Accelerating AVD Deployment with the Accelerator Tool

 1. Prerequisites:

1. Access to the Azure Virtual Desktop subscription with Owner permissions is required. 
    


2. The following resource providers must be registered in the subscription to be used for deployment:
    Microsoft.DesktopVirtualization
    Microsoft.Compute 
    Microsoft.Network
    Microsoft.Storage
    
   You may go to the Subscription-Settings-Resource Providers. Search for the required resource provider and click on Register.


3. If you wish to enable Zero Trust Disk Configuration later in the process, the EncryptionAtHost feature must be registered. To register it, use Azure Cloud Shell on the portal and run the command below. Additionally, if you're using a custom image, ensure that the 'Encryption at Host' option is enabled during the image VM build process to allow for Zero Trust Disk Encryption later.
    

    

4. The virtual network used for AVD deployment in the Accelerator tool must be peered with the hub network, and the DNS server details must be updated. Essentially, it should have connectivity with your on-premises network to ensure the session hosts are joined to the domain.



    

5. Make sure the required ports and URLs are whitelisted for AVD Required FQDNs and endpoints for Azure Virtual Desktop | Microsoft Learn

6. An on-premises environment that is connected to the Azure environment, either through ExpressRoute or a site-to-site connection
    

7. An Organizational Unit.
    

8. An user account or a service account that has the appropriate rights to join the machine to the domain.


9.  On Prem Active Directory users and groups are synced to Entra ID using the Entra ID Connect.
    


10. Security group for the AVD assignment. Even if you create it at a later stage, it can always be added later. It shouldn’t be a problem.
    


11. Custom Images if not using market place image.
    

12. Plan a prefix (maximum of 4 characters) for the resource groups and resources created as part of the Azure Virtual Desktop landing zones. Resource groups and other resources will be created based on this prefix.
    rg-avd-test-inc-monitoring
    rg-avd-tech-test-inc-storage
    rg-avd-tech-test-inc-service-objects
    rg-avd-tech-test-inc-pool-compute
    
13. Create a Log Analytics workspace to avoid potential issues, as I encountered monitoring-related errors a couple of times during deployment. 

2. Key Findings to Prevent Failures:

1. If the deployment fails due to a monitoring-related issue, as shown below, ensure that the existing Log Analytics workspace used in the deployment is completely deleted and does not appear in the recycle bin before proceeding with the deployment again. Otherwise, it will reuse the same naming convention, resulting in errors.

    



2. Ensure you have sufficient quota to create a virtual machine of the required size in the desired region. Otherwise, the deployment will fail with quota-related errors, as shown below:
To increase the usage quota, go to Subscription > Settings > Usage + Quotas. Select the desired region, and then click on Yes or New Quota Request.

3. During the deployment, under the Session Hosts tab, if you are using a custom image and have selected Security Type as Standard, but your custom image was built using Trusted Launch as the security type, you will encounter the error below. Make sure to verify the security type before proceeding with the deployment.
    

4. During the deployment, under the Session Hosts tab, if you are using a custom image and checking the box for Enable Accelerated Networking, make sure the option was enabled during the image VM creation process, as shown in the second snapshot below.
    



3. Accelerator Tool Deployment Process:

1.  Open the link: https://github.com/Azure/avdaccelerator and scroll down a bit. Click Deploy to Azure.
    

2. Log in with your credentials, and you will see the screen below. Under the Deployment Basics tab, Check the box for 'I have read and understand the Azure Virtual Desktop LZA deployment prerequisites', and scroll down a bit.


    

3. Select the appropriate Subscription and the Region.

4.  Give a desired prefix (Max 4 characters)

5. Under the environment, you have the options-Development, test, production. Select as per the requirement.

6. Click Next.
    

7. Under the Domain to join tab, select the appropriate option based on the customer requirement. For the article, I have selected Active Directory.

8. Give the domain name, and scroll down.
    
9.  Under the Azure Virtual Desktop access assignment tab, select the security group to be used for the AVD assignment. If you don’t select it now, you can do so at a later stage.

10.  Under the Domain join credentials, enter the username and password.

11. Under the Session host local admin credentials, enter the local admin username and password.

12. Click on Next.
    
13. Under the Host pool settings tab, for host pool type you can either select Pooled or Personal as per Customer requirement.

14. For Load balancing algorithm you can either go with Depthfirst or Breadthfirst.

15. Mention the max session limit.

16. Select the preferred app group type: Desktop- if you plan to publish full desktop experience to the user. Remote App- if you intend to publish only the applications.
    
17.  Check the box for Scaling Plan. If you had selected the host pool type as 'Personal' instead of 'Pooled' in the previous step, you might want to check the box for 'Start VM on Connect,' as it becomes relevant during the scaling plan. If you selected 'Pooled,' you can leave it unchecked.

18. Click Next.
    

19. Under the Session hosts tab, check the box for Deploy session hosts.

20. Check the box for Availability Zones.

21. Uncheck the box for VMSS Flex. If the box remains checked, the VMs will be placed in a single fault domain. Placing VMs in different fault domains reduces the risk of simultaneous failures due to hardware issues, such as a rack failure. Therefore, it is recommended to uncheck the box.

22. Select the Session Host region.
    

23. Provide the OU path where the computer objects for your AVD session hosts will be created.

24. Select the VM size and VM count as per Customer requirement.

25. Select the OS Disk type as Premium.

26. Keep the box Unchecked for Zero trust disk configuration.

    
27. Check the box for 'Enable Accelerated Networking.' 

28. Keep the box as unchecked for Deploy GPU extension policies.

29. For the OS image source and version, you can choose either the Marketplace or the Compute Gallery option, depending on the customer’s requirements. 

30. Select Security type as Trusted launch Virtual Machines.

31. Check the box for Enable Antimalware extension.

32. Click Next.

    
 
33. Under the Storage tab, provide the appropriate OU path where you intend to place the computer object for the storage account.

34. For Storage account type select Zone-Redundant Storage.

35. Check the box for FSLogix profile management.

36. For File share performance select Premium.

37. Depending on the customer requirement select the File share size.

38. Click Next.
        

39. Under the Networking tab, for Virtual Network select Existing.

40. Select the appropriate Vnet and Subnet.

41. Uncheck the boxes for Private Endpoints. You can configure them at a later stage. Refer to my previous blogs for guidance on how to configure them.

42. Click on Next.
    

43. Under the Monitoring tab, check the box for Deploy monitoring.

44. Select either 'New' or 'Existing' for the Log Analytics workspace. Since I already had a workspace, I selected 'Existing'

45. Check the box for Deploy monitoring policies.

46. Click Next.
    





47. Under the Resource Naming tab, leave the box for Custom Resource Naming unchecked. If the customer needs to follow their own resource naming convention, check the box.

48. Click Next.
    
49. Under Resource tagging tab, leave the box for Create resource tags unchecked. If the customer needs to have their own resource tags, check the box.

50. Click Next.
    

51. Click Create.
    

52. Deployment is complete.
    


No comments