Typical Deployment Scenario for Nerdio Manager

Aug 28, 2023
The Nerdio Manager application can be deployed in single subscription, multi-subscription, and multi-tenant scenarios.
Multi-tenant deployments are considered "advanced" deployments. Please refer to the documentation below for details. If you are considering a multi-tenant deployment, we recommend that you discuss your deployment process with the Nerdio support team. In addition, please refer to this article about advanced installation methods.
When deploying Nerdio Manager in a single or multi-subscription scenario in combination with Active Directory Domain Services (ADDS), it is a requirement that line-of-sight connectivity between the AVD desktops and the domain is possible. This connectivity facilitates domain join operations, DNS resolution, and other domain services. This requirement is also true for native AVD deployment.

The diagram below provides an overview of a typical multi-subscription deployment. Nerdio Manager orchestrates activities via API integration with the tenant and subscriptions. Direct connectivity is required to the domain and storage services (file shares). As a best practice, VNet peering between networks should be used to enable this connectivity for both single-subscription and multi-subscription deployments. Please refer to this Microsoft article about VNet peering configuration.

Connectivity to an on-premises domain infrastructure is also supported across VPN and Express Route circuits, either directly (for single-subscription scenarios) or via the use of Express Route Authorizations (for a multi-subscription scenario). As a best practice, we recommend that the domain services are configured in Azure to support the AVD infrastructure and minimize network traffic, latency, and complexity.

Components

  • A Nerdio Managerenvironment is comprised of the following core components:
  • The Nerdio Manager Azure App Service plan and Web app.
  • An Enterprise app registration in Azure Active Directory with associated API permissions.
  • An Azure SQL database.
  • An Azure Key vault.
  • One or more Storage Accounts performing the following functions:
  • Transient storage of scripts.
  • Temporary VHD storage.
  • Boot diagnostics for created VMs.
  • An Azure Automation account to facilitate the following automated activities:
  • Manually triggered Nerdio Manager updates from the Nerdio Manager console.
  • Azure Runbooks scripted actions.
  • One or more Log Analytics Workspaces.
  • Application Insights for logging of exceptions and API utilization statistics.


Share by: