24x7x365 Entisys360 Client Technical Support: Call (877) 368-4797 opt 9, or

Welcome back to the VMware Horizon Cloud on Azure blog series, During the previous blog in the series Introduction and Design, we shared our excitement around using Horizon Cloud to deploy on Windows Virtual Desktop. We explained the benefits between running both together, from leveraging WVD’s multi-session Windows 10, to how Horizon Cloud enables a full multi-cloud / hybrid-cloud VDI platform.

Now we get to get our hands dirty, and start the build out. Before we set off to preparing the Azure tenant, I once again wanted to share the list of required Virtual Machines and Services.

Required Virtual Machines and Services

  • Pod Deployment Engine – 1 x Standard F2
  • Pod Manager with High Availability – 2 x Standard D4v3 or D3v2
  • Microsoft Azure Database for PostgreSQL Service – Gen 5, Memory Optimized, 2 vCores, 10 GB Storage
  • External Unified Access Gateway – 2 x Standard A4v2
  • Internal Unified Access Gateway – 2 x Standard A4v2

*Note: if deploying to a new tenant, do not forget to increase your vCPU quota for the required instance types to a count well above the listed quantity. See here for more information on Quota increase requests.

Now it’s time to get started with the build work!

Getting Ready to Deploy – Preparing Your Azure Environment

This section walks you through the initial preparation of your Azure tenant for Horizon Cloud readiness. It is assumed that you already have a Microsoft Azure tenant available, with required VPN or Express Route connectivity already configured.

1. Login to Microsoft Azure Admin Portal

2. Select Virtual Networks

3. Click Add to create a new Virtual Network

4. If you do not already have a Resource Group for your Horizon Cloud on Azure deployment, create one now. Select the Create new under Resource Group and provide a name. Click Ok.

5. Provide a Name for the Virtual Network and click Click Next : IP Addresses when complete.

6. Leave the CIDR blocks and subnets at default. Click Next : Security to continue.

7. Leave the Security settings at default for a Proof of Concept deployment. Click Next : Tags to continue.

8. Tags can be leveraged to identify resource types, use cases, and security posture within your Azure tenant. You may configure those here. Since this is a Proof of Concept deployment, tags will not be configured. Click Next : Review + create

9. Review the Virtual Network configuration settings, then click Create.

10. From within your Virtual networks, click to select the newly created virtual network.

11. Find the Service endpoints menu options and click Add.

12. Specify the Service of type Sql and select the default subnet. Click Add.

VNET Peering

VNET peering is required when Active Directory is not in the same virtual network as the Horizon Cloud Service. Most often this will be the case, and VNET peering between the AD virtual network and the Horizon Cloud virtual network will be required.

13. Navigate to Virtual networks and select the new VNET created in the steps above. Click on Peerings and click Add.

14. Provide a name for the peering to the remove virtual network. Leave Resource manager as the virtual network deployment model. Select the right Subscription and Virtual network this network will be peered with. Provide a name for the opposite peering. If a gateway is leveraged within your Azure subscription, select the option to Allow gateway transit. Click OK once complete.

15. After completion, see that the status of the peering on the newly created Virtual network is Connected.

16. To verify the peering going the other direction, navigate to the virtual network that peering was configured with and select Peering. The status of that peering will also show Connected.

Configure DNS

1. From the Virtual network that will be used for Horizon, navigate to DNS servers. Change the DNS servers selection to Custom and provide the IP Address of the DNS server. In this POC, I have used the IP address of my single domain controller. Multiple DNS server IP addresses should be provided in a production deployment.

Create Horizon Cloud Service Principal

The service principal / app registration is used by the Horizon Cloud Service to gain the necessary access to your Azure tenant, and deploy all require Horizon Cloud Components, as well as perform on-going management and administration tasks within Azure.

1. Navigate to Azure Active Directory and select App registrations. Click New registration to create the new service principal.

2. Provide a unique name for the app / service principal. Leave Supported account types at Accounts in this organizational directory only and click Register.

3. Navigate to Certificates & secrets and click on New client secret

4. Provide a Description for the secret and configure how long before the secret It is recommended to use the most secure option of In 1 year. Click Add.

