Overview

This article suggests how you can install GUI (Graphical User Interface) on Amazon EC2 instances running RHEL/Rocky Linux 8/9, and access it using Amazon DCV remote display protocol.

This article applies to RHEL/Rocky Linux on AWS only. Similar articles are available for AL2, AL2023, Ubuntu Linux and SLES 15

GPU instance

If you are using NVIDIA GPU instances, ensure graphics drivers are installed first. Refer to Install NVIDIA GPU driver, CUDA Toolkit, NVIDIA Container Toolkit on Amazon EC2 instances running RHEL/Rocky Linux 8/9 and NVIDIA drivers for your Amazon EC2 instance for options.

Notice

Your use of DCV is subject to DCV end user license agreement

Other options

Install prerequisites including desktop environment and Amazon DCV Server from Amazon DCV Administrator Guide

For managed EUC (End User Computing) services, consider Amazon WorkSpaces and Amazon AppStream 2.0

To quickly get up and running with DCV for internal testing, you can use CloudFormation template at DCV CloudFormation page. You can also explore amazon-ec2-nice-dcv-samples CloudFormation templates to provision your own EC2 instances with graphical desktop environment, DCV server and other features such as custom resolution, multi-monitor support and GPU driver installation.

AMIs preconfigured with graphical desktop environment are available from AWS Marketplace.

Requirements

Supported OS versions

The following versions are supported by Amazon DCV server

• Red Hat Enterprise Linux (RHEL) 9 (x86_64 and arm64)
• Red Hat Enterprise Linux (RHEL) 8 (x86_64 and arm64)
• Rocky Linux 9 (x86_64 and arm64)
• Rocky Linux 8 (x86_64 and arm64)

While the steps may work on other RHEL compatible Linux OSs such as AlmaLinux, it is not supported.

EC2 instance prerequisites

• EC2 instance with 2 GiB or more memory
• Attached security group allows inbound TCP and UDP port 8443 from your IP
• More than 3 GB free disk space to install graphical desktop components and DCV server
• Attached EC2 IAM role with the below policy for license validation. Replace REGION with your instance AWS Region code. Alternatively, attach AmazonS3ReadOnlyAccess managed policy.

{
    "Version": "2012-10-17",
    "Statement": [
       {
           "Effect": "Allow",
           "Action": "s3:GetObject",
           "Resource": "arn:aws:s3:::dcv-license.REGION/*"
       }
    ]
}

Installing DCV

Optional: Install SSM agent

Install SSM agent (if not installed) to enable Session Manager access. This requires EC2 instance to have attached IAM role with the AmazonSSMManagedInstanceCore policy

if (! systemctl list-units | grep -q amazon-ssm-agent); then
  if (arch | grep -q x86); then
    sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
  else
    sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_arm64/amazon-ssm-agent.rpm
  fi
fi

Install desktop environment and desktop manager

Install GNOME desktop and disable Wayland protocol

sudo dnf update -y
sudo dnf groupinstall -y 'Server with GUI'
sudo dnf groupinstall -y GNOME
sudo sed -i '/^\[daemon\]/a WaylandEnable=false' /etc/gdm/custom.conf
sudo systemctl set-default graphical.target

Install DCV server

Install NICE DCV server, web client and virtual session support, and enable server daemon

cd /tmp
sudo rpm --import https://d1uj6qtbmh3dt5.cloudfront.net/NICE-GPG-KEY
OS_VERSION=$(. /etc/os-release;echo $VERSION_ID | sed -e 's/\..*//g')
curl -L -O https://d1uj6qtbmh3dt5.cloudfront.net/nice-dcv-el$OS_VERSION-$(arch).tgz
tar -xvzf nice-dcv-el$OS_VERSION-$(arch).tgz && cd nice-dcv-*-el$OS_VERSION-$(arch)
sudo dnf install -y ./nice-dcv-server-*.rpm
sudo dnf install -y ./nice-dcv-web-viewer-*.rpm
sudo dnf install -y ./nice-xdcv-*.rpm
sudo systemctl enable dcvserver

Console session XDummy driver

Install and configure XDummy driver. Run NVIDIA xorg.conf configurator if NVIDIA GPU desktop drivers are installed.

sudo dnf install -y xorg-x11-drv-dummy
sudo tee /etc/X11/xorg.conf > /dev/null << EOF
Section "Device"
    Identifier "DummyDevice"
    Driver "dummy"
    Option "UseEDID" "false"
    VideoRam 512000
EndSection

Section "Monitor"
    Identifier "DummyMonitor"
    HorizSync   5.0 - 1000.0
    VertRefresh 5.0 - 200.0
    Option "ReducedBlanking"
EndSection

Section "Screen"
    Identifier "DummyScreen"
    Device "DummyDevice"
    Monitor "DummyMonitor"
    DefaultDepth 24
    SubSection "Display"
        Viewport 0 0
        Depth 24
        Virtual 4096 2160
    EndSubSection
EndSection
EOF

if [ -f /usr/bin/nvidia-xconfig ]; then
  sudo /usr/bin/nvidia-xconfig --preserve-busid --enable-all-gpus
  sudo dnf install -y vulkan-tools glx-utils
fi

Configure DCV server

Configure console session, file transfer and printing support

if (cat /etc/os-release | grep -q Rocky); then
  USER="rocky"
else
  USER="ec2-user"
fi
sudo sed -i "/^\[session-management\/automatic-console-session/a owner=\"$USER\"\nstorage-root=\"%home%\"" /etc/dcv/dcv.conf
sudo sed -i "s/^#create-session/create-session/g" /etc/dcv/dcv.conf

sudo dnf install -y cups
sudo usermod -a -G sys dcv
sudo systemctl enable --now cups

