The VSAN Witness Host is a virtual appliance that is deployed into an existing vCenter server. When deploying a 2 node or stretched cluster, the witness appliance acts as a tie breaker to determine which node(s) are still available in the event the nodes lose communication with each other. The witness The witness is deployed just like any other virtual appliance, but will require access to the management network and the network you’ve designated as your VSAN network. This appliance must be run OUTSIDE your VSAN cluster. This means that you cannot add this host as a member of the existing VSAN cluster and you also should not run it as a virtual appliance inside your existing VSAN cluster.
1. Choose the cluster that will host the appliance. Click on “File” then “Deploy OVF Template”
2. Browse to select the .OVA file and click “Next”
3. Review the details of the appliance and click “Next”
4. Review the license agreement and click “Accept” followed by “Next”
5. Enter the name of the Witness Appliance and its location then click “Next”
6. Choose the appropriate size of the appliance and click “Next”
a. As this is a test, I’m choose the “Tiny” size. You can ignore the disk component requires for any size. As this is a virtual appliance, it will deploy the appropriately sized drives that will designated as SSD and spinning disl
7. Choose the provisioning type and click “Next”
a. This is appliance is being deployed to a separate VSAN cluster than the one it will be acting as the witness for. This appliance can be deployed on shared storage, local storage, or another VSAN datastore.
8. Choose the appropriate networks for management and witness (VSAN). In this deployment, management lives on the “VM Network” and witness (VSAN) traffic is on the “VM-VSANnetwork”. This network is shared with the vMotion network and just needed an additional VM Portgroup created on each of the hosts in the cluster where this appliance is being deployed. Click “Next”
9. Enter a root password for this appliance. Remember, this is a host that you will need to login to in order to administer so if there is a standard root password that you use it would be a good idea to use that here. Click “Next”
10. Review the deployment settings and then click “Finish”
11. Once deployed, you will need to configure the appliance like any other host. Power on the appliance and open the console, press F2 and login as root with the password you assigned in step 9
12. Scroll to “Configure Management Network” and press “Enter”
13. Ensure the Network Adapter assigned to your management network is “vmnic0”
a. Set a VLAN (if necessary) for the management network, then assign your IPv4 and/or IPv6 settings for the management network to make it accessible on your network. Assigned DNS as needed as well. Press “ESC” and then press “Y” to configure settings and restart the management network
14. Once the host can communicate on the network, add it as a new host in vCenter.
a. Remember that this host should not be part of your VSAN cluster or any other cluster. It should be a standalone host in your datacenter.
15. Select the host in the vCenter client and configure networking for it. Locate the “witnessSwitch” and click “Properties”
16. Select the “witnessPg” and click “Edit”
17. On the “IP Settings” tab, enter the IP and subnet mask for the VSAN traffic network. Click “OK” at the bottom”
18. Once you have confirmed that network settings are successful, login to the vSphere web client and navigate to the VSAN cluster to be configured
19. Click the “Manage” tab, then choose “Fault Domains & Stretched Cluster” under “Virtual SAN”
20. In the “Streteched Cluster” box click “Configure”
21. Name the fault domains and place the hosts into the appropriate fault domain. This is a 2 node cluster with 1 host in each fault domain. Click “Next”
22. Locate the VSAN witness appliance host that was added to this vcenter and click “Next”
23. Choose the flash drive for and the HDD for cache and capacity and click “Next”
24. Review the settings and click “Finish”
25. Once completed, you will now see the status of the stretched cluster as “Enabled”, the preferred fault domain and the designated witness host.