Horizon Cloud Pod Architecture 7.1 Update

Last year with the release of Horizon 7 I wrote a blog on the new features of Cloud Pod Architecture (CPA) this included the new scale numbers. You can find that blog here.

This week VMware released Horizon 7.1 and with this release VMware has increased the scale numbers yet again for Cloud Pod Architecture.

Now with Horizon 7.1 Cloud Pod Architecture can support a maximum of 75k sessions across 5 sites.

The table below shows the new update compared with Horizon 7.0

Horizon 7 Horizon 7.1
Total Number of Sessions 50,000 75,000
Total Number of Sites 5 5
Total Number of Pods 25 25

This is yet another great update to VMware’s Horizon and Cloud Pod Architecture.

Advertisements

New Requirement for VMware Identity Manager when clustering

Recently VMware released Identity Manager 2.7 and with it there is a new requirement when clustering the Identity Manager behind a load balancer.

It is now required that you have a minimum of 3 Identity Manager Appliances with in the cluster.

The diagram below shows this minimum requirement.

Picture1
This will also help when upgrading to future version. If there is a minimum of 3 appliances then it will be possible to upgrade these appliances one at a time with out any downtime.

To upgrade with a minimum of 3 in the cluster you and simply take a single appliance out of the load balanced pool upgrade the server and then add it back to the load balanced pool. Simply do this for each appliance in the load balanced pool and not down time will be required.

Configuring VMware Identity Manager with SQL Always On

For the last few weeks I have been testing VMware Identity Manager with SQL Always On database for multi-site deployments. This has been an interesting learning curve as its been some time since I last did anything substantial with Microsoft SQL. Before I start with the VMware Identity Manager I think it is worth calling out these 2 resources that I found really useful for setting up SQL Always On in my Lab.

This is a quick intro in to SQL Always On and how to configure it

https://www.youtube.com/watch?v=VKCqRgqLAuo

This was a useful step by step guide for deploying SQL Always On

http://www.careexchange.in/installingconfiguring-sql-2014-always-on-cluster-on-windows-2012-r2-recommended-way/

Now before configuring VMware Identity Manager with an SQL Always On Database you should be aware that even though there is a database in each of the datacenter’s all Read and Writes operations will take place on the Primary database with in the Availability Group.

Screen Shot 2016-05-18 at 8.41.02 AM

From my testing I found that setting the database to automatic failover worked as expected and the database was only unavailable for a very short time less than a couple of seconds. However, I did find that when I failed the database back after an outage this took a bit more time and I would recommend that any failback is done in a much more controlled manner. In my testing fail back took about 40 seconds so a noticeable difference.

Creating the VMware Identity Manager SQL Always On Database

 

  1. Open SQL Management Studio and log in with sysadmin privileges (This should be done on the primary server)
  2. Click File – New – Query with current connection
  3. In the editor window paste the following SQL Commands
CREATE DATABASE saas

COLLATE Latin1_General_CS_AS;

ALTER DATABASE saas SET READ_COMMITTED_SNAPSHOT ON;

GO

BEGIN

CREATE LOGIN horizon WITH PASSWORD = N'H0rizon!';

END

GO

USE saas;

IF EXISTS (SELECT * FROM sys.database_principals WHERE name = N'horizon')

DROP USER [horizon]

GO

CREATE USER horizon FOR LOGIN horizon

with default_schema = saas;

GO

CREATE SCHEMA saas AUTHORIZATION horizon

GRANT ALL ON DATABASE::saas TO horizon;

GO
  1. Click Execute

Picture2

  1. The saas Database will now be created
  2. Make a Full backup of the database (This must be done before adding the database to an Always On High Availability Group)
    • Right click the database – Tasks – Back Up
  3. Add the database to the Always On High Availability Group

 

NOTE: It is also recommended to make the following changes to SQL

  • Change ‘HostRecordTTL to a lower value than the default in multi-site deployments. 120 seconds is a good value
  • Change ‘RegisterAllProvidersIP’ to false in multi-site deployments

Connect VMware Identity Manager to the SQL Database

During the install of VMware Identity Manager connect to the SQL Database using the following settings

Jdbc:sqlserver://SQLAGListener;DatabaseName=saas

  • SQLAGListener = the SQL Availability Group Listener, in the example below that is SQLProdServer
  • If the secondary SQL server is on a different subnet add the following to the jdbc string
    • multiSubnetFailover=true
      • Jdbc:sqlserver://SQLAGListener;DatabaseName=saas; multiSubnetFailover=true

Picture3

 

VMware Horizon 7 New Features

With the release of VMware Horizon 7 I thought I would try and highlight some of the new features that have now been added with this released.

