and passive nodes.