Scribd
Upload
84 views26 pages

Module 06 - WorkSpaces Bundle and Application Management

This document discusses best practices for managing custom bundles and applications in Amazon WorkSpaces. It recommends designing image builds for automation, flexibility, efficiency, scalability, supportability, and productivity. Key aspects covered include preparing custom bundles, maintaining OS and application updates through maintenance windows, deciding between thick imaging versus application delivery methods, using tools like SCCM, GPOs, AWS OpsWorks, and Amazon Systems Manager for application management at scale. It also addresses handling problematic applications and remote installation strategies.

Uploaded by

praveenwebarts
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
84 views26 pages

Module 06 - WorkSpaces Bundle and Application Management

This document discusses best practices for managing custom bundles and applications in Amazon WorkSpaces. It recommends designing image builds for automation, flexibility, efficiency, scalability, supportability, and productivity. Key aspects covered include preparing custom bundles, maintaining OS and application updates through maintenance windows, deciding between thick imaging versus application delivery methods, using tools like SCCM, GPOs, AWS OpsWorks, and Amazon Systems Manager for application management at scale. It also addresses handling problematic applications and remote installation strategies.

Uploaded by

praveenwebarts
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 26

Amazon WorkSpaces

Module 06: Bundle and Application


Management
AWS EUC

2020
Well Architected Principles
Cardinal Rules of WorkSpaces Image
Planning
• Design for Automation where possible
• Least manual intervention in the process as possible
• Design for Flexibility
• Same deployment mechanism can handle multiple scenarios
• Design for Efficiency
• Minimize resources needed to deliver
• Design for Scalability
• Ability to be deployed or torn down rapidly
• Design for Supportability
• Non invasive/destructive support and recovery mechanisms and
processes
• Design for Productivity
• Streamlined processes and ability to deliver on demand
Images to Bundles
Same But Different!

• Image management is a core operational requirement with on-


premises VDI
• WorkSpaces image equivalent is the bundle in WorkSpaces
• Bundle management for WorkSpaces critical for ease of
operation
• Careful bundle management can streamline essential operations
• Decouple and simplify
• Updates and patching
• Lifecycle planning
• Thick or thin?
Prepare for Your Custom Bundle
• Applications are optional as needed
• Some Base Apps Included as Bundling Choice
Choose • Application Stack Will be Tailored To Customer Needs
AMI
• Choose the Base AMI
• Windows 2008R2 Data Center Edition/Windows 7
Desktop Experience Features

• Windows 2016 Data Center Edition/Windows 10


Desktop Experience Features

BYOL – Windows 10/Windows 7


Select
Compute
Custom •

• Amazon Linux 2
Resources
Bundle • Select the desired Amazon Compute sizing
• Value (1 vCPU, 2GB Memory, 10GB Storage)
• Standard (2 vCPU, 4GB Memory, 50GB Storage)
• Performance (2 vCPU, 4GB Memory, 50GB Storage)
• Power (4 vCPU, 16 GiB Memory, 50GB Storage)
Customise • PowerPro (4 vCPU, 16 GiB Memory, 50GB Storage)
Image
• Graphics (8 vCPU, 15GB Memory, 1 GPU, 4GB GPU 100GB Storage)
• GraphicsPro (16 vCPU, 122GB Memory, 1 GPU, 8GB GPU 100GB
Storage)
WorkSpaces Fundamentals Review
Hard Drive Structure Of Workspace
• Each WorkSpace comes with two drives.
• You can increase the size of the root and user volumes
attached to your WorkSpaces at any time
• C: drive contains the system image. you can select a starting
size of 80 GB, 175 GB, or your own preferred size.
• D: drive is the user data drive. All user data is redirected to
this drive using policies and redirection.
• D: drive size is set by the bundle selection. Value 10GB,
Standard 50GB, Performance 100GB, or your preferred size.
• You can increase the volumes as necessary, up to 1000 GB
each
• D: drive snapshot taken automatically every 12 hours.
Operating Systems Need Updates
An image, once deployed, needs to be updated to maintain stability
and security

• Manage and regulate updates—don’t let them come directly from


the Internet
• Discover customer usage patterns
• Understand security requirements
• Use managed tools, WSUS etc.
• Test before deployment
• Understand application dependencies
Maintenance Mode

Best Practice is to update WorkSpaces OS and Applications regularly

Maintenance Window
AlwaysOn WorkSpaces 00h00 – 04h00 Sunday
AutoStop WorkSpaces 00h00 – 05h00 from 3rd Monday
for 2 weeks

Manual Maintenance
Disable Maintenance Mode against the Directory Service.

