Deploying a Horizon Edge Gateway for Horizon 8 Environments

Introduction

Omnissa Horizon 8 environments can be connected to the Omnissa Horizon® Cloud Service™ using the Horizon Edge Gateway. Deploying a Horizon Edge Gateway Appliance for Horizon 8 deployments on vSphere is accomplished by accessing the Horizon Universal Console, which is the administrative interface for the Horizon Cloud Service.

Horizon Edge Gateway Appliance is required to entitle your environment for use with Horizon subscription licenses, services and management features hosted in the Horizon Control Plane Services. To enable subscription license entitlement, Horizon Edge Gateway Appliance must be deployed in each Horizon Pod.

This guide will walk you through the steps to deploy a Horizon Edge Gateway appliance for Horizon 8 environments running on vSphere based platforms. For details on deploying a Horizon Edge Gateway on other infrastructure platforms, see Configuring Horizon 8 Federated Deployments in the product documentation.

For more information on Horizon® Cloud Service™ – next-gen, you can review What is Horizon Cloud Service – next-gen. All of the critical details you want to know about the service and the Service Description can be found on the Legal Center.

Audience

This guide is intended for IT professionals and Horizon administrators of existing production environments. Both current and new administrators can benefit from using this tutorial. Familiarity with networking and platform infrastructure (DNS, firewalls, Certificate management, and so on), Windows data center technologies such as Microsoft Azure and Active Directory is assumed. Knowledge of Horizon® and Horizon Cloud Service is also helpful.

What is the Horizon Edge Gateway Appliance?

The Horizon Edge Gateway Appliance is deployed as a virtual appliance from vSphere® Web Client and paired to one of the Connection Servers in the pod. As part of the pairing process, the Horizon Edge Gateway Appliance virtual appliance connects the Connection Server to the Horizon Cloud Service to manage the subscription license. With a subscription license for Horizon, you do not need to retrieve or manually enter a license key for Horizon product activation.

For more information, see Onboarding for Horizon Cloud Service - next-gen Administrators.

This guide provides an overview of how to deploy a Horizon Edge Gateway Appliance into a Horizon 8 environment. Detailed steps for this deployment process can be found in Omnissa product documentation. See Deploy a Horizon Edge for Use with Horizon 8 Deployments and the Horizon Cloud Service - next-gen Control Plane for complete details on how to deploy a Horizon Edge for use with Horizon 8 Deployments.

Steps for deploying a Horizon Edge Gateway Appliance

If you are a Horizon 8 (or Horizon 7) customer leveraging a subscription-based license, you must complete the basic onboarding process to complete your license entitlement for each Horizon 8 (or Horizon 7) pod.

Details for onboarding and your first login to the Horizon Cloud Service are outside of the domain of this guide, but are explained in the product documentation by accessing the following pages:

For a video overview of the Horizon Cloud Service Onboarding process, see the video Horizon Cloud Service – next-gen: Onboarding.
For customers who have purchased Horizon Plus licensing, see the details in Horizon Plus Documentation.
For customers who have purchased the Horizon Universal License, see the details in Onboarding for Horizon Cloud Service - next-gen Administrators.
For a general overview of Horizon Licenses, see Understanding Horizon Licenses.
If you are a first-time customer, and do not have a Omnissa Connect account, you can find more information on completing your initial configuration and setup as a customer through the following resources:

All details to sign up for a Omnissa Connect account can be found in the Onboarding for Horizon Cloud Service - next-gen Administrators

The steps required to prepare your environment for deploying the Horizon Edge Gateway in your Horizon 8 environment are the same, regardless of your subscription license. There are several infrastructure and networking configurations that must be set up prior to deployment.

The general process for deploying a Horizon Edge Gateway into a Horizon 8 environment is:

Prepare the infrastructure environment and complete prerequisites.
Create a Provider and configure the Horizon Edge Gateway Appliance.
Download the Horizon Edge Gateway Appliance and deploy it into the Infrastructure.
Connect the Horizon Edge Gateway to the Horizon Connection Server.

