Horizon Lab Manual

Introduction

We do have a working Horizon environment. You are using it to jump on the Workshop SDDC. This Horizon environement is running on our BU SDDC. In this Lab we will conect you Student SDDC vCenter to this existing Horizon environment to rollout Desktops. You can then see the new created pool. Hold in mind. Only one of the Students per SDDC can do this task.

What is Horizon on VMware Cloud on AWS

VMware Horizon® 7 for VMware Cloud™ on AWS delivers a seamlessly integrated hybrid cloud for virtual desktops and applications. It combines the enterprise capabilities of the VMware Software-Defined Data Center, delivered as a service on AWS, with the market-leading capabilities of VMware Horizon for a simple, secure, and scalable solution. You can easily extend desktop services to address more use cases such as on-demand capacity, disaster recovery, and cloud co-location without buying additional data center resources.

Simplify Public and Hybrid Cloud Management

For customers who are already familiar with Horizon 7 or have Horizon 7 deployed on premises, running Horizon 7 on VMware Cloud lets you leverage a unified architecture and familiar tools. You can simplify management for Horizon 7 deployments using on-premises infrastructure and VMware Cloud on AWS with Cloud Pod Architecture (CPA) by linking cloud deployments in different regions, or by linking on-premises deployments to VMware Cloud on AWS deployments. This means that you use the same expertise and tools you know from VMware vSphere® and Horizon 7 for operational consistency, and leverage the rich feature set and flexibility you expect from Horizon 7

Configuring SDDC Firewall Rules

If not done already in the previous lab please also create the Firewall rule for the Management Gateway so you can access the vCenter.

Compute Gateway Firewall Rules

Like the Management NSX Edge Services Gateway. By default, the Compute NSX Edge Services Gateway is also set to deny all inbound and outbound traffic. You need to add additional firewall rules to allow access to your workload VMs which you provision in the VMware Cloud on AWS platform. <!–
#### Create Firewall Rule under Compute Gateway

  1. Under Network tab, navigate to Compute Gateway
  2. Expand Firewall Rules
  3. Click ADD RULE

Follow the same process as in the previous step and create Horizon Inbound and Outbound Firewall Rule following these instructions: Just to hold it easy use the Any Any rule.

  1. Name - Horizon
  2. Action - Allow
  3. Source - Any
  4. Destination - Any
  5. Service - ANY
  6. Click SAVE button. –>

##Cretea a Logical Network

For our Horizon Lab we prepared several machines like AD, Hoirzon Connections Server, Unified access gateway and the Goldenmaster Image. The AD, Horizon Connection Server, UAG and Goldenmaster Image will be deployed in a 192.168.20.0/24 subnet. Therefore we need to create this network first.

Create a Logical Network

  1. Once you are logged in to your vCenter Server Click on Menu
  2. Select Global Inventory Lists
  3. Click on Logical Networks in the left pane
  4. Click on the Add button
  5. Name your New Logical Network Horizon#-LN (where # is your student number)
  6. Select the Routed Network radio button
  7. For CIDR Block enter 192.168.20.0/24

  8. Enter 192.168.20.1 for the Default Gateway IP
  9. Make sure DHCP is disabled
  10. Click OK to create your new logical network

Subscribed Libraries

You subscribe to a published library by creating a subscribed library. You can create the subscribed library in the same vCenter Server instance where the published library is, or in a different vCenter Server system. In the Create Library wizard you have the option to download all the contents of the published library immediately after the subscribed library is created, or to download only metadata for the items from the published library and later to download the full content of only the items you intend to use.

To ensure the contents of a subscribed library are up-to-date, the subscribed library automatically synchronizes to the source published library on regular intervals.

You can also manually synchronize subscribed libraries. You can use the option to download content from the source published library immediately or only when needed to manage your storage space.

Synchronization of a subscribed library that is set with the option to download all the contents of the published library immediately, synchronizes both the item metadata and the item contents. During the synchronisation the library items that are new for the subscribed library are fully downloaded to the storage location of the subscribed library.

Synchronization of a subscribed library that is set with the option to download contents only when needed synchronizes only the metadata for the library items from the published library, and does not download the contents of the items. This saves storage space. If you need to use a library item you need to synchronize that item. After you are done using the item, you can delete the item contents to free space on the storage. For subscribed libraries that are set with the option to download contents only when needed, synchronizing the subscribed library downloads only the metadata of all the items in the source published library, while synchronizing a library item downloads the full content of that item to your storage. If you use a subscribed library, you can only utilize the content, but cannot contribute with content. Only the administrator of the published library can manage the templates and files.

