With the release of Azure RemoteApp, Enterprise customers can now move their non-persistent RDS session-hosted applications from the on-premises data centers into a hosted cloud – with the Azure platform providing all of the necessary image provisioning and updating services. With Azure RemoteApp, you can use gallery templates or your own custom image. In addition to your own custom image, you can leverage virtual applications using App-V. With App-V, you can reduce the size of your custom image uploads by streaming the content on-demand.
Right now, App-V support in Azure RemoteApp is limited and licensed to only hybrid collection deployments. This is due to the current licensing requirement of App-V needing to be on domain-joined computers. While you could use a cloud collection to test a virtual application, in order to take advantage of the image reduction features of App-V with Azure RemoteApp – and to have full supportability and license compliance, the implementation within Azure RemoteApp would need to be joined to a domain within a hybrid collection deployment using a Site-to-Site VPN.
Setting Up Azure RemoteApp Images
Before you set up your image for Azure RemoteApp, you will need to first set up your Azure RemoteApp Subscription at https://www.remoteapp.windowsazure.com/. In addition, you will need to set up Azure PowerShell on the machine where you will be uploading the image. You can download Azure PowerShell here at the following link:
There is also existing guidance for configuring a custom RemoteApp image for uploading:
Make sure you follow everything specified in the documentation and no steps are missing when configuring the VHD including disabling encryption and ensuring the partitions are MBR-based. For App-V considerations there are some additional steps that you will need to ensure are included with regards to configuring and preparing the image.
Configuring App-V Client and Pre-requisites
- In Server Manager, make sure .NET 3.5 and 4.5 Services are configured as features for Windows Server 2012 R2.
- Install the most recent App-V 5 Client.
- Install the App-V Client pre-requisites here: https://technet.microsoft.com/en-us/library/jj713458.aspx
- Configure the App-V Client as required (script enablement, etc.)
After the App-V Client has been configured, you will need to add and globally publish your virtual applications using PowerShell. You can do this using the built-in App-V PowerShell Cmdlets referenced here: http://technet.microsoft.com/en-us/library/dn508409.aspx. Whether you are using hybrid or cloud deployments, only globally published applications will fully survive the generalization (as well as picked up by the RemoteApp provisioning) so it is currently a hard requirement.
Testing and Final Preparation
You should test and verify your applications within the image prior to uploading your image. Finally, before generalizing your image with the SysPrep tool, you will need to perform a current workaround that involves an issue with App-V and SysPrep. You will need to stop the AppV Client Service and delete the local VFS Folder under Local AppData (%LOCALAPPDATA%MicrosoftAppVClientVFS.)
Also remember, if the image you are uploading is drastically behind in operating system updates, it will further delay provisioning after uploading.
The last thing you will need to do is generalize the image using the command line:
C:WindowsSystem32SysprepSysprep.exe /generalize /oobe /shutdown
Creating the Collection
You will need to create an Azure RemoteApp collection to house the image and published applications from that image. You can use this quick reference for the details: http://azure.microsoft.com/en-us/documentation/articles/remoteapp-create-cloud-deployment/
In order to upload your custom image containing your virtual applications, in the collection dialog, you will need to click “Template Images.” You will then specify to upload a RemoteApp template image:
After you have given the name and location, it will take you to the next screen where you will download a PowerShell script that you will use to upload your VHD to the correct Blob.
Once you download and run the command from an elevated Azure PowerShell session, it will mount, validate, and fixup the image and then proceed to thoroughly check the integrity and then finally uploading to Azure.
While the image is uploading, the status will remain “Upload pending.”
Once the upload is complete, you can then apply the template image to a collection.
Once the image is associated with a collection, the provisioning will begin. This may take a while. It will show a status of “Provisioning” until it is finished fully prepping the image and parsing for applications.
Once the applications become available in the “Publish RemoteApp Programs” screen, you will see that the AppV programs will show alongside the native applications. These application were queried upon the provisioning that occurred after the collection was created. The AppV applications will be the ones originating from the AppV Client’s PackageInstallationRoot (which by default is C:ProgramDataAppV.) Once the applications have been published and user access has been configured, you can then download the Azure RemoteApp RDP client from:
Once you download the ClickOnce application, you will be prompted with a wizard upon first launch:
The first item you will need to do is supply the appropriate credentials. You will need to supply a corporate account or an MSA.
After you have been authenticated, you will see your published applications (both native and virtual applications) assigned and published to the user. You can then begin to test virtual application behavior in Azure RemoteApp.
