How do I install GUI (graphical desktop) on Amazon EC2 instances running RHEL/Rocky Linux 8/9?

5 minute read
Content level: Intermediate
0

Steps to install desktop environment, desktop manager and and Amazon DCV high performance remote display protocol server on RHEL (Red Hat Enterprise Linux) and Rocky Linux versions 8 and 9

Notice

Your use of DCV is subject to DCV end user license agreement

Supported OS versions

The following versions are supported by Amazon DCV server

While the steps may work on other Linux OSs that are based on RHEL distribution such as AlmaLinux, it is not supported.

System Requirements and Prerequisites

  • EC2 instance with 2 GiB or more memory
  • Attached security group allows inbound TCP and UDP port 8443 from your IP
  • More than 3 GB free disk space to install graphical desktop components and DCV server
  • Attached EC2 IAM role with the below policy. Replace region with your instance AWS Region code
{
    "Version": "2012-10-17",
    "Statement": [
       {
           "Effect": "Allow",
           "Action": "s3:GetObject",
           "Resource": "arn:aws:s3:::dcv-license.region/*"
       }
    ]
}

Optional: Install SSM agent

Install SSM agent to enable Session Manager access. This requires EC2 instance to have attached IAM role with the AmazonSSMManagedInstanceCore policy

if (arch | grep -q x86); then
  sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
else
  sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_arm64/amazon-ssm-agent.rpm
fi

Install desktop environment and desktop manager

Install GNOME desktop and disable Wayland protocol

sudo dnf update -y
sudo dnf groupinstall -y 'Server with GUI'
sudo dnf groupinstall -y GNOME
sudo sed -i '/^\[daemon\]/a WaylandEnable=false' /etc/gdm/custom.conf

Install DCV server

Install NICE DCV server, web client and virtual session support, and enable server daemon

cd /tmp
sudo rpm --import https://d1uj6qtbmh3dt5.cloudfront.net/NICE-GPG-KEY
OS_VERSION=$(. /etc/os-release;echo $VERSION_ID | sed -e 's/\..*//g')
curl -L -O https://d1uj6qtbmh3dt5.cloudfront.net/nice-dcv-el$OS_VERSION-$(arch).tgz
tar -xvzf nice-dcv-el$OS_VERSION-$(arch).tgz && cd nice-dcv-*-el$OS_VERSION-$(arch)
sudo dnf install -y ./nice-dcv-server-*.rpm
sudo dnf install -y ./nice-dcv-web-viewer-*.rpm
sudo dnf install -y ./nice-xdcv-*.rpm
sudo systemctl enable dcvserver

Configure DCV server

Configure console session, enable session storage and QUIC transport protocol

if (cat /etc/os-release | grep -q Rocky); then
  USER="rocky"
else
  USER="ec2-user"
fi
sudo sed -i "/^\[session-management\/automatic-console-session/a owner=\"$USER\"\nstorage-root=\"%home%\"" /etc/dcv/dcv.conf
sudo sed -i "s/^#create-session/create-session/g" /etc/dcv/dcv.conf
sudo sed -i "s/^#enable-quic-frontend=true/enable-quic-frontend=true/g" /etc/dcv/dcv.conf

GPU instance

If you are using a GPU instance, install and configure GPU drivers

Non GPU instance

For other instance types, install and configure XDummy driver

sudo dnf install -y xorg-x11-drv-dummy
sudo tee /etc/X11/xorg.conf > /dev/null << EOF
Section "Device"
    Identifier "DummyDevice"
    Driver "dummy"
    Option "UseEDID" "false"
    VideoRam 512000
EndSection

Section "Monitor"
    Identifier "DummyMonitor"
    HorizSync   5.0 - 1000.0
    VertRefresh 5.0 - 200.0
    Option "ReducedBlanking"
EndSection

Section "Screen"
    Identifier "DummyScreen"
    Device "DummyDevice"
    Monitor "DummyMonitor"
    DefaultDepth 24
    SubSection "Display"
        Viewport 0 0
        Depth 24
        Virtual 4096 2160
    EndSubSection
EndSection
EOF