Use modify-workspace-state to set ADMIN_MAINTENANCE mode:

• The WorkSpace does not respond to requests to reboot, stop, start, or rebuild.
• Users cannot log into the WorkSpace
• An AutoStop WorkSpace is not hibernated
Maintaining the Image Build
Start to tailor the solution - Thick Imaging

• Begin the installation process


• What tools will you use
• What is the application stack?
• What to install; what to deliver?
• Known compatibility issues
• Rights management for applications to run
• Create a working image
Create Your Base Image
Build your own working base image:
• Update
• Install any required features
• Install drivers
• Patch
• Update again
• Reboot
• Test
• Clean down
• Reboot
• Create image
Image Maintenance - Workflow

Create New
Image

Master
Bundle Deploy Update Refresh
Image

Workspace
Regular Refresh Or Continuous Update?
Do You Refresh or Continuously Update?

• Continuous updates can lead to bloat and instability


• Introduce a rebuild and refresh cycle
• Streamline continuously
• How often should the process run?
• Perform clean-up on the base images and workspaces
• Minimize the number of images to minimize your effort
To Install or Deliver, That is The Question
Installing is Simpler at a Cost of
Adaptability
• Creating bundles with large application
profiles is difficult
• Prone to compatibility issues.
• Introduces layers of integrated code
requiring patching leading to OS stability
issues
• Application upgrade and migration difficult
• License Control and Reclamation gets
complicated
• Images will bloat
• Makes OS secession difficult
Do You Install or Deliver?

Delivering is More Efficient and Agile


• Using application delivery methods separates
applications from the OS
• Applications can be quickly deployed, updated and
reclaimed
• Tight licensing control and visibility
• Migration simpler process, with less risk
• Adapting to business needs is faster
• Time to deliver is faster
• Incurs less cost and intangible overhead
Decouple

Separate the Applications From the OS


• Decouple and virtualize for many reasons
• No persistent changes to base bundle
• Deliver on demand
• Rapidly re-purpose
• Simplify application migration
• Portability and recovery
Tools For Application Management

Added benefits of Not Just Delivery


• Tight license control
• Usage analytics
• Business agility
• Centralized management (publish once, push to many)
• Portability and recovery
• Streamlined processes
• Disaster Recovery
• Less management overhead, reduce cost
Problem Applications

Some Apps Just Don’t Play Nice


• Manage compatibility issues
• 16-bit apps; IE6/IE8 web apps, client OS
restriction/support
• Sandboxing for security
• Do you virtualize or remotely access?
• Do you create special-use WorkSpaces?
• Mitigation planning
• Software secession planning
Remote Installation
Common Tools for WorkSpaces Application Deployment:
• SCCM (Windows)
• Applications in Configuration Manager supports user-centric management
• Automatically install the user’s applications on the device before the user logs on.
• GPO (Windows)
• Assign a program distribution to users or computers.
• AWS OpsWorks (Puppet/Chef) (Linux, Windows)
• Application and Configuration Management
Automate Configuration with Amazon Systems Manager

• Enables automated configuration


• Supports ongoing management of systems at scale
• Works across all of your Windows and Linux workloads
• Runs in Amazon EC2 or on-premises
Amazon Systems Manager Key Benefits

Easy to use Support for hybrid Improve visibility


automation architecture and control

Maintain Reduce costs Secure role-based


software management
compliance
Amazon Systems Manager

Run Command State Manager Inventory Maintenance Window

Patch Manager Automation Parameter Store


AWS OpsWorks - Configuration Management

• Abstraction for your configuration


• Community Configuration Code
• Chef Supermarket and Puppet
Forge
• Widely adopted DSLs: Chef and Puppet
• Insights and Actions
AWS
• Easy to use with AWS Auto Scaling OpsWorks
AWS OpsWorks—Instance Level

Files Config
Packages

Every single bit on the instance


Puppet Node Association

(2)
Verify
CSR (1) Cert signing request
CA
Node
Node
(3) Receiving catalogs Node
Node
Node
Node
(4) Sending results and facts Cert
O p s Wo r k s f o r * A s s o c i a t e N o d e

Node
Node
(3) Configuration Node
Node
Node
or management Node

(1) Associate- key

node
key (2) Establish
trust

AWS OpsWorks CM API Endpoint IAM


Third Party Application Deployment Options
Provider Name App Provisioning Type
Numecent Cloud Paging Application
Virtualization
Microsoft App-V Application
Virtualization
Microsoft System Center Application delivery
Configuration Manager
Microsoft Group Policy Application delivery
Chocolatey.org Chocolatey Application delivery
Turbo Turbo.net Application
Containerization
Cloudhouse Cloudhouse Containers Application
Containerization

Liquidware Labs FlexApp Application Layering


FSLogix FSLogix Suite Application Masking
AWS Partners shown in bold
Questions?

You might also like