Open firewall port

Open firewall ports if firewall daemon is installed

if (which firewall-offline-cmd); then
  sudo systemctl stop firewalld
  sudo firewall-offline-cmd --add-port 8443/tcp
  sudo firewall-offline-cmd --add-port 8443/udp
  sudo systemctl start firewalld
fi

Restart X server and DCV server

sudo systemctl isolate multi-user.target && sudo systemctl isolate graphical.target
sudo systemctl stop dcvserver && sudo systemctl start dcvserver

Set user password

Specify a strong password for login user

Rocky

sudo passwd rocky

RHEL

sudo passwd ec2-user

Access graphical desktop environment

Clients

DCV offers Windows, Linux, macOS and web browser clients.

You can connect to DCV server using web browser client at https://<EC2-IP>:8443 (where <EC2-IP> is your EC2 instance IP address). Native clients provide better user experience and additional features, and can be downloaded from Amazon DCV site.

Login as ec2-user (RHEL) or rocky (Rocky Linux) with your configured password

Do ensure that EC2 instance security group allow inbound TCP and UDP 8443 from your IP

Web browser client

Install on EC2 launch

To automate install when launching a new EC2 instance, you can use the below user data script.

#!/bin/bash
if (! systemctl list-units | grep -q amazon-ssm-agent); then
  if (arch | grep -q x86); then
    sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm
  else
    sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_arm64/amazon-ssm-agent.rpm
  fi
fi

sudo dnf update -y
sudo dnf groupinstall -y 'Server with GUI'
sudo dnf groupinstall -y GNOME
sudo sed -i '/^\[daemon\]/a WaylandEnable=false' /etc/gdm/custom.conf
sudo systemctl set-default graphical.target

cd /tmp
sudo rpm --import https://d1uj6qtbmh3dt5.cloudfront.net/NICE-GPG-KEY
OS_VERSION=$(. /etc/os-release;echo $VERSION_ID | sed -e 's/\..*//g')
curl -L -O https://d1uj6qtbmh3dt5.cloudfront.net/nice-dcv-el$OS_VERSION-$(arch).tgz
tar -xvzf nice-dcv-el$OS_VERSION-$(arch).tgz && cd nice-dcv-*-el$OS_VERSION-$(arch)
sudo dnf install -y ./nice-dcv-server-*.rpm
sudo dnf install -y ./nice-dcv-web-viewer-*.rpm
sudo dnf install -y ./nice-xdcv-*.rpm
sudo systemctl enable dcvserver

if (cat /etc/os-release | grep -q Rocky); then
  USER="rocky"
else
  USER="ec2-user"
fi
sudo sed -i "/^\[session-management\/automatic-console-session/a owner=\"$USER\"\nstorage-root=\"%home%\"" /etc/dcv/dcv.conf
sudo sed -i "s/^#create-session/create-session/g" /etc/dcv/dcv.conf

sudo dnf install -y cups
sudo usermod -a -G sys dcv
sudo systemctl enable --now cups

sudo dnf install -y xorg-x11-drv-dummy
sudo tee /etc/X11/xorg.conf > /dev/null << EOF
Section "Device"
    Identifier "DummyDevice"
    Driver "dummy"
    Option "UseEDID" "false"
    VideoRam 512000
EndSection

Section "Monitor"
    Identifier "DummyMonitor"
    HorizSync   5.0 - 1000.0
    VertRefresh 5.0 - 200.0
    Option "ReducedBlanking"
EndSection

Section "Screen"
    Identifier "DummyScreen"
    Device "DummyDevice"
    Monitor "DummyMonitor"
    DefaultDepth 24
    SubSection "Display"
        Viewport 0 0
        Depth 24
        Virtual 4096 2160
    EndSubSection
EndSection
EOF

if [ -f /usr/bin/nvidia-xconfig ]; then
  sudo /usr/bin/nvidia-xconfig --preserve-busid --enable-all-gpus
  sudo dnf install -y vulkan-tools glx-utils
fi

if (which firewall-offline-cmd); then
  sudo systemctl stop firewalld
  sudo firewall-offline-cmd --add-port 8443/tcp
  sudo firewall-offline-cmd --add-port 8443/udp
  sudo systemctl start firewalld
fi

sudo systemctl isolate multi-user.target && sudo systemctl isolate graphical.target
sudo systemctl stop dcvserver && sudo systemctl start dcvserver

Do set ec2-user or rocky user password

Additional information

Refer to DCV documentation

DCV sessions

Amazon DCV on Linux offers two types of sessions: console sessions and virtual sessions. This article use console sessions, which has resolution limits especially on non GPU instances. Virtual sessions support custom resolution and multiple displays.

To switch to virtual session, connect to EC2 instance as ec2-user/rocky and disable console session

sudo sed -i "s/^create-session/#create-session/g" /etc/dcv/dcv.conf
sudo systemctl restart dcvserver

You will need to create a virtual session manually

if (cat /etc/os-release | grep -q Rocky); then
  USER="rocky"
else
  USER="ec2-user"
fi

sudo dcv create-session $USER --owner $USER --storage-root %home% --type virtual

To verify that virtual session has been created

dcv list-sessions

Output should be similar to below

 Session: 'rocky' (owner:rocky type:virtual)

Refer to Using the command line on a Linux Amazon DCV Server for more information