rethink your workstation strategy with amazon appstream...

Rethink Your Workstation Strategy with Amazon AppStream 2.0

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Marty SullivanDevOps / Cloud Engineer

Cornell University



About Marty

• DevOps / Cloud Engineer – IT@Cornell

• Cloud Systems Engineer in Digital Agriculture – Cornell EAS

• Information Science Master’s Student – Cornell CIS


About Cornell University


AppStream 2.0 Basics

• Windows Applications in a web browser

• One VM / EC2 Instance per-user (Compute, Graphics, Memory)

• Single Sign On via SAML 2.0

• MS Active Directory Integration

• Non-Persistent OS Environment

• Cloud Storage Integrations for Persistent Storage• Google Drive

• MS OneDrive

• Amazon S3

• Custom Branding


Computer Labs


AppStream 2.0 Strategy

• Classroom Teaching

• Bring Your Own Device (BYOD)

• Continuous Integration / Continuous Deployment (CI / CD)

• Automate Application Installations & Image Builds

• Self-Service for Academic Departments

• So far: 500+ Students over three semesters


AppStream 2.0 Components

• Stack• Authentication Endpoint

• User Settings

• Fleet• Fully Managed VMs

• Autoscaling Group

• Image• OS and Applications

• Image Builder• Creates a Custom Image


DEMO


https://www.youtube.com/watch?v=cmRcEGrt814

Rajesh BhaskaranSr. Lecturer and Swanson Director of Engineering [email protected]

https://www.youtube.com/watch?v=cmRcEGrt814


AppStream 2.0 Challenges

• Software Licensing is vendor-by-vendor

• Cost-effective autoscaling for unpredictable usage patterns

• Persistent Storage

• Shared Storage

• Application Configuration and Packaging


My Personal Perception

SCALABILITY


Monitoring / Data Analysis Goals

• Valuable insights into student usage patterns

• When do students work on assignments?

• Are any particular students struggling?

• Are many students over- or under-challenged by a particular assignment?

• Can we automate scaling patterns with predictions?


Amazon WorkSpaces

• Persistent VDI Environment

• Full Windows 7/10 Desktop

• Desktop Client or Web Browser

• Very easy to manage

• Active Directory Integration


Next Up

• AWS VPC Networking

• Automated Image Builds

• Deployment Strategy

• Web Interface


Virtual Private Cloud (VPC)

• Plan network size for scale

• Two Public Subnets

• Two Private Subnets

• NAT Gateways in Public Subnets

• Place AppStream Instances (Fleets) in Private Subnets

• Use VPC Security Groups to control network access for instances

• Enable Route to Active Directory (recommended)

• Direct Connect / VPN to on-premise (optional)


Building Block: App Packaging

• Centralized Package Management (GitHub)

• Packaging Framework (Choco)

• Time & Skill Required

• Enables Self-Service and Collaboration


Building Block: Automation

• Source Control (GitHub)• Application Installation Configurations (YAML and Choco)

• Infrastructure Configuration

• Infrastructure as Code• CloudFormation

• Atomic Creation / Destruction of AppStream Deployments

• Continuous Integration / Continuous Deployment (CI / CD)• AWS CodeBuild


Component: Network Config

• AWS Region

• Time Zone

• VPC ID

• Subnet IDs

• Security Group IDs

• Active Directory Domain

• Active Directory OU


Billing Unit

• Typically an academic department or college

• Ties automated charges to a Cornell billing account

• Administrative contact information (emails)

• One Billing Unit can own one to many Deployments


Deployment

• Tied to a single Billing Unit

• Typically for a single course / set of related users

• Application Technical Contact information (emails)

• Alert Contacts (emails)

• Global Stack / Fleet config (e.g. Network, Timeouts, Storage)

• Start Date / End Date

• One Deployment can have one to many Deployment Environments

• AWS Resource Tags


Deployment Environment

• Tied to a single Deployment

• Atomic Stack & Fleet

• Image Configuration

• Instance Type

• One Environment can have one to many Deployment Schedules


Deployment Schedule

• Tied to a single Deployment Environment

• Start / End Date

• Days of Week

• Time of Day + Duration

• Min / Max Capacity

• Scaling Policies

• Priority


Deployment Schedule Examples

• 50 sessions provisioned during class/lab meeting times• Mon, Wed 2:00pm-3:00pm

• Fri 1:00pm-4:00pm

• Priority 1000

• 5 sessions minimum provisioned during work hours• Mon, Tue, Wed, Thu, Fri 9:00am-11:59pm

• Add 15 sessions if available sessions < 5

• Priority 100

• 2 sessions provisioned during restricted hours• Mon, Tue, Wed, Thu, Fri, Sat, Sun 12:00am-11:59pm

• Add 2 sessions if available sessions < 1

• Priority 1

rethink your workstation strategy with amazon appstream...

Documents