Day 40: AZ-140 Pt.5 - Monitor and Maintain WVD - DR/BCP
Section 5: Monitor and Maintain a WVD Infrastructure (20-25%)
Plan and implement business continuity and disaster recovery
The below should cover the following criteria for this section of the exam:
- Plan and implement a disaster recovery plan for Windows Virtual Desktop
- Design a backup strategy for Windows Virtual Desktop
- Configure backup and restore for FSLogix user profiles, personal virtual desktop infrastructures (VDIs), and golden images
- In the below steps, it should be noted I am not going to say click this n that, I will give a general overview but you will need to fill in the gaps with your knowledge of Azure.
- All opinions below are my own and are not representative of any company I am linked with.
- All scripts and information followed below is at your own risk and I hold no responsibility if you run any of it in production without testing in pre-production first.
Plan and implement a disaster recovery plan for Windows Virtual Desktop
If we take a look at the above link, in summary it states we need the following, and in this order:
1. Replicate the VMs in a secondary location
Microsoft recommends Azure Site Recovery for this, it will ensure (if configured correctly) all resources are replicated / backed up to a secondary site. Once everything has been backed up, you would use the following command to log your users off WVD, allowing you to fail them over to your backup site.
As part of the secondary location, you also need to consider on your backup sites the following:
- Virtual Networks - Can your users and applications interact with the VNET?
- User Profiles - Can users still access their profiles and applications?
So this would require you create a storage location in your fail over location, and that is configured with all the same permissions such as Virtual Desktop User attributes, and that any LOB applications such as ones which rely on MSIX are backed up in the same location.
On the hostpool machines you need to ensure the following FSLogix policy is covered, its worth noting to give consideration to any Cloud Cache settings if you're using these and adjust as necessary.
HKLM\Software\FSLogix\ProfilesVHDLocations - REG_MULTI_SZ \\profileloc1\profiles \\profileloc2\profiles
Note: Introducing the above does now mean you take on additional costs due to the replication of data.
In addition the VMs themselves can be de-allocated however which will reduce costs but the storage accounts will still be active.
3. Make sure user identities you set up in the primary location are available in the secondary location.
You need to ensure you have a backup AD site for this purpose, either on-prem or in Azure, again the Azure Site Recovery is recommended for this.
4. Make sure any line-of-business applications relying on data in your primary location are failed over to the secondary location.
As per profile containers I have covered this, however if you have any LOB not in the cloud then those will need to have visibility of your fail over site locations as well.
The section on BCP is a vast one (as with most things WVD), so definitely read up on the following - https://docs.microsoft.com/en-us/azure/virtual-desktop/disaster-recovery?WT.mc_id=modinfra-17152-thmaure
One thing I did note, which might be useful is re testing is the following (from the blob):
- If the test VMs have internet access, they will take over any existing session host for new connections, but all existing connections to the original session host will remain active. Make sure the admin running the test signs out all active users before testing the plan.
- You should only do full disaster recovery tests during a maintenance window to not disrupt your users. You can also use a host pool in the validation environment for the test.
- Make sure your test covers all business-critical apps.
- We recommend you only failover up to 100 VMs at a time. If you have more VMs than that, we recommend you fail them over in batches 10 minutes apart.
Design a backup strategy for Windows Virtual Desktop
The below outlines in a FAQ for a strategy with WVD.
Configure backup and restore for FSLogix user profiles, personal virtual desktop infrastructures (VDIs), and golden images
This section delves into Recovery Services vault, the following link has some good detail which should allow for reasonable grounding on this subject.