The proposed solution is to disconnect the vCenter from the GW/Cloud and remove the subscription, then apply new license keys. А vCenter API is available for this.
Note:
- If the vCenter is disconnected, no GW changes are required.
- If the vCenter isn't subscribed to vSphere+ Cloud, then no vCenter changes are necessary either.
- Ensure downtime is taken for all the VCs that are part of a single vSphere+ Cloud gateway instance & run the script on all of the vCenter Servers to add the appropriate new licenses (available on the Broadcom Support Portal under "My Entitlements")
- Should you have any specific questions regarding specific licenses and/or entitlement, you will need to reach out to Broadcom Global Customer Assistance (GCA) for non-technical and license questions:
Steps:
- Obtain the necessary new license keys:
NOTE: These licenses are needed during the procedure below when you disconnect/unsubscribe your vCenter infrastructure from vSphere+ Cloud. During the following process, the system will transition into an unlicensed state. To avert any potential side effects, the process of adding the on-premise license keys must remain streamlined. Therefore, it is advised that on-premise license keys are procured in advance.:- The keys will be available on the Broadcom Support Portal under "My Entitlements".
or - Contact Broadcom Global Customer Assistance for questions around licensing and entitlements.
- Prepare for maintenance and possible downtime.
- Once the script is executed, the vCenter system will transition into an unlicensed state (assigned evaluation licenses valid for 60 days). To avert any potential side effects, the process of adding the on-premise license keys must remain streamlined. Therefore, it is advised that on-premise license keys are procured in advance. (see Step 1)
- Ensure we have a snapshot of the vCenter Server.
- If the vCenter Server is part of ELM, take offline snapshot of all the vCenter Servers which are part of the setup.
- Download the attached delete-subscription.sh file from the attachments section of the KB.
NOTE: Once the script is executed, the vCenter and ESXi hosts will be assigned evaluation licenses valid for 60 days. Users should add their new licenses as soon as possible.
Hosts built more than 60 days before the licensing change will disconnect from the vCenter Server between 0 seconds and one hour of the performing the script.
For any disconnected hosts: Reconnect the hosts to vCenter as needed and assign the new license key when prompted while connecting the host.
- Upload the script on the vCenter Server, preferably in /tmp
- Modify the script to be executable using the command:
chmod +x delete-subscription.sh.
- Execute the script using this syntax:
./delete-subscription.sh <vc_fqdn>
- Possible errors when running the script:
- If the error
'bash: ./delete-subscription.sh: /bin/bash^M: bad interpreter: No such file or directory' is reported when the script is run, it is caused by DOS carriage returns that are added to the script when copying the script file from a Windows-based text editor.
To resolve this problem, run the following command and then rerun the script: sed -i -e 's/\r$//' delete-subscription.sh
- If it gets an error running the script with a message of:
[priority='ERROR' thread=' ' user=' ' org=' ' trance=' ' ] Response code is: 400. Response: Bad Request., it is due to an invalid character(s) that are used in the local SSO admin password (i.e. administrator@vsphere.local).
Change the administrator password if it contains any of the following invalid characters:
- & (ampersand)
- ; (semicolon)
- " (double quotation mark)
- ' (single quotation mark)
- ^ (circumflex)
- \ (backslash)
- % (percentage)
- Power off the GW to sever the connection from GW to vCenter. This will prevent automatic re-subscription from the GW.
- Execute the application of license keys to all assets within the virtual environment from the vCenter Web UI.
- The assignment of the new licenses should happen in this order:
- Add on-premise license to vCenter.
- Add on-premise licenses to all ESXi hosts.
- Add any relevant licenses to vSAN
- Reconnect those ESXi hosts "if" they were disconnected during this process
- Delete the GW VM. Do not power it back on.
- Script will only remove the subscription of vCenter Server with vSphere+. We will need to manually remove all the CloudGateway service accounts (with prefix: CloudServicesGateway) from vCenter Server.
- Login to vCenter Server UI using your administrator SSO credentials.
- Navigate to Administration > Users and Groups > Select the domain you use for your “local SSO".
- Use the Find bar to Filter Users with CloudServicesGateway prefix. Delete the user accounts.
- Similarly Go to Administration > Global Permission > CloudServicesGateway permissions > Select the permissions > Delete.
Note:
- Users running on vSphere 7.x will need to downgrade their new licenses received as they are issued as version 8.x.
- Ensure that the newly received license keys are assigned to the VCs & ESXi hosts at the earliest as once the temp license expires, the hosts will get disconnected from the vCenter.
Fail-back Process:
In case of failure, follow below steps to roll back the change:
- Power on the cloud gateway and validate that the VCs are in connected state on cloud portal.
- In case VC goes down, power off the VCs and revert the snapshot of all the linked VCs and power them back on and re-validate the connection.
To license vSAN Witness nodes, follow the steps below:
With vSphere+, the witness nodes were recognized as ESXi hosts, and licenses were allocated to them accordingly. Therefore, after executing the script, the witness appliance is anticipated to have an evaluation license.
To resolve this issue, it will need to redeploy the witness node and re-add it to the vSAN cluster to ensure it receives the default embedded license.
Deploy Witness Node:
Deploy a new witness appliance by getting the desired Version via the following steps:
- Log into the customer portal: Customer Support Portal
- On the left side select "My Downloads"
- Select "VMware Cloud Foundation" on the upper right corner or the web page (located besides 'Account Name')
- In the Product Selection, select "VMware vSAN"
- Select the desired Version
- Select the section "Drivers & Tools"
- Look for desired Version of "VMware vSAN Witness Appliance"
- Select the arrow on the right side to expand the entry
- Download the desired Version