Prepare the environment and complete prerequisites

To prepare for deployment, you should check that the appropriate prerequisites and environmental conditions are set. The first thing you need to do is make sure that you have all the following infrastructure details that are required to deploy a Horizon Edge Gateway Appliance.

Note: The Horizon Edge Gateway Appliance is intended to be deployed on an internal network segment. It is not hardened for DMZ or public-facing network locations. Do not deploy the Horizon Edge Gateway Appliance on an external network.

Note: The environmental prerequisites for successful deployment of the Horizon Edge Appliance are slightly different depending on your entitlement. Make sure that you are checking the appropriate list of prerequisites in the product documentation.

Creating the DNS Entry

The Horizon Edge Gateway requires a DNS configuration that allows it to be resolved internally by the Horizon Connection Server and the Unified Access Gateways (UAGs) in the Horizon 8 deployment.

Verify Line-of-sight for Horizon Cloud Service Components

Make sure that the network location where you will deploy the appliance has line-of-sight to all of the required Horizon Cloud Control Plane DNS entries. You can find a list of these DNS entries in the product documentation. The Horizon Cloud Service next-gen Edge Subnet URL checker tool can be downloaded and run from a Windows-based machine to check that all of the appropriate URLs are available. It is best practice to ensure that the machine you use to test for connectivity to Horizon Cloud Service is on the same network segment where you plan on placing the Horizon Edge Gateway Appliance.

Verify Line-of-sight for Horizon Pod Components

You also need to make sure that there are no firewalls or other network security appliances prohibiting line-of-sight between the Horizon Edge Appliance and critical Horizon Cloud, or Horizon 8 pod resources.

For more details on setting up the prerequisites, review the following resources:

Add a Horizon 8 Edge

Assuming you have already onboarded and logged into the Horizon Cloud Service – next-gen via the Horizon Universal Console, you can deploy a Horizon Edge Gateway appliance for an existing Horizon 8 pod. The instructions for deploying a Horizon Edge Gateway appliance to your Horizon 8 pod are outlined in the product documentation.

The following video demonstrates the process for configuring and deploying a Horizon Edge Gateway Appliance into a Horizon 8 pod.

Note: Depending on whether you are a brand new Horizon Cloud Service customer or are already using Horizon Cloud Service – next-gen to manage native Microsoft Azure-based Horizon Edge environments, the interface may look somewhat different from what is demonstrated in the video.

Deploying a Horizon Edge Gateway - Provider and Horizon Edge Preparation [video]

Deploy the Horizon Edge Gateway Appliance

To deploy the Horizon Edge Gateway OVF, you will use the OVF deployment interface from vCenter. You should collect information on the following details to prepare for the OVF deployment:

OVF Server Fields	Details
Root Password
Connection string / Pairing Key
Kubernetes Details
POD Network
Service Network
Public Key for CCADMIN (optional)
Proxy Details (optional)
Proxy Host
Proxy Port
No Proxy For
Proxy SSL
Proxy Username
Proxy Password
Networking Properties
Default Gateway
Domain Name
Domain Search Path
Domain Name Servers
Network IP Address
Network Netmask

After you have deployed the appliance and started it, it may take up to fifteen (15) minutes for all of the required services to boot, configure, and be available. If the Horizon Edge Gateway Appliance successfully connects to the Horizon Cloud Service, you will receive a visible notification in the UI that the connection was successful.

A demonstration of the entire OVF deployment process can be found in the following video and Docs contains more information on this process.

Deploying a Horizon Edge Gateway for Horizon 8 Environments [video]
Deploy and Export OVF or OVA Templates [Docs]

Connect to the Horizon Connection Server

After the Pairing process has successfully completed, you must provide details on your Horizon Connection Server. This configuration is required to use with Horizon subscription licenses, services and management features hosted in the Horizon Control Plane Services.

