Pages

Saturday, 8 November 2014

A Step-by-Step on How to Configure Cloud Pod Architecture in Horizon 6 with View

One of the new functionalities of VMware Horizon 6 with View is the ability to handle Global Name Space support with the new Horizon 6 feature known as Cloud Pod Architecture. This ability allows for users of your View environment to easily handle connection to their virtual desktop using a single name no matter where they reside geographically.

History:

For some of you, this may sound familiar under a different name. VMware previously termed this as both Linked Mode View and Multi-Datacenter View at one point or another. We decided upon the name Cloud Pod Architecture simply because using the best practice Pod and Block for design and configuration, Cloud Pod Architecture allowed for the global expansion of VDI pods into a cloud configuration for end users to access via one single name space no matter where they may be.

Additional Information:


Basic Steps to Setting Up Cloud Pod Architecture:

  1. Setup the 1st Connection Server and View Desktop Pools – This is just the standard setup of Horizon 6 with View.
  2. Setup the 2nd Connection Server and View Desktop Pools – This is duplicating step 1, potentially in a different location or datacenter. It should be noted, there are no requirements to make this identical in configuration to the first View Connection Server.
  3. Setup the Sites (1st and 2nd Site). 
      • Initialize the first site ONLY.
      • All other sites will be joined to the first site.
  4. Setup the Pods (1st and 2nd Pod).
  5. Add Pods to Sites.
  6. Setup your Global Pools.
  7. Add Connection Servers to Global Pools.
  8. Entitle Users to Global Pools.

Tips:

    • All configurations are done via command line from the View Connection Servers.
    • All Command Lines use the LMVUTIL.CMD file located in the “C:\Program Files\VMware\VMware View\Server\tools\bin\” folder.
    • All Command Lines Switches are case sensitive (yes, really).
NewImage

Step-by-Step Setup of Cloud Pod Architecture:

After setting up at least two View Connection Servers with desktop pools and testing them to ensure they work properly, including assigning users (or test users) to the environments, it is now time to setup the Cloud Pod Architecture feature for supporting a global name space.

Step 1. Initializing the First Pod and Connection Server

This first step is to initialize the View Connection Server in the primary pod. This makes the primary pod a master.
Run the following command on Horizon View Connection Server – 1:
Command:
lmvutil.cmd –initialize –authDomain [domainname] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –initialize –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
    • This command turns on the ability to run federated pods.
    • This command must be run once on the primary pod.
    • It can be run on any connection server in the primary pod.
    • It will automatically do LDAP configurations across the Connection Server.
    • DO NOT execute this INITIALIZE command on any other connection server in the primary or secondary pods.
    • This must only be done on one pod in the Global Pool (if this is done on other pods, then they will not be able to join the Global Pool).
    • VIPA is basically a WAN friendly inter-pod replication service – unlike others such as JMS.
    • The Global LDAP listener runs on #TCP 22389 and is a different ADAM instance.
NewImage

Step 2. Joining the Second Pod to the First Pod from the Second Connection Server

You are now going to join subsequent pods to the first pod and allow them to synchronize. This must be done from a secondary site connection server.
Run the following command on the second View Connection Server.
Command:
lmvutil.cmd –join –joinServer [primary_connection_server] –userName [domain\username] –password [password] –authDomain [AD.domain] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –join –joinServer hvcs-w8-01.corp.local –userName corp\administrator –password VMware1! –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTE: The first set of credentials authenticate to the primary connection server for synchronization and the second set of credentials authenticate to the local (secondary) connection server to execute the command.
NOTICE: This is one of the only commands which must be executed from a secondary connection server.
NewImage


Step 3. Validate Initial Pod and Connection Server Settings

Go back to the command prompt on the first View Connection Server. You must now validate the initial pod and connection server settings on the initial View Connection Server to ensure the JOIN command done in the previous step on the secondary connection server properly took affect.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –listPods –authDomain [AD.domain] –authAs [user] –authPassword [password]
Example:
lmvutil.cmd –listPods –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
    • This will list the pods which the default first site is aware of.
    • Everything is in the default first site at this point. 
NewImage

Step 4. Create the First Site

You must now organize the environment into multiple sites. To start this process, you must create the first site. This is done on the first View Connection Server.
Run the following command on the View Connection Server.
Command:
lmvutil.cmd –createSite –siteName [site name] –authDomain [AD.domain] –authAs [user] –authPassword [password]
Example:
lmvutil.cmd –createSite –siteName Site1 –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
    • A site is a logical grouping of pods.
    • No response is shown to the command. 
NewImage

Step 5. Create the Second Site

You must now create the second site. This is done on the first View Connection Server.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –createSite –siteName [site name] –authDomain [AD.domain] –authAs [user] –authPassword [password]
Example:
lmvutil.cmd –createSite –siteName Site2 –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
    • No response is shown to the command. 
NewImage