In App-V in general, the Content Store (also referred to as the package source or streaming source) is the most critical in both traditional streaming (stream-to-disk) scenarios and Shared Content Store mode clients (stream-to-memory.) Traditionally, Microsoft recommends placing Content Stores as close as possible to end user devices when possible leveraging on-premise technologies such as DFS-R to for replication and location. But what about those customers who are looking to leverage cloud services for App-V content for either:
Disaster Recovery/Business Continuity solutions
Part of an overall strategy to migrate from on-premises resources to hosted cloud services.
When looking to deploy Content Servers in Azure for application streaming, it is important to plan for regional proximity with a mechanism for replicating uniform copies of the App-V content just as you would have done in an on-premises environment.
Why Azure Web Roles can work for App-V Streaming
The App-V Content Server in the cloud is simply a hosted web server virtual machine with attached storage configuration and a corresponding set of cloud services configured to allow downloading of APPV package content via HTTP or HTTPs. This package source requires no additional management (other than security and MIME configuration for .APPV files) of the static package content and is simple to deploy and scale out as needed.
Cloud Services and Endpoints
Assuming you have established an Azure subscription, setting up the necessary services is essential however, a lot of the minor configuration will vary depending on how these cloud resources are integrated within your existing App-V infrastructure. For the sake of example, I will use the scenario of deploying a Content Server to the cloud for the purposes of providing cloud-based content.
In most cases, the order will be to:
Create the Cloud Service – to allow access to hosted Content VM's over the Internet
Create the Storage Account to store the VHDs.
If you want to learn more about Storage Accounts, the reference “What is a Storage Account?” http://azure.microsoft.com/en-us/documentation/articles/storage-whatis-account/ is a good start especially when understanding storage redundancy options.
Create the Virtual Networks
In addition, you will be leveraging external-facing Virtual IP’s (Public IP) an internal DIP, and an Azure Traffic Manager resource
Why do I need a Cloud Service, Virtual Network, VIP and DIP?
If you want to learn more about Cloud Service, Virtual Network, VIPs and DIPs, I highly recommend Young Chou’s (My buddy in DPE from Charlotte, NC) article on Windows Azure Infrastructure Services IP Address Management – at: http://blogs.technet.com/b/yungchou/archive/2014/03/17/windows_2d00_azure_2d00_infrastructure_2d00_services_2d00_ip_2d00_address_2d00_management_2d00_part_2d00_1_2d00_of_2d00_2.aspx
In addition, the following tutorials can walk you through the process:
How to Deploy a Cloud Service: http://azure.microsoft.com/en-us/documentation/articles/cloud-services-how-to-create-deploy/
Content Management and Upload: http://azure.microsoft.com/en-us/documentation/articles/web-sites-deploy/
VM Creation and Sizing
Content Servers in Azure can be any operating system supported for web services. In the case of Azure, it will be Windows Server 2008 R2, 2012, and 2012 R2 SKUs.
For Virtual Machine sizing purposes, it is recommended to align and plan capacity for Azure VM’s using the same guidelines for on-premises using the official App-V Sizing document: https://technet.microsoft.com/en-us/library/dn595131.aspx
I have found in my early testing with customers and myself, it is economical to scale out Standard Tiers using A1 or A2 series VM’s and load-balance as needed since we are only serving up web content essentially. I’ll also explain another reason when diving into the streaming protocol selection.
Internet Facing Scenarios
For App-V client retrieving content from cloud-based servers, there are three important factors to consider:
For Azure Web Services, streaming APPV package content from the cloud is quicker using HTTP although the tradeoff of non-secure transmission may not meet all security requirements of some organizations. For those organizations, additional security of the cloud services for HTTPS communications will be required. Also you will need to flip the App-V clients to use single-range HTTP communication as opposed to multi-range.
BranchCache is Your Friend
To ensure fast, optimal delivery for on-premises App-V clients, and to provide the best experience possible for devices that may use the stream-to-disk scenario with clients – it is recommended to have the clients configured for BranchCache in either hosted mode or distributed mode. In addition, it is NOT recommend the use of Shared Content Store mode for on-premise clients due to limitations of offline access and heavy latency with the single-range HTTP protocol. Potential latency that may come with Single-range protocols would be offset and optimized by use of the BranchCache protocol. In addition, BrancheCache can reduce traffic overall to the cloud.
In addition to security content transmission, you will want to secure access between your on-premises clients and the Azure-hosted cloud services. If the on-premises domain for which the App-V Client’s belong is federated with an Azure AD domain, you can secure access through individual users. Otherwise, you will need to leverage an alternative solution for restricting access.
Whitelisting IP Address Access
You can restrict access by IP address range in at least two ways. You can leverage the existing IP and Domain Restrictions feature in IIS. This will also work to secure Azure App-V Content servers to only allow access to IP addresses and domains that you have specified in a whitelist. https://technet.microsoft.com/en-us/library/cc731598%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
You can also secure access to the cloud endpoints using ACLS. http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/
Regardless of how the web service is secured on the back end. For streaming seamlessly, it is also recommended to add the URLs of the resources to the App-V Client’s Intranet Zone policy.