Blast Extreme Protocol

With the update to Blast Extreme, VMware has upgraded the Blast Extreme protocol to the same level as PCoIP and RDP. Now not only will you be able to use the Blast Extreme protocol when connecting via HTML5, but now when you connect to a Virtual desktop or RDSH App using your Horizon client on any device you will be able to connect using the Blast Extreme protocol.

Just as with PCoIP and RDP, Horizon Administrators will be able to configure the Blast Extreme protocol as the default protocol for both desktop and application pools.

1

Blast Extreme will not only be available for standard desktop and application pools but also Global pools when configured with Cloud Pod Architecture

2

As time permits I will write another blog with more details around the new Blast Extreme protocol so watch this space

VMware Instant Clone Technology

VMware Instant Clones is the long awaited technology that is built on the VMware Fork technology that was previewed at VMworld and VMware has been working on for some time. VMware Instant Clones is helping to create the Just in Time desktop and it allows for a new virtual desktop to be created in seconds and thousands of virtual desktops to be created in a very short time. This is one of the best features of the Horizon 7 release and I believe that Horizon Administrators are going to love creating desktop pools using this new Instant Clone Technology.

For information on configuring the new Horizon Instant Clone technology see my blog here

Cloud Pod Architecture

The two main updates to Cloud Pod Architecture are Scale and Home Site improvements.

I have written two new blogs to cover these new updates you can find them below

Cloud Pod Architecture New Features

Update to How CPA Home Sites Work with Horizon 7

Smart Policies

The new Smart Policies are a way to have more granular control of what users can do when they connect to their virtual desktop or applications. With the first release of Smart Policies you will be able to manage these capabilities based on the following conditions

  • Horizon Conditions
    • View Client Info (IP & Name)
    • Endpoint location (Internal/External)
    • Tags
    • Desktop Pool name
  • Horizon Capabilities
    • Clipboard
    • Client Drive
    • USB
    • Printing
    • PCoIP bandwidth profiles

For more information on these Capabilities see my more detailed blog Here

It should be noted to use Smart Policies you will need Horizon 7 and User Environment Manager 9. You would also need the latest View Agent and Clients installed to take advantage of these new features. The other thing to note is that these policies only work with the PCoIP and BLAST Extreme protocols and not RDP.

Desktop Pool Deletion

The Desktop Pool Deletion feature is often a request from customers to make it possible to stop Administrators from deleting a desktop pool that currently has active desktops with in the pool. With Horizon 6.x and earlier it was possible that an administrator could accidentally delete the wrong desktop pool and all the VM’s with in that pool. This feature when enabled would stop that from happening.

To enable this feature follow the instructions in my blog Here

 

These are just some of the new features that have been released with Horizon 7. For a full list of the new features check out the release notes here.

I also posted this blog on VMware.com here

 

Configuring VMware Horizon Instant Clones

I have been testing VMware Horizon Instant Clones for some time now and several people have asked me how I configured instant clones as when they tried to test them either the instant clone option was grayed out or when instant clones is selected the next button is grayed out. The other issue I see is some people have issues deploying instant clones and they fail to deploy.

Below are all of the things to check when configuring View Instant Clones. One of these issues has fixed all of the question I have been asked over the last few week during testing.

Licensing

Make sure you have the correct VMware Horizon license, there is a new license that include the Instant Clone feature. If you do not have the correct license then the option will be grayed out.

View Storage Accelerator

One of the requirements for Instant Clones is to enable the View Storage Accelerator. Before you try and deploy a new Desktop pool using Instant Clones make sure you have configured the View Storage Accelorator on you vCenter server.

1

Select the vCenter Server

If you have the View Storage Accelorator enabled and you select Instant Clones but the Next option is still grayed out make sure to select the vCenter itself.

2

Configure Instant Clone Domain Admin

Make sure you configure the Instant Clone Domain Admin, this account will need to be able to add new computers to your Active Directory.

3

Horizon View 7 Agent

Make sure you install the new Horizon View 7 Agent on to the gold image. There are a couple of things here you need to know

  1. First if you want to use the gold image for View Instant Clones, then during the install of the View 7 agent you need to select this option
  2. If you do select the View instant clone during the install then you can not install the view composer option, it is one or the other
  3. Unlike with view composer with View Instant Clones it is the Agent its self that adds the VM to active directory and not a separate composer server. This make View Instant Clones much more light weight, no extra server or database is needed for View Instant Clones.

