Desktop virtualization holds the promise to simplify infrastructure management of end-user computing environments and Windows Virtual Desktop (WVD) delivers on that promise by offering a multi-session version of Windows 10 Enterprise OS. Multiple users can be consolidated onto a single VM instance running in Azure thereby reducing the administration and desktop management burden. Instead of maintaining many individual Windows 10 devices, fewer virtual machines need to be managed.
WVD session host pools are easy to deploy with as many member hosts as are needed. These member session hosts will get created from a pristine, finely-tuned image and will be identical on day 1. However, with automatic Windows and Office updates disabled (recommended best-practice) what happens when you need to update and patch dozens or hundreds of individual WVD session host VMs?
Also, once the initial host pool is deployed, the configuration of individual hosts begins to drift and diverge over time. After a while, each session host becomes less and less like its once-identical peers in the same host pool and users’ experience begins to vary from one day to the next as they roam between the various session hosts in the pool. Admins are forced to either redeploy all hosts again from a pristine image or constantly chase differences in configuration between hosts. This can be more burdensome than managing an order of magnitude larger number of individual desktop devices, defeating one of the primary benefits of desktop virtualization
Furthermore, FSLogix profile containers and AppAttach technology are meant to segregate the OS layer (VM), user state layer (profile) and application layer from each other creating more flexibility and easier management. Unfortunately, if each host VM is a static entity and doesn’t get automatically “refreshed” to its pristine state, it’s hard to realize the value of this layer segregation.
To solve this challenge, the individual WVD session hosts must be non-static, self-refreshing resources that are guaranteed to be identical to an administrator-packaged golden image template that’s fully tested. Azure has such native functionality in the form of Azure VM Scale Sets (VMSS). VMSS are created based on a generalized image that serves as the parent for every newly created VM instance that’s part of the VMSS. Anytime a change is made to the underlying image, VMSS instances become “out-of-date” and can be updated to the latest version of the image automatically.
Although native VMSS functionality is perfectly suited for stateless Linux application workloads, where VMSS instances can come and go freely, it is not as well suited for Windows VMs that are joined to an Active Directory domain and are part of a WVD host pool. There is significant amount of post-processing that needs to happen when a VMSS instances based on a template image comes online. It must be joined to the domain, have WVD agent installed, be added to WVD host pool and made ready to accept user connections.
Nerdio for Azure offers the technology that integrates WVD host pools with Azure’s native VM Scale Sets and takes care of all orchestration to add and remove VM instances to and from the host pool. We already covered how this capability enables true, event-based autoscaling for WVD host pools and results in 75% savings in compute and storage costs. Here we’ll illustrate how integration of WVD host pools with Azure VM Scale Sets enables fully automated host management and eliminates configuration drift over time.
How It Works
When a new WVD Desktop Pool is created in Nerdio for Azure, it starts with a pristine template Windows 10 Enterprise multi-session VM optimized for all WVD recommended configurations. This VM is then generalized and converted to an Azure image. The image is used as the foundation of a newly created Azure VM Scale Set with a flexible number of instances (i.e. session hosts).
Nerdio configures the VMSS parameters with the proper scale out/in settings and configures it to send a webhook call to Nerdio’s backplane when an instance is being added or removed. Nerdio takes care of properly adding a newly provisioned VM instance to the AD domain and adding it to the WVD host pool via installation of the WVD agent. It also gracefully removes it from the AD domain and WVD host pool when it is being removed or updated.
To update the VMSS image, the associated template VM must be powered on. Once the VM is started, all necessary changes can be made (e.g. installing updates, adding software, etc.).
After the changes to the template VM are made, it is powered off and set as image. This clones the VM, generalizes it with Sysprep, and converts it to an image. This image is then applied as the latest version to the VMSS.
Once the image is created and applied to VMSS, all instances of session hosts provisioned going forward (either via automatic scale out or by pressing the Add host button to manually add a host on demand) will be based on this updated image. It is also possible to update individual hosts that already exist manually.
Or all hosts that exists in the WVD desktop pool can be updated at the Desktop Pool level.
If a change is made to the template that needs to be reversed, the template can be restored to a previous version and set as image. This will revert any previously made changes and recover the VMSS image to its prior state.
The end result is simple management of just a single template VM (per WVD session host pool) that can have any number of non-persistent session hosts based on it. These hosts are guaranteed to always be identical and not have configuration drift over time. This reduces administration burden, improves end-user experiencing by guaranteeing consistency and delivers on the promise of dynamic, easy to manage virtual desktops in the cloud.
Be sure to sign up for our newsletter so you never miss out on any unique Azure-related content from Nerdio!