UPDATE: 10/21/2014: The MVMC 3.0 is now released with P2V functionality restored.
The Microsoft Virtual Machine Converter 2.0 is available! The Microsoft Virtual Machine Converter provides a supported, freely available, stand-alone solution for converting VMware-based virtual machines and virtual disks to Hyper-V-based virtual machines and virtual hard disks (VHDs).
There is also a release of an update to the Migration Automation Toolkit (MAT). This is a collection of PowerShell scripts that will automate conversions using MVMC. You can use it to convert several machines at once, on a single server – or scale it out and execute conversions on many servers at the same time.
With the release, you will be able to access many new features including:
- On-premises VM to Azure VM conversion
- PowerShell interface for scripting and automation support
- Added support for vCenter & ESX(i) 4.1, 5.0 and now 5.5
- VMware virtual hardware version 4 – 10 support
- Linux Guest OS support including CentOS, Debian, Oracle, Red Hat Enterprise, SuSE enterprise and Ubuntu.
- Migration Automation Toolkit support for MVMC 2.0
Migration Automation Toolkit (MAT)
MVMC Converter Download
Normally I do not use this space to advertise books except in the case of two exceptions: If it is a free e-book and is relevant, I will definitely recommend it – otherwise – it had better be good. After reading his first book on the Windows Azure platform, I was very happy to hear that Tejaswi Redkar has come out with a book on rapidly ramping on and deploying Windows Azure Websites – especially given the fact that this is one of the top use cases for moving to the cloud with Windows Azure. Yes, I am using this space to give a shameless plug for this fantastic book.
Do you want to know everything about the fastest growing service in Windows Azure? Do you want to build your own websites in minutes in literally automate EVERYTHING! Are you building a mobile application and need to ensure availability and reliability by implementing an always-on web service? Is your organization working on a cloud strategy?
The book is available in both 21st (e-book) and 20th century (paper) formats!
I first met Tejaswi during the Fall of 2010. He was an Architect and I was a Support Escalation Engineer. I was wading through future private cloud scenarios and he was educating us all on public cloud scenarios. We were both at an internal Microsoft conference up in Bellevue and he was taking me to school left and right on Microsoft Cloud technologies as he was already deep inside many things that neither of us could talk publicly about at the time. As more of a user of Azure (for my personal and day-to-day operations) I find myself on the end of many questions relating to Azure where I can shed light on my personal experiences, but not actually claim to be an expert. I reference Tejaswi's books often as great starting points.
Barnes and Noble Link: http://www.barnesandnoble.com/w/windows-azure-web-sites-tejaswi-redkar/1117494730
The feed of Windows Azure Pack Gallery Resources and SCVMM Service Templates which are compatible with the RTM releases is now LIVE
Windows Azure pack information can be found here: http://www.microsoft.com/en-us/server-cloud/products/windows-azure-pack/default.aspx#fbid=w0JHn-YWZV6
The Windows Azure Pack is a collection of Windows Azure technologies available to Microsoft customers at no additional cost. Once installed in your datacenter, the Windows Azure Pack integrates with System Center and Windows Server to help provide a self-service portal for managing services such as websites, Virtual Machines, and Service Bus; a portal for administrators to manage resource clouds; scalable web hosting; and more.
The feed of Windows Azure Pack Gallery Resources and SCVMM Service Templates which are compatible with the RTM releases is now LIVE at:
This release includes more than 40 deployable templates to get you started including:
- SharePoint 2013
- SharePoint Foundation 2010
- Microsoft SQL Server 2013
- Domain Controller
- Windows Server 2012 R2 HA Network Gateway
- Windows Server 2012 R2
- Windows Server 2012
- Database Servers
- MySQL Server (Windows and Linux)
- Oracle Self Service Kit
- Linux applications including
- CentOS6 LAMP
- WordPress CentOS6
- Samples to enhance authoring
- Custom Script
- Custom Script with Environment Variables
- Linux Generic
- Service Template Example Kit
- and more
For information on how to use this feed and import items in the Windows Azure Pack you can use the following resources:
- Downloading and Installing Windows Azure Pack Gallery Resource:
- Video: Using the Service Models Web Platform Installer Feed – https://www.youtube.com/watch?v=eAvOUNqqYfc&feature=youtu.be
- Technet: Downloading and Installing Windows Azure Pack Gallery Resource – http://social.technet.microsoft.com/wiki/contents/articles/20194.downloading-and-installing-windows-azure-pack-gallery-resource.aspx
- Video: Virtual Hard Disk Requirements for the Virtual Machine Role Gallery – https://youtu.be/eAvOUNqqYfc
- Technet: System Center 2012 R2 Virtual Machine Role Authoring Guide – http://social.technet.microsoft.com/wiki/contents/articles/18272.system-center-2012-r2-virtual-machine-role-authoring-guide.aspx
So, Microsoft had a bunch of new releases this week! Windows 8.1, Windows Server 2012 R2, a Bing Facelift. With all that has been going on in the past couple of weeks, it easy to miss something. For those of us who live in the world of virtualization and cloud, some additional (very handy) software and resources have been made available to make our lives much easier in the field.