Open firewall port

Open firewall ports if firewall daemon is installed

if (systemctl list-units | grep -q firewalld); then
  sudo systemctl stop firewalld
  sudo firewall-offline-cmd --add-port 8443/tcp
  sudo firewall-offline-cmd --add-port 8443/udp
  sudo systemctl start firewalld
fi

Restart X server and DCV server

sudo systemctl isolate multi-user.target && sudo systemctl isolate graphical.target
sudo systemctl stop dcvserver && sudo systemctl start dcvserver

Access graphical desktop environment

Set user password

Specify a strong password for login user

Rocky

sudo passwd rocky

RHEL and Alma

sudo passwd ec2-user

Clients

DCV offers Windows, Linux, macOS and web browser clients.

HTML 5 client for web browser access is at https://<EC2-IP>:8443 (where <EC2-IP> is your EC2 instance IP address). Native clients supports QUIC and can be downloaded from https://www.amazondcv.com/

Login with your configured password

Web browser client

Enter image description here

Install on EC2 launch

To automate install when launching a new EC2 instance, you can use the below user data script.

#!/bin/bash
if (arch | grep -q x86); then
  sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
else
  sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_arm64/amazon-ssm-agent.rpm
fi

sudo dnf update -y
sudo dnf groupinstall -y 'Server with GUI'
sudo dnf groupinstall -y GNOME
sudo sed -i '/^\[daemon\]/a WaylandEnable=false' /etc/gdm/custom.conf

cd /tmp
sudo rpm --import https://d1uj6qtbmh3dt5.cloudfront.net/NICE-GPG-KEY
OS_VERSION=$(. /etc/os-release;echo $VERSION_ID | sed -e 's/\..*//g')
curl -L -O https://d1uj6qtbmh3dt5.cloudfront.net/nice-dcv-el$OS_VERSION-$(arch).tgz
tar -xvzf nice-dcv-el$OS_VERSION-$(arch).tgz && cd nice-dcv-*-el$OS_VERSION-$(arch)
sudo dnf install -y ./nice-dcv-server-*.rpm
sudo dnf install -y ./nice-dcv-web-viewer-*.rpm
sudo dnf install -y ./nice-xdcv-*.rpm
sudo systemctl enable dcvserver

if (cat /etc/os-release | grep -q Rocky); then
  USER="rocky"
else
  USER="ec2-user"
fi
sudo sed -i "/^\[session-management\/automatic-console-session/a owner=\"$USER\"\nstorage-root=\"%home%\"" /etc/dcv/dcv.conf
sudo sed -i "s/^#create-session/create-session/g" /etc/dcv/dcv.conf
sudo sed -i "s/^#enable-quic-frontend=true/enable-quic-frontend=true/g" /etc/dcv/dcv.conf

sudo dnf install -y xorg-x11-drv-dummy
sudo tee /etc/X11/xorg.conf > /dev/null << EOF
Section "Device"
    Identifier "DummyDevice"
    Driver "dummy"
    Option "UseEDID" "false"
    VideoRam 512000
EndSection

Section "Monitor"
    Identifier "DummyMonitor"
    HorizSync   5.0 - 1000.0
    VertRefresh 5.0 - 200.0
    Option "ReducedBlanking"
EndSection

Section "Screen"
    Identifier "DummyScreen"
    Device "DummyDevice"
    Monitor "DummyMonitor"
    DefaultDepth 24
    SubSection "Display"
        Viewport 0 0
        Depth 24
        Virtual 4096 2160
    EndSubSection
EndSection
EOF

if (systemctl list-units | grep -q firewalld); then
  sudo systemctl stop firewalld
  sudo firewall-offline-cmd --add-port 8443/tcp
  sudo firewall-offline-cmd --add-port 8443/udp
  sudo systemctl start firewalld
fi

sudo systemctl isolate multi-user.target && sudo systemctl isolate graphical.target
sudo systemctl stop dcvserver && sudo systemctl start dcvserver

Set ec2-user / rocky password after installation is compete

CloudFormation template

To quickly get up and running with DCV for internal testing, you can use CloudFormation template at DCV CloudFormation page and aws-samples - Github

Additional information

Refer to DCV documentation site

AWS
EXPERT
MikeLim
published a month ago231 views