VMware Horizon 7 – Cloud Pod Architecture

Navigation

Planning

Cloud Pod Architecture lets you publish a single icon that load balances connections across multiple pools in multiple pods in multiple sites (datacenters).

Global Entitlements – Entitlements are the same thing as icons. When you create an entitlement (local or global), you are publishing an icon from a pool.
- For local entitlement, the icon is only published from one pool.
- For global entitlement, the icon can be published from multiple pools. The pools can be in one pod or from multiple pods.
- Don’t configure both global and local entitlements for the same pool.
- A single pool can only belong to one global entitlement.
- Horizon 6.2 and newer supports Global Entitlements for applications. However, it’s one application per global entitlement.
Pod Federation – Global entitlements can’t be created until a Pod Federation is created. This federation could be one pod or multiple pods.
- The pods can be separated into sites. A site can contain multiple pods.
Global Load Balancing – Use NetScaler GSLB or F5 GTM to connect Horizon Clients to a globally available Horizon Connection Server. The connected Horizon Connection Server then uses Global Entitlements to select a site/pod/pool.
- When a user launches a Global Entitlement, the Connection Server selects a pod based on the Global Entitlement Scoping, which can be All Sites, Within site, or Within Pod. This is from the perspective of the Connection Server the user is currently connected to. Horizon will prefer the local pod if possible.
- Users or groups can be assigned to Home Sites. Global Entitlements can be configured to prefer Home Sites over the normal site/pod selection criteria.
Dedicated Assignment – For Dedicated Assignment pools, global entitlement only helps with the initial connection. Once the user is assigned to a desktop then that desktop is always selected. Users are not automatically provided with a desktop from another site if the site containing their dedicated desktop has gone down. The desktop request will fail because the dedicated desktop isn’t available. The administrator could configure a separate Global Entitlement for the users to provide a floating desktop until such time the original site recovers. That floating entitlement should be arranged to deliver desktops from other sites as required.
Firewall Ports – The Horizon Connection Servers participating in Cloud Pod Architecture communicate with each other over TCP 22389, TCP 22636, and TCP 8472. Make sure these ports are open.
RBAC – View Administrator includes a new administrator privilege: Manage Global Sessions. The regular Administrators role has access to multiple pods. The new Local Administrators role can only manage the local pod.

Limits:

Max users = 50,000
Max Pods = 25
Max Sites = 5
Max Horizon Connection Servers = 125

Traffic flow (Rob Beekmans – VMware Horizon View Cloud Pod – unwanted routing?):

Use F5 GTM or NetScaler GSLB to connect users to a Horizon Connection Server in any pod. If active/active, use proximity load balancing to control which pod is initially accessed.
The Horizon Connection Server looks up the Global Entitlements to determine the destination pod for the Pool.
User’s PCoIP session goes through the initially connected Horizon Connection Server and across the DCI (Datacenter Interconnect) circuit to the remote pod. There’s no way to re-route Blast/PCoIP through a Horizon Connection Server in the remote pod. In fact, the Horizon Connection Servers in the remote pod are never accessed. You need sufficient DCI bandwidth to handle this Blast/PCoIP traffic.

Initialize First Pod

In View Administrator, on the left, expand View Configuration and click Cloud Pod Architecture.
On the right, click Initialize the Cloud Pod Architecture feature.
Click OK to initialize.
A status page is displayed.
Click OK to reload the client.
On the left, expand View Configuration and click Cloud Pod Architecture.
On the right, feel free to rename the federation by clicking the Edit button.
On the left, expand View Configuration and click Sites.
On the right, click the Edit button to rename the Default First Site to be more descriptive.
If you click the site to highlight it, you can Edit the Pod in the lower half to make the name more descriptive.
If you add a Replica server after global entitlements are enabled, see Setting up the Cloud Pod Architecture feature on a replicated View Connection Server instance.
See Restoring View Connection Server instances in a Cloud Pod Architecture pod federation.

Additional Pods – Join Federation

Connect to View Administrator in the 2nd pod.
On the left, expand View Configuration and click Cloud Pod Architecture.
On the right, click Join the pod federation.
Enter the name of an existing Horizon Connection Server that is already joined to the federation.
Enter credentials and click OK.
The Join status is displayed.
Click OK to reload the client.
On the left, expand View Configuration and click Sites.
If this pod is in a different site then click Add to create a new site.
Give the site a name and click OK.
Highlight the 1st site.
On the bottom, highlight the new pod and click Edit.
Rename the pod and put it in the 2nd site. Click OK.

Global Entitlements

Do not create both global and local entitlements for the same pool otherwise users might see two icons. Create the local pool, but don’t entitle it. Instead, create a Global Entitlement and add the local pool to it.

In View Administrator, on the left, expand Catalog and click Global Entitlements.
On the right, click Add.
In the Type page, select Desktop Entitlement or Application Entitlement and click Next.
In the Name and Policies page, give the entitlement (icon) a name. For Application Entitlements, it’s one entitlement per application so include the application name.
The Use home site checkbox tells the global entitlement to respect user home sites.
Change the Default display protocol to VMware Blast.
Check the box next to HTML Access.
Make other selections. Click Next.
If creating a Desktop Entitlement then there are more options.
In the Users and Groups page, add users that can see the icon. Click Next.
In the Ready to Complete page, click Finish.
Double-click the new global entitlement.
On the Local Pools tab, click Add.
Select the pools you want to add and click Add. Remember, only one app per Global Entitlement.
Go to another pod and view the Global Entitlements.
On the right, double-click the Global Entitlement.
On the Local Pools tab, click Add to add pools from this pod.

Monitoring

Once Global Entitlements are enabled, a new Search Sessions node is added to View Administrator. This allows you to search for sessions across federated pods.
The Dashboard shows the health of remote pods.

Home Sites

Horizon 7 lets you configure Home Sites from within View Administrator. For Global Entitlements, Horizon will prefer pools in the user’s Home Site before looking for pools in remote sites.

On the left, click Users and Groups.
On the right, switch to the Home Site tab and click Add.
Find a user or group for this home site and click Next.
Select the site to assign the users to and click Finish.
Home Sites can be assigned to both users and groups. User assignments override group assignments.
Each Global Entitlement can have its own Home Site configuration. Double-click a Global Entitlement, switch to the Home Site Override tab, and click Add.
Since you could have a combination of default Home Site for user, default Home Site for group, and Global Entitlement-specific Home Sites, it’s helpful to know which Home Site is effective for each user and Entitlement. On the Users and Groups page, on the Home Site tab, if you switch to the Resolution sub-tab, you can find a user name, click Look Up and see which Home Site is assigned to the user for each entitlement.