docs: AVD guidance updates (#432)

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Zach Trocinski <[email protected]>
Co-authored-by: Zach Trocinski <[email protected]>

azure-specialized-workloads/avd/kql/4b1a45af-d35f-442d-922a-a3e7b6052de1.kql → azure-resources/Compute/galleries/kql/b14ee8ed-7d27-447b-b6fb-6472cb5f4b75.kql

@@ -1,2 +1 @@
 // under-development
-

azure-resources/Compute/galleries/kql/b3c3ba1d-7de6-442d-8c50-023330fbf765.kql

@@ -0,0 +1 @@
+// under-development

azure-resources/Compute/galleries/recommendations.yaml

@@ -57,3 +57,39 @@
       url: "https://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/plan/should-i-create-a-generation-1-or-2-virtual-machine-in-hyper-v"
     - name: Images in Compute gallery
       url: "https://learn.microsoft.com/en-us/azure/virtual-machines/shared-image-galleries?tabs=azure-cli"
+
+- description: Create Image Versions replicas in secondary region
+  aprlGuid: b14ee8ed-7d27-447b-b6fb-6472cb5f4b75
+  recommendationTypeId: null
+  recommendationControl: Disaster Recovery
+  recommendationImpact: Medium
+  recommendationResourceType: Microsoft.Compute/galleries
+  recommendationMetadataState: Active
+  longDescription: |
+    On multi-region deployments, replicate Image Versions to a secondary region to ensure disaster recovery capability. This ensures that the Image Versions are available in the secondary region in case of a disaster in the primary region.
+  potentialBenefits: Enhances disaster recovery capability
+  pgVerified: true
+  publishedToLearn: false
+  automationAvailable: true
+  tags: null
+  learnMoreLink:
+    - name: Compute Gallery Replication
+      url: "https://learn.microsoft.com/azure/virtual-machines/azure-compute-gallery#replication"
+
+- description: Configure Image version replica count per region.
+  aprlGuid: b3c3ba1d-7de6-442d-8c50-023330fbf765
+  recommendationTypeId: null
+  recommendationControl: Disaster Recovery
+  recommendationImpact: Medium
+  recommendationResourceType: Microsoft.Compute/galleries
+  recommendationMetadataState: Active
+  longDescription: |
+    You can set a different replica count in each target region, based on the scale needs for the region. For every 20 VMs that you create concurrently, we recommend you keep one replica.
+  potentialBenefits: Enhances disaster recovery capability
+  pgVerified: true
+  publishedToLearn: false
+  automationAvailable: true
+  tags: null
+  learnMoreLink:
+    - name: Compute Gallery Scaling
+      url: "https://learn.microsoft.com/en-us/azure/virtual-machines/azure-compute-gallery#scaling"

azure-resources/DesktopVirtualization/hostPools/recommendations.yaml

@@ -1,12 +1,12 @@
-- description: Create a validation host pool for testing of planned updates
+- description: Create a validation host pool
   aprlGuid: 013ac34e-7c4b-425f-9e0c-216f0cc06181
   recommendationTypeId: null
   recommendationControl: Governance
   recommendationImpact: Medium
   recommendationResourceType: Microsoft.DesktopVirtualization/hostPools
   recommendationMetadataState: Active
   longDescription: |
-    Create a Validation Pool for early issue detection with planned AVD updates. Adjust limits based on needs. Scale by adding multiple host pools for more users. Regularly test updates on host pools. Validate changes before applying to main environment to avoid downtime.
+    Validation host pools let you monitor service updates before the service applies them to your standard or non-validation environment.
   potentialBenefits: Enhanced environment stability
   pgVerified: true
   publishedToLearn: false
@@ -24,7 +24,7 @@
   recommendationResourceType: Microsoft.DesktopVirtualization/hostPools
   recommendationMetadataState: Active
   longDescription: |
-    Create maintenance schedules for AVD agent updates to avoid disruptions. Use Scheduled Agent Updates to set maintenance windows for updating Azure Virtual Desktop agent, side-by-side stack, and Geneva Monitoring agent.
+    Create up to two maintenance windows for the Azure Virtual Desktop agent, side-by-side stack, and Geneva Monitoring agent to get updated so that updates don't happen during peak business hours.
   potentialBenefits: Enhanced environment stability
   pgVerified: true
   publishedToLearn: false
@@ -42,7 +42,7 @@
   recommendationResourceType: Microsoft.DesktopVirtualization/hostPools
   recommendationMetadataState: Active
   longDescription: |
-    For optimized AVD configuration, place Hybrid VMs in unique OUs. Segregate Prod and DR units for environment-specific settings. This ensures targeted configurations for session hosts, including FSLogix, timeouts, and session controls.
+    Place domain joined session hosts VMs in unique OUs. Segregate Prod and DR units for environment-specific settings. This ensures targeted configurations for session hosts, including FSLogix, session controls, etc.
   potentialBenefits: Improved AVD hostpool config & segmentation
   pgVerified: true
   publishedToLearn: false
@@ -52,15 +52,15 @@
     - name: Configure the VMs and install Active Directory Domain Services
       url: "https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/deploy/virtual-dc/adds-on-azure-vm#configure-the-vms-and-install-active-directory-domain-services"
 
