Deploying WVD as a code, Why though?
Number of organizations are considering Deploying WVD as a code, a lot of factors are leading in to this. WVD is a perfect VDI solution that has the right elements for organizations to consider their own private DAAS solution for their end users. What are those elements you ask?
- An all Cloud solution
- Integration with Azure AD making it easily adaptable to any Identity Solution your organization has put in place seamlessly
- The use of ARM templates to customize your deployments
- Ease of integration with Azure Devops pipelines
- Cost effective (create your own automation to scale infrastructure as you will)
- Build it with any type of code you are comfortable with .. PowerShell, Terraform, Azure CLI, ARM Templates, Ansible or a combination of all of this.
- Oh, yes! it can work just fine with any other platform that you want to use to publish your resources (Citrix / VMware)
Since we are talking deployment end to end with a code, it would be important to do some planning to ensure we align with the strategy through out.
Firstly, Create a list of things that you would like to deploy. Do not try to hurry in choosing the tools / code you want to deploy them with, we can worry about them later on. Hence, start with basic requirements.
Few of which may include high level topics like:
- Obviously we need an azure subscription
- what is the scale we are expecting? is a single subscription good for this type of deployment?
- Plan the structure of Management groups to fit in to the larger Azure Infrastructure of the organization.
- Note down your thoughts on how you are going to manage code.. a code repository?
- Plan on how you would integrate the code repository, Azure subscription and WVD overall
- Plan your base resources (Virtual Network, Compute, Storage, Imaging strategy)
- a question to answer would be if we can create an org specific, but custom generic template for the hostpool and sessionhost deployments, such that the template can be repeatedly used to deploy WVD for requests that would be originating in your organization
- Consider factors for automation, in the sense of:
- What level of automation are we going to do?
- Which processes is going to be automated?
- Is automation only limited to the Project Build phase? or does it need to extend to the Business As Usual
And.. mapping out the base requirements:
- Network Connectivity to all the Core Services / On-Prem DataCenter
- Plan the Network Security Groups
- Virtual Networks
- Virtual network peering (should the subscription require access to a different subscription / services / connectivity hub)
- Virtual Network Gateways
- Network security group
- Consider implementation of the right firewall appliance
- Planning the Active Directory infrastructure
- OU Structure
- Group Policy
- AD Users and Groups
- Plan and map the Monitoring requirements.
- What would be your Image management strategy? How will you optimise the same?
- How to manage the patching, Application rollout?
- Designing User Profile Management, File Services.
- Plan the redundancy levels for the resources deployed
- Consider how passwords and usernames will be managed securely within the automation you would use for the project or generally within the code you are putting together for build.
- Design the WVD structure to suit your organization purpose:
- WVD Hostpool type
- Hostpool custom RDP properties
- Application group types to use and how allocations are managed
- Plan your workspaces
- How would you be delivering these apps to the users?
Once we have these, i.e. an understanding of what we want to do?? You may slowly get into the conversations of how we want to do it!! (the exciting bit 😀 )