Creating a Parallels RAS High-Available Deployment in Microsoft Azure in 30 Minutes
Last updated on January 16, 2023
Introduction
Azure Resource Manager – To let users try a free, fully functional Parallels Remote Appication Server (RAS) deployment in Azure for 30 days, we have an Azure Marketplace deployment available that performs an all-in-one installation of Parallels RAS on a single machine running on Azure IaaS
There are no prerequisites needed for this deployment. It’s ideal for setting up proof-of-concept environments or to test-drive all of our Parallels RAS functionality. Check out our Quick Start documentation, or watch an introductory video.
Introducing Freek Berson
Freek Berson, an end user computing enthusiast and Microsoft MVP on Remote Desktop Services, joined the Parallels RAS VIPP program as one of the founding members. He has a lot of hands-on experience with using Azure Resource Manager (ARM) to automate deployments. During conversations at one of our VIPP events this year, Freek mentioned the opportunities of using ARM to deploy larger, production-ready environments that would also include high availability.
Below, Freek shares with us how to create a Parallels RAS high-available deployment using Azure.
The Goal
Azure Resource Manager (ARM) fundamentally changed the Azure Cloud. ARM allows you to use declarative language to provision any combination of objects in Azure in the most efficient way. By using ARM, you can redeploy environments in multiple subscriptions consistently, and can also identically configure OTAP environments. ARM also comes with options to implement role-based access control and tagging of objects to create better insights into your monthly Azure invoice.
I decided to create a new ARM template to deploy an entire high-availability Parallels RAS deployment in Azure IaaS. I contacted Parallels to work together on publishing and sharing the results.
My main goal was to deploy Parallels RAS in a high-available setup to allow for fast (re)deployments of Parallels RAS. However, the ARM template can also be used to deploy production environments. I reached out to Parallels to join forces on getting the template on GitHub so others can use and contribute to the template as well.
Prerequisites
To be able to perform a successful deployment using this template, a couple of prerequisites need to be in place.
Active Directory Domain Services
The Parallels RAS role services rely on Active Directory Domain Services (ADDS). ADDS needs to be in place prior to running this template. The bare minimum required is a single domain controller running in Azure IaaS and access to an account with domain admin credentials. If you want the Parallels RAS server to be placed in a specific folder, make sure you create the OU structure. In our example, we used the following OU structure.
Vnet and Subnet
The ARM template will deploy several virtual machines in Azure IaaS and needs a Vnet and underlying Subnet to be available. An example configuration of a Vnet is shown below, where the Vnet is named “ras-vnet” with an address space of 10.40.40.0/24.
The Vnet needs to be configured with at least 1 DNS server pointing to a domain controller. In this example, 10.40.40.4 is the domain controller.
Within the Vnet, a Subnet is created with the name ras-subnet, containing the same address range as the Vnet. Using the same address range as the address space of the Vnet is obviously not a requirement, as long as you make sure the Subnet can reach the domain controller.
Preferably, a new and empty resource group is created where the Parallels RAS components of this ARM deployment will be created. This will allow for easy grouping of all components that the ARM template created, and an easy way to perform role-based access control. In case you are running this ARM template to create a temporarily proof-of-concept environment, using a dedicated resource group will also allow easy cleanup after the PoC is finished. You can also decide to not pre-create the resource group at this stage; you can do so during the deployment of the template later on.
Parameters for the Template
To customize the ARM deployment, parameters are used. This paragraph contains a detailed explanation of the parameters.
| name | Description | Example |
| adDomainName | Specifies the Active Directory Domain Services FQDN you want the Parallels RAS environment to be deployed in. | contoso.com |
| adminPassword | Specifies the Active Directory Domain Services password of a user with domain admin permissions. | |
| adminUsername | Specifies the Active Directory Domain Services username of a user with domain admin permissions. | Adm_Berson |
| existingCustomImageNameRDSH | Specifies the name of the Sysprepped Custom Template image you want to use (also enable useExistingCustomImage). | RDSH-RDSG-Template-Image |
| existingCustomImageResourceGroup | Specifies the resource group where the Sysprepped Custom Template image you want to use is located. | RDSonAzureIaaS |
| existingSubnetName | Specifies the name of the existing Subnet you want to use. | ras-subnet |
| existingVnetName | Specifies the name of the existing Vnet you want to use. | ras-vnet |
| existingVnetResourceGroupName | Specifies the resource group where the existing Vnet is located. | Parallels-RAS-Prod |
| hostNamePrefixConsole | Specifies the prefix of the hostname of the virtual machine that will host the console role. | RAS-CON- |
| hostNamePrefixPublishingAgent | Specifies the prefix of the hostname of the virtual machine that will host the publishing agent role. | RAS-PA- |
| hostNamePrefixRDSessionHost | Specifies the prefix of the hostname of the virtual machine that will host the session host role. | RAS-RDSH- |
