Q1: 200k for login. 40k for steady Q2: Personal pool: 25k for login and 5k for steady Non-persisted: 125k for login and 25k for steady Remote app: 50k for login and 10k for steady Q3: Personal pool: around 8k for login and 1.5k for steady Non-persisted: around 42k for login and around 8k for steady Remote app: around 17k for login and around 33k for steady
good catch...um...I was just making sure you were paying attention... You get bonus points!!! or maybe because I am really...really...REALLY good at...compression 🤦♂️ or I am terrible at maths. 🤣 yeah I did a stupid there. 4 x 4000 = 16,000 or 16TB DUH... 🤦♂️😁🤷♂️
You both could be right There is a possibility some users are using roaming profile and you don't need space for them as soon as they log out Profile gone out of the window 😃
1. Does FSLogix profile share need to be backed up or is it transient and hence really backed up elsewhere? 2. What is the process cleanup old inactive user account? 3. What is the process to cleanup old data for active user accounts?
1. Yes it should be backed up 2. Disable users then either delete the profile or save it somewhere else, this is usually determined by your internal policy 3. Not sure what you mean here…if they are active, then they are using their data?
I believe that NetApp backup snapshots can now be backed up to an Azure vault. So no need for NetApp replication for backups. Maybe just have a few snapshots for DR purposes.
Thanks for sharing! I haven’t seen that feature in NetApp yet, can you share a link to the docs for it. If the feature does exist then it is a backup solution only, not DR. Backup is where at recover data in place, DR is where we recover data in another place. So Cross Region Replication should still be considered for DR, on top of backups.
Even back to to Blob is good. and Blob storage can do regional replication so it is a good solution. But still not quite the same as instant regional DR. but thanks for letting me know!
Hi Dean, for backing up Azure Files with Azure Backup you say it copies the snapshots into the RSV. Is that something we can enable and if so how. I thought the RSV only orchestrated the snapshotting process. I get this informational message when setting it up: "Azure File Share Backup Policy uses snapshots for recovery point creation and restore operations. The snapshots are stored in the same storage account as the file share and not transferred to the vault."
You are correct when doing snapshots directly in the storage account but my understanding is that the recovery services fault will not only manage the snapshots but also puts a copy of them in the vault. If you find documentation showing otherwise please let me know
@@AzureAcademy I have done some digging in documentation, the file share backup process is detailed here: docs.microsoft.com/en-us/azure/backup/azure-file-share-backup-overview There is a purple box midway down the page highlighting that backups aren't transferred to the vault. I really wish there was an option to transfer them as this comes up frequently with customer WVD deployments - they want to use Azure Files, but want a proper backup outside of the Storage Account that is GRS replicated to the other Azure Region. Premium Files only offers ZRS, not GRS and even if it did, storing snapshots in the same Storage Account doesn't sit well with many people. On a different note, thanks for all the videos. Having put a few together myself during the pandemic I know how much time and effort goes into producing and editing - it's all very much appreciated.
What I would do then...if you want things specifically backed up to another region is NOT use Azure backup...instead use FSLogix Cloud cache and have 2 replication points, one in region and the other in a different region.
@@AzureAcademy And if we would use the ZRS redundancy? We can leverage Azure Backup for orchestrating snapshots, but we have a synchronous copy to AZ without doubling the costs, as using cloud cache. Yes, it isn't in another region but it could be a good tradeoff.
Yes Automate it. You can either apply a script using the custom script extension or use PowerShell to target all those VMs and apply the script Extension option - th-cam.com/video/jprvNtN1J2c/w-d-xo.html My example FSLogix script - github.com/DeanCefola/Azure-WVD/blob/master/PowerShell/FSLogixSetup.ps1
1. Login 4000x50 = 200000. Steady 4000x10= 40000. But only if those 4000 users are concurrent users which will work on the same hours. 2. 500 users. Login 500x50=25000, Steady 500x10=5000. 2500 users 2500x50=125000, steady 2500x10=25000. 1000 users 1000x50=50000, Steady 1000x10=10000. If Remote apps have the same average iops after login as you don't have the whole Windows shell. 3. 1/3 of 500 users: 167 users. Login 167x8350, Steady 167x10=1670. 1/3 of 2500 Users = 834. 834x50 = 41700, Steady 834x10=8340. 1/3 1000 users. 1/3 of 1000 users = 334. 334x50=16700, Steady 334x10=3340
Are writes to the profile written as they occur directly to the VHDx file (let's say I add a file to my desktop, or some other such add), or are are they stored someplace else (a cache folder) until the user logs out when they would be committed to the VHDx file?
