Amazon Banner

Saturday, July 11, 2015

VMware vRealize Operations (vR Ops) Requirements

Decided to fill up the missing information which was not listed in the documentation of vRealize Operations neither was it stated anywhere by anyone in any blog post that I tried to Google around.

Was doing a vSphere Optimization Assessment (VOA) and wanted to advise customer on the resources required.  Other than the documentation from here or from the vR Ops Installation Guide, it does not state what was provided e.g. the different profile sizes of the vApp is suited for which type of environment other than running the deployment wizard.  This is not very helpful especially when you are doing planning and the only way to get that information is to deploy it.

Upon deploying, you will get to know the disk size that vR Ops will use.   Based on documentation, was 250GB however in the wizard it shows 1.4GB for thin provisioned and 266GB for thick provisioned.

 vSphere Client

 vSphere Web Client

There are four profile sizes of the vR Ops vApp namely: extra small, small, Medium, Large.  You will find the sizes resources requirements from the sources provided above. Each profile is suited for what type of environment is only found here in the wizard.

vR Ops vApp
Extra Small:below 2000 VMs (not supported for production usage but mainly for testing)
Small: not more than 2000 VMs
Medium: Between 2000 - 4000 VMs
Large: 4000 VMs and above

Remote Collector
Standard: small to medium (I am assuming it is referring to the profile size of the above)
Large: Large environment

 vSphere Client showing small vApp

 vSphere Web Client showing small vApp

Some Gotcha here.  During the deployment in the wizard, you will need to enter your networking settings.  On the vSphere Client, this was not an issue it was ver clear.  However on the vSphere Web Client, this is not that obvious.  You will need to expand out to see it.  If you did not take not you will miss this portion as shown below:

vSphere Web Client requires to expand to show network setting
 vSphere Web Client showing the network setting

Running out of Disk Space?
What if you run out of space for your vR Ops vApp?  The procedures of increasing the disk size is stated here.  It is fairly easy by just shutting down the vApp and expanding the vDisk 2 or adding a new vDisk and powering up and everything will be automatically detected.  That definitely make life easier without having to bother to configure later.

Network Ports
Some environment require vR Ops to be placed in another network no similar to vCenter.  This would require the need of opening some firewall ports which are all listed here.

 
Update 15th Jul 2015
Apparently there is a sizing guide in this KB but not updated as of 6.0.1.

Monday, June 29, 2015

VMware Horizon 6.1.1 Application Remoting over HTML5

With the announcement of Horizon 6.1.1 release, there are some new features added to Horizon solution.  Of the few, one of them is Application Remoting which now support over HTML5 browser.

I have that testing since Horizon 6.1 in a technical preview and was not able to show it.  With this release, it is now official so I shall go through some of the screenshot how this was done.

The setup is all similar is no complicated steps just an installation of an .exe binary on top of latest View 6.1 agent and the HTML access binary on the connection server.

After which you have the freedom of choice to use a Horizon Client or a HTML5 to access your desktop as well as Applications remoting.  The best part of this is there is no plugin needed for browser this not just keep the browser clean from any crashes which can be resulted as well as messing up browser performance and behaviour.

Using the Horizon Client this time, there are several improvement.  Remember when I mentioned in my previous post, this has better improvement.

Here I am using a mobile Horizon Client:

In the Horizon Client, you will see your recent application you access and desktops.  You can choose to connect to other servers from the Servers  tab.

Once logon, you will see all the desktop and applications available.

Once connected you will see a side bar available with all the applications and desktops.  You can scroll down the list if there are more beyond the screen.

Once you choose an application, you will see appear on the client.  Here you see I opened MS Paint and calculator.  The side bar can then be hidden for more viewable space.

 
You can open more than one instance of the same application and it will be there.  A long press on the application allows you to close it or just click on the cross icon on the application window.

On the HTML5 browser, this can be on mobile or on a laptop.  Here I have one with mobile Chrome browser.
 Login via the mobile browser.

 List of all the virtual desktop and applications I am entitled to.

 The left panel toolbar that show all the virtual desktops and applications I can open and active.

Here you see I have two calculator applications and one MS Paint.  Native Windows applications on an android mobile device.  (Though I feel this is rather small but would work great on a tablet for sure.)

On my laptop I am using Firefox, you will be presented with your desktops and applications.  This is utilizing the Blast protocol use on both the desktop and application.