| hostNamePrefixSecureClientGateway | Specifies the prefix of the hostname of the virtual machine that will host the secure client gateway role. | RAS-SCG- |
| imageSKU | Specifies the image SKU (OS version) you want the environment to be based on. | 2016-Datacenter |
| internalIPAddressPrefix/24 | Specifies the IP range to be used by the virtual machines. | 10.40.40. |
| numberOfInstancesPublishingAgent | Specifies the number of virtual machines that will host the publishing role. | 2 |
| numberOfInstancesRDSessionHost | Specifies the number of virtual machines that will host the session host role. | 2 |
| numberOfInstancesSecureClientGateway | Specifies the number of virtual machines that will host the client secure gateway role. | 2 |
| ouLocationConsole | Specifies the existing organizational unit of Active Directory where the console server will be created. | OU=Console Server, OU=RAS,OU=Servers ,OU=RDSG, DC=contoso, DC=com |
| ouLocationPublishingAgent | Specifies the existing organizational unit of Active Directory where the publishing agent servers will be created. | OU=Publishing Agents, OU=RAS, OU=Servers, OU=RDSG, DC=contoso, DC=com |
| ouLocationRDSessionHost | Specifies the existing organizational unit of Active Directory where the session host servers will be created. | OU=RD Session Host, OU=RAS, OU=Servers, OU=RDSG, DC=contoso, DC=com |
| ouLocationSecureClientGateway | Specifies the existing organizational unit of Active Directory where the secure client gateway servers will be created. | OU=Secure Client Gateways, OU=RAS,OU=Servers, OU=RDSG, DC=contoso, DC=com |
| projectTag | Specifies a unique tag to be placed on all Azure Objects that are created. | RAS Deployment |
| RASGroupNameRDSH | Specifies the name of the RDSH Group within the Parallels RAS Console. | RDS-Gurus-RDSH-Group |
| RASLicenseEmail | Specifies the email address that will be used to license the trial. | freek@rdsgurus.com |
| RASLicensePassword | Specifies the Parallels account password that will be used to license the trial. | |
| useExistingCustomImage | Specifies whether or not to use an existing Sysprepped image for the RDSH Servers. | No |
| virtualMachineSizeConsole | Specifies the virtual machine size for the servers hosting the console role | Standard_DS2_V2 |
| virtualMachineSizePublishingAgent | Specifies the virtual machine size for the servers hosting the publishing agent role | Standard_DS2_V2 |
| virtualMachineSizeRDSessionHost | Specifies the virtual machine size for the servers hosting the session host role | Standard_DS2_V2 |
| virtualMachineSizeSecureClientGateway | Specifies the virtual machine size for the servers hosting the secure client gateway role | Standard_DS2_V2 |
Using the Template
The ARM template is available on Github at the following location: raw.githubusercontent.com/Parallels/RAS-PowerShell/master/ARM-templates-fberson/azuredeploy.json
Prior to using the template, make sure you’ve setup the prerequisites as discussed above. The next step is to copy the JSON template from GitHub and create a template on your Azure Subscription.
To do so, create a new template in the Azure Portal and provide values for the name and description. An example is shown below.
Next, click “Add template.” Remove the default code in the ARM Template section, copy in the JSON code from the GitHub location, and click “Ok.” Click “Add” to save the template.
You now have a copy of the template available in your Azure Subscription. To run the template, reopen it and click “Deploy.”
Decide in which resource group and region you want to deploy the template and provide the information. An example is shown below.
Provide values on the parameters to customize the deployment to your needs. For an explanation of the parameters, hover over the information icon for each parameter, or refer to the parameter table provided earlier in this article. When you are finished, accept the terms and click “Purchase.”
Wait for the deployment to complete. This should take approximately 30 minutes.
The End Results
After the template has been successfully deployed, a new highly available Parallels RAS deployment is available in your Azure IaaS environment.
End-User Experience
To test the end-user experience, download the Parallels RAS Client and create a new session. Provide the public IP Address taken from the Azure Portal.
Connect to the created connection by providing the account you used as the parameter of the deployment.
You should now be able to open the publish applications and desktop and test drive the Parallels RAS environment as an end user.
Optionally, you can also use the Parallels RAS HTM5 Gateway. To do so, open a web browser and go to https://<Public IP Address>/RASHTML5Gateway. Note that because this deployment does not yet autoconfigure SSL certificates, you will get a warning about the certificate.
Admin Experience
The ARM deployment installs the Parallels RAS Console and Parallels RAS PowerShell modules on the server that was set as console server using the parameters (default value RAS-CON-01). If you open an RDP connection to the server, you are able to use the Parallels RAS Console and PowerShell module. Open the Parallels RAS Console from the Start menu and provide the primary publishing server as provided as the ARM parameter (default value RAS-PA-01). Enter the admin credentials provided as ARM parameters.
The ARM deployment has deployed all Parallels RAS Roles on multiple servers, and the site overview should look like the screenshot below. You can now start using the Parallels RAS Console to further customize your environment.