-- description: Use Azure Site Recovery or backups to protect VMs supporting personal desktops
+- description: Use Azure Site Recovery to protect stateful session hosts
   aprlGuid: 38721758-2cc2-4d6b-b7b7-8b47dadbf7df
   recommendationTypeId: null
   recommendationControl: Disaster Recovery
   recommendationImpact: Medium
   recommendationResourceType: Microsoft.Compute/virtualMachines
   recommendationMetadataState: Active
   longDescription: |
-    Implement Azure Site Recovery (ASR) or Azure Backup for personal host pools to enable seamless failover and failback. This replicates VMs supporting personal desktops to a secondary Azure region, ensuring recovery from a known state in case of a disaster or outage.
+    Implement Azure Site Recovery (ASR) to replicate or backup stateful session hosts. This replicates VMs to a secondary Azure region or availability zone, ensuring recovery from a known VM state in case of an outage.
   potentialBenefits: Ensures VM recovery & failover
   pgVerified: true
   publishedToLearn: false

azure-resources/DesktopVirtualization/scalingPlans/recommendations.yaml

@@ -1,12 +1,12 @@
-- description: Scaling plans should be created per region and not scaled across regions
+- description: Create scaling plans per region
   aprlGuid: 499769ae-67c9-492e-9ca5-cfd4cece5209
   recommendationTypeId: null
   recommendationControl: Scalability
   recommendationImpact: Medium
   recommendationResourceType: Microsoft.DesktopVirtualization/scalingPlans
   recommendationMetadataState: Active
   longDescription: |
-    Each region has its own scaling plans assigned to host pools within that region. However, these plans can become inaccessible if there's a regional failure. To mitigate this risk, it's advisable to create a secondary scaling plan in another region.
+    Scaling plans can only be assigned to host pools in the same region, on multi-region deployment scenario each region should has its own scaling plan.
   potentialBenefits: Enhanced scaling
   pgVerified: true
   publishedToLearn: false

azure-resources/VirtualMachineImages/imageTemplates/recommendations.yaml

@@ -24,14 +24,14 @@
   recommendationResourceType: Microsoft.VirtualMachineImages/imageTemplates
   recommendationMetadataState: Active
   longDescription: |
-    The Azure Image Builder service, used for deploying Image Templates, lacks availability zones support. By replicating Image Templates to a secondary, preferably paired, region, quick recovery from a region failure is enabled, ensuring continuous virtual machine deployment from these templates.
+    The Azure Image Builder service lacks availability zones support. Replicating Image Templates to a secondary region will enable the build of new images in secondary region.
   potentialBenefits: Enhances disaster recovery capability
   pgVerified: true
   publishedToLearn: false
   automationAvailable: true
   tags: null
   learnMoreLink:
     - name: Image Template resiliency
-      url: "https://learn.microsoft.com/en-us/azure/reliability/reliability-image-builder?toc=%2Fazure%2Fvirtual-machines%2Ftoc.json&bc=%2Fazure%2Fvirtual-machines%2Fbreadcrumb%2Ftoc.json#capacity-and-proactive-disaster-recovery-resiliency"
+      url: "https://learn.microsoft.com/en-us/azure/reliability/reliability-image-builder?toc=%2Fazure%2Fvirtual-machines%2Ftoc.json&bc=%2Fazure%2Fvirtual-machines%2Fbreadcrumb%2Ftoc.json&tabs=graph#disaster-recovery"
     - name: Azure Image Builder Supported Regions
       url: "https://learn.microsoft.com/en-us/azure/virtual-machines/image-builder-overview?tabs=azure-powershell#regions"

