Introduction to Azure Virtual Desktop on ThinkAgile MX

Azure Virtual Desktop is a flexible cloud-based VDI solution that can be used to deploy and scale Windows desktops and apps on Azure Stack HCI in minutes to enable secure, remote work. With Azure Virtual Desktop for Azure Stack HCI, IT administrators can create a full Windows 10, Windows 11, or Windows Server desktop virtualization environment that can be used on any device.

IT views all components on the same management plane, and it is simple to create and use Azure Virtual Desktop sessions on an Azure Stack HCI cluster. With the support of Azure Virtual Desktop for Azure Stack HCI, Windows 10 and Windows 11 multisession capabilities are available in on premises environments. IT staff can support multiple users on a single virtual machine (VM). That greatly reduces the number of VMs and the system-resource overhead costs while still providing the same resources to all end users. Azure Virtual Desktop also simplifies management and user support. Because Azure Virtual Desktop is a managed service, organizations don’t need to deploy a VDI themselves or have the burden of upgrading infrastructure. This is a game-changing advantage compared to other VDI solutions.

Azure Virtual Desktop for Azure Stack HCI is currently in public preview. Azure Stack HCI doesn't currently support certain important Azure Virtual Desktop features. Because of these limitations, we don't recommend using this feature for production workloads yet.

The pace of change is accelerating everywhere, especially in the workplace. But two things are clear: flexible work is here to stay, and the talent landscape (workers with in-demand skills) has fundamentally shifted.

This new workplace shift is pushing IT administrators to set up VDI with remote connectivity, security, and management capabilities so that employees can remain productive and access necessary apps from wherever they are. Moving to the cloud offers many benefits to enterprises, including scalability, cost efficiencies, and near-limitless data capacity. However, many industries are required to keep their data on premises due to data-sovereignty needs and regulatory requirements.

What if there were a way to bring all the cloud benefits on premises by using familiar tools and applications based on Windows with a fully managed, cloud-hosted VDI management plane? The new Azure Stack HCI and Azure Virtual Desktop on Lenovo Systems (Microsoft’s VDI solution) can do just that to help companies overcome their remote work challenges in a powerful and efficient manner.

The following summarizes, at a high-level, what you will need to run Azure Virtual Desktop on Azure Stack HCI:

• An Azure Stack HCI cluster with a minimum of 2 nodes. From a CPU perspective, it’s recommended to have at least 16 cores with 256GB memory, but this is largely determined by your workload requirements. A minimal install of Azure Virtual Desktop with a single VM cluster will likely consume approximately 24-30GB RAM.
• We recommend 1TB storage capacity in your Azure Stack HCI storage pool used to store virtual machines. However, again, this will be determined by your workload requirements.
• A system running Windows Admin Center. This should be registered with Azure, and in the same domain as the Azure Stack HCI cluster.
• External internet connectivity for both the Azure Stack HCI nodes, and the Azure Virtual Desktop components.
• An Azure subscription for Azure Virtual Desktop Session Host Pool with the appropriate permissions.
• Network Validation for AVD Links - https://docs.microsoft.com/en-us/azure/virtual-desktop/safe-url-list

You can also review more detailed requirements information within our documentation.

Step 1: Hardware and OS configuration for Azure Arc Service on Azure Stack HCI

The first step in the process is to obtain and setup your Lenovo server that will support Azure Stack HCI, and subsequently, AVD – Azure Virtual Desktop. Lenovo certified Azure Stack HCI solutions can be found at this link – ThinkAgile MX.

Lenovo rack systems feature innovative hardware, software and services that solve customer challenges today and deliver an evolutionary fit-for-purpose, modular design approach to address tomorrow’s challenges. Key advantages of deploying Lenovo rack servers include:

• Highly scalable, modular designs to grow with your business
• Industry-leading resilience to save hours of costly unscheduled downtime
• Expansive storage capacity and flexible storage configurations for optimized workloads

The following Lenovo servers have been certified for Microsoft Azure Stack HCI and are equipped to support 4 to 64-core processors, up to 4TB of memory and over 100TB of storage making them ideal candidates for Azure Stack HCI Virtual Desktop Infrastructure solutions:

• Lenovo ThinkAgile MX3530 Integrated systems / MX3531 validated nodes (based on ThinkSystem SR650 V2)
• Lenovo ThinkAgile MX3330 Integrated systems / MX3331 validated nodes (based on ThinkSystem SR630 V2)
• Lenovo ThinkAgile MX3520 Integrated systems / MX validated nodes (based on ThinkSystem SR650)
• Lenovo ThinkAgile MX1020 Integrated systems / MX1021 validated nodes (based on ThinkSystem SE350)
• Lenovo ThinkSystem SR630 validated nodes
• Lenovo ThinkSystem SR665 validated nodes
• Lenovo ThinkSystem SR655 validated nodes
• Lenovo ThinkSystem SR645 validated nodes
• Lenovo ThinkSystem SR635 validated nodes
• Lenovo ThinkEdge SE450 validated nodes

