Blog_Image_Title.jpg

Best Practices for Manual Golden Image Management

Rob Waggoner

Looking for a way to manually manage your golden images for both new and existing MyCloudIT deployments?

Below are the steps to update a golden image or create one out of any of your current session hosts. You will be able to use it later to create a new session collection or replace a full set of session hosts. Let’s get started!

Golden image virtual machine creation

There are many ways to create a golden image VM, but we will be focusing on the following:

  1. Create a new golden image. This will allow you to have a new set of applications in your environment.
  2. Update an existing golden image, giving you the option to apply OS patches, fix configuration settings, and upgrade your applications and/or add new ones.
  3. Take an existing session host and make it your new golden image. If you already configured a session host, then you can replicate it across your deployment and make the other session hosts identical.
Let’s take a closer look at each one:
1. Create a new golden image

If you want to create a new golden image, start here with our guide. This will walk you through the process of VM creation, image capture, and deployment of new session hosts using your new image.

2. Update an existing golden image

When you plan to update an existing golden image, a new VM will have to be created so you can remote in and perform all the necessary updates. Once it is ready, then it can be captured and saved as a newer version of your previous image. This helps you keep a versioning system in case you ever need to go back to a previous version.

To create the new VM from an existing golden image, you will need to contact MyCloudIT support for assistance. You will find information on submitting a support ticket using the MyCloudIT portal here. You must provide the following information to the MyCloudIT team in your support ticket:

  • The name of the deployment that contains the golden image.
  • The name of the image file, or the name of any session collection that was created from it.

MyCloudIT support team will create a new VM and let you know when it is ready to use Then you can continue with the configuration. The new VM will be created inside the same virtual network used by your RDS deployment. This allows you to join the VM to the Windows domain, if needed, so you can install or update your applications.

3. Take an existing session host and make it your new golden image

If you decided to install all your applications inside one of your session hosts directly, it is also possible to use it for a new golden image that can be replicated across your deployment. Additionally, the new golden image can be transferred to other deployments to save you time and effort installing applications and customizing the environment.

At this point, let’s assume that your session host has been configured exactly how you want your golden image to look. The process will consist of replicating the VM, so you can capture the image without the risk of damaging your RDS deployment. Since the session host will be replicated exactly as is, it will preserve the computer name and domain information. With that said, the new replica VM must be created in a separate virtual network to avoid DNS issues and name duplication in your RDS deployment. Also, since the new replica VM won’t have any communication with the deployment’s Domain Controller, it will require a local account with administrator rights to remote into the VM.

Create local administrator account

A local admin account must be created in the session host before it can be replicated. Click here to create the local user, and make it an administrator; otherwise you won’t be able to manage your applications and updates.

Replicate session host VM

When the session host VM is ready and the local admin account exists, you are ready to create the new replica VM. MyCloudIT support will be happy to provide you with any assistance.  You will find information on submitting a support ticket using the MyCloudIT portal here. Please include the following the information in your support ticket:

  • Deployment name
  • Session host name

MyCloudIT support team will create the VM replica and let you know when it is ready to use. Then you can proceed with the image capture, which is explained below.

Prepare the VM’s Operating System

Before you can capture the VM image, you must prepare the operating system by removing unique information to make it reusable on future deployments and environments. You can achieve this goal by using Microsoft’s System Preparation tool (Sysprep) available in your Windows VM. To “Sysprep” your VM, please following these steps:

  1. Open a PowerShell window as administrator
  2. Execute the command & "$env:SystemRoot\system32\sysprep\sysprep.exe" /generalize /oobe /shutdown

G1.jpg

You will see a dialog box telling you that Sysprep is working.  It will take at least 2-3 minutes.

G2.jpg

The /shutdown parameter will shut down the VM when Sysprep is done generalizing it. After a minute or two your VM status will be set as Stopped.

NOTE: When the instance is in this state, it will continue incurring charges on your subscription. If you plan to stop at this point and resume the image capture process later, it is recommended that you stop your virtual machine either through the Azure portal or MyCloudIT portal.

Capture virtual machine image

Once the VM’s OS has been prepared, you can proceed with the image capture process. It will involve certain operations on the VM at the Azure level, for which is highly recommended that you use the ARM Explorer website  given its simplicity and friendly interface.

Next, open your browser and go to the ARM Explorer website, it will ask you to log in with your Azure account. After signing in, make sure to enable Read/Write actions, since we will be doing more than just GET operations. You can do so by clicking on the Read/Write button located at the top right side of the website.

