VMware Horizon Community
bluefluke
Contributor
Contributor
‎03-30-2011 06:05 PM

Load Bance View Connection Server 4.5 over WAN

I have two large datacenters in the US.   I currently have a very lage pipe with low latency between the two.    I have a ESXi VDI farm at each site and 1 vCenter and 1 view connection server at one site.   The goal is to place a replica view connection server @ site 2.    I havent seen a lot of documentation saying yes or no dont do it over the WAN but I have talked to a few fellow admins and they say the ADAM DB has a chance of getting corrupt over the WAN.   Has anyone tried this will success?

0 Kudos
9 Replies
idle-jam
Immortal
Immortal
‎03-30-2011 06:09 PM

it only make sense if both DC are having the same data. the reason of separating may be due to that the desktops can access the local resources easily (faster). if you have almost LAN like connectivity then it is not much differences.

0 Kudos
markbenson
VMware Employee
VMware Employee
‎03-30-2011 07:16 PM

A View environment should be LAN connected. If you have two data centers with WAN links in between, and you need View in both locations, create two independent View environments.

The Architecture & Planning guide for View is clear about this.

You can deploy multiple replicated View Connection Server instances in a group to support load balancing and high availability. Groups of replicated instances are designed to support clustering within a LAN connected single-datacenter environment. VMware does not recommend using a group of replicated View Connection Server instances across a WAN due to the communication traffic needed between the grouped instances. In scenarios where a View deployment needs to span datacenters, create a separate View deployment for each datacenter.

http://www.vmware.com/pdf/view-46-architecture-planning.pdf - page 41.

There are some good techniques in a multi Cluster View environment to allow entitlements and admin roles etc. to reference AD user groups so that a lot of user related management of muliple View Clusters (such as determining which users and groups have access to which pools) can be managed in one place (AD).

By implementing multiple View clusters in this way, then as well as performance improvements, you also get the benefit of greater resilience in the case of a View cluster failure or if the WAN link goes down between sites etc.

This topic is also discussed here - http://communities.vmware.com/message/1723593

The admins you spoke to gave good advice, but not for the right reasons. This guideline is not related to ADAM replication. ADAM (and AD LDS on 2008) uses the same replication engine as Active Directory.

Mark.

0 Kudos
ElvinatVirtuall
Contributor
Contributor
‎12-18-2011 08:06 PM

Can you define a LAN connection? is 10 Gbps with very low latency (less than 3ms) between two sites can be considered as LAN connection ?

I think VMWare needs to be precise in their terms. Nowadays networking technology has evolved in a way that a WAN or LAN definition can be a  bit blurry.

0 Kudos
markbenson
VMware Employee
VMware Employee
‎12-19-2011 06:20 AM

Generally Gigabit Ethernet connected for LAN. It's partly about low latency and high speed but is also about the reliability characteristics that usually make WAN links inappropriate for connections between Connection Servers.

I appreciate that high performance WAN links can approach Gigabit Ethernet characteristics, but the View recommendations on this are a guideline to ensure that replica Connection Servers are in the same geographic location. A View deployment in multiple data centers should be implemented as separate View environments even though they can share an AD environment etc. so that all user administration and desktop entitlements etc. can still be done in one place (AD). This also then gives greater resilience in the event of network failure.

Mark.

0 Kudos
lennyburns
Enthusiast
Enthusiast
‎03-22-2012 01:17 PM

You know what would be great?

If someone would do IMPERICAL TESTING on this.

What sppeds / latencies / delay values actually start causing replication issues?

Certainly this is quantifyable and easilly tested with the resources available to VMware.

The persistence of this ambiguous reccomendation without hard numbers is mysterious.

Is it that Vmware doesnt really know what thresholds thier brokers begin to have problems communicating?

Or...

Do they KNOW what level this is and the publication of these numbers would be bad press?

We are left to wonder, and as a long time engineer that reccomends View as a solution to some of the top companies in the world, i feel like i'm being hung out to dry on this point.

