DaaS has grown up… Has it?

Amazon WorkSpaces. Fully managed desktop computing service in the cloud. Amazon WorkSpaces allows customers to easily provision cloud-based desktops that allow end-users to access the documents, applications and resources they need with the device of their choice, including laptops, iPad, Kindle Fire, or Android tablets. As stated by Amazon. However, when we look under the hood, it’s still good old Windows Server 2008 R2 (with a Windows 7 user experience) serving us our desktops. Old news, is it?

Don’t be fooled by smart marketing, they make it sound like you’re buying, or renting, a fully functional client OS based Windows desktop (I know, if you give the Amazon product pages a good read they do tell you it’s still a server OS instead of a client based OS solution, but still). And although, to the untrained eye, it looks like you’re presented with a Windows 7, or whatever, desktop, you’re not!

I guess the real question is, does it really matter? Well, in 75% of all cases the answer will probably be yes. But that’s only because when it comes to DaaS, about 75% of the time, the Hosted Shared Desktop (HSD) model is applied since it isn’t allowed (by Microsoft) to host client OS based machines on multi-tenant hosting platforms. With this in the back of our minds there could be some (very) valid reasons for specifically wanting or needing a one to one solution, and it doesn’t has to be a client OS per se, for example:

  • Because your users may need to install their own updates & applications;
  • Your users, for whatever reason, need to able to modify specific system-level settings;
  • Perhaps in some cases (other than the above) administrative privileges are needed;
  • Certain users might need more processing power and memory then others, because of  certain resource intensive applications they might use;
  • Dedicated / persistent storage might be needed.

Although some of the above might be possible on a HSD environment as well, preferably not. Besides that, not all applications behave the way you’d expect if they’re developed with a Client OS in mind but are installed on a Server OS instead. Do you recognize any of the above? Then you’re probably better off by keeping these specific users on-premises. It’s always going to be a mix and match process. But wait… What if Amazon is different, what if it’s a ‘real’ VDI solution? Meaning single user instances of Windows Server, Read on.

Server 2008 one on one

In the case of Amazon’s WorkSpaces, it’s actually Windows Server 2008 R2 running in the background. I first thought that they applied the well know Hosted Shared Desktop principle based on Microsoft’s Terminal Services / RDS technology, but I whas wrong (thanks Brian) These are server based desktops offered on a one to one basis, one user per Windows server desktop. DaaS (VDI) based on a Windows server OS including persistent storage!

Of course Amazon isn’t the first, but when Amazon joins the party it gets way more attention than usual. They’re big and they’re known, apparently that’s what matters. Now don’t get me wrong, I’m not saying that this is a bad thing, it’s actually quite nice to be honest. Besides, the technology involved has proven itself over and over again and is one of my personal favorites as well, the Hosted Shared model included. It’s just that every time a solution like this gets introduced they (try and) make you believe that’s it’s actually a Client OS based machine for you to use (while in most cases you’ll probably get an Hosted Shared Desktop based on a Windows server OS instead) including all the potential pros and cons that come with it. At least, if you don’t read beyond the headlines. And if you need some of the flexibility that a Client OS can offer, either pooled or persistent, you might be disappointed. Although I have to admit that in Amazon’s case it doesn’t really matter, unless you have some REAL specific client OS needs.

XD on Azure

Sort of similar to the above (although meant for a different use-case), a few months ago, Citrix together with Microsoft announced XenDesktop 7 on Azure integration with the following statement: With the introduction of Azure support for Remote Desktop Services Subscriber Access Licenses (RDS SALs) a broad set of opportunities to leverage Azure for hosted Windows desktops and applications begin to unfold. As a platform Microsoft Azure provides a robust, state of the art infrastructure and global presence for enterprises and service providers. Followed by: Citrix customers wanting to leverage public cloud infrastructure as a service in order to expand their on premise datacenter capabilities, without investing in new capital resources, can now host virtual desktops based on XenDesktop 7 within Azure.

WinAzure2

Again making it sound like a client desktop OS solution, but it’s clearly not. In this case it’s actually the Hosted Shared Desktop model being offered, with the single user server solution only used if there’s really no other way. Have a look here I wrote an extensive article on the subject. About a week later I had a good conversation with Citrix’s Kurt Moody regarding the matter, a few days later I wrote this it’s all water under the bridge now. My point is, it’s very easy to get mislead, or at least confused by marketing statements like these.

let’s continue

Let’s have a closer look. Although the XenDesktop 7 on Azure design is meant as an on-premises extension for companies looking to expand their existing datacenter without having to invest in new hardware (of course that’s not the only advantage), the concept isn’t that different when you think about it. It’s still about hosting your desktops in the cloud one way or the other. With WorkSpaces however, it’s all simplified, you don’t need to install and or configure anything, no management or backups etc… You just pick what you need, adjust as (and if) needed and you’re done. Also, you won’t have to make any upfront investments either, you just pay per use, so to speak, although this applies to Azure as well as mentioned above. Amazon will take care of the rest, they offer / promise some excellent Service Level Agreements.

