VMware Horizon on VMC customer can get the benefit of AWS Elastic Load Balancer (ELB) for load balancing Unified Access Gateway, Connection Server and App Volumes Manager etc. To integrate Horizon VMC environment and AWS ELB, VMC SDDC need to be connected with AWS VPC with xENI and network reachability from/to AWS VPC and VMC SDDC subnets on port/protocol required for Horizon.
In this post, I will provide the step by step guidance to configure & integrate AWS ELB with Horizon on VMC environment.
TASK#1: Creating Security Group on AWS VPC
Create a security group allowing all the necessary inbound and outbound traffic on protocol/ports. The screenshots in this post are for test purpose so the ports requirement for production environment may vary . Please visit VMware website for detail of ports requirement for Horizon on VMC deployment.
TASK#2: Create a target group (TG) for ELB
Before you creating ELB, you must create a TG where ELB will be pointed to.
Note: Registered targets IPs are Horizon Unified Access Gateway IP, where the internet ELB will be pointed to.
TASK#3: Creating AWS Application Load Balancer:
Configure Security Settings: atleast you should have 2 public subnets in your AWS environment.
For internet facing ALB, you must apply the certificate. Either you can create certificate with ACM or you can upload if you already have one.
Choose your security group you created earlier in TASK#1
Choose TG you have created earlier in TASK#2
Below are the target server IPs (UAG) you registered earlier during TG creation. This IPs will be populated automatically if you choose the existing TG in previous step.
Verify your ALB has been created successfully and state being ‘active’.
TASK#4: Unified access gateway configuration:
Go to your VMware Cloud on AWS vCenter and open UAG admin console.
Add ALB DNS name to Blast external URL and Tunnel External URL i.e. https://alb-dns-name:443.
Confirm Horizon Settings status being green under Edge Service Setting.
In this stage: if you have correctly configured Security Group, ELB, UAG and Connection Server, you should be able to access horizon appblast portal from public internet with ALB public DNS name.