Step 6. Validate Both Sites are Created

It is important to validate both sites have been properly created to ensure a command was not mistyped.
Run the following command on the first View Connection Server to validate both sites have been created.
Command:
lmvutil.cmd –listSites –authDomain [AD.domain] –authAs [user] –authPassword [password]
Example:
lmvutil.cmd –listSites –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
    • Connection Servers will show in the “Default First Site”.
    • No Connection Servers will show in either of the defined sites (i.e. Site1 or Site2 if using the example commands). 
NewImage


Step 7. Add the First Pod to the First Site

Now you need to move the first pod into the first site you created.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –assignPodToSite –podName [POD Name] –siteName [Site Name] –authDomain [AD.domain] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –assignPodToSite –podName Cluster-HVCS-W8-01 –siteName Site1 –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
    • Naming for the pod defaults to Cluster-[first sever you created it from].
    • No response is shown to the command.
NewImage

Step 8. Add the Second Pod to the Second Site

Now you need to move the second pod into the second site you created previously.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –assignPodToSite –podName [POD Name] –siteName [Site Name] –authDomain [AD.domain] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –assignPodToSite –podName Cluster-HVCS-W8-02 –siteName Site2 –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
    • Naming for the pod defaults to Cluster-[first sever you created it from].
    • No response is shown to the command.
NewImage

Step 9. Validate Pods are Joined to Sites

You should now validate pods have been successfully moved to their respective sites.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –listSites –authDomain [AD.domain] –authAs [user] –authPassword [password]
Example:
lmvutil.cmd –listSites –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
    • The first View Connection Server should show in the pod cluster owned by the first site.
    • The second and additional View Connection Servers should show in their respective pod clusters owned by the second or additional sites.
NewImage

Step 10. Creating a Global Pool for Your Local Desktop Pools

Now you need to create the Global Entitlement or Global Pool for the Local Desktop Pool. This is the global pool which oversees all local desktop pools which will be associated.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –createGlobalEntitlement –entitlementName [Global Entitlement or Parent Pool Name] {–scope [scope] ANY, [Specific Site Name], LOCAL} {[scope options] –isFloating or –isDedicated} –authDomain [AD.domain] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –createGlobalEntitlement –entitlementName Win7Floating –scope ANY –isFloating –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
    • Scope Parameters:ANY[specific site]LOCAL
    • Pool Type:Floating = –isFloatingDedicated = –isDedicated
    • The GlobalEntitlement creates the Global Pool which then contains local pools from each site.
    • No response is shown to the command.
NewImage

Step 11. Repeat Step 10 for Additional Global Desktop Entitlements

Repeat the previous command for all Global Desktop Pool entitlements (e.g. If you have multiple desktop pools you wish for users to have global entitlements to, then run this step for each Global Desktop Pool entitlement. As an example, in this step we show creating the Global Entitlement for Win 8 Floating Desktops whereas in the previous step we showed creating Global Entitlement for Win 7 Floating Desktops.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –createGlobalEntitlement –entitlementName [Global Entitlement or Parent Pool Name] {–scope [scope] ANY, [Specific Site Name], LOCAL} {[scope options] –isFloating or –isDedicated} –authDomain [AD.domain] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –createGlobalEntitlement –entitlementName Win8Floating –scope ANY –isFloating –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
      • Scope Parameters:ANY[specific site]LOCAL
      • Pool Type:Floating = –isFloatingDedicated = –isDedicated
      • The GlobalEntitlement creates the Global Pool which then contains local pools from each site.
      • No response is shown to the command.
NewImage

Step 12. Validating the Global Pools

Now you need to validate the global pools were properly created. To do this, you need to list the global entitlements.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –listGlobalEntitlements –authDomain [AD.domain] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –listGlobalEntitlements –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
        • Each Global Entitlement will show the SCOPE value set to ANY, LOCAL, or the specific site defined.
        • Each Global Entitlement will show the DEDICATED value set to TRUE or FALSE based upon whether you defined the entitlement as Dedicated or Floating.
NewImage

Step 13. Associate Local Connection Server Desktop Pools to Global Pools

Now you need to associate the local desktop pools (also referred to as child pools) on the first View Connection Server to the GlobalEntitlement or parent pool defined in Step 10.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –addPoolAssociation –entitlementName [Global Entitlement or Parent Pool Name] –poolId [Child Pool] –authDomain [AD.Domain] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –addPoolAssociation –entitlementName Win7Floating –poolId Win7_Desktop –authDomain corp.local –authAs administrator –authPassword VMware1
NOTES:
        • Pool ID (poolId) is the View Connection Server Desktop Pool ID defined when assigning the name and ID of the desktop pool during creation.
        • View Desktop Pool IDs DO NOT need to be of the same name across View Connection Servers in order for Global Entitlement to work.
        • It is the function of this command to tie the Global Pool ID to View Connection Server Pool ID.
        • This command must be executed from the connection server containing the Pool ID in question.
        • This must be done on a site by site basis.
        • No response is shown to the command.
NewImage

