Overview of global images

Avatar
Nerdio Product Support

Overview of global images

The Global Images module provides centralized management for global images that can be made available to any or all of your customer accounts. This allows you to make customized images with applications and settings that you reuse in many customer environments without duplicating effort with each new account.

Nerdio Manager provides a powerful tool that performs an extensive automation process to commit the global image changes to an image object. This includes many tasks you would have had to do manually like Sysprep and sealing the image. This would normally be done after you have made the updates to your image. Once you perform Set as image, the image object is created and is ready to be used either to build new host pools or to re-image existing host pools.

Prerequisites

Before you can use global images, link a resource group and its associated VNet at the MSP level in Nerdio Manager.

For details, see:

Companion video

Select this link to view the video.

Navigate to global images

The global images page allows you to perform various tasks related to global image. For example, power on/off, clone, delete, set as image, and more.

To navigate to the Global images page:

  1. At the MSP level, select Global Images.

  2. Perform any of the desired global image tasks:

Power on a global image

Nerdio Manager allows you to power on a global image. This can be powered on immediately, or you can select from a schedule.

To power on a global image:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

    Note: A red icon indicates the global image is powered off.

  3. Select Power on.

  4. From the Power on dialog box, select the Run now tab to power on the global image immediately, or select the calendar icon tab to schedule the power on.

    • If you select the schedule option, from the drop-down list, select the schedule you want to use.

  5. Enter the following:

    • Run the following scripted actions: Toggle this option On, and configure the following:

      • Azure runbooks: From the drop-down list select the Azure runbook(s).

      • Windows scripts: From the drop-down list select the Windows script(s).

      • Pass AD credentials: Select to enable the passing of AD credentials specified on the Setting > Credentials > Directory page to the scripts being executed.

    • Applications Management: Toggle this option On and configure the following:

      • Show favorites only: Select this option to display applications from the favorite list.

      • Name: Enter the first three letters of the application, and then select the application from the list of results displayed.

      • Install/Uninstall: From the drop down, select whether to Install or Uninstall the application.

      • Skip if newer: Select this option to skip the installation if a newer version of the Winget App or Shell App is already installed on the target machine.

      • Reboot after install: Select this option to reboot the clone of the desktop image VM once the application has been installed. Subsequent application tasks will continue after the reboot has completed.

        Note: You can add additional application by repeating the steps described. To delete an application from the image, select the trash can icon.

    • Schedule power off: Optionally, select this option and type the number of hours to wait before automatically powering off the global image.

  6. Once you have entered all the desired information, select OK.

Note: If you have selected the schedule option, then the schedule is displayed at the bottom of the dialog box. It is for information only, and cannot be edited here.

Power off a global image

Nerdio Manager allows you to power off a global image.

To power off a global image:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

    Note: A green icon indicates the global image is powered on.

  3. From the action menu, select Power off.

  4. In the confirmation dialog box, select OK.

Restart a global image

Nerdio Manager allows you to restart a global image. Optionally, you can redeploy the VM.

Tip: Redeploying a VM helps if you are having trouble connecting via RDP or accessing applications on the VM. Redeploying powers off the VM, moves the VM to a new node within Azure, and then powers it back on.

To restart a global image:

  1. At the MSP level, select Global Images.

  2. Locate the global image you wish to work with.

  3. Select Restart.

  4. In the confirmation dialog box, optionally, select Redeploy VM.

  5. Once you have entered all the desired information, select OK.

Add a global image from the Azure library

Nerdio Manager allows you to import a global image from the Azure library into a workspace.

To import an image from the Azure library:

  1. At the MSP level, navigate to Global Images.

  2. Select Add from Azure library.

  3. Enter the following information:

    • Name: Type the global image's name.

    • Description: Type the description.

    • Network: From the drop-down list, select the network to which the VM connects.

      Note: The VM is created in the Azure region associated with the network.

    • Azure Image: From the drop-down list, select the desired image.

      Note: Select the image based on the Windows OS supported by AVD. EVD = Enterprise Virtual Desktop (aka Windows 10 multi-session). Office Pro Plus contains a pre-installed Office 365 version of Pro Plus that is activated as users with appropriate licensing sign in to the desktop.

