Hello and long time no posts. I have been very busy and frankly not a huge fan of blogging myself, but I assume you know that.
I have been working with the Horizon Cloud product lately (formerly known as Horizon Air) and the capabilities of adding compute capacity into Microsoft Azure. Yes you read this correctly, you can leverage your Azure subscription or credits to add Horizon Cloud desktop and application compute in.
What does this really mean?
VMware Horizon Cloud has a unified web management for all cloud based desktops and application farms or pools along with user and group entitlements. Horizon Cloud allows you to choose which “data center” or “cloud” that your compute capacity resides in. This could be Horizon Cloud data centers, Azure or on-premise and we call this the Horizon Cloud control plane. Or as VMware documentation states:
Horizon Cloud is a control plane that VMware hosts in the cloud. This cloud service enables the central orchestration and management of remote desktops and applications in your Microsoft Azure capacity.
VMware is responsible for hosting the service and providing feature updates and enhancements for a software-as-a-service experience.
The cloud control plane also hosts a common management user interface referred to as the Horizon Cloud Administration Console, or Administration Console for short. The Administration Console runs in industry-standard browsers and provides IT administrators a single location for management tasks involving user assignments and the virtual desktops, remote desktop sessions, and applications. The Administration Console is accessible from anywhere at any time, providing maximum flexibility.
For on-premise or Azure, Horizon deploys an object called the Horizon Cloud Node which is responsible for the “cloud or datacenter” connectivity to the Horizon Control plane for management. This is an out going connection from the Horizon node to the Horizon Cloud web management. For Azure the node is auto deployed and is responsible for the provisioning and brokering of users to Horizon resources, such as session desktops or hosted applications. Or as VMware documentation states:
A Horizon Cloud node, or node for short, has a physical regional location in a Microsoft Azure cloud. In the node deployment wizard, you select where to place the node, according to the regions available for your particular Microsoft Azure subscription. You also select an existing virtual network (vnet) that the node will use in your selected region.
You can deploy more than one node and manage all of them from the Horizon Cloud Administrator Console. The nodes you deploy after the first one can reuse the same vnet as your first node or use different vnets. Also, each node can be in a different Microsoft Azure region, using a vnet in that region.
The node deployment process automatically creates a set of resource groups in your Microsoft Azure capacity. Resource groups are used to organize the assets that the environment needs,
The concept and infrastructure is very easy to understand. Look at the graphic below and you will notice that Active Directory from on-premise or hosted as an AD server in Azure is connected to a VNET or network in your Azure environment. VMware Horizon Cloud will create 3 subnets on a VNET network automatically for you. One for management, one for desktops/servers and one for external remote access as a DMZ leveraging VMware Unified Access Gateway (access points, UAG). The Horizon Node connects to the Horizon Cloud plane and has access to the Azure marketplace and permissions to deploy/create/delete VMs as requested from the Horizon administrator.
Horizon leverages a VM image, clones it as a Base VM and then provisions plus sysprep and adds that new VM to the requested Farm for capacity.
An enduser leverages the Horizon Client or HTML browser to access the Horizon Desktops and Apps by connecting to the Unified Access Gateway in the DMZ or via an MPLS/VPN connection between your site and the Azure instance. All entitlements leverage your Active Directory Service that is defined as part of the setup.
I will be posting a few more articles around the how to gather the pre-reqs and a PoC deploy walk-through over the next several days.
In the meantime more information can be found on VMware.com
Overview on VMware.com
Plan & Design
Horizon Cloud on Microsoft Azure Data Sheet
Install & Configure