Here you see after pointing the Connection server you get presented all the applications entitled.  You can also favourite the applications by clicking on the star so you do not have to search for it.  You can also present a Thinapp application as a Hosted App.


Upon clicking on the application, you will be presented with the below.  You can see I have open a MS Word and two MS Paint.  As MS Paint is the same, they are displayed under the same group on the taskbar on the left.  The task bar, just like on the mobile client can be hidden and call upon.


The the screenshots from mobile Horizon Client to the HTML5 mobile browser and desktop browser, the look and feel and way of maneuvering around  is rather similar.   This will be great for end users as they do not have to relearn a new interface for every different application or device used.

There are few questions arises.  What if you need to change password, typically this will have no impact on your desktop or applications.  As long you are in desktop or application either on HTML5 or Horizon Client, you can still change them via a Ctrl-Alt-Del option.

Hope this gives you a good picture of HTML app remoting.


Update 6th Jul 2015
Added HTML5 access via a mobile browser.

Wednesday, June 3, 2015

Unable to verify certificate for vCenter on Horizon View Connection Server

Recently during an outage of my host during to hardware issue in my home lab where my vCenter 6.0 sit on it, resulted some strange behaviour on my View Connection Server 6.1.  I encounter the below error message:

When I go to my Horizon View Dashboard, it looks fine.

When I try to remove the vCenter entry under the Server options and adding it back I end up with another error when trying to add the View Composer.
However this is not related to the strange behaviour above.  But rather this is due to my login did not contain a domain\username but instead of use just username.

Back to the strange behaviour.  It seems my connection to my vCenter via Connection Server has a sudden slowness and the certificate seems to be corrupted.  I tried to find a solution to replace the self-signed (in my case) certificate on my View Connection Server however in vain.  I tried removing the vCenter and re-adding it back, that does not help.

So I chanced upon some steps by our internal team and use it to resolve my problem and it works.

In summary, this is what was done.  First we backup the ADAM database and then we invalid the entry of the vCenter in View Connection Server.  Then we try to add the existing vCenter again.  So now we have two entry of the vCenter where oneis an invalid entry.  Taking from the valid entry certificate thumbprint, we overwrite the invalid ones and remove the latter vCenter entry.  Next revert back the entry to previous valid entry.

Here are the detailed steps that help me resolved my issues.


To manually regenerate data:

Note: Back up the ADAM database before proceeding. For more information, see Performing an end-to-end backup and restore for View Manager (1008046).
  1. Log in to the machine hosting your View Connection Server. If there is a cluster of View Connection Servers, this step can be done on any of the servers.
  2. Click Start > Run, type cmd, and click OK. The command prompt opens.
  3. Run this command, substituting a name for your back up file.

    vdmexport > ViewBackupFilename.ldf

  4. Connect to the ADAM database. For more information, see Connecting to the View ADAM Database (2012377).
  5. Expand OU=Properties > OU=VirtualCenter.
    Note the entry is is after expanding the OU=VirtualCenter.
  6. Document the first four characters of the vCenter Server entry, for example CN=f030. Right-click the vCenter Server entry and click Properties.
  7. Document these three values:

    • pae-NameValuePair. Note the entry here and then remove it.
    • pae-SVIURL. Note the entry and set to a value similar to https://OFFvComposer.domain.com:18443
    • pae-VCURL. Note the entry and set to a value similar to https://OFFvCenter.domain.com:443/sdk
  8. In the View Administrator portal, refresh the dashboard to confirm the name change you made.
    Do note that changes are reflected at two different location.
  9. In View Configuration > Servers > vCenter Server, add an entry for the proper
  10. Open the properties page for each vCenter Server entry.
  11. Manually copy these values from the new vCenter Server entry to the old vCenter Server entry:

    Note: Take a note of the entries before copying. When copying these values, copy and paste directly between properties sheets or copy to a plain text editor that does not add any formatting such as Windows Notepad.exe.

    • pae-SVISslCertThumbprint
    • pae-SVISslCertThumbprintAlgorithm
    • pae-SVIUserName
    • pae-SVIUserPassword
    • pae-VCSslCertThumbprint
    • pae-VCSslCertThumbprintAlgorithm
    • pae-VCUserName
    • pae-VCUserPassword
  12. Remove the new vCenter Server entry from the View Administrator webpage.
  13. Undo the three changes you made at the beginning of the process, including adding the UNIQUEID=XX value back into pae-NameValuePair and rename the pae-SVIURL and pae-VCURL.
  14. Reboot all Connection Servers in the replicated group.
  15. In the View Administrator webpage, refresh the Dashboard page again and confirm vCenter Server and Composer are both shown correctly and are now showing as green status.
  16. Proceed with testing provisioning and recomposing, as well as login functionality.



