Now that Microsoft Windows Virtual Desktop (WVD) is now generally available (GA), you may be wondering about best practices for deploying highly available, performant, and scalable storage to support your users—storage that also natively supports Active Directory and NTFS permissions, of course. We have you covered with best practices for VDI on Azure below.
Microsoft’s newest storage offering, Azure NetApp Files, offers enterprise shared file services that allow you to deploy SMB (Windows) file shares directly onto your private VNET (no internet facing IP), which can easily support FSLogix profile containers and shared files for WVD.
In fact, using FSLogix is actually a recommended deployment methodology for Windows Virtual Desktop.
So how do you get started with Microsoft desktop virtualization in cloud computing? Well, first, let’s start with the why.
Why Use FSLogix Profile Containers with WVD and Azure NetApp Files?
FSLogix profile disk (VHDX) is the single source of truth for user data, configuration, and settings; as a result, FSLogix must be protected against failure, corruption, and other sources of data loss and outages. If you lose this disk, you will lose all of your users’ data too. Using FSLogix with Azure NetApp Files is one way to immediately ramp up performance and security.
One of NetApp’s partners in the UK tried the combination out for themselves—the results were clear from their feedback:
“By moving from our previous configuration of BLOB storage with FSLogix to Azure NetApp Files with FSLogix, initial testing show[ed] a dramatic performance increase when looking at login times…
Azure HSD Server 2019 – 69% decrease in login time
Azure VDI – 38% decrease in login time
Azure WVD – 29% decrease in login time
In the graphic above, provided by our partner in the UK, “WVD” was accidentally transcribed as “MVD”.
Through the use of Citrix Performance Analytics during early testing, we noticed that fair “session logon durations” disappeared; they were replaced by an excellent UX score (see below).
Another design consideration to take into account is that your AppData is also stored within your FSLogix profile disk, and the performance of your applications is therefore tied to the performance of the underlying storage of this disk.
In summary, ANF offers a simple to deploy, Azure-native shared filed storage (it’s from Microsoft) that is guaranteed to offer your users a consistently performant experience while protecting their data by way of its built-in data management capabilities.
Getting Started With Windows Virtual Desktop and Azure NetApp Files
In this blog, I will perform the following steps in order to successfully deploy Window Virtual Desktop:
- Create a tenant in Windows Virtual Desktop
- Create service principal and role assignments
- Install Windows Desktop Client
- Part 1: Deploy Windows Virtual Desktop Host Pools.
- Part 2: Deploy storage for our user profiles (Note: you must have requested whitelisting to the ANF service beforehand. If you haven’t already done so, simply select the Azure NetApp Files service from among the list of Azure storage services and select register. Processing typically takes no more than 24 hours).
- Part 3: Install FSLogix onto the WVD hosts and configure Azure storage for optimal performance and reliability of user profile and O365 data.
Prerequisites to Windows Virtual Desktop Deployment
Create a tenant in Windows Virtual Desktop
So, let’s start with the basics and clarify some of the terms used by WVD. Firstly, what is a tenant? It’s a group of one or more host pools.
Each host pool contains one or more session hosts (VMs) that are registered to the Virtual Desktop service. In order to create a tenant, a number of steps must be completed to allow the service to interact correctly with your Azure AD.
Rather than re-write the excellent deployment documentation provided by Microsoft, simply follow the steps outlined here: https://docs.microsoft.com/en-gb/azure/virtual-desktop/tenant-setup-azure-active-directory
Create Service Principals and Role Assignments
Once you have successfully completed the previous step to create a tenant, you must then create the service principal and role assignments for Windows Virtual Desktop. Again, Microsoft provides excellent documentation covering this step here: https://docs.microsoft.com/en-gb/azure/virtual-desktop/create-service-principal-role-powershell
Once the above step is complete, you’re ready to deploy your host pools.
Install Windows Desktop Client
One final important tidbit of information: Be sure to install the Windows Remote Desktop Client [confusingly, this client is not the same as your remote desktop connection built into Windows (mstsc)].
You can grab the latest download from here: https://docs.microsoft.com/en-gb/azure/virtual-desktop/connect-windows-7-and-10
Part 1: Deploy Windows Virtual Desktop Host Pools
How to deploy Windows Host Pools for WVD
1. Pooled: Enable multi-session virtual desktop; multiple users share the underlying host resources (many-to-one mapping of users to resources).
In order to deploy Windows Virtual Desktop, you must provision a host pool (a collection of one or more session hosts) which provides desktop sessions for your users. You can choose from two deployment types:
2. Personal: Each user receives their own persistent host (one-to-one mapping of users to resources).
Part 2: Deploy Storage for FSLogix Containers (User Profile VHDX) and Shared Data
Windows Virtual Desktop users can make use of FSLogix, a powerful and simple-to-deploy user profile and O365 container technology that makes handling remote user profile data simpler than ever, while offering the following benefits:
- Performance: FSLogix profile containers are high performance and resolve performance issues that have historically blocked cached exchange mode.
- OneDrive: Without FSLogix profile containers, OneDrive for Business is not supported in non-persistent RDSH or VDI environments. The document, titled OneDrive for Business and FSLogix best practices, describes how they interact. For more information, see use the sync client on virtual desktops.
- Additional folders: FSLogix provides the ability to extend user profiles to include additional folders.
Part 3: Deploy and Configure FSLogix
I have built upon the excellent work by Senior Microsoft FastTrack engineer Dean Cefola and modified his automated deployment script, which automatically downloads and configures FSLogix into your session host for you. This script is available at this GitHub repo: https://github.com/kirkryan/Azure-WVD/blob/master/PowerShell/New-WVDSessionHost.ps1
Once you have downloaded the PowerShell script, simply add/edit the mount path for Azure NetApp Files to the variable called $ANFSMBPath (shown below):
Then copy the path shown in the mount instructions of the Azure NetApp Files volume.
Finally, paste the Azure NetApp Files SMB mount path into the $ANFSMBPath variable in the PowerShell script
Alternative Configuration Method for FSLogix
If you have issues running the PowerShell script provided above, you can simply install the FSlogix agent from here: https://aka.ms/fslogix_download
Once installed, open the registry editor (regedit.msc) and create a new entry called VHDLocations (Type: REG_MULTI_SZ). Simply set the value to the mount path of the ANF volume and reboot the session host (VM). You’ll need to do this once per session host and can easily automate this step through GPO and other alternative methods.
Learn More about Windows Virtual Desktop Deployments in Azure.
More related VDI on Azure content: