Deploying a Horizon Edge Gateway for Horizon 8 Environments

Horizon Cloud Service – next-gen

Introduction

Horizon 8 environments can be connected to the VMware Horizon® Cloud Service™ using the Horizon Edge Gateway. Deploying a Horizon Edge Gateway Appliance is accomplished by accessing the Horizon Universal Console, which is the administrative interface for the Horizon Cloud Service.

This guide will walk you through the steps to deploy a Horizon Edge Gateway appliance.

Horizon Edge Gateway Appliance is required to entitle your environment for use with Horizon subscription licenses, services and management features hosted in the Horizon Control Plane Services. To enable subscription license entitlement, Horizon Edge Gateway Appliance must be deployed in each Horizon Pod.

For more information on VMware Horizon® Cloud Service™ – next-gen, you can review What is Horizon Cloud Service – next-gen. All of the critical details you want to know about the service and the Service Description can be found on the VMware EULA site.

Audience

This guide is intended for IT professionals and Horizon administrators of existing production environments. Both current and new administrators can benefit from using this tutorial. Familiarity with networking and platform infrastructure (DNS, firewalls, Certificate management, and so on), Windows data center technologies such as Microsoft Azure and Active Directory is assumed. Knowledge of VMware Horizon® and Horizon Cloud Service is also helpful.

What is the Horizon Edge Gateway Appliance?

The Horizon Edge Gateway Appliance is deployed as a virtual appliance from VMware vSphere® Web Client and paired to one of the Connection Servers in the pod. As part of the pairing process, the Horizon Edge Gateway Appliance virtual appliance connects the Connection Server to the Horizon Cloud Service to manage the subscription license. With a subscription license for Horizon, you do not need to retrieve or manually enter a license key for Horizon product activation.

For more information, see VMware Horizon Cloud Service - next-gen Deployment and Onboarding.

Steps for deploying a Horizon Edge Gateway Appliance

If you are a Horizon 8 (or Horizon 7) customer leveraging a subscription-based license, you must complete the basic onboarding process to complete your license entitlement for each Horizon 8 (or Horizon 7) pod. 

Details for onboarding and your first login to the Horizon Cloud Service are outside of the domain of this guide, but are explained in the product documentation by accessing the following pages:

The steps required to prepare your environment for deploying the Horizon Edge Gateway in your Horizon 8 environment are the same, regardless of your subscription license. There are several infrastructure and networking configurations that must be set up prior to deployment. 

The general process for deploying a Horizon Edge Gateway into a Horizon 8 environment is:

Graphical user interface, application

Description automatically generated

  1. Prepare the environment and complete prerequisites.
  2. Create a Provider and configure the Horizon Edge Gateway Appliance.
  3. Download the Horizon Edge Gateway Appliance and deploy it with vCenter.
  4. Connect the Horizon Edge Gateway to the Horizon Connection Server.

Prepare the environment and complete prerequisites

To prepare for deployment, you should check that the appropriate prerequisites and environmental conditions are set. The first thing you need to do is make sure that you have all the following infrastructure details that are required to deploy a Horizon Edge Gateway Appliance.

Note: The Horizon Edge Gateway Appliance is intended to be deployed on an internal network segment. It is not hardened for DMZ or public-facing network locations. Do not deploy the Horizon Edge Gateway Appliance on an external network.

Note: The environmental prerequisites for successful deployment of the Horizon Edge Appliance are slightly different depending on your entitlement. Make sure that you are checking the appropriate list of prerequisites in the product documentation

Creating the DNS Entry

The Horizon Edge Gateway requires a DNS configuration that allows it to be resolved internally by the Horizon Connection Server and the Unified Access Gateways (UAGs) in the Horizon 8 deployment. 

Verify Line-of-sight for Horizon Cloud Service Components

Make sure that the network location where you will deploy the appliance has line-of-sight to all of the required Horizon Cloud Control Plane DNS entries. You can find a list of these DNS entries in the product documentation. The Horizon Cloud Service next-gen Edge Subnet URL checker tool can be downloaded and run from a Windows-based machine to check that all of the appropriate URLs are available. It is best practice to ensure that the machine you use to test for connectivity to Horizon Cloud Service is on the same network segment where you plan on placing the Horizon Edge Gateway Appliance.

Verify Line-of-sight for Horizon Pod Components

You also need to make sure that there are no firewalls or other network security appliances prohibiting line-of-sight between the Horizon Edge Appliance and critical Horizon Cloud, or Horizon 8 pod resources. 

For more details on setting up the prerequisites, review the following resources:

Add a Horizon 8 Edge

Assuming you have already onboarded and logged into the Horizon Cloud Service – next-gen via the Horizon Universal Console, you can deploy a Horizon Edge Gateway appliance for an existing Horizon 8 pod. The instructions for deploying a Horizon Edge Gateway appliance to your Horizon 8 pod are outlined in the product documentation. 

The following video demonstrates the process for configuring and deploying a Horizon Edge Gateway Appliance into a Horizon 8 pod.

Note: Depending on whether you are a brand new Horizon Cloud Service customer or are already using Horizon Cloud Service – next-gen to manage native Microsoft Azure-based Horizon Edge environments, the interface may look somewhat different from what is demonstrated in the video.

