Using Azure Image builder and Azure Shared Image Gallery with WVD

Here at Microsoft we love three letter acronym's, so much so that we have a three letter acronym, TLA for three letter acronym's. This blog manages the triple of TLA's, namely AIB, SIG and WVD. This blog is about how you can use Azure Image Builder with Shared Image Gallery to deploy WVD Host pools.

If you are doing anything with Windows Virtual Desktop you are going to want to start using Azure Image builder to create images to be used in WVD Host pools, as well as Azure Shared Image Gallery to store and distribute these images. This will make your life a lot lot easier.

In this article I show you a simple "kickstarter" example of how you can use Azure Image Builder (AIB) to build a Windows 10 Multi Session image and then place this in Azure Shared Image Gallery (SIG) to version the image and then distribute the image to a number of global Azure regions.

This then allows you to create a Windows Virtual Desktop host pool locally based upon that replicated image.

At the time of writing AIB is still in preview, more information from the program manager Daniel Sol is here. AIB is a service, it is maintained, tested and supported by Microsoft. You don't need to know anything about image building, or the tooling used for building images. If you are able to copy and paste PowerShell then you are able to use AIB.

This is a high level of how the service works:





















AIB uses Hashicorp Packer to actually do the builds. But again you don't need to learn or know Packer, as AIB automates this for Azure, such as adding hidden tasks to Sysprep Windows.

Azure Shared Image Gallery is detailed here. SIG allows you to update your image definition in the gallery, so that you have history and the capability to roll back your image. The image definition has a "latest" property which allows you to just reference the image definition and always get the latest version. You can then use SIG to replicate your image to any Azure region globally, with a number of replica's which is important if you are deploying a large number of session hosts from this image version and want to increase your throughput of session hosts deployed.


Build a Windows Virtual Desktop Host pool using AIB and SIG.

Everything you need is stored in my GitHub here, but kudos needs to go to Daniel Sol for creating the originals in our public documents. I have just made some updates to include a Windows 10 Multi Session image and Teams with Media Optimisations baked into that image, and then show how you can use this to deploy a WVD host pool, using either WVD Classic or the WVD.

Build a Windows Image definition, and distribute in SIG.

Start by downloading and opening the DeployAIBImage.ps1. Open this up and have it next to this article as you will work your way through this PowerShell script, to learn what it does. Below we will walk through the PowerShell commands hence you will need to have it open.

Depending on when your running this you may need to Register the AIB Service in Section 1, which should be self-explanatory.

In section 2. You start by setting your variables such as your Resource Group and location that you want your AIB services to be deployed into:



















In section 2.1. you then create:
  • A resource group
  • A Managed identity that gets used to add the image into the SIG (that gets created later)
  • Assign this user access 
This will create a Managed Identity in your Resource Group






Which has the necessary permissions in the Azure resource group:













In section 3. you will create:
  • The Shared Image Gallery itself
In the Azure portal you will now see a SIG:






In section 3.1 you create the image definition with the New-AzGalleryImageDefinition command.
  • An image definition. There are two options here. The first is for Windows Server 2019 or Windows 10 Multi Session, please run the section for the image you want.
This creates an image definition:





In section 3.2 you:
  • Download the AIBWin10MS Json file locally and replace with your parameters. In this Template I have some generic settings you may choose to modify, i.e. the OS you want to deploy:










In the "customize" section you specify what applications need to be installed in the image, you can list them directly here, or you can also call a Powershell script that defines exactly what to install and how. My script for doing this is located here: AIBWin10MSImageBuildTeamMedia.ps1This Powershell script is called during the customize section and in my example installs VS Code, NotePadd++, FSLogix, Microsoft Teams and sets up the Media Optimisations, required for voice and video calling.

You could create your own and deploy whatever software or configurations that you need on the "golden image". 