Thursday, May 14, 2015

What So New in vSphere 6?

With the announcement and also from the datasheet, it seems to be pretty lots of functionalities been added.  However there are some critical ones that are more appealing and wanting to see approvement or resolution to those who are already using since vSphere 4 and prior till today which are not make known to many.


Storage
There were many discussion over storage UNMAP via thin provisioning and many called it a "myth".  This was also discussed heavily in our Facebook VMUG - ASEAN group.  This was due to many changes since VMFS3 to till VMFS5.  Cody wrote a long history of what are the changes for those who have missed out here.

A KB was also release and this create some discussion VMFS3 with different block size would benefit thin provision so to speak before vSphere 5.0 Update 1.  Sadly after which, all UNMAP was not possible via GUI or automatically other than via command line or script.

I try to ask internally as well and luckily Cormac with his findings has listed all the answers on questions here.  Sadly we still cannot support Linux due to legacy SCSI version.  At least we are on the right track now to see at least Windows are supported.


Backup
VMware Data Protection (VDP) first introduced in vSphere 5.1 replacing VMware Data Recovery.   VDP is running a vApp version of EMC Avamar and first introduced with the normal edition and Advanced edition.  The Advanced edition (VDPA) has to be purchased and comes with three agents (SQL, Sharepoint, Exchange) and storage of deduped data up to 8TB instead of 2TB per appliance as on the normal edition.

With VDPA, customers were also able to purchase the per OS Instance license to backup their physical server as shown here.

With vSphere 6, VDPA is now known as VDP and provided free and no longer a purchase option.  So the next question that arise was can user used VDP in vSphere 6 to backup physical server via the agent?  The answer is Yes.  Is there a cost to this?  VDP is now free so the simple answer is yes it is free!  How good is that!


Locked Down
There are two different mode of Locked Down mode.
  • Normal Locked Down
  • Strict Locked Down
This is been explained here.  A KB on this is also provided.

Exception Users is also introduced.  Only users with administrative privileges added into Exception Users list will allow be able to access the DCUI in Normal Locked Down mode.  Other options is to add user into DCUI.Access in advanced option to have access to DCUI.

In Strict Locked Down, DCUI is disable, only when SSH or ESXi Shell is enabled, will users with administrative privileges in Exception Users able to access the ESXi server.  If not, a reinstall is required.


Network
NIOC version 2 and 3 coexist in vSphere 6.0 and what is the different is be recorded here.  The performance improvement white paper is also been produced.


vSphere Replication
Many might not be aware or not make aware the changes that has been done on vSphere Replication (vR).  There are actually enhancements been done on it but not publicly made known.  One of the major enhancement is compression.  This helps in reducing the amount of data to be replicated across and effectively save you on bandwidth.  Also mentioned here is the introduction of dedicated Network used for NFC instead of sharing with Management Network in the past.  Also the inclusion of Linux OS quiesce.  Also removing to the need of Full Sync whenever a Storage vMotion is triggered.  A White Paper just on vR is also provided here.


vNUMA
I have previously written an article on the new improvement on vNUMA here.  With this improvement, memory locality can be increased across NUMA nodes.

I will include more information here on things that are not really made known here as I get hold of it.  Hope this give you the beauty of this release.

Monday, May 11, 2015

vNUMA Improvement in vSphere 6

NUMA is always a very interesting topic when in design and operation in virtualization space.  We need to understand it so we can size a proper VM more effectively and efficiently for application to perform at its optimum.

To understand what is NUMA and how it works, a very good article to read will be from here.  Mathias has explained this in a very simple terms with good pictures that I do not have to reinvent.  How I wish I have this article back then.

Starting from ESX 3.5, NUMA was made aware to ESX servers.  Allowing for memory locality via a NUMA node concept.  This helps address memory locality performance.

In vSphere 4.1, wide-VM was introduce this was due to VM been allocating more vCPUs than the physical cores per CPU (larger than a NUMA node).  Check out Frank's post.

In vSphere 5.0, vNUMA was introduced to improve the performance of the CPU scheduling having VM to be exposed to the physical NUMA architecture.  Understanding how this works help to understand why in best practice we try not to placed different make of ESXi servers in the same cluster.  You can read more of it here.

