Welcome to my VMware Horizon series. In this session I will describe how I did the planning-phase. Before I can begin setting up my Horizon Lab, there are some questions that needs to be addressed:
- Horizon Version?
- Horizon Components
- Virtual machine sizing?
- Windows 10 version in VDI-image/template
- Network Design/VLAN/Isolated VLAN?
- DHCP / DNS /KMS?
- Active Directory/OU-structure etc.
Depending on what need and purchased version, we can plan what servers needs to be deployed. For instance, if we go with Horizon Standard, we will need an additional Composer server, as Instant Clones aren’t included in the Standard version.
Here is a comparison of features in the different versions: In my LAB I will go with the enterprise version due to my future plans for the LAB and my NFR License.
For a full break-down of versions vs features read this pdf from VMware: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/horizon/vmware-horizon-editions-compare-chart.pdf
Virtual Machine Sizing:
Sizing the Virtual Machines for the Connection Server is fairly easy as this is described nicely in the VMware documentation. I will address this more closely in my section about the Connection Server setup.
Sizing the VDI´s is a whole other chapter, I will instead refer to the excellent VDI Calculator from Andre Leibovici featured here:
Windows 10 version in VDI-image/template
What version are we going to use for our VDI’s? First determine Enterprise or Professional? See a comparison from Microsoft here: https://www.microsoft.com/en-us/windowsforbusiness/compare The most obvious differences as I can determine, are the integration with some Windows Defender and Analytics features. So, as far as I can determine, if we are not going for LTSC, we might just as well go with Windows 10 Professional. LTSC is only available in Enterprise. Next we have to determine, CBB or LTSC. Although its tempting in a VDI-environment to choose LTSC, be aware that the Office 365 ProPlus installations of Office is not supported by Microsoft from 14. january 2020. So, this might deter from using LTSC, as more and more companies goes over to the Office 365 model. On the other hand, if you plan to go with Microsoft Office 2019, the LTSC-version might actually be both faster and better. There are a lot of discussions out there on the web, what version to choose, but I liked Ivo Beerens blog about this topic posted here: https://www.ivobeerens.nl/2018/10/24/what-windows-10-version-for-my-vdi-desktop/ There is also another aspect to be considered when choosing version for the VDI-template, if you plan to use VMware User Environment Manager and/or AppVolumes, we have to do a compability-check towards these products as well.
Designing the network layout is only restricted by your imagination. Some customers have more complicated networks than others, but I recommend trying to keep it as simple as possible. Designing a good network-design is a multi-tier task that requires VLAN, Ip-subnetting and firewall competence. It also involves designing a functional active directory, DHCP, DNS, KMS-setup. For my initial setup the network layout will look like this:
As I’m going to be using MS Active Directory with a smart OU-structure, this also has to be taken into my plans. How will I organize the VDI’s computer-accounts in AD and how will the users settings be applied through GPO’s?
Users and groups:
I will need to create both user and groups for different usage in my Horizon setup. I have therefore created an xls-file which I will be using in my deployments. These users, service-accounts, SQL-users and groups will also be used during my setup of App Volumes, User Environment Manager, JMP etc.
The VMware Digital Workspace Topology Tool is a great place to start when designing for VMware Horizon. I used this to create my initial design and found it very helpful for describing what traffic and firewall ports needed to be in place beforehand. VMware Tech Zone has a complete and great overview here: Network Ports in VMware Horizon 7
Depending on existing antivirus/antimalware solutions running in an environment, we have to take this aspect into consideration when planning for VMware Horizon View. I know providers like Trend Micro, AVG and similar, have best-practice guides for how to configure their product in a VDI-environment. Some providers even have their own VDI-agents, created specifically for exactly these kind of scenarios. I therefore always check out these sources when planning for a VMware Horizon View setup, as a wrongly configured antivirus/antimalware agent can be the reason for poor performance and other unforseen problems.
Now, that my plans are made, I will proceed with my preparations, detailed here: VMware Horizon – Prepare
Ivo Beerens: What Windows 10 version for my VDI desktop?
Microsoft: Compare Windows 10 editions
Andre Leibovici: VDI-Calculator
Disclaimer: Every tips/tricks/posting I have published here, is tried and tested in different it-solutions. It is not guaranteed to work everywhere, but is meant as a tip for other users out there. Remember, Google is your friend and don’t be afraid to steal with pride! Feel free to comment below as needed.