AZ-140 Windows Virtual Desktop on Microsoft Azure – *NEW* – Monitor and Maintain an Azure Virtual Desktop Infrastructure part 2
- Onboard Session Host VMs into Log Analytics & Azure Monitor
If you go to the Azure Monitor and you go to virtual machines from the Lip navigation pane and then you can see a not monitored tab. If you go there, we can see that our session host is not yet enabled to be covered by the Azure Monitor. How can you enable the monitor coverage for your session hosts? So in this lecture we will discuss how to onboard your VMs, your session hosts to the Azure Monitor and to enable the collection of the data for the VMs by installing the agents. This can be done by enabling this for each virtual machine alone. So you can enable it. This is easy if you have like a few or a small number of virtual machines. For the bigger projects, you need to do it in other ways, in a more simple way, because you cannot do it one by one.
And to do that, you can go to the other important options and you can enable using policy. And you may have a question, maybe you are not familiar. What is the policy or the Azure policy by Microsoft? This is the Microsoft documentation. You can google it. What is Azure policy? And you can see that Microsoft says in one line azure policy helps to enforce organizational standards and to assess compliance at scale. In other words, in a more simplified words, you can use the Azure policy to enforce some settings, some conditions, if I may say. In our case here, we want to make sure that the VMs in a certain subscription will all be enabled for the monitoring. So we need to make sure that each VM in a specific subscription will be monitored and it will have the agent, the monitoring agent deployed.
You can use the policy for many, many other things. Like another example I would give you is to enable the VM creation in certain regions only. And of course, you can use it for many, many other things. But for now, let’s stick to the purpose of this lecture and let’s enable the monitoring for the VMs using the policy you will find your Azure subscription and you can actually click on the points here and you can say assign policy. There are many things that you will need to configure. As you can see the different tabs here, let’s go buy them one by one. You will need to select the scope, which means the policy is going to be applied on what exactly. So let’s keep the scope is the full Azure subscription. You can exclude some stuff, but let’s keep it as it is.
And then you can give it a name and make sure, like if the policy enforcement is enabled or disabled and who is the one responsible on this policy or who has assigned it. At this point, the user using name is Test. Test. You can then go next and you will have to specify the parameters. What is the look? Analytics workspace. I will use the one I have created for my project. You can optionally also list the VM images that are supported and so on. If you go next, you can configure the remediation of this policy. Now, it’s important to note that by default, as you can see here, the assignment will take effect on newly created resources only. Which means if you have some VMs created before, it will not apply on them. If you wanted to apply on the old ones, you go here and say Create Remediation task and you select Deploy Configure Log analytics agent to be enabled on Windows Virtual Machines.
And then you go, you continue with the other settings. For example, the managed identity, which is the thing that Azure will use actually to do the installation of the agent on the VM. So it’s a matter of permissions and role based access. After configuring that, you can actually configure the non compliance messages, which is the messages you will get if there is something that is not compliant. And once you are done with these, we will leave it as it is. For now, I don’t need to configure it. You can go to the Review and Create and you can click on Create. So this is a very important option that I wanted to drag your attention to. This is the one used when they are working with a big company and you have big projects.
But for the sake of simplicity and for our demo, because we have only one virtual machine, I will enable for a single VM. If I click on it, notice it took me to the Not Monitor tab and this is Decision Host. I will just simply click Enable and it gives you some information and you say Enable. It will validate the information it has and it will ask you for the workspace information. Again, I will specify the one I have created and I will simply go with Enable. So this is how you onboard your virtual machine, your session hosts to the Azure Monitor. You can enable it for one VM at a time or you can use the Azure policy to enforce the agent installation and deployment on the virtual machines in a specific scope like the Azure subscription.
- Add Performance Counters and Event Logs
The only thing left to be done is to specify and to configure the performance counters to be monitored and the event looks as well. This can be done using the Windows virtual desktop Insights workbook. So if you go to Windows Virtual Desktop and we go to Insights you will start notes saying that the setup is almost complete so we can monitor our WVD environment. So it takes a little bit of time and it will show you some of the things. It will give you an overview of your WVD environment. So if we scroll down we can see many things like the host pool details, the connection diagnostics for your users, connections to your WVT environment, more information about connections, some details about the host.
So you have the host diagnostics, the host performance, each one of those actually has its own specific tab as well. So you can see the connection diagnostics. If you click on it, it’s going to give you some more detailed information like the success rate of establishing a connection and you can actually find many other things, potential connectivity issues in the last 48 hours and so on. You have the connection performance where it gives you some information like the top ten users with highest median time to connect and so on. I would encourage you to explore each and every one of those. But the thing that is left to be done to have this WVD monitoring setup complete is to configure the workbooks.