G3.png

At the top, you will find a search box. Type the name of the VM to be captured and select it from the drop down. If you can’t find the VM in search bar, do the following: expand subscriptions on the left pane > expand your subscription > expand resourceGroups > expand Microsoft.Compute > find your VM. Once you do, you will see something like the example below:

G4.png

Deallocate

On the top bar of the Explorer, find and click the Actions (POST, DELETE) tab and then click Deallocate. The status of the virtual machine will go from Stopped to Updating to Stopped (deallocated). It will take one or two minutes to deallocate the virtual machine before you can move on to the next step.

G5.png

 NOTE: At this point, you will no longer be charged for the VM running on Azure.

Generalize

Now that the instance is fully deallocated, it is time to generalize it.  Click the Generalize button located below Deallocate. Give it two minutes to generalize the instance before moving on to the next step.

NOTE: You will know the action has been submitted successfully when a green checkmark pops up on your screen. You can click it more than once to be sure, it won’t harm your deployment.

G6.png

Capture

Now you will capture your image You will find the Capture button above the Deallocate option.

G7.png

Before you submit the capture request, you must replace the green text above with your own information. In this box, you will be specifying a name prefix for the vhd file that represents your VM image, a name for the container that will store the vhd file, and whether you want to overwrite a vhd file if one with the same information already exists. You may use alphanumeric characters, hyphens, and underscores for the vhd file prefix as well as the container name. As for the overwrite vhd parameter, set it to false.

Once you have filled the parameters section with your own information, it will look something like the example below. Now you can click Capture. Once again, a green checkmark will pop up if the operation completes successfully.

G8.png

Rename the golden image

Before you can rename your newly captured image file, you must locate it within your deployment. Go to the Azure Resource Manager and type the golden image virtual machine name. In the overview page, find the Storage account under the Type column. Sometimes there is more than one storage account. If that is the case, you need to click each of them until you find “system” along with “vhds”. Take note of the storage account name since you will be using it shortly.

The easiest way to rename your golden image is using Microsoft Azure Storage Explorer, which can be downloaded by clicking here. Download, install, and open the tool. It will ask you to log in with your Azure account. After signing in, locate your subscription: the golden image storage account name (the one you noted from the previous step) > Blob Containers > system.

G9.png

It will open a file explorer tab on the right side, navigate through the following: Microsoft.Compute > Images > the container name you specified > the vhd file, right click it and select Rename.

G11.png

These are a few best practices when it comes to naming golden images:

  • Make sure to add “.vhd” at the end of the file name, otherwise the image won’t be found in the MyCloudIT portal.
  • Try to keep image names short for ease of management. Also, try to use the same name for the same tree images for consistency.
  • If applicable, include the version number in the name (E.g. QuickBooks -v3.vhd) to keep track of your changes. It also allows you to roll your RDS deployment back if something goes wrong with the latest captured image.
Update RDS deployment

Once you have a golden image, you can put it to use in your RDS deployments by either creating a new RD session collection or updating one. If the golden image you want to use has been managed on a different RDS deployment, the vhd file must be copied over to the deployment’s resource group before it can be referenced via the MyCloudIT portal. You can create a support ticket with MyCloudIT to assist you with the image transfer. Find out how to open a support ticket by clicking here. Please include the following information in your support ticket:

  • Source RDS deployment name
  • Image name
  • Destination RDS deployment name

NOTE: You can also copy/paste your golden image file using the Microsoft Azure Storage Explorer that was mentioned earlier in the “Rename the golden image” section.

 

1. Create RD session collection

In the MyCloudIT portal, do the following: go to Deployments > Select your deployment > Choose either Desktop Collections or RemoteApp > Add. In the Windows Experience field, select Golden Image and fill in the following fields accordingly.

G12.png

2. Update RD session collection
Extend the RD session collection

Locate the collection you want to update in the MyCloudIT portal and do the following: go to Deployments > Select your deployment > Choose either Desktop Collections or RemoteApp > Select your collection > Host Servers. In the same view, you will see all the session hosts that are currently deployed for that collection Please note the total number of servers since we will be adding the same number with the new image.

G13.png

While you are in the same view, click Add. In the Windows Experience field, select Golden Image and fill in the following fields accordingly. In the Num. of Users field, type 1. Expand the Advanced Options section, select the instance size of your choice (you can change them after being deployed if preferred) and set the Num. of Session Hosts to the current number of host servers.

G15.png

Remove old session hosts

After the collection update process has completed and you refresh the collection view, you will see the collection with all the session hosts.

G16.png

The next step is to delete each one of the old session hosts. You can do this by clicking on the Actions button next to each of old session hosts and then click Delete. You can delete all of them by repeating this process one at a time within the same view.

G17.png

If you have any additional questions or need assistance, feel free to submit a support ticket by clicking here and our MyCloudIT support team will reach out to you.