Desktop and Application Streaming
Considerations for a successful Amazon WorkSpaces migration to WorkSpaces Streaming Protocol
Introduction
A successful Amazon WorkSpaces migration to WorkSpaces Streaming Protocol v2 (WSP) requires preparation, planning, and testing. WSP is a fundamentally different display protocol than PCoIP, thus consideration should be given to the performance and stability implications of a migration. A clear understanding of PCoIP and WSP’s differing features, as well as a thorough review of your devices and requirements, is critical.
The framework established here is intended to help organizations understand which areas of their WorkSpaces deployment will benefit from a WSP migration. We recommend reviewing this guide in its entirety prior to performing any migration activity.
Time to read | 10 minutes |
Time to complete | Varies with number of workloads |
Cost to complete | $0 |
Learning level | 200 |
Services used | Amazon WorkSpaces |
Determine if migrating fits your organization
Why migrate to WSP?
WSP offers Amazon WorkSpaces features that are currently unavailable for PCoIP WorkSpaces, such as: 2-way audio/video, Certificate-Based Authentication for a seamless logon experience, Smartcard authentication, SDK extension support, etc.
The latest operating system (OS) releases for Amazon WorkSpaces – including Microsoft Windows 11 and Ubuntu 22.04 – are only available when using WSP.
The Amazon WorkSpaces Web Access Client has been updated to support new features when using WSP, such as: 2-way audio/video; clipboard redirection; time zone redirection; streaming metrics; and relative mouse support.
A full listing of all the features available in WSP are available on the Amazon WorkSpaces Streaming Protocol Overview.
Evaluation scenarios for WSP
While WSP’s feature set is compelling, not all WorkSpaces deployments should be migrated. The following feature differences and scenarios should be considered:
- WorkSpaces client OS compatibility should be verified against the Supported WSP Features section of the WorkSpaces User Guide.
- Only thin clients that support the Windows version of the WorkSpaces client and the Amazon WorkSpaces Thin Client support WSP WorkSpaces. At this time, no zero clients are supported.
- Organizations that rely on PCoIP Security Group Policy configurations will need to re-tool the policies to align with WSP’s Group Policy definitions.
- WSP does not support WorkSpaces Windows Graphics bundles, but does support Ubuntu Graphics bundles as of this writing.
- WSP WorkSpaces do not offer support for FIDO2 devices, such as YubiKey, as of this writing.
If one or more of these scenarios are critical, we encourage you to discuss alternatives with your AWS account team.
Planning your migration
Pre-migration questions
Consider the following when planning your migration:
- Are your connecting endpoints’ operating systems supported by the WSP WorkSpaces Client?
- Does your organization use the Web Access Client in an AWS Region that does not support WSP?
- Do users access their WorkSpaces from an Internet connection that is geospatially acceptable for your deployment’s AWS Region?
- Is a single sign-on experience with a SAML 2.0 Identity Provider authentication required?
- Does your organization require support for the hardware redirection of YubiKeys from endpoints?
- Do you have WorkSpaces in the AWS China (Ningxia) region? WSP is not available in China as of the writing of this guide, and those WorkSpaces should be excluded from migration.
- Do you have any graphics WorkSpaces that are not supported by WSP?
- Are there existing network considerations that impact streaming performance (e.g. VPN)?
Do not proceed if the answer to any of these questions is unknown, or currently does not align with the requirements for WSP. Please contact AWS Premium Support or your AWS account team to validate if a migration to WSP is ideal for your organization.
Amazon CloudWatch Events capture WorkSpaces Client version. Review the blog post to build a reporting solution that shows the client version..
If you are ready to proceed with your migration to WSP for some or all of your WorkSpaces workloads, continue to testing.
Testing scenarios
It is recommended to establish testing scenarios that mimic production use cases. When you have identified the users that are available to test WSP, use the API to migrate these specific WorkSpaces to WSP.
This migration API is non-destructive, WorkSpaces can be rolled back to PCoIP in the event WSP is not a good fit for the workload. At this stage, the users must be upgraded to the latest Amazon WorkSpaces client available (disregard if testing Web Access Client).
Customers may wish to test both UDP (default) and TCP protocols with WSP. There are a number of real-world scenarios where one or the other may provide more overall benefit for the use case.
The following table lists example outcomes for different workloads with supporting telemetry and user feedback.
Use-case | WorkSpaces Client | Available Bandwidth | Latency | Feedback Examples |
Remote worker | Web Access | 5 Mbps | 250 ms | Application performed adequately, I had problems logging in. |
Office worker | Windows | 100 Mbps | 22 ms | Very responsive, but had issues getting my webcam to work. |
Design worker | macOS | 120 Mbps | 80 ms | My keyboard does not appear to be mapped correctly. |
Subject matter expert | Windows | 25 Mbps | 12 ms | Yubikey is not functional, could not complete my daily tasks. |
Migration schedule
It is a best practice to structure a migration schedule for your WorkSpaces workloads. Some other key aspects to consider:
- Define the maintenance window based away from peak working hours.
- Create a communication plan announcing the maintenance window.
- Create a plan to roll out the latest WorkSpaces Client (unless the Web Access Client is required).
- Automate WSP migrations using existing automation tools and the migration API.
- Create a rollback plan using existing automation tools and the migration API.
- Follow your organizational change management processes.
- Establish a communication plan to follow up with WorkSpaces users once the migration has concluded. Use feedback to evaluate and tune your migration and deployment processes.
Migration methods
There are multiple options available to customers planning to begin a PCoIP to WSP migration:
- Use the API via Command-Line Interface, PowerShell, or another scripting/automation method of your choice. For details on the modify-workspaces-properties API, as well as example use cases, customers can refer to this blog post. API-driven migrations are non-destructive and can be reversed.
- Create a new WorkSpaces image by launching a WorkSpaces from your public bundle and select WSP as the display protocol. You will be required to reinstall and reconfigure any customizations to the image in this scenario. The new image can be used to launch new WorkSpaces, and existing WorkSpaces can be migrated to this new image. This is a destructive method, please read the Migrate a WorkSpaces section of the Administration Guide. Please note that WorkSpaces launched as WSP cannot be converted to PCoIP.
- Customers using the EUC Toolkit can initiate migrations to WSP bundles in bulk, as well as testing and troubleshooting.
Conclusion
In this blog post, we covered considerations and testing parameters for migrating your Amazon WorkSpaces to WSP. A successful migration to WSP requires careful planning, testing, execution, and communication. By following the phases in this blog, organizations can benefit from the features and refinements WSP offers. If you have completed your evaluation and determined that one or more use cases are a good fit for WSP, migrate today!
Asriel Agronin is a Senior End User Computing Partner Solutions Architect. He works with partners and customers designing and architecting EUC solutions on AWS. He has been with AWS since 2017. In his free time, you can find Asriel scuba diving, traveling, or playing chess. | |
Kalon Dillon is an EUC Systems Architect at AWS with a background in systems and end user virtualization, and has a deep empathy for the user experience. Beyond work he’s participating in his local motorsports clubs, gaming with friends, or playing with technology at home |