You call the script from within the "customize" section:










This script installs a number of applications such as FSLogix for Profile Management and also Microsoft Teams with media optimisations. The Microsoft Teams section looks like:



Back in the AIBWin10MS.JSON file it will perform other actions you might want to perform like restarts, copying files etc:












In the "distribute" section you can also add any Azure region that you would like to replicate this image to:
Return to the DeployAIBImage PowerShell script to kick of the build:
  • Create the Image version using the: New-AzResourceGroupDeployment cmd.
  • Build the Image itself, using the: Invoke-AzResourceAction cmd

  • This will create an Image such as:





You then check the progress of the build and distribution, bu using the: Get-AzResource.... cmd.

The progress will start with Building:







Then once the build completes, it will start distributing the image to the locations that you specify in the json above:

You can also go in to the SIG and to your Image Version and go to Update replication. This will also show you the completion of your distribution. You can also add or remove target regions.
Once you have older versions that have been replaced by newer version's you might want to reduce the Target regions just to one in order to save storage costs whilst the image is not required for deployments.

















This will eventually turn to Succeeded, once replication has completed:







You have now created an Image definition and replicated that to some Azure regions.

Now you can go and create a new VM in Section 4 via PowerShell. 

You can also do this directly in the SIG. There are two similar ways to create this VM. The first uses the "latest" property to use whatever the latest version of the definition is. The second goes to a specific version.
To use the latest version, click on the Image Definition itself  and + Create VM:





















You will note that this uses the "latest" property of the Image definition. So if you had created some monthly versions of this image, creating a VM from the Image definition will always pick the latest, so you are always up to date.














You can also go to the Image version specifically. Again if you had multiple versions you can go direct to that version to deploy it. To do this from the Image definition click on the version number you want:


From within this specific version you again click on + Create VM



And as expected this builds from the specific version, not the latest:


















Create a Windows Virtual Desktop Host pool from this image version.

Now you have an Image definition, and to test it you have deployed a VM from this. But you now want to deploy a WVD host pool from this definition.

There are two ways to do this, the first uses WVD, via the Azure Portal. The second uses WVD Classic.

WVD:

Go to create a new Host pool, on the Virtual Machines page, in the "Image Type" drop down box ensure "Gallery" is selected and then click on the link: Browse all images and disks:



This will open the Select an image blade. Select "My Items" and "Shared Images". From here you can filter on Publisher and SIG's. In here you select the Image you want this Host pool to be deployed from:


























With this image selected complete the host pool deployment as you normally would, and your host pool will be deployed using this image definition.

WVD Clsassic:.

How do you use the SIG from with the Classic release when it isn't integrated with SIG?

You can use this template  in my GitHub that has been updated to use SIG. When you click on "Deploy to Azure" you will notice that there is a new option that includes Shared Image Gallery:


This template has been updated so that in "RDSH Image Source" you can select Azure Shared Image Gallery, as well as the three highlighted sections beneath it, where you would enter the details of your SIG, Image definition and version.

Complete this template as you normally would using the official template and again the template will pull your image and create a Host pool from this definition.

Hopefully you have seen how the combination of AIB, SIG and WVD enable you to have a managed build and automated deployment process.






Comments

  1. The template fails with:

    Unable to download deployment content from 'https://raw.githubusercontent.com/TomHickling/RDS-Templates/Master/wvd-templates/Create and provision WVD host pool/nestedtemplates/managedDisks-azuresharedimagegalleryvm.json'. The tracking Id is '3f28aa47-7733-4681-bffd-ddef24423fbc'. Please see https://aka.ms/arm-deploy for usage details.

    ReplyDelete
  2. Thanks for this blog post. Really helpful. Do you know if there is a Visio / Project equivalent for invoke web request to install the Visio and Project Online clients (rather then the Pro/Std versions) or perhaps a way to use the Office CDN with the /config switch during the image builder?

    ReplyDelete

Post a Comment

Popular posts from this blog

Reassign a WVD Personal Session Host

AVD and Azure Active Directory Domain Join public preview

How to deploy a Windows Virtual Desktop host pool using Infrastructure as code from Azure DevOps