With all these improvement on NUMA helps address memory locality issues.  How memory allocation works when using Memory Hot-Add since Memory Hot-add was not vNUMA aware.

With the release of vSphere 6, there are also improvement in NUMA in terms of memory.  One of which is Memory hot-add is now vNUMA aware.  However many wasn't aware how Memory was previously allocated.

Here I will illustrate with some diagram to help in understanding.

Let's start with what happen in prior with vSphere 6 when a VM is hot-added with memory.

Let's start with a VM with 3 GB of virtual memory configured.

When a additional 3 GB of memory is hot added to VM, memory will be allocated by placing to the first NUMA node follow by the next once memory is insufficient one after another in sequence.

In vSphere 6.0, Hot-Add memory is now more NUMA friendly.

Memory allocation is now balance evenly across all the NUMA nodes instead of all in one basket on the first NUMA node.  This helps in trying to access memory mostly from the lowest NUMA node and thus increase the chance of a local memory access.

We would wish that this could be smarter but of course we cannot predict where memory would be accessed from which NUMA node when a processes is running.

Hope this helps give you a better picture when doing sizing and enabling hot-add function.

Sunday, May 3, 2015

Applications for Storage or Storage for Applications?

With many new start ups from storage arrays, converged, hyper-converged to software defined storage (SDS), many users starts to have lots of choice to make.

Recently encountering many questions on which should they choose and which is better.  However there is no straight answer as there are just too many choices to choose from just like in a supermarket.  In the end, some may choose one that advertise the best and create the best reminder in your mind.  To be truth, you will not buy and replaced the rest, but rather some have a hybrid environment for some reasons which we will go through later.

With several asks and questions, I like to give some guideline when deciding.  Here I will do my best to start with no bias towards any technology and this is my personal opinion and may not be the same with others.

1.  Ease of management: A big word often misused by marketing I would say.  Assess it and ask yourself do you have a team to manage different components and if you have a lean team to manage it.  How it is define for ease of use?  Walk through the daily things you commonly need to perform on a traditional setup comparing to this new technology you are evaluating.

2.  What are the applications you are running it on, can this components support the performance:  When performance comes into play, many only look at the storage throughput and IOPS, we need to also look at the daily operations tasks.  How fast can it spin up a workload in a server landscape and VDI landscape (if you are using as well)?  Test everything not just look at a demonstration on one scenario but all.  Rate everything a score and decide which you can do with or without.  There won't be one that will fit all the bill.  Pay for what you need and now and not extras and future.

3.  How are you intend to protect this application?
You know they can meet your requirement in day 0 operations however do you need to protect this application?  If you are doing a backup, can it support any backup API.  This can be from Microsoft or VMware?  Weight the cost between the two.  Would you need storage snapshot, if so, would your workload need to be application/data consistent?  Can the storage as part of this new devices you are looking at able to do it?  If it can, is it build in or via a script or via an agent?  How easy?

4.  How are you going to do disaster recovery?
The cheapest way might be leverage some host based replication technology that will work with any of the device chosen.  However what if you need to perform some kind of storage replication?  Will your workload be application/data consistent?  Can the storage as part of this new devices you are looking at able to do it?  If it can, is it build in or via a script or via an agent?  What are the application it support if you are going to place them running on these new equipments?

5.  Is it easy to do maintenance doing physical components upgrade, firmware upgrade, software upgrade?
This is important as you will definitely do this as it comes along.  We can't expect to have something which give you an ease of day 0 operations yet create lots of work for a maintenance.

6. Does it comes with a per-requisites?
The fine prints that always exist in this world of things.  Ask other than the equipment you are choosing, does it come with a requirement you need have or can it work with your existing infrastructure components.  Leveraging existing investment.

7.  Proof of Concept: Before you perform a pilot or proof of concept, are you placing real data or dummy data.  You need to decide whether this data can be removed easily from the equipment later and whose responsible to do that?  If it's yours, know how you are suppose to do it before you start any activity.  You definitely do not want decision to be made because your data is on it after the test instead of it meet your requirements.

8.  Can it offload storage activities e.g. Full copy, snapshot activities to storage or this will leverage on your hosts' CPU cycle?  Understand this help to identify the specification requirement for your nodes or servers you are using and not to find out contention later.