From an IT perspective

IT has the following options when it comes to assigning WorkSpace bundles, as Amazon likes to call them. There are four standard bundles, below you’ll find the hardware specifications for each. Here’s some more information regarding the available bundles, it’s from the Amazon website: All of the bundles include Adobe Reader, Adobe Flash, Firefox, Internet Explorer 9, 7-Zip, the Java Runtime Environment (JRE), and other utilities.

amazon-worksapces

The Standard and Performance Plus bundles also include Microsoft Office Professional and Trend Micro Worry-Free Business Security Services. The bundles can be augmented and customized by the IT professional in order to meet the needs of specific users. Each user has access to between 50 and 100 GB of persistent AWS storage from their WorkSpace (the precise amount depends on the bundle that was chosen for the user). The persistent storage is backed up to Amazon S3 on a regular basis, where it is stored with 99.99999999% durability and 99.99% availability over the course of a year.

  • Standard – 1 vCPU, 3.75 GB of memory, and 50 GB user storage. $35
  • Standard Plus – 1 vCPU, 3.75 GB of memory, and 50 GB user storage. $50
  • Performance – 2 vCPU, 7.5 GB of memory, and 100 GB user storage. $60
  • Performance Plus – 2 vCPU, 7.5 GB of memory, and 100 GB user storage. $75

Think of it this way

Prizes are all per month and per user. As far as use cases go, I’ll leave that up to you. Yes, you’ll still need a laptop, desktop or some kind of mobile device to access your desktop, no real changes or surprises there, no cut’s in costs either. But think of it this way, you won’t have to invest in any new hardware while building up your internal Hosted Shared or VDI architecture, in fact, you won’t have to build anything at all, just a few mouse clicks and you’re done.

Again, no patching, Backups, mandatory installations or maintenance what so ever. One main console from which IT can manage and provision all desktops. Applications can be added / installed (by IT, not by the user) and all other changes made by users are all persistent as well, I guess you can make it as simple or complex as you like. If it’s more flexibility and or manageability that you need then this might not be the right solution for you, have a look at Azure, use Amazon Web Services in another way or just keep your datacenter on-premises instead. Note that when using WorkSpaces you can bring in your own software licenses as well.

According to Amazon, you can provision up to 5 machines at a time and it will take up to 20 minutes to complete the process. Once IT is done, you’ll users will receive an email providing you with a registration code and a link to the client download. Download the client to your device, enter the registration code, and start using your WorkSpace. Of course it’s still in a preview state, well sort of, but even it wasn’t, with these kinds of numbers I think it’s safe to state that it isn’t enterprise ready, at least for now. I haven’t tried it myself nor have I spoken to anyone who has and perhaps disappointment is right around the corner, but for me it’s the thought and concept that counts, so yes, you could say that I’m a fan (already). Just keep in mind that it’s not for everybody, the business case needs to ‘fit’. But then again, it’s never going to be a 100% match no matter what you implement,

2008 vs 2012

Using WorkSpaces you’re bound to the default Hosted Shared Desktop based on Windows Server 2008 R2, no Server 2012 support for now (it’s still multi-tenant). Although with Azure you’ll still need to build up, configure and manage the whole infrastructure yourself (you won’t have to invest in any hardware though) you do have the option to go with Windows Server 2012, or 2012 R2 even, if that’s what you need. A small advantage perhaps, I guess it all depends on the use case you’re presented with.

So what really happens?

When you provision your ‘desktops’ from WorkSpaces, here’s what happens: A Virtual Private Cloud (VPC) is created as part of the setup process. The VPC can be connected to an on-premises network using a secure VPN connection to allow access to an existing Active Directory and other intranet resources. WorkSpaces run on Amazon EC2 instances hosted within the VPC. Communication between EC2 and the client is managed by the PCoIP (PC-over-IP) protocol. The client connection must allow TCP and UDP connections on port 4172, along with TCP connections on port 443. Persistent storage is backed up to Amazon S3 on a regular and frequent basis. Have a look here as well, it’s the Amazon Web Services Blog which I also used as a reference.

A small note on licenses

Here’s a statement from one of my previous blogs: It all comes down to licensing. This is what Microsoft has to say with regards to client operating systems on cloud hosting platforms: Multi-tenant hosting is restricted in the Product Use Rights of Windows Clients, such as Windows 7 or Windows 8. Windows Client Desktops are not available on either Windows Azure or on any other Service Provider such as Amazon or Rackspace. Give it up already! You can read more about the Microsoft Product Use Rights here.

Conclusion

With the announcement of Amazon WorkSpaces DaaS is again one step closer to global exception. With Amazon leading the pack, at least at the moment, chances will increase that this will actually happen. Their, size, influence and overall presence is impressive to say the least, that must count for something, right? I think a lot will also depend on Microsoft’s move when it comes to Client OS licensing and their ‘secret’ Mohoro DaaS (give it a Google) project. Also, with VMware’s acquisition of Desktone I’m curious what their next step will be, and I guess the same can be thought of Citrix as well. To be continued…

Bas van Kaam ©

Reference materials used: Amazon.com, Google.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s