This page captures many of the key things you and your IT team should consider and prepare in advance before scheduling the migration of a first-gen Horizon Cloud on Microsoft Azure deployment to the next-gen control plane.

The overall migration workflow is depicted in What to Expect Before, During, and After.

Before you can perform the step of selecting a pod and scheduling its migration, you must fulfill specific prerequisites.

Be aware that fulfilling some of the prerequisites can involve more lead time than others.

Things to Take Care of First

These items are listed first, because determining and obtaining these items could likely require lead times and conversations with others beyond your immediate team prior to using the migration workflow UI to schedule the migration's maintenance window.

  • Decide on the VMware Cloud services organization you'll use for the Horizon Cloud - next-gen tenant where the migrated deployments will go. Learn more at Determine the VMware Cloud services organization.
  • Determine the FQDNs you want to use for the next-gen Horizon Edge and its Unified Access Gateway deployment. The self-service migration UI requires you to specify these FQDNs.
    Note: The FQDN for the next-gen Unified Access Gateway deployment must be different than the FQDN already in use for the to-be-migrated first-gen deployment. To support rollback to the first-gen deployment in the rare case of post-migration issues, the first-gen deployment's gateway's FQDN and its SSL certificate must remain as configured for the first gen deployment. Only after you confirm deletion of first-gen deployment can you update the next-gen gateway deployment's FQDN and SSL certificate if you want to at that time.
  • Obtain an SSL certificate in PEM or PFX format that allows clients to trust connections to the next-gen environment's Unified Access Gateway deployment. The certificate should be based on the FQDN you'll provide for the Unified Access Gateway deployment in the migration workflow UI.
    Note: As described above, the FQDN for the next-gen Unified Access Gateway deployment must be different than the FQDN already in use for the to-be-migrated first-gen deployment. Because the SSL certificate is based on the FQDN, you need an SSL certificate for the next-gen environment's gateway deployment.
  • Request your IT team to update the first-generation's pod's Microsoft Azure environment to accommodate the IT requirements of a next-gen Horizon Edge deployment.
  • Ensure your firewalls allow connectivity to the endpoints required for Horizon Cloud - next-gen on the required ports and protocols. Refer to the information on these pages in the Using Horizon Cloud - next-gen documentation:
  • Decide on the identity provider you'll use for your next-gen tenant and ensure you are ready to integrate that identity provider with Horizon Cloud Service - next-gen.

    The identity provider must fulfill the requirements of Horizon Cloud Service - next-gen.

    For those requirements, see the Identity Provider Requirements section of the Requirements Checklist for Deploying a Microsoft Azure Edge.

    Also refer to Setting Up Your Identity Provider in the Horizon Cloud Service next-gen documentation.

Ensure the First-Gen Deployment and Agents are at Migration's Required Versions

Before starting the migration workflow UI, meet the following requirements:

  • Confirm the Horizon Cloud pod is running pod manifest 3821.x or later.

  • The pod's dedicated VDI desktops have their agents updated to the matching agent version for pod manifest 3821.x, which is Horizon Agents Installer version 22.3.x.

  • Floating VDI desktops and images can have agents of versions prior to 22.3.x, as long as the agent versions adhere to the VMware Interoperability Matrix for Horizon Cloud on Microsoft Azure version 2210.