any_guy

Hello, first for the officials: How come Horizon still does not have a native configuration option to setup alerts and notifications when desktop pool statuses change or vm's error out? secondly; How do you guys monitor your Horizon Pools? The only workaround I'm aware of, is a less then optimal powershell script. A little rant; This really shouldn't have to be this difficult. We're in 2024, there's toasters and fridges that have the capabilities to setup alerting.

For the described reasons, we have HA currently turned off in our Horizon Cluster. We are mostly using Instant Clones and I'm afraid HA would cause more problems when turned on. I would also appreciate an official response on this.

Hello, this is somewhat related to: Unfortunately, I do not have the resources to set up a couple of hosts and test this. Has anyone experienced a host failure in a cluster running instant clone VMs? With vSphere HA enabled, if the VMs on the failed host are powered on a working host, will that work with Instant Clones? Specifically, will Horizon be aware that the location of those VMs has changed, or will they just go into the 'missing' state? Cheers,

Hello, so we've had a ticket open with Broadcom, Wolken and Omnissa for a while now. I'll leave out the details, but it's basically being tossed like a hot potato. The most recent steps that Wolken support wants us to undertake, is to restart the hostd and vpxa services on the hosts that are running our Horizon Environment. Now they did confirm it will not cause any downtime, however, I'm very hesitant to believe that. I know for a fact, that when restarting hostd, the host will go into 'inaccessible' mode in vCenter for 2-5 minutes. I can't see this NOT causing issues with Horizon. Anyone have experience with restarting those two services in a Horizon Environment? I'm not entirely sure why they are persisting in us restarting those services, when we already did a complete Horizon Environment sequential reboot, twice, without any impact on the issue. Cheers,

Thanks Sean! You clarified all my remaining blanks. Have an awesome weekend you all!

We had the same issue. After upgrading to the latest versions (ESXi, UAGs, Connection Servers and vCenter), the dashboard has cleared and been clean since. It might be enough to bring your UAGs and Connection Servers to the most recent version, if not already.

@Graeme Gordon Thank you for confirming!

Hello, Could anyone who has done this in prod, confirm that turning on Horizon Pod Architecture will not impact existing pools and their entitlements in any way? I have tested this in a much smaller lab, and it did not alter/impact existing pools in any way. I just want to be tripple sure that this is indeed the expected outcome, and the existing pools will keep working with no changes. Context; We want to utilize a one site pod to load balance connections across multiple pools, to reduce the user impact if/when an instant clone pool errors out for any reason and disables provisioning. Thanks!

Hi Sean, First, thanks to everyone for your input! Since we only have two UAGs, it wouldn't be a great deal for us to have N+1 Public IPs. For additional context, we are only utilizing Blast, PCoIP has been phased out in our environment. Let me try to sum it up and make sure my understanding is accurate: For the integrated HA to work, the two UAGs require the same configuration as already in place (Blast URL, etc.), plus their own NAT, i.e., one public IP per UAG, PLUS the VIP requires an additional public IP. So, that would be three public IPs in total for two UAG's The VIP is only used for the initial authentication and session management (XML API over HTTPS). The VIP moves to another UAG if the currently assigned UAG fails. Therefore, the authentication process remains up. If tunneling is not enabled, the sessions initially set up through the failed UAG should remain connected. Is the above accurate? I would like to utilize the built-in HA functionality if, when set up correctly, it is reliable. EDIT**** I geuss what I'm confused about is: https://techzone.omnissa.com/resource/load-balancing-unified-access-gateway-horizon#session-affinity-options-for-secondary-protocols Method 1 and 2 only require a single Public IP for all UAGs and the VIP? ***EDIT I'm a little concerned about your comment: "it might seem like it's working and then your users start getting disconnected randomly over time." Could you provide an example of what you have experienced in this regard? As for the internal connection servers, I'm probably going with HAProxy. Thanks again,

Hey Sean, After reviewing the information at this link, I am inclined to implement the below setup to keep it as simple as possible. However, I still have a few questions that need clarification: External Connections: Two UAGs in the DMZ behind an HAProxy LB, with each UAG connected to a different Connection Server. Internal Connections: Two internal Connection Servers behind another HAProxy LB. I understand that it is possible to use the same Connection Servers for both internal and external connections, but I prefer to separate them. Here are my questions: The diagrams in the link show only one LB in front of the UAGs. This essentially shifts the single point of failure to the LB. Is it not recommended to use two LBs to mitigate this risk? I mean, it must be, just confusing that the diagrams do not show this. We use Entra to authenticate MFA with Horizon, configured as an enterprise application. Would this setup still work if an LB is placed between the UAGs and the Connection Servers?

First; I'm not necessarily looking to load balance any of it (nice to have but not a must). I'm looking to have HA for the UAGs and the Connection Servers. I have solved the UAG HA by enabling the UAG integrated HA option, which seems to be sufficient for our environment. As for load balancing or HA enabling the Connection Servers, if possible open source. I have read up on HA Proxy and NGINX, however, It's not quite clear to me what exactly it would impact, not to have UDP traffic (HAProxy). As for NGINX, if it does not do health checks, it's not something we would consider, since HA is the leading factor here and not load balancing. Second; All our Horizon resources are in the same site. The UAG's are in a DMZ with an inbound NAT. I recall Netscaler used to have a free 'express' version. However, I can't find it anymore which suggest this is not available. anymore.

Hello everyone, I'm reaching out to gather insights on how you achieve failover capabilities for Unified Access Gateways (UAG) and Connection Servers in your environments. Specifically, I'm considering the following options: Two UAGs Behind Two Software Load Balancers: Each UAG is connected to a Connection Server. No Load Balancer: Utilizing two UAGs and DNS as a failover solution, with a short TTL and manual host entry switch when UAG A fails. The reason I'm reaching out and not defaulting to the load balancer option is due to the size of our environment, which serves fewer than 100 users. Load balancers seem like overkill in this scenario, though I'm open to considering them if no other suitable options present themselves. For those of you who are utilizing the load balancer option, which load balancer are you using? We do not have a license for NSX, so that is not an option for us. Additionally, I would appreciate hearing about any other solutions you might be using or have considered. Thank you in advance for your input!