VMware Horizon View

jetNEXUS ALB-X – VMware Horizon View 5.2 Deployment Guide

    Pre-requisites

    Overview

    Why jetNEXUS?

    What is a jetPACK?

    VMware View Description

    Deployment Scenarios

    View Connection Servers only

    View Security Servers only

    Troubleshooting

    Contact Us

 

 Pre-requisites

The following are general prerequisites and configuration notes for this guide:

  • It is assumed that the reader is a
    network administrator or person familiar with networking and general computer terminology
  • You must have an existing VMware Horizon View 5.2 deployment
  • This deployment guide contains configuration procedures to configure jetNEXUS ALB-X appliances only
  • Minimum  Software Version 3.53.2 (Build 1510) or later on your jetNEXUS ALB-X

 

Overview

  • The ALB-X is an Application Delivery Controller (ADC)
    sometimes referred to as a next generation load balancer.
  • The ALB-X
    provides intelligent load balancing, scalability and
    fail-over
    for VMware Horizon View Connection Servers
  • The ALB-X
    provides intelligent load balancing, scalability and
    fail-over
    for VMware Horizon View Security Servers
  • This document assumes a degree of familiarity with the ALB-X GUI. For more general information on the
    ALB-X and the GUI, please refer to the User Guide

 

Why jetNEXUS?

Layer 4 &
Layer 7 Load Balancing
Application layer server health
checks are able to detect and route around problems to eliminate downtime
Session Persistence Cookie based or IP
based session persistence. Session timers can be adjusted
Reverse Proxy jetNEXUS ALB-X can
provide Reverse-Proxy architecture, enabling secure remote client
connections to internal resources
Compression Content Compression
features improve remote client performance
SSL Offload Enables
end-to-end secure encrypted traffic between client and load balancer,
freeing the content servers from the resource hungry process of encryption
SSL Re-Encryption Enables
end-to-end secure encrypted traffic between client and internal
resources whilst still delivering acceleration and traffic
manipulation with flightPATH
flightPATH jetNEXUS ALB-X is
able to intelligently redirect clients to the correct resources
jetPACK Quick and easy
deployment using jetPACK application templates

 

What is a jetPACK?

A
jetPACK is a simple text file that you can upload to your appliance
that contains all of the configuration needed to deploy an application
such as VMware Horizon View

The jetNEXUS ALB-X can be
configured automatically with a VMware View  jetPACK template, which is fully-tuned with all of the application-specific settings that you need in order to enjoy optimised service delivery from your ALB-X
If you supply the virtual IP
address and real server IP addresses to support@edgenexus.io we will
send you a custom jetPACK that you simply upload to your jetNEXUS ALB-X
The upload can be
done via the
GUI and will result in a fully configured ALB-X within less
than 1 minute
The relevant
jetPACK can be
applied to multiple jetNEXUS ALB-X
appliances saving valuable time and eliminating simple mistakes
To download the
jetPACK please
visit  http://www.edgenexus.io/usercentral/3-55-1/jetpack.html#VMware_Horizon_View

 

VMware View Description

A VMware View deployment offers many options for securing virtual
desktops. End users can access their desktops from supported Web
browsers, laptops and a range of other devices inside or outside the
corporate firewall.

View Connection Servers:

A View Connection Server acts as a broker for client connections. View Connection Servers authenticate users through Windows Active Directory and directs the request to the appropriate virtual machine.

View Security Servers:

A View Security Server is a special instance of a View Connection Server that runs a subset of View Connection Server functions. They add an
extra layer of security and typically sit in a DMZ. Each security
server is paired with an instance of View Connection Server and
forwards traffic to that instance.

 

Deployment Scenarios

jetNEXUS ALB-X can be deployed in the following scenarios:

 

Connection Servers only – Internal Clients

The following diagram shows a typical deployment using connection servers only to support non-public connections.

