Desktop and Application Streaming

Optimize NICE DCV session latency with AWS Local Zones

Customers ask if it is possible to optimize NICE DCV session latency with AWS Local Zones. This blog post demonstrates how to stream Amazon Elastic Compute Cloud (Amazon EC2) sessions with NICE DCV from AWS Local Zones to remote users.

Geospatial distance between remote end users and compute infrastructure is one of the greatest contributors to high latency. AWS Local Zones are an extension of AWS Regions that are geospatially nearer to end users. AWS Local Zones also support the NICE DCV protocol.

Low latency connection streams provide a more local computer experience to users. DCV has less input delay when interacting with Amazon EC2 instances with such network conditions. This is especially important for visual fidelity and tactile peripherals, as with graphic design, CAD, and video editing workloads.

In this blog post, you will create a DCV server in your nearest AWS Local Zone to optimize your streaming session to the EC2 instance.

Time to read 10 Minutes
Time to complete One hour
Cost to complete <$10
Learning level 200
Services used Amazon EC2, AWS Local Zones, NICE DCV

Architecture

Architecture diagram illustrating a NICE DCV user connecting to a DCV server running in an AWS Local Zone.

Prerequisites

To follow this blog, you will need to opt-in to AWS Local Zones. By default, AWS Local Zones are deactivated for AWS accounts. To activate them, you will need to follow the opt-in instructions. You will also need AWS Identity and Access Management (IAM) permissions to:

  • Create a subnet
  • Update your route table
  • Provision an EC2 instance
  • Subscribe to an Amazon Machine Image (AMI) through the AWS Marketplace

If you do not have an existing EC2 key pair, create one. Finally, you will need an existing Amazon Virtual Private Cloud (Amazon VPC) in which to provision your EC2 instance.

Walkthrough

Step 1: Configuring your AWS Local Zone

In this step, you will confirm your targeted AWS Local Zone is activated, then create and assign it a subnet.

  1. Navigate to the AWS Local Zones console.
  2. Find your targeted zone on the page and confirm the Status of the zone is Enabled. If you find your zone but it shows as Disabled, attempt to enable it. This is done by selecting Manage, toggling Enabled, and then selecting Update zone group.
  3. Within the region your zone is an extension of, navigate to the Subnets console.
  4. Choose Create subnet in the top right corner of the console.
  5. In the VPC section, select your VPC ID from the dropdown.
  6. In the Subnet settings section, choose your Local Zone ID from the Availability Zone dropdown. Name your subnet appropriately and choose a CIDR block range that fits within your current network scheme.
  7. Choose Create subnet.
  8. Navigate to the Route tables console.
  9. Find your route table and toggle its checkbox. This route table will need to allow you to have access to the instance from your current network. For example, if you are going to connect from the public internet, the route table should have routes to the Internet Gateway.
  10. A details window will populate at the bottom of the page for your selected route table. Within this window, select the Subnet associations tab.
  11. Choose Edit subnet associations.
  12. Toggle the checkbox for your Local Zone subnet and choose Save associations.

Step 2: Provisioning your DCV server

Now that your AWS Local Zone has a routable subnet associated with it, provision an EC2 DCV server within that subnet. To simplify your deployment, this step will utilize the AWS Marketplace NICE DCV AMI. Alternatively, create your own DCV server on a supported Operating System (OS), you can follow the administrator guide.

Note: AWS Local Zones do not feature every EC2 instance type, check the AWS Local Zones service support page for supported instance families. Check on the AWS Local Zone What’s New section to see what specific instance types are available.

Subscribing through the AWS Marketplace

  1. Navigate to the AWS Marketplace DCV AMI product page.
  2. In the All products section, select the image that aligns to your workload.
  3. On the Product Overview page, select Continue to Subscribe in the top right corner.
  4. On the Subscribe to this software page, select Continue to Configuration.
  5. On the Configure this software page, confirm the region dropdown reflects the region of your Local Zone. Once it does, select Continue to Launch.
  6. On the Launch this software page, update the Choose Action dropdown to Launch through Amazon EC2.
  7. Select Launch.

Instance configuration in the Amazon EC2 Console

After launching from the AWS Marketplace software page, you are redirected to the Launch an instance page.