As mentioned in azure docs that we cannot use profile solution in AAD joined machine like file storage, could it work with blob storage with ccd location as it doesn't require any AD permission like file share.
Hi Dean, Does the storage apply to existing RDS environment in Azure or it's just for WVD? I'm wondering if it's ok to migrate the FSLogix profiles from disk to Azure files due to IOPS. I reckon the answer will be yes but I'm just confirming. Thanks
You are asking if a RDS environment can use Azure Files for the user profile disks or FSLogix...technically yes. But from a FSLogix perspective I don’t think so. FSLogix license is included in WVD license, not RDS...so you’d have to pay for it.
Hi Dean, I'm referring to iops calculations and if it's a supported scenario by MS. Fslogix license is covered by the e5 license. Also, one thing I noticed is that azure files doesn't give you that much iops over a vm disk for small sizes. A 3tb disk has up to 7500 iops and an azure file with the same storage size, up to 9000. It's better but now wow. However, for future growth and availability, it's better even if the cost is a bit higher. Thanks!
yeah and when people are hear that 10,000 IOPS space it is an interesting conversation. Do you go with Azure Files Standard with Large Files enabled and get 10,000 IOPS, or go with premium files and get a lot more performance, with more cost.
I have On premise Active Directory with a Sync to Azure AD ex: contoso.com And Iam using azure adds for Ex: adds.contoso.com, I have configured Azure File share using the adds.contoso.com domain , we have a storage account created in the OU for authentication, I have a cloud only security Group created and added few users in it and same security group has RBAC permissions on Azure files. Now I have Vm’s joined to adds.contoso.com , from this machines I logged in using the user1@contoso.com but Iam unable to access the share. Basically Iam unable to access fslogix share on azure files from wvd, all permisisons are properly specified. Any help please.
Yup, because your users and you permissions are in 2 different, unconnected forests and AD Domains. It’s the same thing as if you have the share and I have the users. It won’t work. AzureAD DS is NOT extending your domain into Azure. Watch my video on this to understand more. th-cam.com/video/OWGVoJMdIRc/w-d-xo.html
@@AzureAcademy I mean I was able to access the share and the wvd from cloud only user account user1@contoso.com and the wvd in (adds.contoso.com). But iam unable to access the wvd session host with the users synced from the onprem directory contoso.com
Right because the WVD VM is joined to the Azure AD DS domain. None of the on prem accounts will be able to access that domain unless you run the PowerShell to sync their accounts. th-cam.com/video/OWGVoJMdIRc/w-d-xo.html at 9:30
Q1:
200k for login. 40k for steady
Q2:
Personal pool: 25k for login and 5k for steady
Non-persisted: 125k for login and 25k for steady
Remote app: 50k for login and 10k for steady
Q3:
Personal pool: around 8k for login and 1.5k for steady
Non-persisted: around 42k for login and around 8k for steady
Remote app: around 17k for login and around 33k for steady
great job!
@@AzureAcademy Should Q3 = Remote app: around 17k for login and around 3k for steady
You get the gold star ⭐️
Maybe it's me, but how does 4GB profiles for 4000 users end up using 4TB of space?
good catch...um...I was just making sure you were paying attention...
You get bonus points!!! or maybe because I am really...really...REALLY good at...compression 🤦♂️
or I am terrible at maths. 🤣
yeah I did a stupid there. 4 x 4000 = 16,000 or 16TB
DUH... 🤦♂️😁🤷♂️
You both could be right
There is a possibility some users are using roaming profile and you don't need space for them as soon as they log out
Profile gone out of the window 😃
Could be...
Yeah I had the same feeling; 4 x 4 = 4? I wish the world was that simple
@@tabaniz Do you mean temporary profiles? A roaming profile still needs to be stored.
