Wednesday 18 January 2017

Could Google Cloud Platform deliver desktops to schools?

One of the main challenges to be faced when moving to a serverless architecture is how to handle legacy Microsoft Windows applications.

Although it's now commonplace to see mobile apps and SaaS resources replacing Windows applications there are circumstances where the curriculum demands a specific Windows application or a suitable alternative just doesn’t exist.

Even before cloud services emerged, schools found themselves in a similar position trying to run resource hungry programs on ageing client PC’s. In this case the standard response was to deploy Microsoft Remote Desktop Service (RDS), Citrix XenApp or to trial a VDI solution if the school where happy to take complexity and cost to whole new level.

This approach provides a solution but it’s not ideal for a number of reasons.

The remote desktop approach requires additional server images and only adds to hardware and licensing costs. The design is likely to hit a bottleneck when scaled up and the investment is wasted if the Windows applications are accessed infrequently or simply retired.

Some of these issues can be reduced by running servers directly from an IaaS platform such as MS Azure but that doesn’t reduce the complexity and it can prove costly if the inefficiencies are not addressed.

If we accept the fact that we need to support Windows desktops on a range of platforms and this is unlikely to change for some time, what would be the ideal solution ?
  • No requirement for additional hardware or server images to maintain.
  • Easy to manage and configure
  • Customisable with curriculum software.
  • Accessible from a wide range of platforms with zero install
  • Access anywhere.
  • No scaling limitations both up and down.
  • Cost effective, cheap or free.
The majority of this list can be covered by cloud services that deliver desktops on demand, otherwise known as Desktop as a Service (DaaS). In this case each desktop is represented by a single computer running in the cloud, accessed by the student across the network from whatever platform is appropriate for the task. With DaaS there are no servers to maintain, it’s simple to configure and both accessibility and scalability are baked in.

So DaaS can tick off the first six points quite easily. Where the wheels come off is point seven - cost.

Currently DaaS services are aimed squarely at the business market which means it's expensive for education.
In a business situation if a desktop user generates revenue then DaaS can be absorbed as a simple overhead cost. José may well be the next Mark Zuckerberg but he’s only fourteen at the moment and not yet pulling in the bucks!
Another complication is that DaaS cost model assumes that the desktop is linked to a single named user and is used productively for the whole working day, over an extended period of time.

A school has a completely different usage pattern and may access a desktop intensively for a few hours a day and then not at all for a week before repeating the pattern over three months and then breaking up for a six week summer holiday.

So at superficial level DaaS doesn’t look like an practical option for education but let's look at the problem a little closer.

DaaS is not being asked to replace the bootable image in daily use in the ICT suite or student mobile device. This is likely to be MS Windows but in 2017 could just as easily be iOS, macOS or ChromeOS or Android.

However DaaS could be used to deliver a pre-defined set of Windows apps to a class group to meet a specific teaching requirement. This could be as simple as the MS Office suite for a school that runs Chromebooks or iPads or it could be a specialised Windows application that's required for the assessment of a single course. In both cases maintaining a complex backend infrastructure just to deliver a few legacy Window apps is simply inefficient, although it's also true that paying for an underutilised DaaS desktop is just as bad.

So what vendor options do you currently have ?

Microsoft is currently re-branding it own DaaS offering around a Citrix Cloud service at the moment so it’s difficult to know what that might look like. If I had to guess, it will slick, fully featured and very expensive. The jury's out on that that but it could be an option.

Note: VDI on Azure has now been launched.

The current leader in the DaaS market place is Amazon with WorkSpaces a fully managed, secure desktop computing service which runs on the AWS cloud.  It offers two subscription methods. The first is a simple flat fee per month and the second a metered tariff per hour on top of a reduced monthly charge.
All the estimates below are based on a machine running a Windows 10 experience with 1 vCPU, 2 GB Memory and 10 GB storage.
The flat fee per desktop is currently £20.33 pcm which works out at £609.76 to deliver a desktop to thirty named students over a month. Unless your school is sponsored by an oil producing nation that's unlikely to be attractive. Other DaaS providers offer desktops at a similar cost level.

The second Amazon option is more interesting.

Taking the same class size and including a charge for running the lab for 20 hours per month the costs fall to around £285 pcm.  While the cost is heading on the right direction the problem now lies with starting the image so it’s available for the class and shutting it down afterwards to avoid eating into the budget.
Fraser Speirs at the Cedars School has used some innovative techniques to show how this might be done.
For a school that runs an image for a limited number of hours a month the majority of the cost rests with the fixed monthly fee which will be charged even if the image is not started. Therefore the AWS cost structure, although an improvement, still doesn’t align with the requirements of education which is a simple flat rate pay-as-you go model.

This is where Google Cloud Platform (GCP) comes in because that's exactly how it works - a simple per-minute billing for each running instance and when you run the same numbers through this model the results are quite startling.

The thirty user lab running the same Windows instance for twenty hours now costs £48 pcm probably the same amount of money it would cost to licence, maintain, power and cool the on-premise server farm.

Let's look at some other advantages.

There’s no overhead in maintaining a library of images. Unlike Amazon Workspaces a student could have multiple desktops, each matched to a specific task. The example we have been employing uses a Windows desktop but one image could easily be a Linux development environment.

The images could maintain the user settings between each session so the student can immediately pick up where they left off. Running persistent desktops in a VDI environment has significant overheads.

In a Google environment you could run stateless images and then force the user to authenticate with the Chrome browser to pull down a user policy. Lastly you could take the Google integration theme one step further and pull the information you need to setup the classes directly from Google Classroom. How cool would that be?

Pick a class- pick an image - pick a time, all managed by the teaching team.
Another approach could be -  here’s a budget, schedule what you like, when you want it.

