4kn & 512e vSphere Support

Just a reminder for people not to create volumes with a 4K sector size with vSphere or VSAN, allot of the newer firmware revisions are now allowing 4K sector sizes for example Dell EqualLogic.

See the below screenshot as an example although the 512byte sector size is the default the adventurous or hungover IT admin amongst us may end up going with the 4K option without considering the consequences.

Screenshot 2015-09-02 10.20.28

VMware have made their support statement quite clear on this over the last few months but I thought I would repost this for the benefit of others who might not of seen this KB.

What are 4K Native and 512e drives?
Industry standard disk drives have been using a native 512 bytes sector size. However, due to the increasing demand for larger capacities, the storage industry introduced new advanced formats, which are 512-byte emulation (512e) and 4KB Native (4Kn).

4Kn is the advanced format in which the physical sectors and logical sectors are both 4,096 bytes in size.

512e is the advanced format in which the physical sector size is 4,096 bytes, but the logical sector size emulates 512 bytes sector size.

This table compares Native 512-byte sectors to the new advanced formats:

Format Logical Sector Size Physical Sector Size
512n 512 512
512e 512 4,096
4Kn 4,096 4,096

Does current GA version of vSphere and VSAN support 4K Native drives?

No. 4K Native drives are not supported in current GA releases of vSphere and VSAN.

Does current GA version of vSphere and VSAN support 512e drives?

No. 512e drives are not supported with the current versions of vSphere and VSAN due to potential performance issues when using these drives.

For further reading please see VMware KB2091600

Load Balancing VMware Horizon View

VMware Horizon View by increasing application performance and removing single points of failure in the deployment. For high availability and scalability, VMware recommends that multiple Connection servers and Security servers be deployed in a load balanced cluster. 

Horizon View Connection servers broker client connections, authenticate users and directs incoming requests to the correct endpoint. Load balancer serves as a central aggregation point for traffic flow between clients and Connection servers, sending clients to the best performing and most available Connection server instance. Horizon View Security servers provide an additional layer of security for View infrastructures that are published to users on the internet. Typically deployed in the DMZ, they proxy incoming connections to View Connection Servers on the trusted network. To improve their availability, Load Balancer is used to publish a single virtual service that external clients connect to for secure access to the environment.

VMware recommends that when large numbers of remote users are being serviced, load balancer SSL termination should be considered to offload secure traffic from the View Security servers to improve performance. When inbound traffic is decrypted prior to being passed to View Security servers for processing, the required resources is reduced and the overall solution performance increases.

Note: Configure Load Balancer based on the fact that View Client Connection Process would be in 2 phases these are:

Phase 1: Initial connection establishment, authentication, entitlement.

Phase 2: Client to Virtual Desktop connection.

Minimum prerequisites:

  • Implemented Active Directory, DNS and other core requirements for Horizon View
  • Installed VMware ESXi servers, vCenter server, View Connection and Security servers Configured SSL certificates for authentication of View Connection and Security servers
  • Installed the Load balancer on the same network as the servers to be load balanced
  • Configure the Load balancer topology which suites your organization, consult vendor documentation..

Allow HTTP Connections

To allow SSL-offloaded connections from the Load Balancer to the Connection Servers that are not re-encrypted, the Connection Servers must be configured to accept HTTP connections from intermediate devices. This is accomplished by modifying the locked.properties file on each Connection Server on which HTTP connections are desired. Steps on how to do this are outlined below. The servers will also continue to accept HTTPS connections.

  1. Navigate to the locked.properties file in the SSLGateway configuration folder on the
  2. Connection Server, for example <install_directory>VMwareVMware ViewServersslgatewayconflocked.properties
  3. Add the serverProtocol property. Set it to http using lower case letters
    The next two steps are optional:
    If desired, change the HTTP listening port from 80 to a non-default port by setting the serverPortNonSSL to an alternate port number on which the Load balancer will communicate with the Connection Server for HTTP connections.
    If the Connection Server has multiple network interfaces and you would like to designate a single interface for HTTP connections, set the server Host to the IP address of the desired interface.
  4. Save the locked.properties file.
  5. Restart the View Connection Server service on the server

Modify Secure Tunnel External URL The following changes to the Secure Tunnel External URL parameters are required for the Load balancer and the VMware Horizon View environment to interoperate correctly:

  1. Log in to the View Manager Administrator
  2. Expand View Configuration and click Servers.
  3. Select the Connection Servers tab.
  4. Select each Connection server and click the Edit button after which the Edit View Connection Server Settings box will open.
  5. Navigate to the General tab. In the HTTP(S) Secure Tunnel External URL text box, enter the Loadbalancer Virtual Service IP address or DNS FQDN to be used for the Security Server pool followed by a colon and the appropriate port number.
  6. Select the Use Secure Tunnel Connection to Desktop check box.

Source: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2127195#sf40032378