9. Can the new device leverage on your current investment?  E.g. Reuse existing SAN, IP storage, etc.  Can it use both its build in storage for converged and Hyper converged with existing storage.  For new storage array, can it work with your existing equipments e.g. Servers HBA, Network cards, etc.

From all these above considerations, there might be more however these are just some questions ought to be thought through.  Definitely not one equipment can fulfill everything, this also means, either you might have mixture for different workloads which might need your traditional setup.

Tuesday, April 14, 2015

Orphaned Replica in Horizon View

In my home lab, I do not have any redundancy since it for testing purpose and in such, I encounter a power failure and resulted in my Horizon Connection server to be absent.

Upon recovery of powering up again, one of the replica end up lost link with the database.  In my vSphere Web Client, I see a replica (orphaned).  I was able to delete the replica folder but the entry still stay in the vSphere Web Client inventory tree (that applies the same to vSphere Client).

By the way I am running Horizon View 6.1 and this solution found in the KB still works.

I didn't manage to capture my screenshot and found the below similar.  You will see the same on the web client.  Do note that the name of the replica will look like "replica-d0d123123c-f3j2-... (orphaned)".  Do note the actual name does not contain "(orphaned)".  DO NOT include when using the commands below.

source: http://www.vladan.fr

The command in the KB states and this was the confusion I have and I like to address for you to use it correctly.


sviconfig -operation=UnprotectEntity -DsnName=name_of_DSN -DbUsername=Composer_DSN_User_Name -DbPassword=Composer_DSN_Password -VcUrl=https://vCenter_Server_address/sdk -VcUsername=Domain\User_of_vCenter_Server_account_name -VcPassword=vCenter_Server_account_password -InventoryPath=/Datacenter_name/vm/VMwareViewComposerReplicaFolder -Recursive=true
  • In View Composer 2.5 and later, you can re-protect the VMwareViewComposerReplicaFolder using -operation=ProtectEntity

The main problem comes from the InventoryPath.  As my Datacenter_Name contain space, please use "" for the whole string.

Leave the second part /vm the same, do not change it.

Since replica is in the main inventory list not in any Folder created, then leave /VMwareViewComposerReplicaFolder.   This is the default recognized for vCenter.

Here is an example how it should look:

sviconfig -operation=UnprotectEntity -DsnName=viewDSN -DbUsername=viewdsnuser -DbPassword=mypassword123 -VcUrl=https://prodvC/sdk -VcUsername=plain-virt\vCadmin -VcPassword=vCadminpasswd123 -InventoryPath=/Datacenter_name/vm/VMwareViewComposerReplicaFolder -Recursive=true


Hope this helps you to resolve such incident.  This was the first time I encounter it so I thought I just share this out. 

Friday, April 10, 2015

vSphere 6.0 Web Client Mark Disk As Flash or HDD

Just some sharing that I chanced upon.

This might be most useful for those who are building their demo labs when you try to nested environment or simulate your disk as Flash when it is actually magnetic disk (MD).

It is also applicable where your Flash Disk/SSD is detected as a normal MD but you need to mark is as Flash disk or revert it when needed.

This is typically very true in a Virtual SAN (VSAN) environment.  When you need for a disk group with a minimum of at least one SSD.

If you refer to our KB, you might have to go through a list of commands.  However in vSphere 6.0, the web client has the function to do it via the GUI.

Below is a screenshot taken from my home lab.  My ESXi server has a normal SATA disk and a SSD disk.  So upon selecting either of them the icon will change to allow you to change it.  Technically you can even build a all Flash VSAN without having to own a VSAN license only different is the read and write ratio remain the same unlike a real All-Flash VSAN where 100% write goes to the cache disk and 100% read comes from the persistent disks.

Mark as flash disks.

 Mark as HDD disks.

Wednesday, April 8, 2015

vSphere 6 Installation Experience

Previously I posted on my installation and upgrade of my vSphere 5.5 here.  Since each upgrade comes about a year or two that I perform, we ought to forget some important things.  So here is my experience.

Before you start, head to the vSphere Upgrade Center.  Here you will find all the resources needed.  There is also a simple install walkthrough to guide you through with screenshots!

1) Read the documents on the requirements!  During the installation the vCenter requires at least 17GB of space to store the MSI and part of it the new Platform Service Controller (PSC) takes up 8GB install in the C:\ProgramData path.  Go through the requirements in the product documentation page.