5. Note the secret Value after creation. This will be used during the initial Horizon Cloud on Azure deployment wizard.

6. In addition to the secret, you will also need to take down the following IDs for use during the Horizon Cloud on Azure deployment.

  • Application ID
  • Directory ID

7. Navigate to Subscriptions. If you are unable to find it from within available menu selections, you may have to use the search bar. Take note of the Subscription ID for use during Horizon Cloud on Azure deployment. Click on the Subscription name to configure permissions.

8. Select on Access control (IAM) and click on Select Add role assignment from the drop down that appears.

9. Select the Role of Contributor. Under Select, start typing the name of the service principal and the App created above should appear.

10. Click to select the service principal, then click Save. You will see the App show up under Selected members.

Verify the required Resource Providers are registered 

1. Navigate to Subscription, and select Resource providers.

2. Review the list for the following providers.

  • Microsoft.Compute
  • Microsoft.insights
  • Microsoft.Network
  • Microsoft.Storage
  • Microsoft.KeyVault
  • Microsoft.Authorization
  • Microsoft.Resources
  • Microsoft.ResourceHealth
  • Microsoft.DBforPostgreSQL
  • Microsoft.Sql

I would recommend using the search bar to locate these providers. It may be tedious, but it’s the easiest way to ensure the selected provider is registered. If any providers are not registered, select them and click Register. Neither Microsoft.Insights or Microsoft.Sql were registered during the initial POC deployment.

Ready for Horizon Cloud

The Azure Tenant is now ready to go! Don’t forget to increase your vCPU quota if this is a new tenant. The next blog in the series will show you how to deploy and configure the first Horizon Cloud on Azure pod.

Our Expertise

Security and Cyber Risk Services

Creating a strategy for managing risk and compliance, while helping to filter the noise of myriad cybersecurity technologies.

Automation and Cloud

Accelerating IT service delivery for our clients through the adoption of agile methodologies that are all part of a systems-oriented approach.

End User Computing

Helping businesses keep infrastructure uptodate, minimizing security risks, and maintaining compliance

Software Defined Data Center

Empowering your enterprise to achieve its full potentialand greatest efficiencyby keeping IT infrastructure operational, available and secure.

Core Infrastructure Services

Offering design, implementation, licensing optimization, and environmental services to ensure the use of Microsoft’s best practices and configurations.

Microsoft Expertise

Helping set goals and establishing benchmarks for the journey toward the successful deployment of Microsoft solutions.

Our Services

Professional
Services

Enjoy a stressfree implementation that comes through the knowledge and experience of our professional services team.

Enterprise
Managed Services

Align your business initiatives with evolving industry trends to obtain a clear understanding of the impact of future technologies.

Cloud Strategy
and Services

Meeting a diverse range of business requirements through deployments that are flexible, scalable, and have the right mix of elements.

Contract
Management

Never miss another maintenance or warranty contract renewal date or pay for unused maintenance contracts or warranties.

Project
Management

Through this service, our project management team takes the lead role in planning, executing, monitoring and closing projects.

Our Markets and Market Support Vehicles

Business

Professional services and nationallyrecognized expertise that align perfectly with the trends and challenges facing a variety of industries.

Healthcare

Recognizing the unique challenges faced by healthcare IT organizations, and offering understanding, capabilities, and trusted relationships.

Public Sector

Helping organizations contain costs maintain high availability while finding new ways to increase security, compliance and more.

Group Purchasing

Industryleading IT consulting services and technology solutionsaccessed through a streamlined contracting process.

Resources

Events

Learn about our upcoming events and webinars.

Solutions Literature

Accesstodownloadable assets with information on solutions and services offerings.

Blog

Gain expert technical insights around today’s leading enterprise technologies and solutions.

Press Releases

Read news and updates from the Entisys360 team.

News Stories

Learn about new developments with Entisys360 and our team.

About Entisys360

About Entisys360

Our mission, vision, leadership and team

Accolades

Notable industry awards and recognition

Privacy

Entisys360’s and its commitment to privacy

Community

Our commitment to the community

Careers

Entisys360 Career opportunities

Contact Us

Entisys360 locations and contact resources