A standard procedure in any VDI deployment is to create a customized “gold image”. A gold image is simply a template machine on which the computing environment (OS, updates, applications, etc.) is customized to meet the needs of an organization, and this image then serves as the foundation from which copies/virtual desktops are built. There are many specific benefits in regards to using gold images but to boil them down for minimal word count, is that organizations use gold image to ensure a consistent (and hopefully fast) user experience.
A standard procedure in any VDI deployment is to create a customized “gold image”.
This concept of a gold image is certainly valid when using AWS WorkSpaces though the semantics are a little different….aren’t they always. Taken directly from the AWS WorkSpaces Administration Guide, “a Workspace bundle is a combination of an operating system, and storage, compute, and software resources.” Hopefully it’ll be clear by the end of this post, but in AWS WorkSpaces you build an image, then you add that image to a bundle which defines the vCPU/RAM, and Root and User Volume sizes of the WorkSpace(s) deployed from the bundle.
Documented Requirements to Create a Windows-Based WorkSpace Bundle
In this post, I’m going to detail the steps that I took to create a “Windows 10” bundle…I say it that way because the Windows 10 WorkSpace is actually Windows Server 2016 with Desktop Experience. Before you try to create a WorkSpace gold image, keep the following requirements (once again taken from the AWS WorkSpaces Admin Guide) in mind:
- All apps included in the image must be installed on the C:\ drive or the user profile in D:\Users\username, and MUST be compatible with Microsoft Sysprep.
- The user profile must exist and its total size (files and data) must be less than 10GB
- The C:\ drive must have enough available space for the contents of the user profile, plus an additional 2GB
- All application services running on the WorkSpace must use a local system account instead of domain user credentials
- The following components are required in an image; otherwise the WorkSpaces you launch from the image will not function correctly:
- Remote Desktop Services
- AWS PV drivers
- EC2Config or EC2Launch (Windows Server 2016)
- EC2Launch 1.2.0 or greater Windows Remote Management (WinRM)
- Teradici PCoIP agents and drivers
- STXHD agents and drivers
- AWS and WorkSpaces certificates
- Skylight agent
Undocumented Requirements to Create a Windows-Based WorkSpace Bundle
Now let me share with you a couple additional requirements that may no-brainers but I didn’t see them listed anywhere:
- The WorkSpace you wish to use as your gold image must be powered-on/AVAILABLE but not logged into. If a WorkSpace is powered off/STOPPED, the Create Image action is grayed out.
- The WorkSpace you wish to use as your gold image must not have encrypted volumes as creating an image from a WorkSpace with an encrypted volume is not currently supported.
Creating a Custom Bundle
When I deployed my first WorkSpace, I ran the “Quick Setup” option, thus AWS automatically created a Simple AD directory in order to authenticate requests to WorkSpaces. To create my WorkSpace gold image, I deployed a Standard with Windows 10 WorkSpace, with unencrypted volumes, into the Simple AD directory and used it to create my gold image.
- Login to the gold image WorkSpace and install the latest OS updates.
- Install and update any desired applications onto the gold image WorkSpace. I installed some basic applications like VMware PowerCLI, AWS CLI, WinSCP, Cisco AnyConnect, and Google Chrome. Though I did deploy these applications into the gold image, my desire is to use FlexApp to deploy the majority of the applications.
- As a best practice, delete any cached data, such as browser history, cookies, and cached files from the WorkSpace. Also, delete any configuration settings/data, such as email profiles, that should not be included within the WorkSpace bundle. Again, because I’ll be using FlexApp to deploy applications, the amount of cached and configuration data was minimal.
- With updates and applications deployed and cached and configuration data removed, disconnect from the WorkSpace serving as the gold image template. DO NOT shut the WorkSpace down.
- Within the AWS console, click WorkSpaces under the Desktop & App Streaming heading.
- On the WorkSpaces page, click WorkSpaces. Select the gold image WorkSpace and click Actions | Create Image.
- A message is displayed prompting you to restart the WorkSpace before continuing in order to update the WorkSpaces software to the latest version required. Restart the WorkSpace by clicking Actions | Reboot WorkSpaces. Wait at least a minute or two before clicking Next on the Create WorkSpace Image box.
- On the Create WorkSpace Image box, enter an Image Name and Description then click Create Image.
- While the image is being created, the WorkSpace will be unavailable and its Status will read Suspended. On the WorkSpaces page, click Images. The imaging process is complete when the image Status reads Available.
- With the image created and available, a bundle must be created before WorkSpaces can be successfully deployed from the gold image. While still on the Images page, select the image and then click Actions | Create Bundle.
- On the Create WorkSpace Bundle screen, perform the following and click Create Bundle:• Specify a Bundle Name and Description
• For the Bundle Type, choose the desired hardware configuration
• For the Root Volume Size, increase or decrease the value as necessary
• For the User Volume Size, increase or decrease the value as necessary
The WorkSpace bundle should be created pretty quickly and be available when deploying additional WorkSpaces as shown below:
A standard procedure in any VDI deployment is to create a customized “gold image” to ensure a consistent user experience and when using AWS WorkSpaces, an organization can use WorkSpace bundles as a tool to assist in achieving this goal.