2) Your DSN user in SQL for vCenter (vpxuser), needs to have additional rights for installation and upgrade but not during operations time. Grant this rights back.  In vCenter 6 installation, it points out the additional rights required.  This is great!  So I just use my SQL Management Studio and do the needed instead of going through a list of stuff (Nope I am not a SQL expert :) )  You can of course remove these two rights after installation.



3) Yes poor Update Manager is still using 32bit ODBC DSN.  I haven't been using it for awhile so decide to install it.  So head over to Windows C:\Windows\SysWOW64\odbcad32.exe.  Also the SQL user for vCenter Update Manager need db_owner rights for MSDB too.


4) Already have all your VMFS volumes in version 5 yet still receiving warning that some of your datastore is deprecated?  This is a false positive warning as state in the KB, just restart your management agent.

5) In any case this is your new installation, do note that Transparent Page Sharing is disabled by default and if you need it to be on, refer to this KB.

Lastly, if you did a fresh install but using back the same database which contain all your data of your infrastructure, do note that all password will not be recognize.  What I mean by password will be e.g. those you created in the Customization Specification Manager for automatic installation by joining domain etc., where you ahve specify perhaps a domain account to help join domain.

Wednesday, April 1, 2015

VMware VCP6-DCV Certification is now available!

The wait is over.  With the announcement of vSphere 6 in Feb 2015, to the General Availability in Mar 2015, today marks the day where the certification becomes available.  This is one of the fastest release over a major version release I seen since VI3.5.

Read about it here.  You can also find out the requirement to be certified VCP6-DCV.  There is also extension to re-certify your VCP and discount for existing VCP on VCP6-DCV as announced here.

In previous article, for new comers, you will have to take up the 5 days course, if you have attended a vSphere 5 training course but not taken an exam, you can proceed to next step.  Next step is to pass the foundations exam (75 questions in 90 minutes for USD50) and the VCP6-DCV (100 questions in 120 minutes for USD50) exam.  All exams requires application for authorization.

For existing VCP5-DCV, course is recommended but not required.  You can go straight to VCP6-DCV Delta (75 question in 90 minutes for USD50) exam.  Alternative you can choose to take the official exam too (which I do not see the need though).

Do note that current release are all beta exams.  In such, the passing score is not stated.  The price is also at priced at USD50 which you will not see this once this is general available.

Do it fast and quick and help evaluate the exam at this special price.  If you have experience, this should not be tough.

Good Luck!

Thinapp Assignment in Horizon View Access Denied

Finally upgrade my home lab with vSphere 6.0 and Horizon 6.1.  Have to perform a demonstration to my customer how to assign Thinapp easily via the Horizon View Admin portal.  Guess what, luck never on my side and hit with lots of issues.

This issue comes with lots of testing.  The error I encounter after assignment was HRESULT hr = 0×80070005. Access is denied.  Doing a few Google didn't bring me nowhere.  Assignment installation failed.

Let me just walk through what I have done:
  • Package a few Thinapp packages with editing of Package.ini mainly the MSI settings since I am doing a assignment from Horizon View Admin Portal.  Read more here.
  • Place them in a file share with permission to VDI users (yes make sure the VDI users can access those folders)
  • In Horizon View Admin portal, scan the repository for the Thinapp, make sure the .msi and .exe and .dat (if you are streaming and app is too big to build into .exe file) in the same folder in the repository. 
  • Assigned the Thinapp to my desktop pool.
  • Logon to one desktop that is part of the pool, check in Horizon View Admin portal on Thinapp and saw the screen shot as shown.
I know this is some permission problem but did not know where to start.  I checked the MSI settings and rebuild the Thinapp multiple times.

I came across this article, point 2 sound like something I never tried before.  I decide to give it a try, if it could be Local System account doesn't have rights to install on the virtual desktops which make sense here.

I create a service account (make sure it has local admin rights on the View Connection server else the service will not start) for View Connection Server.

This time round my Thinapp got installed successfully!  Horizon View Connection Server service is the one that trigger the Thinapp push down to the assigned desktop.  If it is by default installation, the service is assigned to Local System.  This "account" has log in rights for the local OS it is running on.  In such, it does not have rights to perform log on to a remote desktop.  Having to create a domain account and use it to run the Horizon View Server service, now I have an account that has rights to log on to the remote desktop.

Do note that, if you have already create any Application Pool or Desktop Pool, all your entitlement will be lost, you will need to entitle the rights again.