Archive | February, 2022

Azure VMware Solution – Network Connectivity Azure VNet and On-premise

15 Feb

In this blog post, we shall take a deeper look into the Azure VMware Solution network connectivity between the Azure VNet for accessing Azure native services such as Bastion, Azure AD, SQL etc. and further connectivity to the On-premise network to migrate virtual machines or hyrbid setup.

AVS Networking – Image courtesy @Microsoft

Step 1 & 2 – Connectivity between Azure VMware Solution (AVS) – Express Route to Azure VNet

  • After the deploying the AVS we need to connect it to the Azure VNet for consuming Azure Native Services such as Bastion, SQL, AAD etc.
    • Note AVS pre-deploys the ExpressRoute for you (AVS – Manage – Connectivity – Express Route).
  • We need to have a Virtual Network Gateway (VNG) existing on Azure VNet, or we need to create one. All steps to be performed under portal.azure.com
  • Deploy the Virtual Network Gateway (VNG) on Azure subscription
    • Make sure you have a VNG created on Azure VNET
    • Give it a name – AZ104-VNG01
    • Resource Group – Select New or existing
    • Location – Australia East
    • SKU – Standard (for demo and testing purposes)
    • Virtual Network – Select the existing VNET (E.g. 10.0.0.0/16) for Azure. Note it will create the Gateway Subnet automatically (10.x.x.x/24)
    • Type – ExpressRoute
    • Public IP Address – Create New (It will auto assign a public IP)
    • Optional Create Tags
    • Save and Create
  • Under AVS – Connectivity – Express Route
    • Request the Authorization key
      • Name – ToAzureVNET
      • Copy the Key and Express Route ID
  • Open the VNG (AZ104-VNG01) and Settings – Connections
    • Click on Add
    • Name – FromAVSPrivateCloud
    • Connection Type – Express Route
    • Enter the Authorization Key and Express Route ID and paste them here
    • Click OK
    • The Status will change from Updating to Succeeded
  • Now we have the connectivity between the AVS and Azure VNet.

Step 1 & 3 – Connectivity between Azure VMware Solution – ExpressRoute Global Reach to On-premise networks

  • Now we will establish the connectivity between AVS and On-premise networks
  • ExpressRoute Circuits – This is the coming from On-premise into Azure VNet
    • This will depend upon the partner network (Equinix, Telstra etc.)
    • Note there are different type of Peerings available. Select based on your design – Azure ExpressRoute Overview: Connect over a private connection | Microsoft Docs
      • Azure Private – We are going with this option at the moment
      • Azure Public (Public IP address required)
      • Microsoft (Office 365 etc.)
    • Click under Settings – Authorizations
    • Click on Add
    • Name – AuthorizationforAVS
    • Copy the Authorization Key
    • Copy the Resource ID, which is the Express Route Circuit ID
  • Under AVS – Connectivity – ExpressRoute Global Reach
    • Click on Add
    • Select the Subscription and Resource Group
    • Copy and paste the Authorization key and Express Route Circuit ID
    • Click Create
    • It will show as Connected

The intention here is to get you a few useful links on the Networking on Azure VMware Solution:

DescriptionLinks
AVS Network Setup – Video from Trevor DavisAzure VMware Solution – Network Setup – YouTube
VMware Documentation – Using Azure ExpressRoute with AVSDesignlet: Using Azure ExpressRoute with Azure VMware Solution for On-premises Connectivity | VMware
Azure ExpressRoute PricingPricing – ExpressRoute | Microsoft Azure
Previous Blog post – Mindmap AVS Networking guidanceMindmap – Azure VMware Solution – Guidance on Deployment and Networking | AskAresh
ExpressRoute Private PeetingGitHub – microsoft/Deploy-and-Optimize-Azure-ExpressRoute-Private-Peering: This deployment guide is focused on helping you deploy and optimize the Azure private peering, which enables connectivity between your private network and your Azure VNets over ExpressRoute.
Useful Links

I hope you will find this helpful information on your AVS Networking journey. Please let me know if I have missed any steps or good reference links, and I will be happy to update the post.

Thanks,
Aresh Sarkari

Tags: , , , , , ,

VMware vRealize Operations Management Pack for Horizon MP4H 2.0

9 Feb

The MP4H (Management Pack for Horizon) 2.0 was recently released – Release Notes. It was time to give it a go, and the best place IMHO is VMware Test Drive, as they have a larger environment and there is alot of data for simulation compared to our small homelab.

Let’s take a look at the following information from the vRealize Operations – MP4H:

  • New engaging Dashboards and View
  • Observations and thoughts
  • Where to download the MP4H 2.0 pack?

New engaging Dashboards and Views

Service Monitoring for Unified Access Gateway (UAG) and Connection Server (CS) – Using the Telegraf Agent, you can monitor the Tomcat services and HTTP Health Checks against the UAG and CS web services. The step by step configuration details can be found here.

Connection Server certificate validation – There are new properties around CS certificate validation. This way, you can an dashboard based on the view – Availability \ Horizon Connection Server Certificate.

Unified Access Gateway Session – There are views on UAG Session Disparity amongst different UAG Appliances and session split across internal and external UAG appliances. The UAG Overall experience widget gives a high-level overview. Note the HTTP check is using the Telegraf agent to perform the checks (It’s empty, but you get the point there is capability.)

Horizon Client Versions and Horizon User Agent Version – These dashboards are not new and were present in the previous MP4H, but these are so important to get an overview of the Client and Agent versions within the environment.

Observations and thoughts

Very excited to see the UAG Appliances inclusion as a first class citizen into monitoring & alerting. One can tell looking at the MP4H 2.0 has come a long way since its previous releases. I am personally looking forward to the built-in reports to come back in future releases, along with the inclusion of VMware App Volumes and VMware Workspace ONE alerting and reporting. If the VMware product team considers my recommendation, it can start to differentiate itself against other players within the same market segment.

Features wishlist:

  • HTTP Check and Service monitoring for App Volumes and Workspace ONE Access
  • Certificate validation for UAG, App Volumes and Workspace ONE Access
  • Builtin Reports – Previous Horizon Reports, App Volumes – AppStacks, App Volumes – Wrtiable Volumes, Workspace ONE Access – User Sessions etc.

I can’t wait to see what the next release of the vRealize Operations – Horizon Management pack beholds.

Where to download the MP4H 2.0 pack?

You can download the pack from VMware Marketplace, and the following versions of vRealize Operations are supported.

Cameron covers additional information on his blog post here – MP4H 2.0 What’s New and Use Cases – C4 | Virtually Blogging (cameronfore.com). I highly recommend following him for all MP4H content.

Disclaimer – All the screenshots are from VMware Test Drive Portal. All credits to them for their hardwork.

I hope you will find this helpful post about the latest release of MP4H 2.0. I highly recommend giving it a go on Test Drive and a small request if you find anything interesting. I hope you can share it back with me?

Thanks,
Aresh Sarkari

Tags: , , , , ,