Amazon WorkSpaces. Fully managed desktop computing service in the cloud. Amazon WorkSpaces allows customers to easily provision cloud-based desktops that allow end-users to access the documents, applications and resources they need with the device of their choice, including laptops, iPad, Kindle Fire, or Android tablets. As stated by Amazon. However, when we look under the hood, itโs still good old Windows Server 2008 R2 (with a Windows 7 user experience) serving us our desktops. Old news, is it?
Donโt be fooled by smart marketing, they make it sound like youโre buying, or renting, a fully functional client OS based Windows desktop (I know, if you give the Amazon product pages a good read they do tell you itโs still a server OS instead of a client based OS solution, but still). And although, to the untrainedย eye, it looks like youโre presented with a Windows 7, or whatever, desktop, youโre not!
I guess the real question is, does it really matter? Well, in 75% of all cases the answer will probably be yes. But that’s only because when it comes to DaaS, about 75% of the time, the Hosted Shared Desktop (HSD)ย model is applied since it isn’t allowed (by Microsoft) to host client OS based machines on multi-tenant hosting platforms. With this in the back ofย our mindsย there could be some (very) valid reasons for specifically wanting or needing a one to one solution, and it doesn’t has to be a client OS per se, for example:
- Because your users may need to install their own updates & applications;
- Your users, for whatever reason, need to able to modify specific system-level settings;
- Perhaps in some casesย (other than the above) administrative privileges are needed;
- Certain users might need more processing power and memory then others, because ofย certain resource intensive applications they might use;
- Dedicated / persistent storageย might beย needed.
Although some of the above might be possible on a HSD environment as well, preferably not. Besides that, not all applications behave the way youโd expect if theyโre developed with a Client OS in mind but are installed on a Server OS instead. Do you recognize any of the above? Then youโre probably better off by keeping these specific users on-premises. Itโs always going to be a mix and match process. But wait… What if Amazon is different, whatย ifย it’s a ‘real’ VDI solution? Meaning single user instances of Windows Server, Read on.
Server 2008 one on one
In the case of Amazonโs WorkSpaces, itโs actually Windows Server 2008 R2 running in the background. I first thought that theyย applied the well know Hosted Shared Desktop principle based on Microsoftโs Terminal Services / RDS technology, but I whas wrongย (thanks Brian)ย These are server based desktops offered on a one to one basis, one user per Windows server desktop. DaaS (VDI)ย based on a Windows server OS including persistent storage!
Of course Amazon isn’t the first, butย when Amazon joins the party it gets way more attention than usual.ย Theyโre big and theyโre known, apparently thatโs what matters. Now donโt get me wrong,ย Iโm not saying that this is a bad thing, itโs actually quite nice to be honest.ย Besides,ย the technology involved has proven itself over and over again and is oneย of my personal favorites as well, theย Hosted Shared model included. Itโs just that every time a solution like this gets introduced they (try and) make you believe thatโs itโs actually a Client OS based machine for youย to use (while in most cases you’ll probably get an Hosted Shared Desktop based on aย Windows server OS instead)ย including all the potential pros and cons that come with it. At least, if you don’t read beyond the headlines. And if you need some of the flexibility that a Client OS can offer, either pooled or persistent, you might be disappointed. Although I have to admit that in Amazon’s case it doesn’t really matter, unless you have someย REAL specific client OS needs.
XD on Azure
Sort of similar to the above (although meant for a different use-case), a few months ago, Citrix together with Microsoft announced XenDesktop 7 on Azure integration with the following statement: With the introduction of Azure support for Remote Desktop Services Subscriber Access Licenses (RDS SALs) a broad set of opportunities to leverage Azure for hosted Windows desktops and applications begin to unfold. As a platform Microsoft Azure provides a robust, state of the art infrastructure and global presence for enterprises and service providers. Followed by: Citrix customers wanting to leverage public cloud infrastructure as a service in order to expand their on premise datacenter capabilities, without investing in new capital resources, can now host virtual desktops based on XenDesktop 7 within Azure.
Again making it sound like a client desktop OS solution, but itโs clearly not.ย In this caseย it’s actually theย Hosted Shared Desktop model being offered, with the single user server solution only used if there’s really no other way.ย Have a look here I wrote an extensive article on the subject. About a week later I had a good conversation with Citrixโs Kurt Moody regarding the matter, a few days later I wrote this itโs all water under the bridge now. My point is, itโs very easy to get mislead, or at least confused by marketing statements like these.
letโs continue
Letโs have a closer look. Although the XenDesktop 7 on Azure design is meant as an on-premises extension for companies looking to expand their existing datacenter without having to invest in new hardware (of course thatโs not the only advantage), the concept isnโt that different when you think about it. Itโs still about hosting your desktops in the cloud one way or the other. With WorkSpaces however, itโs all simplified, you donโt need to install and or configure anything, no management or backups etcโฆ You just pick what you need, adjust as (and if) needed and youโre done. Also, you wonโt have to make any upfront investments either, you just pay per use, so to speak, although this applies to Azure as well as mentioned above. Amazon will take care of the rest, they offer / promise some excellent Service Level Agreements.