For starters, we released some well-needed guidance for our VDI folks out there:
Desktop Hosting Reference Architecture Guide
DaaS (Desktops as a Service) continues to grow – especially in worlds where one-to-many virtual desktops are desired for the reduction of overall density and real estate consumption. In addition, something our internal field engineers have been perfecting over the past few years has also been made public – a performance and optimization guide for the Windows 7 operating system in a virtual desktop (VDI) environment.
Performance Optimization Guidelines for Windows 7 Desktop Virtualization
A Big Release for the BYOD (Bring-your-own-Device) Space, Stronger Security Options for Azure, and Free Stuff!
When you read the above link, you will also learn Microsoft now has Remote Desktop apps for iOS, Mac OS X and Android! Talk about burying the lead! Yes, with the release of Windows Server 2012 R2, we are introducing new Microsoft Remote Desktop end-user applications for iOS, Mac OS X and Android. Just like our modern apps for Windows and Windows RT these provide easy access to virtual machine based desktops, session based desktops and RemoteApp programs, as well as the ability to remote to a PC. With Windows Server 2012 R2 Remote Desktop Services we continue to improve the management and deployment, solutions economics, and end-user experience for virtual desktop and server based computing experiences. In particular, new storage capabilities like tiered storage spaces and online VHD de-dupe dramatically reshape the economics of delivering a remote desktop services solutions. And now these new apps extend a rich Windows experience to a new range of devices.
Except of course WP8 for right now 😦
The Windows Azure Multi-Factor Authentication Server (the on-premise version of PhoneFactor) is supported for use with RD Gateway and will function with RDWeb/RDG in an Azure VM, see http://technet.microsoft.com/en-us/library/dn394287.aspx for the most current documentation.
Also there is the Windows Azure Multi-Factor Authentication for Windows Azure Active Directory (http://technet.microsoft.com/en-us/library/jj713614.aspx – the hosted version of PhoneFactor) does not natively integrate with RD Gateway.
Free E-Books from Microsoft!
Finally, a wealth of free books have been released from MS Press revolving around public, private, and hybrid cloud scenarios.
Virtual Machines for Oracle are now available in preview. Microsoft and Oracle have combined to provide end-to-end support for customers running business-critical Oracle software on Windows Azure. Brad Anderson announced it at Oracle OpenWorld! View the video here: http://blogs.technet.com/b/in_the_cloud/archive/2013/09/27/icymi-oracle-openworld-2013-keynote.aspx
This means the Oracle Database, Oracle WebLogic Server, and the Java development environment are now available, in preview, in the Windows Azure Virtual Machines Image Gallery. These images include licenses for the Oracle software that they contain.
During the preview period, there is no charge for the included Oracle licenses. You will pay only for the Windows Azure compute and storage resources that your Virtual Machine consumes. If you would prefer to use an Oracle software license that you already own, you can do that too. Just choose a Windows Server image from the Image Gallery and install the Oracle software yourself.
Whether you bring your own Oracle license or use one of the license-included images, you now have increased flexibility and choice in where to deploy your applications and the peace of mind that comes from knowing you will be fully supported by Oracle.
To get started, sign in to the Windows Azure Management Portal (http://click.email.microsoftemail.com/?qs=378f344bda59c3f044c12fabed50a5bb3108ac63baef548eb34935bd94685eeb0ccabb6d7d42ca99) and add a new Virtual Machine from the Image Gallery. For more information, visit the Oracle information page (http://click.email.microsoftemail.com/?qs=378f344bda59c3f0b75cce40c85cfa318d718cc5387f6ef1c7c1d2c6a9b6b35625caff7e7b6657f5) on the Windows Azure website.
If you are new to Azure and an Oracle user looking to migrate to a cloud solution, check out this: http://www.windowsazure.com/en-us/campaigns/oracle/
if you are looking for more technical guidance, i would recommend these links as a first start:
Deploy Pre-configured Oracle VMs on Windows Azure
For specific configuration and version information, use this MSDN reference: