Skip to content

VDI (Virtual Desktop Infrastructure)

VDI provides access to Windows desktop environments running as virtual machines. Users connect to VMs via RDP (Remote Desktop Protocol).

Objectives

  • Create VDI profiles
  • Configure service accounts
  • Manage user roles
  • Request and use VDI sessions

Before you begin

VDI requires:

  • Cloudspace with available resources
  • VM template or image
  • Service account with VDI permissions
  • User roles defined

VDI Profiles

A VDI Profile defines the configuration for virtual desktops. Each profile specifies VM resources, behavior, and access control.

Profile Settings

Instance Behavior

  • single-use: Each session gets a fresh VM, recycled after disconnect and recycle time has passed
  • dedicated: User receives the same VM for each session

Availability

  • stand_by: VMs remain running when idle
  • shutdown: VMs power off when idle

VM Configuration

  • CPU cores
  • Memory (MB)
  • Boot disk size (GB)
  • Base image/template
  • Optional vGPU profile

Pool Settings

  • Standby pool size: Number of VMs kept ready
  • Maximum pool size: Maximum concurrent sessions (0 = unlimited)
  • Recycle time: minutes before inactive VMs are recycled

Creating a VDI Profile

To create a VDI profile

  1. Navigate to VDIProfiles.
  2. Click CREATE PROFILE.
  3. Enter profile name.
  4. Select cloudspace where VMs will be created.
  5. Select service account.
  6. Configure instance behavior:
    • Select single-use or dedicated.
  7. Configure availability:
    • Select stand_by or shutdown.
  8. Configure VM specifications:
    • Select image/template
    • Set CPU cores
    • Set memory in MB
    • Set boot disk size in GB
    • (Optional) Select vGPU profile
  9. Configure pool settings:
    • Set standby pool size
    • Set maximum pool size (0 for unlimited)
    • Set recycle time in seconds
  10. Select connection mode (see Connection Modes).
  11. Select granted roles (see User Roles).
  12. (Optional) Enter contact email.
  13. Click CREATE PROFILE.

The system provisions the standby pool VMs automatically.

Editing a VDI Profile

To edit a VDI profile

  1. Navigate to VDIProfiles.
  2. Select the profile to edit.
  3. Modify the desired settings.
  4. Click SAVE.

Note: Changes to VM configuration only affect newly created VMs, not existing ones. This will purge the standby pool and create a new pool with the new VM configurations.

Deleting a VDI Profile

To delete a VDI profile

  1. Navigate to VDIProfiles.
  2. Select the profile to delete.
  3. Click DELETE at the top of the page.
  4. Click Confirm.

Note: All sessions must be terminated before deleting a profile. There is a Force option to enforce that.

Connection Modes

VDI supports two connection modes for accessing virtual desktops.

Agent Mode

Agent mode uses WireGuard VPN to create direct encrypted connections.

Configuration:

  • Set connection_mode to agent
  • No additional configuration required

User requirements:

  • Install VDI Agent (Windows/macOS/Linux)
  • Internet connection

How it works:

  1. User requests session
  2. VDI Agent establishes WireGuard VPN tunnel
  3. RDP connection routed through VPN
  4. Direct connection to VM

RD Gateway Mode

RD Gateway mode uses Microsoft Remote Desktop Gateway as a proxy.

Configuration:

  • Set connection_mode to rdgateway
  • Enter RD Gateway hostname

Requirements:

  • RD Gateway server deployed
  • Valid SSL certificate
  • RD Gateway hostname configured

How it works:

  1. User requests session
  2. RDP connection to RD Gateway hostname
  3. Gateway proxies connection to VM
  4. No agent or VPN required

Roles

For a VDI profile, two roles are needed:

  • User role: Grants users access to request sessions
  • Service account role: Allows service account to manage VMs

User roles control access to VDI profiles. Only users assigned to granted roles can request sessions.

Service account roles provide permissions to manage VMs for VDI sessions.

Creating User Roles

To create a user role

  1. Navigate to SettingsRoles.
  2. Click CREATE ROLE.
  3. Enter role name.
  4. Enter description.
  5. Select Read permission (VDI users only require read access).
  6. Add users to the role.
  7. Click CREATE.

Note: VDI users only need read permissions on the cloudspace to request sessions.

Creating Service Account Role

To create a Service Account role

  1. Navigate to SettingsRoles.
  2. Click CREATE ROLE.
  3. Enter role name.
  4. Enter description.
  5. Select Read, Create, Delete, Execute, Update permissions.
  6. Click CREATE.

Granting Roles to Cloudspace

Both roles must be granted access to the cloudspace before creating VDI profiles.

To grant roles to a cloudspace:

  1. Navigate to the cloudspace.
  2. Click MoreRoles & Permissions.
  3. Click + Add Roles.
  4. Select both the user role and service account role.
  5. Click Add.

Service Accounts

Service accounts are automated accounts used by VDI to manage VM operations. They have permissions specific to VDI resources.

Creating a Service Account

To create a service account:

  1. Navigate to SettingsService Accounts.
  2. Click CREATE SERVICE ACCOUNT.
  3. Enter account name.
  4. Select the service account role created previously (with Read, Create, Delete, Execute, Update permissions).
  5. Click CREATE.

The service account is automatically granted permissions for:

  • Creating VMs from templates
  • Starting/stopping VMs
  • Configuring VM networking
  • Deploying certificates
  • Monitoring VM status

VDI Sessions

A VDI Session represents an active connection between a user and a VM.

Requesting a Session

To request a VDI session:

  1. Navigate to your VDI Profile.
  2. Click Agent Landing Page.
  3. Follow the instructions there.

The Agent Landing Page is a shareable URL where VDI users can request sessions.

Connecting to a Session

Agent Mode:

  1. Install VDI Agent if first time
  2. Agent automatically opens RDP connection
  3. Log in with domain credentials

RD Gateway Mode:

  1. Download RDP file
  2. Open RDP file
  3. Log in with domain credentials

Viewing/Managing Sessions

To manage sessions:

  1. Navigate to VDIProfiles.
  2. Select the profile.
  3. View and manage the sessions.

Ending a Session

For single-use profiles: VM is recycled. For dedicated profiles: VM shuts down if availability is shutdown.

Session States

Sessions progress through states:

  • initialized: Session created, VM not yet provisioned
  • provisioning: VM being created, installing VDI agent
  • standby: VM ready, no user assigned
  • reserved: VM assigned to user, waiting for connection
  • connected: User connected via RDP
  • recycling: Single-use VM being reset
  • shutdown: VM powered off
  • failed: Session encountered error