    • VM Size: From the drop-down list, select the size.

    • OS Disk: From the drop-down list, select the disk.

    • Resource Group: From the drop-down list, select the resource group to contain the network interface cards of the VM.

    • Join to AD: Deselecting this means the VM is not joined to AD during the creation process. This prevents AD GPOs from applying to the image before it is created. Be sure to specify local administrator credentials below to be able to connect to the VM, since it won't be a member of the AD domain.

    • Do not create image object: Select this option to only create a global image VM but not create an image object.

      Note: You need to create the image object. Select Power off and set as image after the VM is created before this global image can be used for session host creation. If you skip image creation, you can make changes to the VM before it is converted to an image.

    • Enable time zone redirection: Select this option to enable time zone redirection on the image. This allows each user to see their local device's time zone inside of their AVD desktop session.

    • Set time zone: Select this option to set the time zone of the VM and then, from the drop-down list, select the time zone.

    • Uninstall FSLogix app: Select this option if the FSLogix app is already installed in the base image and you want to remove it in order to allow Nerdio Manager to manage FSLogix.

      Note: The latest FSLogix agent is installed automatically on session hosts that are created from this global image. FSLogix agent is not required on global images.

    • Validate image: Select this option to apply the image to the virtual machine, gather boot diagnostics, and verify the virtual machine successfully boots before creating a Managed Image or publishing to Azure Compute Gallery.

    • Use Boot Diagnostics Insights: Select the this option to perform boot diagnostics. See Overview of Boot Diagnostic Insights for details.

    • Geographic distribution and Azure compute gallery: Store the image in the Azure Compute Gallery and automatically distribute to the selected Azure region(s).

      • Azure Compute Gallery: From the drop-down list, select the Azure Compute Gallery or create a new one.

        Note: Only one gallery can be selected. An existing gallery must be in a linked resource group.

      • Azure Regions: From the drop-down list select the Azure region(s) where the Image version should be replicated.

        Note: The current Azure region must be part of the selection.

    • Provide custom credentials for a local administrator user: Toggle this option on to enter the username and password.

    • Run the following scripted actions: Toggle this option on to specify the scripts that run during creation.

      Notes:

      • Windows scripts are executed via the Azure Custom Script extension and run in the context of LocalSystem account on the clone of the global image VM before it is Sysprep'ed. These commands do not run on the image VM itself.

      • Azure runbooks are executed via the Azure automation account and run in the context of Nerdio Manager app service principal.

      • Several variables are passed to the script and can be used in the PowerShell commands.

    • Applications Management: Toggle this option On and select the applications to manage when the global image during creation.

      Note: Installations run on the clone of the global image before it is Syspreped. These applications do not run on the image VM itself.

    • Install certificates: Toggle this option On and select the AVD enabled certificates to add to the global image during creation.

      Note: See Overview of Certificate Management for details.

  4. Once you have entered all the desired information, select OK.

The global image is created. This may take up to an hour to complete.

Add a global image from an Azure VM

You can import an existing VM as a global image into Nerdio Manager. For example, you can take a custom VM from another virtual desktop deployment, that has all your applications installed, and use it as a global image.

Note: In order for this to work, your VM needs to be based on a Managed Disk. That is, you need to generate the accompanying SAS URL directly from the Azure portal, as explained below.

To add a global image from an Azure VM:

  1. In Azure, navigate to the virtual machine.

    Warning: Make sure that the VM is powered off.

  2. Navigate to Settings > Disks.

  3. Select the OS disk and then select Disk Export.

  4. Select Generate URL.

    The URL is generated.

  5. Copy the generated URL to the clipboard.

  6. In Nerdio Manager, at the MSP level, navigate to Global Images.

  7. Select Add from Azure VM.

  8. Enter the following information:

    • SAS URL: Paste the URL from the clipboard.

    • Create image VM as Gen2: Select this option to create the VM as Gen2.

      Note: By default, global image VMs are created as Gen1. See this Microsoft document to learn more about the differences between Gen1 and Gen2 VMs.

    • Uninstall AVD agent: Select this option if you are creating an image from an existing AVD session host where the AVD agent has been previously installed.

    • Enter the information for the other fields. See Add a global image from the Azure library for detailed information.