With your Lenovo servers racked, configured, and connected, you are ready to deploy the Azure Stack HCI OS. The first step in deploying Azure Stack HCI is to download Azure Stack HCI and install the operating system on each server that you want to cluster. You can deploy Azure Stack HCI using your preferred method – this could be via USB, network deployment, ISO boot over a dedicated OOB management port, etc. Step through the simple Azure Stack HCI OS installation wizard, and once complete, you should be at the Server Configuration Tool (SCONFIG) interface. If you need to, make any simple changes here, but all that should be required is a single NIC with an IP address on your management network.

Figure 1. SCONFIG in Azure Stack HCI

Step 2: Deploy and Configure Windows Admin Center

With your Azure Stack HCI nodes deployed, and accessible over the network, the next step is to deploy the Windows Admin Center. If you haven’t already, download the Windows Admin Center software. This should be installed on a Windows 10 or Windows Server 2016/2019 machine. This machine should also be joined to your management domain. This should be the same domain that your Azure Stack HCI nodes will be joined to.

Step 3: Create an Azure Stack HCI Cluster

With the Windows Admin Center installed, open the Windows Admin Center, and step through the process of creating an Azure Stack HCI cluster.

The wizard will walk you through selecting your nodes, joining the nodes to the domain, installing required roles and features, and updates, before moving on to configuring the physical and virtual networks, clustering and software defined storage. When the wizard is complete, you should see your new cluster in your All connections view within Windows Admin Center.

Figure 2. Deploying an Azure Stack HCI Cluster in Windows Admin Center

Step 4: Set up the new Host Pool with No VM

Sign into the Azure portal at https://portal.azure.com. Enter Azure Virtual Desktop into the search bar, then find and select Azure Virtual Desktop under Services.

Figure 3. Azure Virtual Desktop Service in Azure Portal

The Azure geography associated with the regions you selected is where the metadata for this host pool and its related objects will be stored. Make sure you choose the regions inside the geography you want the service metadata to be stored in.

Under Host pool type, select whether your host pool will be Personal or Pooled.

1. If you choose Personal, then select either Automatic or Direct in the Assignment Type field.
2. If you choose Pooled, enter the following information: For Max session limit, enter the maximum number of users you want load-balanced to a single session host.

Figure 4. Host Pool Creation in Azure Portal

Step 5: Define your host pool as Validation Host Pool

Search for and select Azure Virtual Desktop.

• In the Azure Virtual Desktop page, select Host pools.
• Select the name of the host pool you want to edit.
• Select Properties.
• In the validation environment field, select Yes to enable the validation environment.

Figure 5. Host Pool Properties in Azure Portal

• Select Save to apply the new settings.

Step 6: Register Your Application Group to a Workspace

To register the desktop app group to a workspace:

• Select Yes.
• Next, choose whether you want to create a new workspace or select from existing workspaces. Only workspaces created in the same location as the host pool will be allowed to register the app group to.
• Optionally, you can select Next: Tags
• Here you can add tags so you can group the objects with metadata to make things easier for your admins.
• When you're done, select Review + create.
• Review the information about your deployment to make sure everything looks correct. When you're done, select Create.

Figure 6. Application Group in Azure Portal

This starts the deployment process, which creates the following objects:

• A desktop app group
• A workspace, if you chose to create it

If you chose to register the desktop app group, the registration will be completed.

Virtual machines, if you chose to create them, are joined to the domain and registered with the new host pool..

Step 7: Deploy a new virtual machine on your Azure Stack HCI infrastructure and join it to a domain

You can easily create a new VM using Windows Admin Center.

• On the Windows Admin Center home screen, under All connections, select the server or cluster you want to create the VM on.
• Under Tools, scroll down and select Virtual machines.
• Under Virtual machines, select the Inventory tab, then select Add and New.