Deploy the Horizon Edge Gateway Appliance

To deploy the Horizon Edge Gateway OVF, you will use the OVF deployment interface from vCenter. You should collect information on the following details to prepare for the OVF deployment:

OVF Server Fields

Details

Root Password

 

Connection string / Pairing Key

 

Kubernetes Details

 

POD Network

 

Service Network

 

Public Key for CCADMIN (optional)

 

Proxy Details (optional)

 

Proxy Host

 

Proxy Port

 

No Proxy For

 

Proxy SSL

 

Proxy Username

 

Proxy Password

 

Networking Properties

 

Default Gateway

 

Domain Name

 

Domain Search Path

 

Domain Name Servers

 

Network IP Address

 

Network Netmask

 

After you have deployed the appliance and started it, it may take up to fifteen (15) minutes for all of the required services to boot, configure, and be available. If the Horizon Edge Gateway Appliance successfully connects to the Horizon Cloud Service, you will receive a visible notification in the UI that the connection was successful.

Graphical user interface, text, application, email

Description automatically generated

A demonstration of the entire OVF deployment process can be found in the following video and VMware Docs contains more information on this process.

Connect to the Horizon Connection Server

After the Pairing process has successfully completed, you must provide details on your Horizon Connection Server. This configuration is required to use with Horizon subscription licenses, services and management features hosted in the Horizon Control Plane Services.

As mentioned in Step 1, The Horizon Edge Gateway Appliance needs line-of-sight visibility so that it can communicate to the Horizon 8 Connection Server. Assuming you have configured for this prerequisite, you should be able to complete this configuration by entering the URL of the primary connection server into the configuration UI.

A screenshot of a computer

Description automatically generated

Note: If you leverage multiple Horizon Connection Servers in your Horizon pod, you only need to provide details for the primary Horizon Connection Server or the details of the load balancer. The Horizon Edge Gateway Appliance will find the other Horizon Connection Servers automatically.

After you have successfully completed the configuration, the Horizon Edge Gateway Appliance will configure the Horizon Connection Server with your license entitlement.

Graphical user interface, text, application, email

Description automatically generated

Troubleshooting

If you are having trouble getting a Horizon Edge Gateway Appliance to connect to the Horizon Cloud Service, and you have confirmed all of the prerequisites outlined in the product documentation and above, you should reach out to VMware Support for assistance. 

VMware The Horizon Edge Gateway Appliance runs the Photon OS and hosts multiple Kubernetes containers that run all of the critical functions of the appliance. VMware Support may ask you to run Kubernetes commands directly on the appliance to inspect and troubleshoot the cause of the problem.

You can leverage Putty or a similar application to open a terminal session to the appliance. You will need to leverage the Root Password that you supplied during the OVF deployment process to access the appliance. 

Check the status of containers

After you have accessed the appliance, you can use the kubectl command to inspect the operational status of the Kubernetes containers on the appliance. 

kubectl get pods -A

This command will list all of the available pods, and report on their status. Make sure that the edgedevice-deployment pod is READY, Running, and does not show any Restarts. You should also make sure that the view-cs-module-deployment pod is READY, Running, and has no Restarts.

Text

Description automatically generated

Gather Log files from individual containers

In some cases, VMware Support may ask that you gather log files from the containers for troubleshooting purposes. The process for gathering log files from a container is as follows:

  1. Run - kubectl get pods -A
  2. Note the namespace name and pod name you want the logs from.
  3. Run - kubectl -n <namespace name> logs <pod name> > <filename>
  4. Download or copy the contents of the <filename> to transfer it out of the VM or look at it using a text editor. 

For a demonstration of running the previous commands and downloading a log file, see the following video:

Summary and Additional Resources

This document covered the four main steps to deploy a Horizon Edge Gateway, including:

  1. Preparing the environment and completing prerequisites.
  2. Creating a Provider and configuring the Horizon Edge Gateway Appliance.
  3. Downloading the Horizon Edge Gateway Appliance and deploying it with vCenter.
  4. Connecting the Horizon Edge Gateway to the Horizon Connection Server.

It also covered basic troubleshooting procedures. 

Additional Resources

For more information, you can explore the following resources:

Changelog

The following updates were made to this guide:

Date Description of Changes
2023/11/15
  • Changed URL for Horizon Cloud Service next-gen Edge Subnet URL Checker where relevant
2023/05/08
  • Added Troubleshooting details plus links to new video.
  • Added detail on VMware Cloud Services onboarding.
2023/04/12
  • Guide was published.

About the Author

This guide was written by Rick Terlep, Staff EUC Technical Marketing Architect, End User Computing Technical Marketing, VMware, with contributions from:

  • Gina Daly, Technical Marketing Manager, EUC Technical Marketing, VMware

Feedback

Your feedback is valuable.

To comment on this paper, contact VMware End-User-Computing Technical Marketing at euc_tech_content_feedback@vmware.com.


Associated Content

home-carousel-icon From the action bar MORE button.

Filter Tags

Horizon Horizon Horizon Cloud Service Document Deployment Considerations Intermediate Deploy