  9. Once you have entered all the desired information, select OK.

    The global image import task starts.

Update a global image

Nerdio Manager allows you to update an existing global image.

To update a global image:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Power off & set as image or Set as image (according to the power state of this global image).

  4. Select the Run now tab to execute this task immediately, or select the Schedules tab to use the scheduling feature.

    • If you select the schedules option, you will see a schedule has already been selected. From the drop-down list you can select a different schedule, or select calendar icon to add a new schedule.

    • Optionally, select I want to disable current schedule, and then select Disable.
    • Optionally, select I want to remove current schedule, and then select Delete.

  5. Enter the following information:

    • Geographic distribution and Azure compute gallery: Store the image in the Azure Compute Gallery and automatically distribute to the selected Azure region(s).

      • Azure Compute Gallery: From the drop-down list, select the Azure Compute Gallery or create a new one.

        Note: Only one gallery can be selected. An existing gallery must be in a linked resource group.

      • Azure Regions: From the drop-down list select the Azure region(s) where the Image version should be replicated.

        Note: The current Azure region must be part of the selection.

    • Storage account type: From the drop-down list, select the storage account type for the managed disk.

    • Stage new image as inactive: Select this option to create the new image version without setting it as active.

      Note: Any existing configurations continue to use the current version of the image. See Stage Global Images for details.

    • Retain current image object: Select this option to retain the existing image as a standalone object and not overwrite it with the new one, and then enter the number of version you want to keep.

      Note: This image is not visible or manageable via Nerdio Manager, so be sure to delete it manually when it is no longer needed to avoid unnecessary Azure storage costs.

      If the current image is stored in Azure Compute Gallery, it is retained with an older version number. If the image is not stored in Azure Compute Gallery, you can find it in Azure portal>Images. It is listed under "Custom images" in the Nerdio Manager image selector drop-down list.

    • Leave global image VM running: Select this option to leave the VM running after the Set as image task completes.

      Note: This is useful if you want to push OS and application updates to the running VM.

    • Run the following scripted actions before set as image: Toggle this option On to run scripted action(s) before the set as image.

      Note: For example, you can run scripts to optimize the image, install software, or install updates.

      • Azure runbooks: From the drop-down list select the Azure runbook(s).

    • Windows scripts: From the drop-down list select the Windows script(s).

  7. Pass AD credentials: Select to enable the passing of AD credentials specified on the Setting > Credentials > Directory page to the scripts being executed.

  8. Target VM: Select whether the scripted actions run on the Clone VM or the Source VM.

    Note: Applying scripted actions to the Source VM retains the changes during future image maintenance or staging.

  9. Applications Management: Toggle this option On and select the applications to manage when the global image before set as image.

  10. Install certificates: Toggle this option On and then, from the drop-down list, select the certificate you want to install.

  11. Error handling: Toggle this option On and then configure the following:

    • Retry threshold: Enter number of attempts Nerdio Manager will retry the Power off & set as global image task before failing.

    • Cleanup after failure: Select this option to shutdown and remove the resources created during the Power off & set as global image process after the Retry Threshold has been met.

    • Hours until cleanup on failure: Select this option to leave resources running for a set number of hours before performing a cleanup action.

  12. Validate image: Select this option to apply the image to a VM, gather boot diagnostics, and verify the virtual machine successfully boots before creating a managed image or publishing to Azure Compute Gallery.

  13. Change log: Enter the list of changes made to the image.

  14. Refresh image from Azure marketplace:Toggle this option On to remove the existing image object and replace it with the latest version of the selected Azure Marketplace image, and configure the following options:

    • Marketplace image: From the drop-down list, select the new image to be used.

    • Join to AD: Select to join AD.

      Note: This will prevent AD GPOs from applying to the image before it is created. Be sure to specify local administrator credentials below to be able to connect to the VM since it won't be a member of the AD domain.

    • Enable time zone redirection: Select to enable time zone rediration. Enabling time zone redirection on the image allows each user to see their local device's timezone inside of their AVD desktop session.

    • Set time zone: Select to set the time zone, and from the drop-down list, select the time zone you want to use..

  15. Once you have entered all the desired information, select OK.

Note: If you have selected the schedule option, then the schedule is displayed at the bottom of the dialog box. It is for information only, and cannot be edited here.