0 Kudos
markbenson
VMware Employee
VMware Employee
‎03-22-2012 02:38 PM

This isn't about delays, latency and speed of WAN links.

One of the most important benefits of having a separate View Clusters/PODs in each datacenter is that when the WAN link is down, each site runs autonomously and actually provides greater availability in the event of WAN link failure.

It's true that if a WAN link really does have the latency, bandwidth and (most importantly) reliabilty characteristics of a LAN then it will make absolutely no difference.

This is good discussion.

Mark.

0 Kudos
lennyburns
Enthusiast
Enthusiast
‎03-23-2012 06:47 AM

Latency, speed, etc, were merely examples.

And while your statement about twicn environments is true, there are use cases where it makes more sense to simply have one environment.

(I can't speak about the one in have before me due to disclosure rules)

The bottom line is that every other single metric about the ESX hypervisor utilisation limits is posted in scientific detail.

Any engineer can make informed decisions about designs and implementations of that technology.

They even can asnwer technical questions about why.

Howeverm in VMware View, the reason why becomes "Becuase it's on page (x), and Vmware says so..."

Thats never okay, and to tell engineers that is nonsense.

Why can we not get this data published?

0 Kudos
stanyarbroughjr
Contributor
Contributor
‎03-23-2012 07:15 AM

I guess the question that I would have is about administration.  If you are planning to use the primary connection server only for pool creation, etc, I dont see where there is really a problem with this other than the design is not supported by VMware.  If there is a provisioning error between the Manager and the Composer at Site B, its not like it wold create an unrecoverable problem.  As long as you are only accessing the Manager from Site A, what could cause a corruption? EDSI is located on the Primary Manager and if the connection is local, Active Directory sync is not a problem.  Also, in the case that a replica goes down, there is not typically a consistency problem.  Fundamentally, there shouldnt be a design issue here.   

Did you end up trying this?  I am considering the same configuration

0 Kudos
lennyburns
Enthusiast
Enthusiast
‎03-23-2012 07:40 AM

We arent using composer in this scenario, but your question and conclusion is not wrong about there not be a real reason why that wouldn't work.

This is the "smoke" that surrounds this issue.

Something is odd around why this isn't being delved into deeper and the results published.

Until this is done, there will be literally hundreds of good ideas that "should work" and engineers will run up against this limitation that VMware states exists, and yes, there could be problems with replication, etc.

Maybe there won't be.

Either way, until someone sticks this across a WAN emulator and does very accurate and controlled tests, we wont know what the limits are under what conditions.

It's worth noting that ADAM (now AD LDS) and LMS, the two technologies that are used in replication here, BOTH advertise that they work well over slow links, and yet, in this implementation, it seems to have difficulty.

From the ADAM (AD LDS) Page: (my configuration is in red)

http://technet.microsoft.com/en-us/library/cc816770(v=ws.10).aspx

When to establish a single site

If you have a single local area network (LAN) consisting of a single location, or if your network consists of a series of closely located locations (as in a campus), in which all locations are connected by a high-speed backbone, by using the default site as the single site in replication topology can simplify replication management. In a single-site topology, all replication on your network occurs as intrasite replication, which requires no manual replication configuration. In a single-site design, all AD LDS instances also remain very current with respect to directory changes, because directory updates are replicated almost immediately.

When to establish multiple sites

When your network consists of multiple geographic locations connected by a WAN, establishing separate sites for each location provides the following benefits:

  • Efficient use of WAN bandwidth for replication


  • Detailed control of replication behavior

The JMS documentation at Oracle outlines the JMS replication issues as related to spped, but more interestingly, they go into more detail about how the messaging system is effected by the use of various protocols and links.  Something I think we should be able to test for and create ourselves as it relates to VMware View Conenction Server replication.

http://docs.oracle.com/cd/E19340-01/820-6740/aeojm/index.html

0 Kudos