If you scroll down you will see that they give you this line to configure Azure monitor for Windows Virtual Desktop Insights. See the configuration workbook and you can go to it from the workbooks at the top as well. So let’s click here and it will give you like a general idea of what is missing if there is something missing from your setup and usually the session host data settings will have something to be done. So if you scroll down it is always recommended to see if there are any notes, anything that is not completed. So you can see everything is enabled, everything is good.
So for the resources diagnostic settings we are good to go. If you go to the session host data settings this is where you can specify which performance counters to be monitored and which event logs as well. And if you see it says no configured performance counters and the missing counters are these. It gives you the memory counters, the physical disks, the logical disks, anything that you can find in the missing counters. So this means we will need to add those. Again. If you scroll more down you can see the Windows event logs so no configured events and the missing event logs it gives you even the missing things that you need to add are these event logs. So how to add them? You simply go here and you see performance counters. You scroll down, it says configure performance counters.
You click on it, it will say the requirement performance counters will be added to the Log Analytics workspace and you simply need to apply the configuration so it will deploy like a default template of the performance counters that need to be deployed for you to make things even easier. And while this is being deployed, if you scroll down to configure event logs you can see the deployment succeeded. So here you can use the configure events again to use it like by default the events will be added for you or you can actually do it manually if you want to do it manually. Microsoft gives you the option to go and open the Agent configuration. It’s going to open a new page and you can specify which exact event looks to be added. I will use the configure events so the required events will be added to the Log Analytics workspace and I will say deploy.
Let’s give it a minute until it is completed. Okay, so it took like two minutes and now we are back. If we do a refresh we shall be able to see that the parameters has been added for us. It may take some time as well. So let’s do a refresh. Okay, let’s select maybe the workspace and let’s see the performance counters. And as you can see everything has been added for us. So the configuration counters has been added, no missing performance data and so on. So this was the only thing left from the steps to enable the monitoring for the WVD environment. After that you are ready and set to ago. So you can go to WVD or Windows Virtual Desktop Insights and be able to monitor your WVD environment.
- Azure Advisor for AVD
There is a great tool in Microsoft Azure called Azureadvisor. If you go to the search bar and you say Advisor, you will find it. So let’s click on this tool. I want you to think of the Azureadvisor as a tool by Microsoft to help you resolve the common issues on your own without having to file a support case of support request with Microsoft. It’s a very useful tool. It has many areas that we will see in a minute. And you can see right now it says it showed a notification there that it has updated the recommendations. Let’s explore it together. So you can select the subscription that you have, so you can show the recommendations for it and you can filter the type of actions do you want the active ones postponed or dismissed ones. Also, it’s very important to show you that you can download as CSV file or as PDF.
So if you want to pass the recommendations to your management or to your colleagues or whatever, you have the option to export it into two different forms. There are five areas that the Azure Advisor tries to cover for you and tries to provide recommendations for you. So there is costs. So any recommendations so you can optimize the cost. For example, maybe you shall use Azure reserved instances so you can reserve the machine for one or three years and get a great discount. So it’s going to show you these here in the cost recommendations you have the security ones and I want you to notice with me that it actually gives you priorities for the items it recommends for you. So there is high impact, medium impact, low impact, each with its own respected color.
There is a reliability one, so it gives you also recommendations if there are any, and Operational Excellence and Performance. So these are the five main categories. Of course, a best practice is to check those frequently. Azure Advisor updates the recommendations multiple times a day, so it’s a great idea to check them. You can avoid having large issues if you spot and resolve the smaller ones here first. So I would recommend to check those frequently. Let’s just see for an example also what will you see if you click on one of them? Of course, because this subscription is used for demo purposes, we will not find money, but in any way I want to show you what the actions, what things you can do. So this is the Operational Excellence and you can see there is high, one high priority item Medium and the others are Medium.
So for example, here it says enforce the other VMs that do not use managed disk using the Azure Policy. It also says, for example, here is one medium that you need to specify what are the allowed virtual machine SKUs or what are the allowed locations for your employees or staff to be able to create. Like what Azure regions do you want the staff to be able to create the VMs. So these are like operational excellence things that you can enforce policies and if you click on any one of them let’s try this one. It will give you a summary of the things that you need to do and it will give you the guide as well. So it’s a great thing to have. You can also download the information and the details again in the two forms CSP and BDF. You can create a layer and you can postpone or dismiss.
So these actions are available immediately if you want to postpone it for another time or to dismiss it now. How is this related to Windows virtual desktop? Simply but because you see the recommendations here and it gives you like some kind of it alerts you about something that could cause issues. So what I would recommend to you is whenever you face or you come across an issue in the Windows Virtual Desktop environment always make sure to check the Azure Advisor first before opening cases with Microsoft so you can actually do not waste any time and you can find maybe the small issues or the issues that are causing whatever problem you may having with the environment. Azure Advisor advisor will always give you directions for how to solve the problems or at least point you towards a resource that can help you too. So it’s a great tool to be used. It is called the Azure Advisor.