Assign a global image to accounts

Once you have a global image set up and configured, you can assign that image to your accounts.

To assign a global image to accounts:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Assign accounts.

  4. From the drop-down menu, select all the account(s) to assign this global image to.

    Note: Accounts that are removed from this list lose access to the global image.

  5. Once you have entered all the desired information, select OK.

View a Global Image's Change Log

Nerdio Manager maintains an audit trail of all operations performed on a global image, called a change log. You may view a global image's change log at any time.

To view a global image's change log:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Change log.

    The change log displays.

Run scripts on a global image

Nerdio Manager allows you to run custom scripts on a global image. Scripted actions, which are PowerShell scripts, can be used to extend and customize the functionality of Nerdio Manager.

Nerdio Manager uses two types of scripted actions:

  • Windows scripts: They are executed via the Azure Custom Script extension.

  • Azure runbooks: They are executed via the Azure automation account and run in the context of app service principal.

Note: Nerdio provides several pre-populated variables that can be used in the script code. The available variables are:

  • $AzureSubscriptionId

  • $AzureSubscriptionName

  • $AzureResourceGroupName

  • $AzureRegionName

  • $AzureVMName (Available when the script is associated with a VM)

  • $ADUsername (if passing AD credentials)

  • $ADPassword (if passing AD credentials)

To run scripts on a global image:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Run Script.

  4. Select the Run now tab.

  5. Enter the following information:

    • Azure runbooks: From the drop-down list, select the Azure runbook(s) you wish to run.

    • Windows scripts: From the drop-down list, select the desired Windows script(s).

      Note: You can add multiple scripts and then drag and drop the Windows scripts and Azure runbooks to change the execution order.

    • Pass AD credentials: Optionally, select this option to pass your AD credentials to the script being executed.

    • Restart VM after script execution: Optionally, select this option to restart the VM after the script completes.

      Tip: It is preferable to select this option instead of restarting the VM in your PowerShell commands because the Custom Script extension fails if the script restarts the VM.

  6. Once you have entered all the desired information, select OK.

To schedule scripts to run on a global image

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Run Script.

  4. Select the calendar icon tab.

  5. Enter the following information:

    • Schedule: From the drop-down list, select the schedule.

    • Azure runbooks: From the drop-down list, select the Azure runbook(s) you wish to run.

    • Windows scripts: From the drop-down list, select the desired Windows script(s).

      Note: You can add multiple scripts and then drag and drop the Windows scripts and Azure runbooks to change the execution order.

    • Pass AD credentials: Optionally, select this option to pass your AD credentials to the script being executed.

    • Restart VM after script execution: Optionally, select this option to restart the VM after the script completes.

      Note: The selected schedule is displayed at the bottom of the screen for reference.

  6. Once you have entered all the desired information, select from the following:

    • Cancel: Cancels the current configuration.

    • Run now: Runs the scripts immediately.

    • Save:The current configuration is saved.

    • Save & close: The current configuration is saved and the dialog box closes.

To manage scripts scheduled to run on a global image

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Run Script.

  4. Select the Schedules(1)* tab.

    Note: The number displayed in brackets indicates the number of currently configured schedules. The * indicates there are unsaved changes.

  5. Enter the following information:

    • Schedule: From the drop-down list, select the schedule to be edited.To delete a schedule, select it from the list, then in the yellow box, check the box and the select Delete.

      Note: The currently configured schedule is displayed by default. To select a different schedule, select it from the drop-down list. Selected schedules are highlighted with a blue background and those that can be selected are highlighted with a green background.

    • Azure runbooks: To remove an Azure runbook, select the X next to the Azure runbook to be removed. To add an Azure runbook, from the drop-down list, select the Azure runbook(s) you wish to run.

    • Windows scripts: To remove a Windows script, select the X next to the Windows script to be removed. To add a Windows script, from the drop-down list, select the Windows script(s) you wish to run.

      Note: You can add multiple scripts and then drag and drop the Windows scripts and Azure runbooks to change the execution order.

    •  Pass AD credentials: Optionally, select this option to pass your AD credentials to the script being executed.

