Overview

itopia WorkAnywhere (formerly Cloud Automation Stack [CAS]) now supports adding Google Cloud (GCP) regions to an existing deployment. As part of this support, deployment administrators can simply select one or more GCP regions (up to three new regions at a time) to be added, and WorkAnywhere will automatically deploy the necessary infrastructure to extend the deployment into those regions, including networking, Active Directory, and Remote Desktop Services roles (if applicable).

Similarly, WorkAnywhere also supports extending an existing Collection Pool into additional regions. Administrators can add regions to a Collection Pool, and CAS will automatically deploy the necessary infrastructure to that region, including RDS or Windows 10 Session Hosts.

Understanding Regions in WorkAnywhere

Each WorkAnywhere deployment relies on VM instances and other infrastructure deployed to one or more Google Cloud datacenters. These datacenters are commonly referred to as regions, corresponding to the geographic area in which they are located. A list of GCP regions is available here.

Within itopia WorkAnywhere, adding regions to your deployment creates the necessary infrastructure to host Cloud Desktops within that region; depending on your deployment type, this infrastructure may include:

• VPC subnets, network load balancers, and external IP addresses (for client connectivity)
• Active Directory domain controllers
• Remote Desktop Services (RDS) Connection Broker servers
• RDS Gateway servers
• File servers

When creating Collection Pools, administrators can then select one or more deployment regions to host Cloud Desktop instances. Collection Pools can only contain regions that exist within the deployment; in other words, you must first add the new region to your deployment before you can add it to a Collection Pool.

Guide: Adding a Region to the Deployment

You can add regions to your existing WorkAnywhere deployment at any time, using the process below.

1. Log into the Cloud Automation Stack (CAS) Admin Console at cas.itopia.com using an account that has the Deployment Editor role or higher.
2. From the Admin Console Dashboard, use the left-hand menu to navigate to Settings > Regions.
3. Click the Add Region button.
4. For the new region, specify the following:
   • GCP Region: Select the Google Cloud region to be added
   • Subnet: Specify a custom subnet, if required for your network design. By default, CAS will use the standard GCP subnet for the selected region
   • External DNS Name: If desired, you may specify a custom external DNS name for your users to connect to the new region. By default, CAS will use the format [deployment code]-[GCP region[.cloudvdi.net
   • SSL Certificate: If you specify a custom External DNS Name, you must upload a matching SSL certificate (with private key) to be used for the new region. If you keep the default External DNS Name, CAS will use an SSL certificate provided by itopia
   • Infrastructure Roles: By default, CAS will deploy one VM instance for each required infrastructure role, such as Active Directory domain controllers and RDS Gateway servers. You may specify whether redundant VM instances should be deployed for each role; CAS will automatically configure the roles for redundancy and may provision additional infrastructure to support it (such as a Cloud SQL instance for RDS Connection Broker high availability)
   • Assign to Collection Pools: You must select at least one Collection Pool to be added to the new region
   • Advanced Settings
     • Manually Select Zones: Each GCP region is subdivided into multiple zones; in most cases, the specific zones that are used do not affect the deployment in any way. However, in some special cases administrators may wish to specify the zones that are used within a region. If this option is not selected, CAS will randomly select two GCP zones within the region to host the VM instances for the deployment.
5. Click Add.

CAS will begin provisioning the new region's infrastructure and will extend the selected Collection Pool(s) into the region. Depending on the number of infrastructure role instances and Collection Pools selected, this process typically takes between 1 to 3 hours to complete. You can track the status of the process using the Activity Panel at the bottom of the CAS Admin Console screen.

Guide: Adding a Region to a Collection Pool

Once the new regions have been added to the deployment, you can extend a Collection Pool into the regions at any time, using the process below.

1. Log into the Cloud Automation Stack (CAS) Admin Console at cas.itopia.com using an account that has the Collection Editor role or higher.
2. From the Admin Console Dashboard, use the left-hand menu to navigate to Cloud Desktops > Collection Pools.
3. Click on the desired Collection Pool name to view its details.
4. On the Collection Pool Details screen, click Edit
5. In the Regions section, click Add Region. If the button is disabled, you do not have any additional regions to which the Collection Pool can be extended.
6. For the new region, specify the following:
   • GCP Region: Select the Google Cloud region to which to extend the Collection Pool. This list will only show regions that exist in your deployment.
   • Region Is Active: When a region is marked as Active, end-users may be routed to that region automatically when connecting to their Cloud Desktop through the Cloud VDI Portal (portal.cloudvdi.net). This routing is computed based on the geolocation of the user's IP address and the estimated latencies to each region that contains the Collection Pool(s) to which the user is assigned. If you disable this setting, the region is inactive, and users will not be routed to the region until it is marked active.
7. Click Create.

CAS will begin provisioning session hosts for the region based on the Host Instance Configuration settings for that Collection Pool. Depending on the number of session hosts, this process may take between 30 minutes and several hours. You can track the status of the process using the Activity Panel at the bottom of the CAS Admin Console screen.

Considerations for Adding Regions

Adding regions to an existing WorkAnywhere deployment makes it easy to quickly scale your environment as your needs grow. However, it is important to be aware of the following considerations before using this feature:

• CAS can add a maximum of three (3) new regions to a deployment at a time. If you attempt to add a fourth new region, you may see an error asking you to wait until the provisioning is complete before you can proceed. However, there is no limit to the number of regions that can be added overall.
• CAS can extend a maximum of three (3) Collection Pools into new regions at a time. If you attempt to extend a single Collection Pool into four or more regions, you may see an error instructing you to to reduce the number of new regions selected for the Collection Pool. Similarly, if you are extending multiple Collection Pools, you may see an error asking you to wait until the provisioning is complete before you can proceed. This limit does not apply when selecting regions while adding a new region to the deployment.
• If your deployment is configured to use a Shared VPC or Existing VPC as part of an Advanced Deployment, CAS will only display GCP regions for which a subnet has been shared with the WorkAnywhere GCP project. Thus, you should first create the necessary subnets on the Shared VPC or existing VPC before attempting to add a region to your deployment.
• A maximum of four (4) VM instances can be created for each infrastructure role when adding a new region.
• If your deployment is configured to use a New Active Directory domain or an Existing Active Directory Domain with Extension, CAS will automatically update the Active Directory site topology for each new region added to the deployment. This includes creating new AD sites, subnets, and site links. If your deployment is using an Existing Active Directory Domain (without the Extended AD option), you should manually configure the AD site and subnet information for the new region. If your deployment is using Google Managed Service for Microsoft Active Directory, AD sites do not need to be updated.