If you make sure you have checked all of these things, then I am sure that View Instant Clones will work and you will see just how fast this new option is when deploying desktops.

Final Note

One last thing to Note, you will see a number of new VM’s in your vCenter that relate to your newly deployed instance clone desktops. I have listed these below.

4

cp-template-XXXXXXXXX This is the template VM that will be used to create your Instant Clones, this will be created from your Gold Image. This will be created on the destination storage or your desktops, but under storage you will also see that it is on the same storage as your gold image. You will also notice you can not edit this VM.

cp-replica-XXXXXXXXX this is the replica that is created for your VM parents. This is created from the cp-template and is placed on the destination storage.

cp-parent-XXXXXXXXX you will see one of these for each of the servers in your cluster, so in my case you see 6 as there are 6 ESXi servers in my cluster. These are all created on the destination storage and will be powered on, each ESXi server will have 1 of these cp-parents powered on and in memory ready to create a new desktop.

Horizon 7 Desktop Pool Deletion Feature

One of the great new features in VMware Horizon 7 is the ability to stop desktop administrators from accidentally deleting a desktop pool that is currently full of active desktops. Once this feature is enabled the administrator will have to delete all of the desktops before deleting the desktop pool.

In this blog I will document how to configure the Desktop Pool Deletion feature. Before you configure this setting you should be aware that this is a global setting and as such once enabled it will be enabled for all desktop and application pools.

Follow these steps to enable the Desktop Pool Deletion feature

  1. Upgrade all Connections Servers to Horizon 6.2
    1. Note that signed Certificates are required
  2. Start the ADSI Edit utility on the View Connection Server host.2015-09-07_10-17-37
  3. In the Connection Settings dialog box, select or connect to DC=vdi,DC=vmware,DC=int
  4. In the Computer pane, select or type localhost:3892015-09-07_10-26-55
  5. Double click on the object CN=Common, OU=Global, OU=Properties2015-09-07_10-29-59
  6. Edit the pae-NameValuePair attribute
  7. Add the value cs-disableNonEmptyPoolDelete=1
  8. Click Add and OK
  9. Now when you try and delete a pool you will see the following message3

 

VMware Horizon Smart Policies

With the release of VMware Horizon 7 and User Environment Manager 9 VMware has introduced Smart Policy’s to help administrators manage their Virtual environments better and improve what users can get access to and from where.

Smart Policys can be set on the following conditions

  • View Client Info (IP & Name)
  • Endpoint location (Internal/External)
  • Horizon Tags
  • Desktop Pool name

Below is a list of the smart policy that can be set and how they can be used by the Horizon administrators.

Clipboard

  • Enable
  • Disable
  • Allow Copy from Client to Agent
  • Allow Copy from Agent to Client

Client Drive

  • Disable
  • Allow All
  • Read Only

USB

  • Enable
  • Disable

Printing

  • Enable
  • Disable

PCoIP bandwidth profiles

  • High-Speed (20 Mbps)
  • LAN (10Mbps or Higher)
  • Dedicated WAN (5Mbps default)
  • Broadband WAN (2Mbps)
  • Low-Speed (1Mbps)
  • Extremely low-speed connections (up to 500Kbps)

The following table shows when to use the best bandwidth profile and for what use cases

Description BW(Mbps) typical network typical user
1 Best User Experience(workstation) 20 LAN M&E CAD/CAM
2 Best User Experience(VDI) 10 LAN – MAN Knowledge worker, video
3 Default Setting 5 WAN Task worker, light video
4 Optimal User Experience 2 WAN Office Apps
5 Prioritize Bandwidth 1 WAN Basic Apps only
6 Minimum Bandwidth 0.5 WAN Low Data Entry

The following table shows how the PCoIP profile is tuned based on the profile selected

GPO 1 2 3 4 5 6
Max Session BW (kbps) 9000 9000 9000 5000 2000 1000
Min Session BW (kbps) 100 100 100 100 100 100
Enable BTL 1 2 0 0 0 0
Max Initial Image Quality 100 90 80 70 70 70
Minimum Image Quality 50 50 40 40 30 30
Max FPS 60 30 30 20 15 5
Max Audio Bandwidth (kbps) 1600 1600 500 500 200 90
Image Quality performance. 50 50 50 50 25 0

 

To take advantage of these new Smart Policy you will need to use Horizon 7 and User Environment Manager 9 and have the latest Horizon Agents and Clients installed. It should also be noted that these policy only work with the PCoIP and BLAST Extreme protocols and not RDP.

For information on more new feature released with Horizon 7 see the following blog

VMware Horizon 7 New Features