As mentioned in Step 1, The Horizon Edge Gateway Appliance needs line-of-sight visibility so that it can communicate to the Horizon 8 Connection Server. Assuming you have configured for this prerequisite, you should be able to complete this configuration by entering the URL of the primary connection server into the configuration UI.

Note: If you leverage multiple Horizon Connection Servers in your Horizon pod, you only need to provide details for the primary Horizon Connection Server. The Horizon Edge Gateway Appliance will find the other Horizon Connection Servers automatically.

After you have successfully completed the configuration, the Horizon Edge Gateway Appliance will configure the Horizon Connection Server with your license entitlement.

Troubleshooting

If you are having trouble getting a Horizon Edge Gateway Appliance to connect to the Horizon Cloud Service, and you have confirmed all of the prerequisites outlined in the product documentation and above, you should reach out to Support for assistance.

The Horizon Edge Gateway Appliance runs the Photon OS and hosts multiple Kubernetes containers that run all of the critical functions of the appliance. Support may ask you to run Kubernetes commands directly on the appliance to inspect and troubleshoot the cause of the problem.

You can leverage Putty or a similar application to open a terminal session to the appliance. You will need to leverage the Root Password that you supplied during the OVF deployment process to access the appliance.

Check the status of containers

After you have accessed the appliance, you can use the kubectl command to inspect the operational status of the Kubernetes containers on the appliance.

kubectl get pods -A

This command will list all of the available pods, and report on their status. Make sure that the edgedevice-deployment pod is READY, Running, and does not show any Restarts. You should also make sure that the view-cs-module-deployment pod is READY, Running, and has no Restarts.

Gather Log files from individual containers

In some cases, Support may ask that you gather log files from the containers for troubleshooting purposes. The process for gathering log files from a container is as follows:

Run - kubectl get pods -A
Note the namespace name and pod name you want the logs from.
Run - kubectl -n <namespace name> logs <pod name> > <filename>
Download or copy the contents of the <filename> to transfer it out of the VM or look at it using a text editor.

For a demonstration of running the previous commands and downloading a log file, see the following video:

Checking Kubernetes Container Status or Downloading Log Files from Horizon Edge Gateway Appliance

Summary and Additional Resources

This document covered the four main steps to deploy a Horizon Edge Gateway, including:

Prepare the infrastructure environment and complete prerequisites.
Create a Provider and configure the Horizon Edge Gateway Appliance.
Download the Horizon Edge Gateway Appliance and deploy it into the Infrastructure.
Connect the Horizon Edge Gateway to the Horizon Connection Server.

It also covered basic troubleshooting procedures.

Additional Resources

For more information, you can explore the following resources:

Deploying Horizon Edge Gateway – Connect to Horizon Connection Server [video]
Horizon Cloud Service – next-gen Architecture [TZ article]
Horizon Cloud Service – next-gen Initial Setup & Configuration Workflow [TZ blog]
What is Horizon Cloud Service – next-gen? [TZ article]

Changelog

The following updates were made to this guide:

Date	Description of Changes
2024/08/14	Third pass for rebranding. Rebranded videos added. Added direct link to URL Checker tool at new location.
2024/07/23	Second pass for rebranding Added link to the new instructions in the product documentation at the beginning of the asset.
2024/05/16	First pass for rebranding
2023/11/15	Changed URL for Horizon Cloud Service next-gen Edge Subnet URL Checker where relevant
2023/05/08	Added Troubleshooting details plus links to new video. Added detail on Cloud Services onboarding.
2023/04/12	Guide was published.

About the Author

This guide was written by Rick Terlep, Staff EUC Technical Marketing Architect, Omnissa, with contributions from:

Gina Daly, Technical Marketing Manager, Omnissa

Feedback

Your feedback is valuable.

To comment on this paper, use the feedback button on the top of the page..