Figure 7. VM Creation from Windows Admin Center

• Under New virtual machine, enter a name for your VM.
• Select Generation 2 (Recommended).
• Under Host, select the server you want the VM to reside on.
• Under Path, select a preassigned file path from the dropdown list or click Browse to choose the folder to save the VM configuration and virtual hard disk (VHD) files to. You can browse to any available SMB share on the network by entering the path as \server\share.
• Under Virtual processors, select the number of virtual processors and whether you want nested virtualization enabled for the VM. If the cluster is running Azure Stack HCI, version 21H2, you'll also see a checkbox to enable processor compatibility mode on the VM.
• Under Memory, select the amount of startup memory (4 GB is recommended as a minimum), and a min and max range of dynamic memory as applicable to be allocated to the VM.
• Under Network, select a virtual switch from the dropdown list.
• Under Network, select one of the following for the isolation mode from the dropdown list:
  • Set to Default (None) if the VM is connected to the virtual switch in access mode.
  • Set to VLAN if the VM is connected to the virtual switch over a VLAN. Specify the VLAN identifier as well.
• Set to Virtual Network (SDN) if the VM is part of an SDN virtual network. Select a virtual network name, subnet, and specify the IP Address. Optionally, select an access control list that can be applied to the VM.
• Set to Logical Network (SDN) if the VM is part of an SDN logical network. Select the logical network name, subnet, and specify the IP Address. Optionally, select an access control list that can be applied to the VM.
• Under Storage, click Add and select whether to create a new empty virtual hard disk or to use an existing virtual hard disk. If you're using an existing virtual hard disk, click Browse and select the applicable file path.
• Under Operating system, do one of the following:
  • Select Install an operating system later if you want to install an operating system for the VM after the VM is created.
  • Select Install an operating system from an image file (*.iso), click Browse, then select the applicable .iso image file to use.
• When finished, click Create to create the VM.
• Under State, verify that the VM state is running.

Step 8: Enable Azure Arc on the Virtual Machine on Azure Stack HCI

Launch the Azure Arc service in the Azure portal by clicking All services, then searching for and selecting Servers - Azure Arc.

Figure 8. Azure Services form Azure Portal

1. On the Servers - Azure Arc page, select Add at the upper left.
2. On the Select a method page, select the Add servers using interactive script tile, and then select Generate script.
3. On the Generate script page, select the subscription and resource group where you want the machine to be managed within Azure. Select an Azure location where the machine metadata will be stored. This location can be the same or different, as the resource group's location.
4. On the Prerequisites page, review the information and then select Next: Resource details.
5. On the Resource details page, provide the following:
   • In the Resource group drop-down list, select the resource group the machine will be managed from.
   • In the Region drop-down list, select the Azure region to store the servers' metadata.
   • In the Operating system drop-down list, select the operating system that the script be configured to run on.
   • If the machine is communicating through a proxy server to connect to the internet, specify the proxy server IP address or the name and port number that the machine will use to communicate with the proxy server. Enter the value in the format http://:.
   • Select Next: Tags.
6. On the Tags page, review the default Physical location tags suggested and enter a value, or specify one or more Custom tags to support your standards.
7. Select Next: Download and run script.
8. On the Download and run script page, review the summary information, and then select Download. If you still need to make changes, select Previous.
9. Log in to the server.
10. Open an elevated 64-bit PowerShell command prompt.
11. Change to the folder or share that you copied the script to and execute it on the server by running the ./OnboardingScript.ps1 script.

On the Azure platform the Machine will appear under the Azure Arc systems as connected.

Figure 9. Azure Arc status on Azure Portal

Step 9: Add the virtual machine to the Azure Virtual Desktop host pool and register to Azure Virtual Desktop Service

Registering the virtual machines to a Azure Virtual Desktop host pool is as simple as installing the Azure Virtual Desktop agents.

To register the Azure Virtual Desktop agents, do the following on each virtual machine:

1. Connect to the virtual machine with the credentials you provided when creating the virtual machine.
2. Download and install the Azure Virtual Desktop Agent with Latest version of Azure CLI
3. Download the Azure Virtual Desktop Agent.
4. Run the installer. When the installer asks you for the registration token, enter the value you got from the Get-AzWvdRegistrationInfo - ResourceGroupName – HostPoolName – SubscriptionID cmdlet.
5. Or alternatively you can extract the Token key from the Azure Portal from the host pool itself and copy into the Agent.

Figure 10. AVD Registration Key on Azure Portal

6. Download the Azure Virtual Desktop Agent Bootloader.
7. Run the installer

The Host pool it will display the VM under the VMs Tab.

Figure 11. VM Status in the Host Pool on Azure Portal

Follow the directions in Create app groups and manage user assignments to create an app group for testing and assign user access to it and grant your users access to the new deployment.

Figure 12. Desktop Application Group (DAG) in Azure Virtual Desktop

Step 10: Connect from anywhere to your VM running On Premises on your Azure Stack HCI

Sign-in on with the domain account integrated in Azure Active Directory - rdweb.wvd.microsoft.com/arm/webclient.

Figure 13. Azure Virtual Desktop WorkSpace

Known issues

Local domain (e.g. contoso.local) will inherit the Azure Directory domain extension hence would be required to add an Alternative User Principal Name Suffix into the local domain controller that match the Azure AD.

Lenovo is a US$70 billion revenue Fortune Global 500 company serving customers in 180 markets around the world. Focused on a bold vision to deliver smarter technology for all, we are developing world-changing technologies that power (through devices and infrastructure) and empower (through solutions, services and software) millions of customers every day.

For More Information

To learn more about this Lenovo solution contact your Lenovo Business Partner or visit: https://www.lenovo.com/us/en/servers-storage/solutions/