Launching soon: The world's first vendor agnostic bug scrubLearn more & join waitlist
OPERATIONAL DEFECT DATABASE
...
...
The VMware Cloud on AWS service upgrades SDDCs on a regular basis. This article details the impact of SDDC upgrade on Horizon Enterprise solution running on VMware Cloud on AWS.
The following components and workflows were examined for impact. Any components and workflows not listed below are unlikely to be impacted by SDDC upgrade. The impacts and recommendations listed here assume that the SDDC vCenter configuration in Horizon was originally completed following the procedure documented in Add vCenter Server Instances to Horizon 7 in the Horizon 7 Installation guide. If for any reason the vCenter certificate had to be manually accepted when configuring the SDDC vCenter in Horizon, re-acceptance of the vCenter certificate will be required after the Control Plane Upgrade phase of the SDDC upgrade. Until that certificate re-acceptance is done, Horizon Connection Servers will not be able to communicate with vCenter for provisioning and power operations. An example where this scenario would be seen is if the SDDC vCenter was added to Horizon using its IP address rather than its FQDN. Horizon 7 Desktop pool provisioningDesktop pool maintenanceUser logon / logoffUser sessions App Volume (AV) Appstack and writable volume attachAppstack and writable volume detach Unified Access Gateway (UAG) User logon / logoff Summary of Impact and Recommendations Phase 1: Control Plane WindowPhase 2: Host UpdatesPhase 3: NSX Appliance WindowSummary of PhaseDuring this phase you will not have access to vCenter Server or other management VMs in your SDDC but workloads and other resources will function as usual. Certain operations on Horizon will be disrupted during this phase.An additional host will temporarily be added to your SDDC to provide enough capacity for the update. There will be vMotion and DRS activities to facilitate the update. During this time your workloads and other resources will function as usual.Performs updates to the NSX-T appliances. A backup of the management appliances is taken during this phase. If a problem occurs, there is a restore point for the SDDC. A management gateway firewall rule is added during this phase. You do not have access to NSX Manager and vCenter Server during this phase. Upgrades from SDDC version 1.8 to version 1.9 or higher require NSX appliance configuration changes. This results in an NSX Edge failover that causes an additional downtime of approximately 10 seconds.Impact to full clone pools Full clone pool provisioning, maintenance, increase / decrease, deletion: will fail since vCenter is inaccessible during this phase.New user logon request: no impact as long as there are available desktops in the pool.Existing user sessions: no impact.User logoffs: no impact.Recommendation: notify administrator to avoid performing impacted operations above. Once the vCenter is back online: Continue with provisioning by enabling provisioning on the failed pool.No Impact Full clone pool provisioning, maintenance, increase / decrease, deletion: will fail since vCenter is inaccessible during this phase.New user logon request: no impact as long as there are available desktops in the pool.Existing user sessions: no impact.User logoffs: no impact.Recommendation: notify administrator to avoid performing impacted operations above. Once vCenter is back online: continue with provisioning by enabling provisioning on the failed pool.Impact to instant clone pools Instant clone pool provisioning, maintenance, increase / decrease, deletion: will fail since vCenter is inaccessible during this phase.New user logon request: no impact as long as there are available desktops in the pool.Existing user sessions: no impact.User logoffs: users will logoff successfully. However, logoffs will trigger a desktop resync (deletion and re-creation), which will fail, Desktops will be in error state.Recommendation: notify administrator to avoid performing impacted operations above. Once vCenter is back online: continue with provisioning by enabling provisioning on the failed pool. Resync and push image will self-recover.No Impact Instant clone pool provisioning, maintenance, increase / decrease, deletion: will fail since vCenter is inaccessible during this phase.New user logon request: no impact as long as there are available desktops in the pool.Existing user sessions: no impact.User logoffs: users will logoff successfully. However, logoffs will trigger a desktop resync (deletion and re-creation), which will fail, Desktops will be in error state.Recommendation: notify administrator to avoid performing impacted operations above. Once vCenter is back online: continue with provisioning by enabling provisioning on the failed pool. Resync and push image will self-recover.Impact to App Volumes New user logon and logoff: will fail due to inaccessibility to vCenter.Existing user sessions: no impact. However, dynamic assign or unassign of appstacks will fail.Computer-based assignment: partially impacted.New computer-based assignment: will fail during this phase.Existing computer-based assignment: no impact to user logons, existing sessions, user logoffs.Recommendation: notify administrator to avoid performing impacted operations above. Once the vCenter is back online: vCenter certificate needs to be accepted after for AppVolumes to continue. (This happens due to our current policy in mutating an existing certification's state during `SSL-CERT-VALIDATION-AGAINST-END-POINT`. See KB 92415 to solve the problem).No Impact New user logon and logoff: will fail due to inaccessibility to vCenter.Existing user sessions: no impact. However, dynamic assign or unassign of appstacks will fail.Computer-based assignment: partially impacted.New computer-based assignment: will fail during this phase.Existing computer-based assignment: no impact to user logons, existing sessions, user logoffs.Recommendation: notify administrator to avoid performing impacted operations above. Once vCenter is back online: vCenter certificate needs to be accepted after for AppVolumes to continue. (This happens due to our current policy in mutating an existing certification's state during `SSL-CERT-VALIDATION-AGAINST-END-POINT`. See KB 92415 to solve the problem)Impact to UAGNo ImpactNo ImpactNo Impact