In the subscribed content library you will find the Golden Master Image that you need to use for the deploymend of new desktops with the help of horizon

  1. Click on Menu
  2. Click on Content Libraries

Subscribe to an existing Content Library

You may already have a Content Library in your on-premises data center, you can use the Content Library to import content into your SDDC.

  1. In your Content Library window, click the + sign to add a new Content Library.
  2. Name your Content Library Student#-HorizonGM where # is the number assigned to you
  3. (Optional) Enter some notes for your Content Library
  4. Click Next button

  5. Select Subscribed content library
  6. Under Subscription URL enter the following:

https://vcenter.sddc-34-216-241-49.vmc.vmware.com:443/cls/vcsp/lib/6f0bc23f-3157-4fb5-a4c4-2f3f180b8d8d/lib.json

PLEASE NOTE THAT THERE MAY BE AN ISSUE WITH DROPPING/ADDITION OF CHARACTERS FOR THE URL WHEN COPYING AND PASTING FROM THE MANUAL.ASK YOUR INSTRUCTOR IN THE EVENT YOU CANNOT LOCATE IT.
  1. Ensure Download content is set to when needed
  2. Click Next
  3. Highlight the WorkloadDatastore as the storage location
  4. Click Next
  5. Click Finish. Your content library should take about ~20 minutes to complete syncing.

Now that we have subscribed to the Conten Library we can deploy the Horizon Infrastructre:

  1. Click on Menu
  2. Click on Content Library
  3. Click on the content library you subscribed to in the previus lab
  4. Click on Templates

Create your Active Directory VM

  1. Right Click on the VMCWINDC01 and choose New VM from this Template….
  2. Give it the same the name VMCWINDC01
  3. As location click on Workloads
  4. Click on Next
  5. Select Compute-ResourcePool and click Next
  6. Click next
  7. Select WorkloadDatastore and click next
  8. Select the network you created in privious LAB Horizon#-LN
  9. Click next and finish

Create Horizon Server VM

  1. Right Click on the HZ-76-WS and choose New VM from this Template….
  2. Give it the same the name HZ-76-WS where # is put your student ID in
  3. As location click on Workloads
  4. Click on Next
  5. Select Compute-ResourcePool and click Next
  6. Click next
  7. Select WorkloadDatastore and click next
  8. Select the network you created in privious LAB Horizon#-LN
  9. Click next and finish

Create your Golden Master Image

With Horizon 7.6 we do have the option to also do Instant Clones. For this lab we prepared two Golden Master Images. The first one is for Instant Clones with the Name W10-LTBS-1607-IC, the second one is for Full Clones. You can decide to either go for Full clones or use Instant Clones. We suggest to do instant clones cause it is much faster to rollout this desktops.

  1. Right Click on the W10-LTBS-1607-IC Template and choose New VM from this Template….
  2. Give it the same the name W10-LTBS-# where # is put your student ID in
  3. As location click on Templates
  4. Click on Next
  5. Select Compute-ResourcePool and click Next
  6. Click next
  7. Select WorkloadDatastore and click next
  8. Select the network you created in privious step for 192.168.20.0/24 Horizon#-LN
  9. Click next and finish

##Power on the new created VM’s

  1. Power on the VM VMCWINDC01
  2. Launch the Web Console
  3. Sign in with corp\vmcws1 and password VMware1!

##Power on the new created VM’s

  1. Power on the VM HZ-76-WS
  2. Launch the Web Console
  3. Sign in with corp\vmcws1 and password VMware1!

Wait about 10 minutes until all services are runnig. In the meantime jump create the UAG VM

Create UAG VM

  1. Go back to your vCenter web Client
  2. Right click on the compute ressource pool
  3. click on deploy ovf template
  4. Select Local Files
  5. Click Choose Files
  6. Go to Z://Horizon/ and select euc-unified-access-gateway-3.3.0.0-8539
  7. Click Open
  8. Click next
  9. Click next
  10. Click next
  11. Select Single NIC
  12. Click next
  13. Select Destination Network for all three networks Horizon#-LN
  14. Following Settings need to be done:

  15. Click Finish
  16. Wait until the new created UAG VM is powered on.
  17. Open you browser and go to : https://192.168.20.73:9443
  18. Click on Import Settings
  19. Brwose to ** z://horizon/…
  20. Click Import
  21. Login agian to https://192.168.20.72/9443
  22. choose the right side configure manually and click select
  23. Click on Edge Services Settings show
  24. Tunnel, BLAST,UDP Tunnel Server, HORIZON DESTINATION Server have to be GREEN

Now we will request a public IP adress. We will use this public IP adress to access the Horizon infrastructre afterwards. Please go back to VMC console in your browser. Go to the network tab.