  1. (Optional) Name your instance in the Names and tags section.
  2. Your AMI and instance type are selected through previous steps. If you need to make a change to the instance type, you can do that with the Instance type dropdown.
  3. For the Key pair (login) section, choose your key pair from the dropdown.
  4. In the Network settings section, choose what VPC and subnet that you configured for your Local Zone. If you are connecting from the public internet, your EC2 instance will need a public IP. You can achieve this by setting the Auto-assign public IP dropdown to Enabled.
  5. Select a security group that will provide you access to the instance over the default NICE DCV streaming port, 8443. The port should be accessible on TCP and UDP connections so that your session can use QUIC. Toggle the Select existing security group radio-button and then choose your security group from the Common security groups dropdown. If you do not have an existing security group, toggle the Create security group radio-button. From here, you can define the security group rules.
  6. Within the Configure Storage section, choose how much gp2 storage you would like the DCV server to have. This can be left as the default amount if no additional storage is needed.
  7. Expand Advanced details. For the IAM instance profile dropdown, select an IAM role that has the minimum permissions to access the Amazon Simple Storage Service (Amazon S3) licensing bucket. For an Amazon Linux 2-based image, set a user password and update the configuration so your session can authenticate against PAM and enable QUIC. This can be performed by inputting the example below into the User data section. You may change DCVPassword to a different password. 
    1. #!/bin/bash
echo "DCVPassword" | passwd --stdin ec2-user
sed -i --expression 's|#owner = ""|owner = "ec2-user"|' /etc/dcv/dcv.conf 
sed -i --expression 's|#create-session = true|create-session = true|' /etc/dcv/dcv.conf 
sed -i --expression 's|#enable-quic-frontend=true|enable-quic-frontend=true|' /etc/dcv/dcv.conf 
systemctl restart dcvserver
  8. (Optional) If you would like to use QUIC on a Windows-based image, you will need to provide the following in the User data section. 
    1. <powershell>
New-ItemProperty -Path "Microsoft.PowerShell.Core\Registry::\HKEY_USERS\S-1-5-18\Software\GSettings\com\nicesoftware\dcv\connectivity" -Name enable-quic-frontend -PropertyType DWORD -Value 1 -force
</powershell>
  9. After applying your specific requirements, select Launch instance.

Step 3: Connecting to your DCV server

  1. Navigate to the Amazon EC2 console.
  2. Find the DCV server that you launched in the last step within the EC2 instance console. Toggle the checkbox for this instance.
  3. A details window will populate at the bottom of the page for your selected instance. Take note of the IP address or DNS name you are connecting to. If chose to connect from the public internet, use the content of the Public IPv4 address or Public IPv4 DNS attributes.
  4. If you chose a Windows-based AMI, perform the sub-step below to retrieve the password. If you chose a Linux-based AMI, move onto the next step since you defined the password in user data.
    1. With the instance still toggled, select Connect from the top right of the console. In the Connect to instance section, select the RDP client tab. Select the Get password button. This will bring you to the Get Windows password page. On this page, select the Upload private key file button. Select your key pair’s local file to upload and then select Decrypt password. Copy the password from its field and notate it in a secure location.
  5. Choose which DCV client you would like to use to connect. OS-based clients can be downloaded from the DCV downloads page. If you would like to use a browser-based connection, confirm you are connecting with a DCV-supported browser. Note that browser-based connections currently do not support QUIC connections.
  6. Open your NICE DCV client and input your NICE DCV server’s IP or DNS name that you took note of earlier in this step. The notation is the following:
    1. OS-based clients: IP-or-DNS > Connect
    2. Browser-based clients: https://IP-or-DNS:8443
  7. By default, NICE DCV server will use its own self-signed certificate for the connection. You will need to trust this certificate before connecting by performing the following:
    1. OS-based clients: Select the Trust & Connect button on the popup window.
    2. Browser-based clients: The webpage will give you a connection. This differs browser to browser, but you will need to proceed DCV server URL. This is typically done by selecting the Advanced button and then proceeding to the URL.
  8. Depending on the AMI’s OS you chose, follow the connection process below:
    1. Windows-based AMI:
      1. For the Username field, enter Administrator.
      2. For the Password field, enter the password you retrieved from the Amazon EC2 console earlier in this step.
    2. Linux-based AMI:
      1. For the Username field, enter ec2-user.
      2. For the Password field, enter the password you defined in user data.
  9. You are now connected to your DCV session. If you are on a Linux-based AMI, you will need to login to the lock screen. Review the DCV user guide for session usage details.

Clean up

To avoid unwanted charges, you will need to terminate the instance you provisioned in step two. During this walkthrough, the EC2 instance is the only resource that has cost implications.

Conclusion

In this blog post, you optimized your DCV session latency by moving the DCV server geospatially nearer to your users by provisioning within an AWS Local Zone. This post guided you through provisioning a DCV server with the NICE DCV Marketplace AMI, but you can use this same method with any supported DCV configuration. Continue to monitor the AWS Local Zones What’s New posts to stay updated on new AWS Local Zone releases.

                .                                            . Andrew came to AWS in 2019 from a large datacenter environment where he specialized VMware, Cisco UCS, and automation. His AWS career began on the Windows team in Premium Support. By 2020, he was the Lead Subject Matter Expert on Amazon WorkSpaces. He then transitioned to a Solutions Architecture role specializing in End User Computing (EUC). Through his work on EUC services, he developed a passion for the DCV streaming protocol. In 2022, he started his current role as the DCV Developer Advocate.