Awesome
One of most important videos
👍👍 please share it on social media
1. Does FSLogix profile share need to be backed up or is it transient and hence really backed up elsewhere?
2. What is the process cleanup old inactive user account?
3. What is the process to cleanup old data for active user accounts?
1. Yes it should be backed up
2. Disable users then either delete the profile or save it somewhere else, this is usually determined by your internal policy
3. Not sure what you mean here…if they are active, then they are using their data?
I believe that NetApp backup snapshots can now be backed up to an Azure vault. So no need for NetApp replication for backups. Maybe just have a few snapshots for DR purposes.
Thanks for sharing! I haven’t seen that feature in NetApp yet, can you share a link to the docs for it. If the feature does exist then it is a backup solution only, not DR.
Backup is where at recover data in place, DR is where we recover data in another place. So Cross Region Replication should still be considered for DR, on top of backups.
@@AzureAcademy sorry my mistake, it’s backup to Blob storage and it’s currently in preview. th-cam.com/video/z8-onqdFR98/w-d-xo.html (4:00).
Even back to to Blob is good. and Blob storage can do regional replication so it is a good solution. But still not quite the same as instant regional DR.
but thanks for letting me know!
Thank you for the Back to the Future reference
👍👍
Have you done a UPD (user profile disk) to FSLogix Profile Container migration? That’s what I’m up for
Yes...there are community scripts for that. Search for FSLogix Citrix migration and give that a shot
Awesome explanation 🙂..are there vedios available for java version control and App Masking for fs-logix?
Java is something I have never seen anyone use…but I am sure someone has…app masking is in video 16 on apps th-cam.com/video/8jGKoKzf9MM/w-d-xo.html
Hi Dean, for backing up Azure Files with Azure Backup you say it copies the snapshots into the RSV. Is that something we can enable and if so how. I thought the RSV only orchestrated the snapshotting process. I get this informational message when setting it up: "Azure File Share Backup Policy uses snapshots for recovery point creation and restore operations. The snapshots are stored in the same storage account as the file share and not transferred to the vault."
You are correct when doing snapshots directly in the storage account but my understanding is that the recovery services fault will not only manage the snapshots but also puts a copy of them in the vault.
If you find documentation showing otherwise please let me know
@@AzureAcademy I have done some digging in documentation, the file share backup process is detailed here: docs.microsoft.com/en-us/azure/backup/azure-file-share-backup-overview There is a purple box midway down the page highlighting that backups aren't transferred to the vault. I really wish there was an option to transfer them as this comes up frequently with customer WVD deployments - they want to use Azure Files, but want a proper backup outside of the Storage Account that is GRS replicated to the other Azure Region. Premium Files only offers ZRS, not GRS and even if it did, storing snapshots in the same Storage Account doesn't sit well with many people.
On a different note, thanks for all the videos. Having put a few together myself during the pandemic I know how much time and effort goes into producing and editing - it's all very much appreciated.
What I would do then...if you want things specifically backed up to another region is NOT use Azure backup...instead use FSLogix Cloud cache and have 2 replication points, one in region and the other in a different region.
@@AzureAcademy And if we would use the ZRS redundancy? We can leverage Azure Backup for orchestrating snapshots, but we have a synchronous copy to AZ without doubling the costs, as using cloud cache. Yes, it isn't in another region but it could be a good tradeoff.
Yes...but that all depends on how big a blast radius you need to protect for in A disaster
If the region is down...ZRS won’t help
great just one question we have to setup fslogix for 200 vm is there any way to go in one shot
Yes Automate it. You can either apply a script using the custom script extension or use PowerShell to target all those VMs and apply the script
Extension option - th-cam.com/video/jprvNtN1J2c/w-d-xo.html
My example FSLogix script - github.com/DeanCefola/Azure-WVD/blob/master/PowerShell/FSLogixSetup.ps1
1. Login 4000x50 = 200000. Steady 4000x10= 40000. But only if those 4000 users are concurrent users which will work on the same hours.
2. 500 users. Login 500x50=25000, Steady 500x10=5000. 2500 users 2500x50=125000, steady 2500x10=25000. 1000 users 1000x50=50000, Steady 1000x10=10000.
If Remote apps have the same average iops after login as you don't have the whole Windows shell.