Step 14. Repeat Step 13 for Additional Global Desktop Entitlements Created in Step 11

Repeat the previous command for all Global Desktop Pool entitlements created in Step 11. As an example, in this step we show associating the Global Entitlement for Win 8 Desktops whereas in the previous step we showed associating Global Entitlement for Win 7 Desktops.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –addPoolAssociation –entitlementName [Global Entitlement or Parent Pool Name] –poolId [Child Pool] –authDomain [AD.Domain] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –addPoolAssociation –entitlementName Win8Floating –poolId Win8_Desktop –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
        • Pool ID (poolId) is the View Connection Server Desktop Pool ID defined when assigning the name and ID of the desktop pool during creation.
        • View Desktop Pool IDs DO NOT need to be of the same name across View Connection Servers in order for Global Entitlement to work.
        • It is the function of this command to tie the Global Pool ID to View Connection Server Pool ID.
        • This command must be executed from the connection server containing the Pool ID in question.
        • This must be done on a site by site basis.
        • No response is shown to the command.
NewImage

Step 15. Repeat Steps 13 once for each Secondary Site Created in Step 5

Now you must associate the mirror local desktop (or child) pool to the local desktop (or child) pool which was associated in Step 13 on the first View Connection Server for the Secondary Site. This is done once for each additional Site on the secondary connection servers joined in Step 5.
Run the following command on the secondary View Connection Servers.
Command:
lmvutil.cmd –addPoolAssociation –entitlementName [Global Entitlement or Parent Pool Name] –poolId [Child Pool] –authDomain [AD.Domain] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –addPoolAssociation –entitlementName Win7Floating –poolId Win7_Desktop –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
        • Pool ID (poolId) is the View Connection Server Desktop Pool ID defined when assigning the name and ID of the desktop pool during creation.
        • View Desktop Pool IDs DO NOT need to be of the same name across View Connection Servers in order for Global Entitlement to work.
        • It is the function of this command to tie the Global Pool ID to View Connection Server Pool ID.
        • This command must be executed from the (secondary) connection server containing the Pool ID in question.
        • This must be done on a site by site basis.
        • No response is shown to the command.
NOTICE: This is one of the only commands which must be executed from a secondary connection server! Unless otherwise noted, all other commands are executed from the first (or primary) connection server.
NewImage

Step 16. Repeat Steps 14 once for each Secondary Site Created in Step 5

Now you must associate the additional mirror local desktop (or child) pools to the local desktop (or child) pools associated in Step 14 on the first View Connection Server for the Secondary Site. This is done once for each additional Site on the secondary connection servers joined in Step 5. As an example, in this step we show associating the Global Entitlement for Win 8 Desktops whereas in the previous step we showed associating Global Entitlement for Win 7 Desktops.
Run the following command on the secondary View Connection Servers.
Command:
lmvutil.cmd –addPoolAssociation –entitlementName [Global Entitlement or Parent Pool Name] –poolId [Child Pool] –authDomain [AD.Domain] –authAs [username] –authPassword [password]
Example:
lmvutil.cmd –addPoolAssociation –entitlementName Win8Floating –poolId Win8_Desktop –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
        • Pool ID (poolId) is the View Connection Server Desktop Pool ID defined when assigning the name and ID of the desktop pool during creation.
        • View Desktop Pool IDs DO NOT need to be of the same name across View Connection Servers in order for Global Entitlement to work.
        • It is the function of this command to tie the Global Pool ID to View Connection Server Pool ID.
        • This command must be executed from the (secondary) connection server containing the Pool ID in question.
        • This must be done on a site by site basis.
        • No response is shown to the command.
NOTICE: This is one of the only commands which must be executed from a secondary connection server! Unless otherwise noted, all other commands are executed from the first (or primary) connection server.
NewImage

Step 17. Verify Global Pool Membership on the First Connection Server

You now need to validate the Global Entitlement settings have been applied correctly. Note the validation command was executed once for each Global Pool Membership (in our example below, twice).
Run the following command for each Global Pool membership on the first View Connection Server.
Command:
lmvutil.cmd –listAssociatedPools –entitlementName [Global Entitlement or Parent Pool Name] –authDomain [AD.Domain] -authAs [username] –authPassword [password]
Example 1:
lmvutil.cmd –listAssociatedPools –entitlementName Win7Floating –authDomain corp.local –authAs administrator –authPassword VMware1!
Example 2:
lmvutil.cmd –listAssociatedPools –entitlementName Win8Floating –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
        • Run both commands one right after the other.
        • Note how the results only show remote associated pools.
        • This information will also show up in the View Admin Console Dashboard under the newly created “REMOTE PODS” in the System Health window.
NewImage