Lets keep going...
  • Split location teaching - not a problem.
  • Take the “ICT suite” on field trips and work in the evening - easy.
  • Classes by limited by the size of the ICT suite - not any more.
  • Differentiated learning environments - it’s a breeze.
  • Ageing PC suite with XP- replace with Chromebases and move teaching apps to DaaS desktops.

There are a few catches of course.

On a practical level Google File Stream doesn't work on a server operating system which is what the DaaS desktop would be have to use because of Microsoft's protective licencing policy. That's a nuisance but only really effects the user experiance, there are larger issues.

Unlike Amazon WorkSpaces which has a very slick front end to provision and allocate these desktops nothing like this exists for GCP in the way I’ve described. Amazon WorkSpaces also has a built in network protocol (PCoIP) and client plugins which provides an enhanced user experience.

It would be impractical to expect a school to manually build, maintain, allocate and schedule these images but the salient fact is that GCP currently provides the technology and the charging structure for such a service to be created.

It only needs an enterprising team to provide the user access layer and management and this would become really interesting. Even at twice the price it would still remain an attractive option.

Available internet bandwidth is always a factor when assessing SaaS but this is now a core resource for most schools and should attract the same level of investment as on-premise hardware did in the past. Money spent on connectivity benefits everything not just a few applications or subject areas.

Schools can gain a genuine benefit from adopting SaaS but there's always a fixed set of Windows applications that stalls the progress towards a fully serverless solution by requiring local servers and storage.

If you can migrate these desktops and applications to the cloud the savings to be gained in reducing the overhead costs of local infrastructure could be used to fund the initiative.

There are still a few problems, not all of them technical but lifting this particular roadblock would be a huge step towards a serverless future.

Of course such a service may already exist. If so I’d be happy to use it!

Monday 2 January 2017

Why moving servers to the cloud doesn't work.

It's a safe bet that 2017 will see increasing levels of hype around the adoption of cloud services for both business and education.

In the UK, schools are being encouraged to move in this direction by policy guidelines  issued by the Department of Education while at the same time licence changes from Microsoft are aimed at making MS Azure more attractive when compared with the on-site options.

Throughout the year Google will continue to work actively in this arena, promoting their cloud service (G Suite for Education and Google Classroom) as well as other initiatives such as Expeditions. At the BETT show, to be held in London later this month its likely that the vast majority of new software will be launched as cloud based applications (SaaS) rather than local server installs. It all appears to be heading in one direction.

Building a new school using cloud services is one challenge but migrating an existing school raises a whole range of issues. Most sites have long standing dependencies on locally installed software and legacy systems for both administration and teaching which makes this a far more difficult task.
Faced with this scenario it's tempting to simply take the existing server estate and replicate to an IaaS platform like Microsoft Azure.

Job done, your school is in the cloud with all the boxes ticked.

Because many school servers already run on virtualized server platforms such as Microsoft Hyper-V or VMWare this seems like a low risk solution and in some respects it is but it comes with one major drawback - it doesn’t work.

This is not a particular shortcoming of MS Azure but more a set of constraints that you face when moving workloads to Infrastructure As A Service (IaaS) by simply replicating the onsite architecture.

This might come as a bit of a surprise. Isn’t the whole point of the blog an attempt to reduce the number of on-premise servers and move to the cloud. It’s The Serverless School after all  - so what's going on.

Why wouldn't rebuilding the onsite infrastructure in the cloud bring the benefits we expect ?

It doesn't change anything.
Migrating servers to the cloud is not a catalyst for change. The servers are off site but same problems remain. Some pinch points are removed such as remote access, expansion capacity and the hardware upgrade cycle but you are still managing services in a similar way and it’s pretty much the same system.

Shifting to the cloud without anybody noticing it's a significant technical achievement but for a school it just represents a missed opportunity. Moving systems to an IaaS platform is not a transformative process.

Its slowww.
Actually users will notice a change - it’s going to be slower. Placing servers on the end of a wire that carries less than 10% of the throughput of a local connection is going to have an impact. SaaS applications don’t have the same problem because they have been designed to perform on low-bandwidth internet connection. In contrast the user experience provided by a locally installed application when accessing files or loading user profiles relies heavily on a responsive data connection and when this doesn't exist the results can be ugly.

The bill please.
Onsite servers are very inefficient. In most schools they are only used for about eight hours and even when they are working, utilise only a fraction of the total capacity. Throughout the whole day they’ll be consuming energy to heat them up and more energy to cool them down. They also require support, backup systems, redundant capacity and every five years they’ll need replacing. Migrating servers to an IaaS platform seems an obvious solution. So you rebuild or migrate your servers to IaaS and all it well... and then you get the monthly invoice.
OMG - why is it so expensive ?
IaaS appears costly because it’s measured against a misleadingly low value for on-site computing. On premise always looks cheap because most of the costs are hidden, unrecognised or simply not taken into account.

When you move your server estate to IaaS you see the true cost of under utilising processing power and storage and it can be quite a shock. IaaS is a great deal if your servers are working 24/7 to provide a service but if you export your inefficiencies to the cloud you simply get stuck with a checkbill for doing nothing.

There are workarounds some of these problems of course.

You can rationalise the number of servers and consolidate some of the services onto a single image.
"You started with six virtual servers but after the VLE install, the backup upgrade, the reporting software and the other stuff you 'need' you now have twelve although you’re not sure what they all do."
You could introduce some scheduling software in order to keep the cost down as well as keeping some of the core services local to speed things up, but now you have two systems, one on-site and one in the cloud and you're sure whether you have halved your problem or doubled it.

By the time you’ve re-engineered everything to make it work in the same way as it did on-premise wouldn’t it be simpler to consider a SaaS based solution.

Other considerations when moving VM infrastructure to the Cloud
Serverless School Serverless Serverless