Hello everyone!
This is the last one of the series about Bicep and AVD deployment. Last time we talked about Bicep and the AVD backend, now we want to deploy session hosts with bicep templates. You can use this method to update your session hosts with the latest gallery image from Microsoft. Using a clean image strategy could save up a lot of time, because apps can be deployed with App Attach or with a provisioning script when the session hosts are deployed.
Prerequisites
- Azure subscription (Azure DevOps is free, but I will connect to Azure)
- Contributor or Owner role on the subscription (less rights are possible, but take more time to setup)
- Deploy the AVD Backplane using my bicep templates. Check this link
- Domain join account to add session hosts to Active Directory. This can be delegated access to the OU or a domain admin account.
- Visual Studio Code (VSCode) (Feel free to use any coding tool you want)
- Bicep extension in VSCode
- Azure DevOps Service connection configured with Contributor and User Access Administrator access on the subscription. Follow this guide.
- Licensing requirements for signing in. Check this link
- Using an Azure Virtual Desktop client to connect: Remote Desktop Client / Windows App
Setting up the files
This part should be setup with my last blog, but now we need to have the files in place for the session hosts. Check for the files on my github page: https://github.com/mischasachsecom/mischasachse/tree/main/BiCepAVD. It is important that the exact folder structure is used for the repo. The backend and session hosts have been separated for easy and fast deployment, because the session hosts are going to be deployed more often after image updates.
The passwords are a secure string, so your information is not saved in the pipelines. The domain join account needs delegated rights on the OU that is used for the deployment in Active Directory. Make sure you have the following files available in your repo.
Configure the pipeline
If all the parameters and files are correctly configured, we can setup the pipeline. The file Sessionhosts.yaml must be used to configure your pipeline. This is located in the pipelines/templates folder. This file contains some parameters that need to be changed. For this deployment you need to use the same resource group name as the AVD backend, because we use the managed identity that has resource group scope access. The subscription name needs to be set in this file.
trigger: none
pool:
vmImage: "ubuntu-latest"
variables:
- name: azureResourceManagerConnection
value: BicepAVDSC
stages:
- template: ../DeploySessionHosts.yaml
parameters:
azureResourceManagerConnection: $(azureResourceManagerConnection)
location: 'westeurope'
resourceGroupName: 'rg-avd-pl-bicep-test'
subscriptionName: 'Visual Studio Enterprise Subscription – MPN'The file DeploySessionhosts.yaml in the folder pipelines does not contain any parameters that needs to be changed, because all the paths should be correctly configured when you use my repo files in your Azure DevOps environment.
Starting the deployment
Now we can deploy the session hosts in the AVD backend. The pipeline will ask for permissions to permit access. Run the pipeline to add the session hosts.
Now you can see the deployment running, here are also some warnings, but the deployment will succeed in about 8 to 10 minutes.
Now you can see that all the session hosts are deployed in the AVD backend. It is not a problem that these are added in the same resource group as the deployment stack. Because the deployment stack will not contain the AVD session host resources.
Now you can see that all the session hosts are deployed in the AVD backend. It is not a problem that these are added in the same resource group as the deployment stack. Because the deployment stack will not contain the AVD session host resources.
Checking the deployment stack
The session hosts are deployed in the same resource group as the AVD Backend, but the resource group is connected to a deployment stack. This is not a problem for the session host deployment. The session hosts are not a part of the deployment stack, so you can still manage your deployment stack for the AVD backend and remove the session hosts easily for a new deployment. Without issues for the deployment stack.
Now you have a complete pooled AVD environment deployed within 15 minutes.
This works really well, but be aware that Bicep templates and features change very often. So these templates may work today, but in the future these templates may fail. I will always check to update my bicep templates in the github.
Final Thoughts
Having my own bicep templates for the deployment of AVD is really cool to have! These templates will be improved in the future, adding features like Intune, Hybrid join and App Attach will make these templates complete. Hopefully you can use the templates in your setup in Azure, because using Azure Virtual Desktop can make a big difference in your customer environment.