azure-specialized-workloads/avd/_index.md

@@ -8,12 +8,14 @@ geekdocHidden: false
 
 | Recommendation                                                                                                                                                                                                                                                                  |  Provider Namespace   |     Resource Type      |
 |:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:---------------------:|:----------------------:|
-| [Create a validation host pool for testing of planned updates](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/DesktopVirtualization/hostPools/#Create-a-validation-host-pool-for-testing-of-planned-updates)                                                   | DesktopVirtualization |       hostPools        |
+| [Create a validation host pool](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/DesktopVirtualization/hostPools/#Create-a-validation-host-pool)                                                   | DesktopVirtualization |       hostPools        |
 | [Configure host pool scheduled agent updates](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/DesktopVirtualization/hostPools/#configure-host-pool-scheduled-agent-updates)                                                                                     | DesktopVirtualization |       hostPools        |
 | [Ensure a unique OU is used when deploying host pools with domain joined session hosts](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/DesktopVirtualization/hostPools/#ensure-a-unique-ou-is-used-when-deploying-host-pools-with-domain-joined-session-hosts) | DesktopVirtualization |       hostPools        |
-| [Use Azure Site Recovery or backups to protect VMs supporting personal desktops](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/DesktopVirtualization/hostPools/#use-azure-site-recovery-or-backups-to-protect-vms-supporting-personal-desktops)               | DesktopVirtualization |       hostPools        |
-| [Scaling plans should be created per region and not scaled across regions](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/DesktopVirtualization/scalingPlans/#scaling-plans-should-be-created-per-region-and-not-scaled-across-regions)                        | DesktopVirtualization |      scalingPlans      |
-| [Replicate your Image Templates to a secondary region](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/VirtualMachineImages/imageTemplates/#replicate-your-image-templates-to-a-secondary-region)                                                               |        Compute        |       galleries        |
+| [Use Azure Site Recovery to protect stateful session hosts](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/DesktopVirtualization/hostPools/#use-azure-site-recovery-to-protect-stateful-session hosts)               | DesktopVirtualization |       hostPools        |
+| [Create scaling plans per region](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/DesktopVirtualization/scalingPlans/#create-scaling-plans-per-region)                        | DesktopVirtualization |      scalingPlans      |
+| [Replicate your image templates to a secondary region](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/VirtualMachineImages/imageTemplates/#replicate-your-image-templates-to-a-secondary-region)                                                               |        Compute        |       virtualMachineImages        |
+| [Create image Versions replicas in secondary region](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/compute/galleries/#create-image-versions-replicas-in-secondary-region)                                                               |        Compute        |       galleries        |
+| [Configure image version replica count per region](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/compute/galleries/#configure-image-version-replica-count-per-region)                                                               |        Compute        |       galleries        |
 | [A minimum of three replicas should be kept for production image versions](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/galleries/#a-minimum-of-three-replicas-should-be-kept-for-production-image-versions)                                         |        Compute        |       galleries        |
 | [Zone redundant storage should be used for image versions](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/galleries/#zone-redundant-storage-should-be-used-for-image-versions)                                                                         |        Compute        |       galleries        |
 | [Deploy VMs across Availability Zones](../../../Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#deploy-vms-across-availability-zones)                                                                                                           |        Compute        |    virtualMachines     |

azure-specialized-workloads/avd/recommendations.yaml

@@ -279,25 +279,6 @@
     - name: Learn More
       url: "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/azure-best-practices/plan-for-ip-addressing"
 
-- description: Ensure route tables accommodate failover
-  aprlGuid: 4b1a45af-d35f-442d-922a-a3e7b6052de1
-  recommendationTypeId: null
-  recommendationControl: Disaster Recovery
-  recommendationImpact: High
-  recommendationResourceType: Specialized.Workload/AVD
-  recommendationMetadataState: Active
-  longDescription: |
-    Ensure Route Tables that force tunnel traffic to FW/NVA have failover considerations evaluated and won't fail or trigger next-gen FW protections.
-    AVD workload teams should collaborate with centralized teams that manage the shared infrastructure, like networking, to ensure that both Production and DR workloads have the appropriate route tables in place for failover of routing to perform as expected.
-  potentialBenefits: Enhanced failover reliability
-  pgVerified: true
-  publishedToLearn: false
-  automationAvailable: false
-  tags:
-  learnMoreLink:
-    - name: Learn More
-      url: "https://learn.microsoft.com/azure/cloud-adoption-framework/ready/landing-zone/design-area/management-business-continuity-disaster-recovery"
-
 - description: Configure static routes for session hosts to directly access the AVD control plane subnet
   aprlGuid: 1c6c97d7-4d03-4f53-985d-fa239f715173
   recommendationTypeId: null