Servers in the Cloud – Day 30 : Using Windows Azure Virtual Machines to Learn: Remote Desktop Services
by: Don Noonan (http://blog.skylera.com) Important Note: The current scenarios
written in this article concerning using RDS for Production workloads
are not supported in the licensing agreement for Windows Azure. The
purpose of this article is to allow for administrators to have a place
to learn how to configure RDS for potential future scenarios covered
under their On-Premise licensing of Server 2012.
Some of the most common workloads I come across are training
environments. These are fun and prove to be a quick “to-the-cloud” win
compared to more complex systems. Unlike the majority of customer facing
services, training environments typically:
Generate revenue
Provide consistent content
Use non-sensitive (sample) data
There are actually two high-level opportunities here – infrastructure
and licensing. Most of the time there is some some sort of delivery
solution being used on top of Windows Remote Desktop Services (formerly
Terminal Services) to provide desktops to students over the internet.
Products like Citrix XenApp and Quest vWorkspace are commonplace.
Over the past few years, there have been significant improvements
made to the built-in remote desktop capabilities of Windows Server. For
example, Windows Server 2008 includes RemoteApp
to deliver windowed (“seamless”) applications rather than the entire
desktop. In Windows Server 2012 there have been updates to WAN stability
and printing. With these three major areas now covered, the need to
license additional third-party software should be carefully studied.
Don’t already have a Windows Azure account? Go here for a free trial.
Let’s build a classroom in the sky!
There are a number of ways to do this, but let’s assume we’re mirroring a classic instructor-led classroom environment:
In this scenario we’ve done some basic subnetting
to group classroom resources while isolating classrooms from each
other. We have a common management subnet that contains our domain
controllers and DNS. We also have a management server that can act as a
general purpose file or imaging server, depending on your scenario. In
this case I’m using the management server to host RDP connection files
via IIS with a basic classroom webpage.
Connecting to Classroom Computers
By default Windows Azure creates a unique RDP public endpoint for
each virtual machine in a cloud service. This process maps a high public
port number to private port 3389 (default used by Remote Desktop
Services). For example:
This is very convenient, especially for administrators eager to jump
on a server once it’s been provisioned. This can also serve our
classroom scenario quite well, however there are scenarios where
students may be unable to connect due to firewall restrictions of their
organization. For example, the port number assigned above assumes your
on-premise firewall allows TCP traffic to flow freely over 56078.
How can we achieve a consistent connection experience when dealing with remote desktop port requirements?
There are two (2) ways to ensure students can connect to your
training environment when using Remote Desktop Services as your delivery
solution:
Use Remote Desktop Gateway
Use a specific range of ports that are communicated to students prior to class
Among other things, Remote Desktop Gateway
provides RDP over HTTPS which means we can have a single public
endpoint on a commonly open port number (443). In other words, if a
student can reach a website that uses SSL (i.e. online banking) they can
also successfully connect to their classroom computer.
The other option is to define a static, predictable port range for
your classrooms so that students can ask their IT department that the
required port numbers be available to them.
Assigning and reassigning public endpoints is easy on Windows Azure.
For example, I can override the platform generated RDP port number with
my own during the creation of the virtual machine by using the Set-AzureEndpoint PowerShell CmdLet:
$skyc01s01 = New-AzureVMConfig -Name $vmName -ImageName $imageName -InstanceSize $instanceSize |
Add-AzureProvisioningConfig -Windows -Password $password | Set-AzureEndpoint -Name ‘RDP’ -LocalPort 3389 -PublicPort 55001 -Protocol tcp |
Set-AzureSubnet $subnetName
Once created, the custom port number appears in the portal:
As you can see, using Remote Desktop Services with Windows Azure is
not only a powerful administration tool, but a simple and cost effective
way to learn Server 2012 technology without utilizing your own infrastructure.
Don’t already have a Windows Azure account? Go here for a free trial.
This article was written by Don Noonan as Day 30 of our Servers in the Cloud Series.
ليست هناك تعليقات:
إرسال تعليق