  1. Scroll down to Compute Gateway and request a new public ip.
  2. Please note this public IP.
  3. Click on NAT
  4. Click on ADD NAT RULE
  5. Under Description type Horizon Desktop
  6. Public IP your requested IP
  7. Service **HTTPS(TCP 443)
  8. Public Ports 443
  9. Internal IP 192.168.20.73
  10. Click SAVE
  11. Check the Firewall Rule you previous created. -> ANY ANY ANY

Now we have to create a Snapshot on the Golden Master Image. Cause Instant Clones are working with snapshots.

  1. Right click on W10-LTBS-1607-IC
  2. Click on Snapshot
  3. Take a Snapshot
  4. type a name 1.0 for example
  5. Click OK

If decision made to go for Full Clones in the previous step we need to create a windows customization spec for the Full Cones that we will use in Horizon for creating a bunch of VM’s and those will be directly placed in the Active Directoy.

Create a Windows Customization Spec

  1. Click on Menu
  2. Click Policies and Profiles
  3. Click on create
  4. Type a Name Windows
  5. Click Next
  6. Type Owner name VMC Owner organization VMC click Next
  7. Check that Use the virtual machine name is selected
  8. Do not use a product key next
  9. Type Password VMware1!
  10. Click next
  11. Click next
  12. Click next
  13. Select Windows Server domain and type corp.local under username vmcws# where # is please chose your ID and your studen password
  14. Click Finish

Create your SDDC vcenter as an enpoint in the existing Horizon environment

That you can create desktops in your SDDC we need to implement your Student SDDC vCenter into the existing Horizon infrastructure.

  1. Please open a Browser and navigate to : “https://192.168.20.70/admin”
  2. enter student username and passworsd
  3. click Log In

You now can see the Dashboard / manin page of the Horizon Connection Server. This is the place where we will be working the next hour

  1. Click on the left site on Servers:

  2. Click on vCenter Servers Add
  3. type in server adress “this is the ip adress of your student vcenter” for example 54.72.217.99
  4. type in username and password / “cloudadmin@vmc.local and the password from cloudadmin of your student vcenter”
  5. you can find your cloudadmin password by going back to the VMC tab in your browser.
  6. if you had filled in the fields: server adress, user name and password click next
  7. you will get a promt Invalid Certifcate Detected
  8. Click on View Certficate and Accept
  9. On View Composer settings check Do not use View Composer click Next
  10. Please verfiy that Enable View Storage Accelerator is NOT selected
  11. Click next
  12. Click Finish

Deploy Desktop Pool

Now as we have the vCenter as an Endpoint in Horizon we can start deploying Desktops.

  1. On the Horizon Connection Server admin console on the left site you can click on Desktop Pools
  2. Select Automated Desktop Pool and click on Next
  3. Select Dedicated and click next
  4. you will get a promt “More Information” click Ignore
  5. Select Full virtual machines and select your Student vCenter with your student vCenter IP
  6. Type under ID: Studen-# Display name Stunden-# and select Access group WS1 under Description Stundent # click next Note # is your student ID
  7. On Desktop Pool Settings under Remote Settings click Remote machine Power Policy and select Always powered on click next
  8. scroll down and select HTML Access click next
  9. Under “ use a naming pattern” enter studen-# click next
  10. Select Use VMware Virtual SAN

Now we need to select your GM Image which you converted to a Template

  1. Click on Browse and select your Golden Master Image for example W10-LTSB-1 click OK

If you cant see any template here it might be that you forgot to convert the VM into a Template. As we are working with full clones we have to have a Template. This will change in the future when we will work with Instant Clones.

  1. Click browse on VM folder location and select Workloads click OK
  2. Click browse on host and cluster and select the cluster click OK
  3. Click browse next to Ressource pool and select Compute-ResourcePool click OK
  4. Click browse next Storage and select WorkloadDatastore click OK
  5. Verify all fields do have entries and click next
  6. On Advanced Storage Options don’t select anything just click next
  7. Select Use this customization specification: and select your customization policy click netx
  8. Check all settings and click Finish

Ckeck if the desktops get created

  1. Go back to your vCenter and see if the cloning starts. This could take up to 5 minutes

Updated:

Leave a Comment