    • Restart VM after script execution: Optionally, select this option to restart the VM after the script completes.

      Tip: It is preferable to select this option instead of restarting the VM in your PowerShell commands because the Custom Script extension fails if the script restarts the VM..

  6. Once you have entered all the desired information, select from the following:

    • Cancel: Cancels the current configuration.

    • Run now: Runs the scripts immediately.

    • Save:The current configuration is saved.

    • Save & close: The current configuration is saved and the dialog box closes.

Backup a global image

Nerdio Manager allows you to take a backup for an existing global image using Azure Backup.

Note: Nerdio Manager implicitly creates a Recovery Vault and policy behind the scenes for the backup.

To backup a global image:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Backup.

  4. Enter the following information:

    • Retain image backup for xx weeks: Type the number of weeks this image backup is retained.

      Note: Once the retention period expires, the backup is automatically deleted. The image VM itself is not affected when the expired backup version is deleted.

  5. Once you have entered all the desired information, select OK.

Restore a global image

Nerdio Manager allows you to restore a global image from a backup.

To restore a global image:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Restore.

  4. Enter the following information:

    • Recovery point: From the drop-down list, select the desired recovery point.

  5. Once you have entered all the desired information, select OK.

Clone a global image

Nerdio Manager allows you to clone a global image.

To clone a global image:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Clone.

  4. Enter the desired information for all the fields. See Add a global image from the Azure library for detailed information.

  5. Once you have entered all the desired information, select OK.

Delete a Global Image

Nerdio Manager allows you to delete a global image.

Warning: Deleting a Global Image permanently deletes the VM and its associated image. It cannot be restored after it is deleted. Any session host VMs associated with this Global Image continue to operate normally.

To delete a global image:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Delete.

  4. Enter the following information:

    • Do not un-join VM from AD: Select this option to skip the domain un-join task during the removal process.

      Note: Using this option is not recommended but may be necessary if the VM cannot be powered on or un-joined from the domain normally. When selecting this option, be sure to manually remove the AD computer object associated with this session host VM.

    • CONFIRM: Type CONFIRM to continue.

  5. Once you have entered all the desired information, select OK.

Generate an RDP File

Nerdio Manager allows you to generate an RDP file.

Note: This option is only available when the global image is powered on.

To generate an RDP file:

  1. At the MSP level, navigate to Global Images.

  2. Locate the global image you wish to work with.

  3. From the action menu, select Generate RDP file.

  4. Enter the following information:

    • Select RDP File Settings: Select the desired RDP file settings.

    • RDP From: Type the custom IP address.

    • Duration: From the drop-down list, select the duration of the custom IP address.

  5. Once you have entered all the desired information, select Download.

    The RDP file is downloaded to your browser's default download folder.

Refresh global images from the Azure Marketplace

Nerdio Manager allows you to refresh global images from the Microsoft published and managed images in the Azure marketplace.

This automated image refresh operation ensures that you always have a pristine image from Microsoft with all the latest OS patches applied. The refreshed image is automatically deployed to all session hosts that use it.

To refresh a global image from the Azure Marketplace:

  1. At the MSP level, navigate to Global Images.

  2. Locate the image you want to refresh.

  3. From the action menu, if the global image is powered off, select Set as image. If the global image is powered on, select Power off & set as image.

  4. In the Schedule section, enable the scheduling function.

  5. Enable Refresh image from Azure Marketplace.

  6. Enter the following information:

    • Marketplace Image: From the drop-down list, select an image.

    • Join to AD: Select this option and then from the drop-down list, select the AD.

      For example, you can select a Windows 10 (2004) EVD _ Office ProPlus -Gen2 (multi-session) image and join it to the nerdio.int (default) AD. You can schedule to refresh this image, weekly, starting 11/20/2021 at 12:00 every Saturday.

    • Enable time zone redirection: Optionally, select this option to allow each user to see their local device's time zone inside of their AVD desktop session.

    • Set time zone: Optionally, select this option to configure the global image's local time zone. Then from the drop-down list, select the global image's time zone.

  7. When you have entered all the desired information, select OK.

Was this article helpful?

0 out of 0 found this helpful
Have more questions? Submit a request

Related articles

Comments (0 comments)

Article is closed for comments.