Diagram 1.1

Traffic Flow:

  1. The client machine (Mac, Windows, iPad or Zero Clients) makes an
    SSL connection to the Virtual Service IP presented by the jetNEXUS
    ALB-X. PCoIP and USB redirects around the ALB-X
  2. The SSL connection is terminated on the ALB-X. The ALB-X will
    then re-encrypt the traffic, or offload the SSL and establish a
    connection to the Connection Servers
  3. After authentication, desktop entitlement and selection are
    complete, desktop connections proceed to the appropriate View Desktop
  4. The ALB-X does not proxy UDP connections in the Software Version:3.53.2 (Build 1510)

 

Creating your Virtual Service – Connection Servers with SSL Offload

Please complete the following procedures:

1. Create a Virtual Service for HTTPS

  • Navigate to the IP Services page
  • Click Add IP to add a
    blank row in top Channel Details section
  • Complete the column details as per the screen shot below
  • Note the Primary column will be blank unless you have enabled
    failover. Please see section on failover / high availability in the
    online userguide here
  • Start by double clicking on IP
    Address
    column of your blank row
  • Once complete you can TAB to the next column to edit

 

2. Add Real Servers to the Virtual Service

  • With the Destination tab
    highlighted click Add New in
    the bottom Content Servers section
  • A blank row will appear. Double
    Click
    on this row below each column starting with the IP Address column to add your servers
  • To save the server
    details click the Update button on the right hand side of this section
  • You can add additional servers with the Add New button

 

 

3. Import or Create a Certificate

Please see the userguide link here on how to create or import an SSL certificate

 

4. Set the Actions for the channel

Apply the following actions:

 

 

5. Allow HTTP Connections from jetNEXUS ALB-X

 

When SSL is offloaded to a load
balancer like jetNEXUS ALB-X, you can
configure View Connection Server instances to allow HTTP connection
from client-facing, intermediate devices. The intermediate device
(jetNEXUS ALB-X) must accept HTTPS for View Client connections. To
allow HTTP connections between View Connection Servers and jetNEXUS
ALB-X you must configure the locked properties file on each View
Connection Server Instance and security server on which HTTP
connections are allowed.
Note that even when HTTP connections are allowed View servers will continue to accept HTTPS connections also.

 

Security Servers only – External Clients

The diagram below shows the traffic flow when deploying using Security
Servers and Connection Servers. This architecture is typically used when looking to support secure
public/WAN connections.

Diagram 1.2

Traffic Flow

 

  1. The client machine (Mac, Windows, iPad or Zero Clients) makes an
    SSL connection to the Virtual Service IP presented by the jetNEXUS
    ALB-X. PCoIP and USB redirects around the ALB-X
  2. The SSL connection is terminated on the ALB-X. The ALB-X will
    then re-encrypt the traffic and establish a
    connection to the Security Servers
  3. After authentication, desktop entitlement and selection are
    complete, desktop connections proceed to the appropriate View Desktop
  4. The ALB-X does not proxy UDP connections in the Software Version:3.53.2 (Build 1510)

 

Creating your Virtual Service – Security Servers with SSL Re-Encryption

Please complete the following procedures:

1. Create a Virtual Service for HTTPS

  • Navigate to the IP Services page
  • Click Add IP to add a
    blank row in top Channel Details section
  • Complete the column details as per the screen shot below
  • Note the Primary column will be blank unless you have enabled
    failover. Please see section on failover / high availability in the
    online userguide here
  • Start by double clicking on IP
    Address
    column of your blank row
  • Once complete you can TAB to the next column to edit

 

2. Add Real Servers to the Virtual Service

  • With the Destination tab
    highlighted click Add New in
    the bottom Content Servers section.
  • A blank row will appear. Double
    Click
    on this row below each column starting with the IP Address column to add your servers
  • To save the server
    details click the Update button on the right hand side of this section.
  • You can add additional servers with the Add New button

 

 

3. Set the Actions for the channel

Apply the following actions:

 

Troubleshooting

Further help can be found on the edgeNEXUS websites

http://www.edgenexus.io/support

Usercentral

 

Contact Us

We hope you have found this Deployment Guide informative, but if you
need any clarification or further information, please do not hesitate
to get in contact with edgeNEXUS Support:

E-mail

support@jetNEXUS.com

Phone

+44 (0870) 382 5529

Blog

http://jetNEXUS.blogspot.com/

CONTACT US

We're not around right now. But you can send us an email and we'll get back to you, asap.

Sending

Log in with your credentials

Forgot your details?