- Implementing VMware Horizon 7.7
- Jason Ventresco
- 274字
- 2021-07-02 14:34:32
High availability overview
When deploying Horizon Security Servers it is important to understand how that impacts our high availability requirements. This section will provide an overview of what a highly available Horizon infrastructure that must service both internal and external clients might look like.
The following diagram illustrates a Horizon infrastructure that meets the following four requirements:
- Internal Horizon clients use load-balanced connections to Connection Servers
- Remote Horizon clients use load-balanced connections to Security Servers
- Security Servers installed in a DMZ
- Two-factor authentication or connection tunneling policies that apply only to remote Horizon clients
The diagram does not show the connections to the Horizon desktops or applications; it is only meant to illustrate the placement of load-balancing appliances, and show how true high-availability might be achieved in an environment that includes multiple Horizon Security Servers. In addition, it shows that additional Connection Servers are being used for internal clients, as these connections do not require the same security settings as the remote clients do:
This Horizon architecture ensures that Horizon clients will be able to connect or reconnect if either of these two scenarios were to occur:
- Failure of any one of the four Connection Servers shown in the diagram
- Failure of any one of the Security Servers
As a single Horizon Security Server cannot be paired with more than one Connection Server, there is no need to place a load balancer between the Security Servers and the Connection Servers. Load balancing the Security Servers ensures that the Horizon client connection will be maintained regardless of which server fails, be it a Security Server or the Connection Server that it is paired to.