It’s been nearly two years since I first heard rumors about Amazon Workspaces, the AWS foray into Desktops-as-a-Service. Amazon Workspaces is a nifty little solution for spinning up some desktops. Maybe nifty, however, isn’t good enough in the world of DaaS – certainly “little” isn’t. Although we think that the public cloud is a solid place to host DaaS, if you’re planning on deploying any large-scale initiative of virtual workspaces, you’ll need a complete toolset. So, what’s a person who wants a full DaaS solution on AWS to do?
A mile-high view of Amazon Workspaces
An Amazon Workspace is, essentially, a Windows Server instance that is allocated to a single user. They are built from master bundles provided by Amazon, which may include Microsoft Office or other applications. One nifty aspect is that you can create custom bundles, which are handy for quickly provisioning new Workspaces with your specific applications installed.
Also nifty is that the data drives are stored separately from the operating system drive, and workspaces takes twice daily, automatic snapshots of the data drive. If you need to update a workspace, you rebuild it from the latest bundle image without losing your data (assuming you time it right in that twice-a-day cycle).
Workspaces integrate with AWS Directory Services, which comes as no surprise as Amazon does an amazing job making sure their services play nicely together. That integration gives you the features you associate with domain-joined desktops, like group policies.
Not only are Workspaces automatically added to a directory, they are spun up in a Virtual Private Cloud (Workspaces will even create the VPC, if you don’t yet have one.) From there, you can manually do things like allow file transfers between instances or to an instance defined as a file server. The key word there, however, was “manually”. The Workspaces documentation tells you how, but you need to configure this yourself.
That all sounds great, right? And, it is if you need a handful of persistent desktops. The wizard creates the VPC, Directory Services, and Workspaces with very limited input from you.
If you want pooled and non-persistent desktops, want more control over your AWS compute costs, want to manage desktops in multiple VPCs for multiple customers, or do a host of other tasks often required for a successful DaaS solution, however, you need to look beyond.
What’s missing for a true DaaS solution?
In my previous blog, I outlined why AWS is a great place to host DaaS. My claim, now, is that Workspaces just isn’t the greatest tool for managing that DaaS solution. To get the most out of DaaS on AWS, you need to invest in tools outside of the AWS umbrella, like Leostream!
To start, let’s mention that Leostream includes the core pieces that make AWS nifty, namely integrating with VPC and Directory Services (although, not automatically creating them for you), and spinning up instances from your custom images. With these commodity features in place, let’s look at what Leostream does beyond Workspaces.
Scaling
First, consider how your DaaS solution scales. In Workspaces, you define each user and launch their workspace individually. For a large number of users, that’s tedious. Instead, Leostream gives you tools that spin up batches of desktops, and then assign those workspaces out to users based on policies. In Leostream, a policy is a set of rules that indicate which desktop to assign to a user, based on who the user is and where the log in from.
Advanced Policies
Using policies, Leostream automatically assigns new users to desktops without any intervention from you. Onboarding new users is a simple matter of adding them to your directory services. And, notice the desktop assignment is based on who the user is and where they log in from. So, if you want to give the user access to desktops in different AWS regions when they travel, Leostream can automatically do that, too.
Persistent and Non-Persistent Desktops
Second, consider all the workflows you need to satisfy. Leostream policies can manage persistent or non-persistent desktops. A persistent desktop behaves like an Amazon Workspace. A non-persistent desktop is an entirely different beast. In non-persistent mode, the desktop is available for a single use, say for a user who needs one-time access to an application. The non-persistent desktop is terminated as soon as the user logs out, and a clean desktop created to take its place. Basically, you have a pool of shared desktops.
Cost Control
Next, look at how you accrue AWS costs. Amazon Workspaces are available at a flat monthly rate. How do you handle customers who want to host legacy applications that are accessed only rarely over the course of the month? Leostream policies also make sure users have compute available when they need it, and that the compute is either off or completely terminated when not in use. By creating careful schedules, you can minimize your AWS costs and maximize your profits.
Multi-tenancy
Lastly, what about multi-tenancy. If you want to keep all your customer desktops in your master AWS account, you need to make sure to isolate the customers into separate VPCs. Each pool of desktops you create in Leostream can be provisioned into its own VPC, allowing you to manage multiple customer accounts from a