Step 18. Repeat Step 17 for Each Additional Global Pool Defined in Step 11

YRepeat the previous command for all Global Desktop Pool entitlements created in Step 11. As an example, in this step we show associating the Global Entitlement for Win 8 Desktops whereas in the previous step we showed associating Global Entitlement for Win 7 Desktops. Note the validation command was executed once for each Global Pool Membership (in our example below, twice).
Run the following command for each Global Pool membership on the first View Connection Server.
Command:
lmvutil.cmd –listAssociatedPools –entitlementName [Global Entitlement or Parent Pool Name] –authDomain [AD.Domain] -authAs [username] –authPassword [password]
Example 1:
lmvutil.cmd –listAssociatedPools –entitlementName Win7Floating –authDomain corp.local –authAs administrator –authPassword VMware1!
Example 2:
lmvutil.cmd –listAssociatedPools –entitlementName Win8Floating –authDomain corp.local –authAs administrator –authPassword VMware1!
NOTES:
        • Run both commands one right after the other.
        • Note how the results only show remote associated pools.
        • This information will also show up in the View Admin Console Dashboard under the newly created “REMOTE PODS” in the System Health window.
NewImage

Step 19. Entitle Users to the Global Pools

The final step for configuring Global Name Space support is the user entitlements. This can be done by AD Group or AD User. Here we will use AG Groups since that will be the most common use case.
You must do this for each group or user you wish to assign to each Global Pool. In the examples for this step we show entitling theCORP\DOMAIN USERS group to both the Win7Floating and Win8Floating pools.
Run the following command on the first View Connection Server.
Command:
lmvutil.cmd –addUserEntitlement [--userName or --groupName] ["DOMAIN\username" or "DOMAIN\Group Name"] –entitlementName [Global Entitlement or Parent Pool Name] –authDomain [AD Domain] -authAs [username] –authPassword [password]
Example 1:
lmvutil.cmd –addGroupEntitlement –groupName “corp\Domain Users” –entitlementName Win7Floating –authDomain corp.local -authAs administrator –authPassword VMware1!
Example 2:
lmvutil.cmd –addGroupEntitlement –groupName “corp\Domain Users” –entitlementName Win8Floating –authDomain corp.local -authAs administrator –authPassword VMware1!
NOTES:
        • Entitlements can be User or Group.
        • User Entitlement = –addUserEntitlement with a setting of –userName and a value of “DOMAIN\User Name”.
        • Group Entitlement = –addGroupEntitlement with a setting of –groupName and a value of “DOMAIN\Group Name”.
        • DOMAIN\User Name and DOMAIN\Group Name values must be in quotes if a space exists in the name.
        • No response is shown to the commands.
NewImage

Step 20. Validating Your Cloud Pod Architecture Configurations

Using the View Client, authenticate to either the global name space or one of the connection servers directly. You will notice you can now see all global and local entitled desktops. This includes Local VDI Desktops, Local RDS Desktops, and Global Desktop Pools (VDI or RDS).
It is also important to note, local entitlements are not needed for global entitlements to function (e.g. Users do not need to be entitled to local desktops for global desktop entitlements to function properly.
At this point, you should test various connection scenarios to get an understanding how this works and why it can be of benefit.
NOTES:
        • Disable a local desktop pool on the first View Connection Server. You should only see the Global Desktop Pool (associated to the local desktop pool) provide the VDI or RDS desktop from a secondary View Connection Server.
        • Disable a local desktop pool on a secondary View Connection Server. You should only see the Global Desktop Pool (associated to the local desktop pool) provide the VDI or RDS desktop from the first View Connection Server (or another associated secondary View Connection Server in the Global Pool).
        • Reprovision groups or users to local desktop pools on the secondary View Connection Server(s). When reconnecting the Horizon Client to your global name space, what do you see? Why or why not (hint, what does global name space resolve to)? What happens when you connect directly to secondary View Connection Server instead?
NewImage


Wrap Up and Call To Action:

This concludes the lab module on View Global Namespace Support provided by the Horizon View Cloud Pod Architecture feature.
Go and familiarize yourself with the installation of Horizon 6 with View and then take time to walk through the configuration of Cloud Pod Architecture and play with its various configurations in the Horizon 6 Introductory Hands On Lab. To access this lab directly, visit the Lab Registration Form to get started!
For more information on VMware Hands On Labs, visit hol.vmware.com and sign up!
Source:-
http://blogs.vmware.com/horizontech/2014/06/how-to-configure-cpa-step-by-step.html?src=vmw_so_vex_ragga_1012

No comments:

Post a Comment