From an IT perspective
IT has the following options when it comes to assigning WorkSpace bundles, as Amazon likes to call them. There are four standard bundles, below youโll find the hardware specifications for each. Hereโs some more information regarding the available bundles, itโs from the Amazon website: All of the bundles include Adobe Reader, Adobe Flash, Firefox, Internet Explorer 9, 7-Zip, the Java Runtime Environment (JRE), and other utilities.
The Standard and Performance Plus bundles also include Microsoft Office Professional and Trend Micro Worry-Free Business Security Services. The bundles can be augmented and customized by the IT professional in order to meet the needs of specific users. Each user has access to between 50 and 100 GB of persistent AWS storage from their WorkSpace (the precise amount depends on the bundle that was chosen for the user). The persistent storage is backed up to Amazon S3 on a regular basis, where it is stored with 99.99999999% durability and 99.99% availability over the course of a year.
- Standard – 1 vCPU, 3.75 GB of memory, and 50 GB user storage. $35
- Standard Plus – 1 vCPU, 3.75 GB of memory, and 50 GB user storage. $50
- Performance – 2 vCPU, 7.5 GB of memory, and 100 GB user storage. $60
- Performance Plus – 2 vCPU, 7.5 GB of memory, and 100 GB user storage. $75
Think of it this way
Prizes are all per month and per user. As far as use cases go, Iโll leave that up to you. Yes, youโll still need a laptop, desktop or some kind of mobile device to access your desktop, no real changesย or surprises there, no cutโs in costs either. But think of it this way, you wonโt have to invest in any new hardware while building up your internal Hosted Shared or VDI architecture, in fact, you wonโt have to build anything at all, just a few mouse clicks and youโre done.
Again, no patching, Backups, mandatory installations or maintenance what so ever. One main consoleย from which IT canย manage andย provision all desktops. Applications can be added / installed (by IT, not by the user) and all other changes made by users are all persistent as well, I guess you can make it as simple or complex as you like. If itโs more flexibilityย and orย manageability that you need then this might not be the right solution for you, have a look at Azure, use Amazon Web Services in another way or just keepย your datacenterย on-premises instead. Note that when using WorkSpaces you can bring in your own software licenses as well.
According to Amazon, you can provision up to 5 machines at a time and it will take up to 20 minutes to complete theย process. Once IT is done, youโll users will receive an email providing you with a registration code and a link to the client download. Download the client to your device, enter the registration code, and start using your WorkSpace. Of course itโs still in a preview state, well sort of, but even it wasnโt, with these kinds of numbers I think itโs safe to state that it isnโt enterprise ready, at least for now. I haven’t tried it myself nor have I spoken to anyone who hasย and perhaps disappointment is right around the corner, butย for me it’s the thought and concept that counts, so yes, you could say that I’m a fan (already). Just keep in mind that it’s not for everybody, the business case needs to ‘fit’. But then again, it’s never going to be a 100% match no matter what you implement,
2008 vs 2012
Using WorkSpaces youโre bound to the default Hosted Shared Desktop based on Windows Server 2008 R2, no Server 2012 support for now (itโs still multi-tenant). Although with Azure youโll still need to build up, configure and manage the whole infrastructure yourself (you wonโt have to invest in any hardware though) you do have the option to go with Windows Server 2012, or 2012 R2 even, if thatโs what you need. A small advantage perhaps, I guess it all depends on the use case youโre presented with.
So what really happens?
When you provision your โdesktopsโ from WorkSpaces, hereโs what happens: A Virtual Private Cloud (VPC) is created as part of the setup process. The VPC can be connected to an on-premises network using a secure VPN connection to allow access to an existing Active Directory and other intranet resources. WorkSpaces run on Amazon EC2 instances hosted within the VPC. Communication between EC2 and the client is managed by the PCoIP (PC-over-IP) protocol. The client connection must allow TCP and UDP connections on port 4172, along with TCP connections on port 443. Persistent storage is backed up to Amazon S3 on a regular and frequent basis. Have a look here as well, itโs the Amazon Web Services Blog which I also used as a reference.
A small note on licenses
Hereโs a statement from one of my previous blogs: It all comes down to licensing. This is what Microsoft has to say with regards to client operating systems on cloud hosting platforms: Multi-tenant hosting is restricted in the Product Use Rights of Windows Clients, such as Windows 7 or Windows 8. Windows Client Desktops are not available on either Windows Azure or on any other Service Provider such as Amazon or Rackspace. Give it up already! You can read more about the Microsoft Product Use Rights here.
Conclusion
With the announcement of Amazon WorkSpaces DaaS is again one step closer to global exception. With Amazon leading the pack, at least at the moment, chances will increase that this will actually happen. Their, size, influence and overall presence is impressive to say the least, that must count for something, right? I think a lot will also depend on Microsoftโs move when it comes to Client OS licensing and their โsecretโ Mohoro DaaS (give it a Google) project. Also, with VMwareโs acquisition of Desktone Iโm curious what their next step will be, and I guess the same can be thought of Citrix as well. To be continuedโฆ
Bas van Kaam ยฉ
Reference materials used: Amazon.com, Google.com
