How to add a Horizon View 7 Replica Server
Once you have your first Horizon View 7 Connection server installed you can add a second or more as replica servers. If you haven’t installed your first connection server be sure to check out my previous post here .
These replica servers function in the same way as the first connection server you installed. Once you set up a replica server both of your connection servers will now function in the same way and allow you to perform all actions related to the connection server from either one. This adds resiliency by having multiple servers paired together as well as flexibility if you want to have some servers dedicated for external users, but still manage them from the same administrator console. Once you have multiple connection servers you can place a load balancer in front of them and let it distribute the load for you.
Prep Work:
Configure a Windows Server following VMware’s requirements for a Horizon View 7 Connection Server. They can be found here
Login to the Windows server with an administrator account. I always use a domain service account for the installation to ensure all my connection servers are configured in the same way with the same account.
Copy the install media to the server or run it form a fileshare.
Horizon View 7 Replica Server Installation:
To start I right-clicked on the executable and chose to Run as Administrator.
If like me UAC is enabled on your server you will need to click Yes.
Click Next to begin the installation.
You will need to accept the License Agreement before clicking Next.
On the Destination Folder you can chose to select the default install directory or click Change if you wish to install to a different location. I chose the default location, click Next.
On the Installation Options screen be sure to select Horizon 7 Replica Server (A). Leave the check mark for HTML Access (B) unless for some reason you are not installing HTML access in your environment. Click Next (C).
Next you need to enter the FQDN for your existing Horizon View Connection server, as I did (A). Click Next (B).
On the Firewall Configuration you can let the Horizon Install configure the Windows Firewall for you as long as you don’t have any specific port requirements. Click Next.
Finally click Install.
When the install completes you should see the following screen. You can uncheck the box to show the readme file if you would like. Click Finish.
Now that the installation is completed login to the new Horizon Connection server to ensure it is functioning as expected.
From a browser on the new Connection server you can connect to https://localhost/admin or use the server name. You can also connect remotely to the FQDN.
Enter the credentials just as you do with the first connection server in the group. Once logged in everything should look as it did before when you only had a single Connection server. From now on you can manage the environment from either connection server. Changes are replicated between the two.
If you made any changes to the Connection server configuration you may need to update the new server to match. If you are configuring the second server for a separate use case, such as pairing with a security server, then you may need to configure the server differently.
Navigate to View Configuration > Servers (A). Then select the Connection Servers tab (B). Here you can see that my new connection server (VIEWCNT7-02) has different settings (C). The different for me is that I had disabled tunneling on my first connection server. I want my second connection server to be identical so I will also disable tunneling on it.
To disable the tunnel settings right-click on the connection server and select Edit…
From the Connect Server Settings > General tab I unchecked the option for Use Secure Tunnel connection to machine, by default this setting is enabled.
Since these VMs will only be accessed internally on my lab environment LAN I don’t see the need to tunnel the connection through the connection server. If I was going to pair the connection server with a security server for external user access I would enable both HTTP(s) Secure Tunnel and PCoIP Secure Gateway. The PCoIP Secure Gateway has a larger effect on your configuration than the Secure Tunnel. The PCoIP Gateway would cause PCoIP sessions to be established through the connection server, as opposed to direct Client <-> Agent. This is only necessary in my opinion for security server related access when users are coming in from the DMZ which would require additional firewall changes without the gateway. Another benefit to not enabling the Secure Gateway is that you can reboot or have a connection server fail without the users being affected. It also minimizes load on the connection server by not sending traffic through it, although it’s minimal.
Click OK to save.
That completes the addition of a replica connection server. Going forward you can treat both connection servers in the same way. If the original server fails or is down for maintenance all tasks can be performed from the second connection server, and vice versa. The two servers do not depend on each other, but work together sharing the same configuration.
Thank you for reading and please feel free to comment below.