3. 1/3 of 500 users: 167 users. Login 167x8350, Steady 167x10=1670. 1/3 of 2500 Users = 834. 834x50 = 41700, Steady 834x10=8340. 1/3 1000 users. 1/3 of 1000 users = 334. 334x50=16700, Steady 334x10=3340
looks great Thomas...thanks for playing 😎
Are writes to the profile written as they occur directly to the VHDx file (let's say I add a file to my desktop, or some other such add), or are are they stored someplace else (a cache folder) until the user logs out when they would be committed to the VHDx file?
that depends on the configuration of FSLogix.
in VHDLocations...YES
in CloudCache...NO
As mentioned in azure docs that we cannot use profile solution in AAD joined machine like file storage, could it work with blob storage with ccd location as it doesn't require any AD permission like file share.
The performance of blob storage compared to Files storage is super slow. I would NOT recommend it for production use at all.
But it’s up to you.
Dean,
Random though here...
You need to get some Azure Academy shirts and polos :D
Great idea! I will get to work on that!
What color would you like?
@@AzureAcademy I'll go for White and/or Navy Blue :)
Coming soon
@AzureAcademy looking forward to it
sorry this is taking forever...but it is a very complex process...learning the cloud is much easier 😁🤔
Hi Dean,
Does the storage apply to existing RDS environment in Azure or it's just for WVD? I'm wondering if it's ok to migrate the FSLogix profiles from disk to Azure files due to IOPS.
I reckon the answer will be yes but I'm just confirming.
Thanks
You are asking if a RDS environment can use Azure Files for the user profile disks or FSLogix...technically yes. But from a FSLogix perspective I don’t think so. FSLogix license is included in WVD license, not RDS...so you’d have to pay for it.
Hi Dean,
I'm referring to iops calculations and if it's a supported scenario by MS. Fslogix license is covered by the e5 license.
Also, one thing I noticed is that azure files doesn't give you that much iops over a vm disk for small sizes. A 3tb disk has up to 7500 iops and an azure file with the same storage size, up to 9000. It's better but now wow. However, for future growth and availability, it's better even if the cost is a bit higher.
Thanks!
yeah and when people are hear that 10,000 IOPS space it is an interesting conversation. Do you go with Azure Files Standard with Large Files enabled and get 10,000 IOPS, or go with premium files and get a lot more performance, with more cost.
The 9000 iops for 3000gb is for premium azure files...
got it
Dean, I guess you really meant 16GB (at 2´01"), right?
Yeah…I corrected myself in the next video
is there an easy way to see IOPS Metrics from a disk or FileStorage?
There is if you are using azure files premium, which do Troy have?
@@AzureAcademy Ah okay then i will switch my File shares into files premium. currently i got a DC and on it are the Fileshares hosted classic.
Cool!
How did 4gb profile size alive after covid era? Webex zoom google eat up lot of storage in app data
Not too bad, just have to clear the cache and shrink
I have On premise Active Directory with a Sync to Azure AD
ex: contoso.com
And Iam using azure adds
for Ex: adds.contoso.com, I have configured Azure File share using the adds.contoso.com domain , we have a storage account created in the OU for authentication, I have a cloud only security Group created and added few users in it and same security group has RBAC permissions on Azure files.
Now I have Vm’s joined to adds.contoso.com , from this machines I logged in using the user1@contoso.com but Iam unable to access the share.
Basically Iam unable to access fslogix share on azure files from wvd, all permisisons are properly specified.
Any help please.
Yup, because your users and you permissions are in 2 different, unconnected forests and AD Domains. It’s the same thing as if you have the share and I have the users. It won’t work.
AzureAD DS is NOT extending your domain into Azure.
Watch my video on this to understand more.
th-cam.com/video/OWGVoJMdIRc/w-d-xo.html
I did test today and its working. Thanks
Cool
@@AzureAcademy I mean I was able to access the share and the wvd from cloud only user account user1@contoso.com and the wvd in (adds.contoso.com). But iam unable to access the wvd session host with the users synced from the onprem directory contoso.com
Right because the WVD VM is joined to the Azure AD DS domain.
None of the on prem accounts will be able to access that domain unless you run the PowerShell to sync their accounts.
th-cam.com/video/OWGVoJMdIRc/w-d-xo.html at 9:30