Container technology has had a significant impact on automating software delivery practices. As Docker and Kubernetes have become de facto container standards, automated pipeline tools have emerged that can result in increased speed and reliability of application release and operation. Vendors, including Amazon, Microsoft, and Google, now provide managed Kubernetes services that simplify the complexity of running container clusters.
In response to the opportunities presented by container technology, the EA team worked with UW-IT application and infrastructure teams to develop a discovery project. In an eleven week period from May to July, 2018, teams from across UW-IT participated in a project to assess the viability of leveraging container-based applications (CBAs) in the organization.
In partnership with the UW-IT PMO, the EA team ran weekly three hour working meetings to develop an assessment framework and review research on application containers conducted by project team members.
The outputs of the project are a reference architecture and a whitepaper.
The reference architecture provides recommendations to application teams considering CBAs and shared services teams considering how best to enable CBAs regarding:
- Scenarios in which CBAs are recommended
- Team readiness, roles, and responsibilities for using CBAs
- Effective and safe configuration of container clusters (such as accounts, clusters, pods, services, and networking)
- Design of container based applications in different scenarios
- Use of an effective pipeline for changes to applications and clusters
The whitepaper recommends a roadmap for opportunistic adoption of container based applications (CBAs) by UW-IT on behalf of the UW. That roadmap consists of three phases:
- In Phase I (Early Adoption), we expect that a handful of application teams will adopt CBAs, relying on their own learning and the recommended reference architecture, with minimal change to shared services.
- In Phase II (Invest in Expertise), UW-IT should support increased adoption of CBAs through training, consultation, and some growth in shared services.
- In Phase III (Containers as a Service), UW-IT should develop an infrastructure shared service that enables teams with limited expertise in infrastructure to run applications, enabling the widest adoption.
The end-of-quarter checklist provides pointers for wrapping up your Canvas course: submitting grades, conducting an inventory of course content for use in a future session, exporting course content, and marking the course read-only for students. And because quarters come and go so quickly, you may want to check out the start-of-quarter UW Canvas checklist.
Managed Workstation has a new process available for imaging a workstation called Operation System Deployment (OSD). The old process, called Litetouch or MDT, will remain available until October 31, 2019.
Why should I use this new process?
There are a number of enhancements immediately available via OSD including:
- Computer is automatically joined to the domain as part of the process
- You can choose to enable Bitlocker1 as part of the process
- The computer name by default is the serial number (you can override)
- You can choose a custom image, if you’ve previously requested creation of a custom image that meets your needs
1 Bitlocker encrypts the hard disk so that if the computer is stolen, the data is protected
How do I use this new process?
To use the new OSD imaging process: https://it.uw.edu/wares/mws/hardware/osd-image-installation/.
Can you tell me more about the custom image option?
Use this form to request a new computer image from the Managed Workstation service.
One of the enhancements possible with our new imaging process is the ability to easily create a custom image that builds on top of the standard MWS image. You may have a set of computers that need a specific set of applications installed. We can create a custom image that installs those applications as part of the imaging process, so that you don’t have to manually install them after imaging. Because your custom image is built on top of our standard image, it will be kept up to date with the latest Windows version.
How do I get local administrator privileges using this new image option?
When you ask for a computer account to be created via the Enable a computer for Managed Workstation services form, you can specify which users should be added to the local administrator group. In most cases, this should happen nearly immediately after the image completes, but in some cases, it may take up to 30 minutes.
What if I have more questions?
Please send email to help@uw.edu with a subject of “MWS OSD imaging process” with any additional questions.
Brian Arkills
Managed Workstation service manager & owner
UW-IT
On January 14th, 2019 starting at 7pm, maintenance will be performed on the MWS file service. This maintenance period will end on January 15th at 5am.
During this period, users may not be able to access their files.
After this period, if you experience problems accessing your files, please logout and log back in–this should clear the issue.
What changed
Yesterday, we prematurely delivered a new desktop icon as a planned enhancement–please accept our apologies for any surprises this caused.
This new desktop icon is named ‘Upgrade Windows to current version‘. Depending on screen resolution and font choices on your computer, this name may be shortened. If you don’t see this icon, you likely will in the near future.
New feature
This icon allows any managed workstation which is not running the latest Windows 10 release, to upgrade to the latest Windows 10 release. It is very similar to the icon we delivered in January 2017, for upgrade from Windows 7 to Windows 10, but it allows you to manually initiate an update from one Windows 10 feature release to the latest.
We are still working on another desired feature of this icon–that it only appear on computers which are not already running the latest Windows 10 release. The intention being that you will know you aren’t on the latest version when you see the icon appear. That feature has not yet been completed, but we’ll continue to work on that.
This feature is part of an overhaul of our approach to keeping Windows updated. We’ll have more to share about that in the near future.
What to expect
If you manually upgrade, you should be prepared for some interruption of service. Windows 10 feature upgrades are not as lengthy as the upgrade from Windows 7. When the computer restarts, there will be a period of time when your computer is not usable. That period is generally 10-30 minutes on current computers, but could be longer.
Brian Arkills
Managed Workstation service owner and manager
UW-IT
The antivirus solution and process within Managed Workstation has changed.
What and When
During the month of August, we slowly replaced the prior Sophos product with an entirely new Sophos product with two components. The new product is called Sophos Intercept X.
This change was initially made to all Windows 7 computers to help support our efforts to upgrade them to Windows 10, because the older Sophos product was identified as blocking upgrades in some cases. As we gained trust that it demonstrated no problems with larger numbers of computers, we deployed it across all of the Managed Workstation service.
Note: With a service of this size, any broad change we make takes a long time to be complete. So at this time only 83% of all managed workstations have the new solution–primarily because those remaining have not been on the UW network to receive the update. So you may not have this change.
What this means for you
There are a couple improvements with this new solution:
- When you leave the UW network, your computer is now able to report infections and get new virus updates
- We have additional insight on the specific origin of an infection. We’re still analyzing how we might provide that information to you.
- Our process for addressing infections has shifted so that for most infections you are not required to take action–we take actions when it does not threaten your data. Where data might be destroyed, we will still contact customers before we take action–your data is important to us.
More Info
Some customer units which have IT support have noted that the new solution does not allow for local control or configuration changes. This is by design because this solution is part of what you pay Managed Workstation for each month.
Brian Arkills
Managed Workstation service owner and manager
UW-IT
As of 10/1/2018, the Managed Workstation training room in Roosevelt Commons is no longer available.
There is not enough use for us to continue to provide this resource.
We are sorry for any inconvenience this may cause.
Brian Arkills
Managed Workstation service owner and manager
UW-IT
Managed Workstation will drop OS support for Windows 7 SP1 on 8/31/2018. This will reduce costs and improve security & capabilities, enabling a more useful, up-to-date, functioning workstation.
To meet this goal, several steps will be taken:
- July 19: Begin weekly notifications to customer account contacts of their remaining Windows 7 managed workstations
- August 1: Contact primary user of remaining Windows 7 computers
- August 8: Contact primary user of remaining Windows 7 computers
- August 15: Initiate automatic upgrades for remaining Windows 7 managed workstations
- August 31: Windows 7 computers removed from Managed Workstation service
Since January 2017, a self-service mechanism to upgrade Windows 7 computers to Windows 10 has been available, and customer are encouraged to leverage it. MWS assistance with upgrades is also available, and we will help customers address any issues encountered.
Brian Arkills
Managed Workstation service owner/manager
UW-IT
Managed Workstation is deploying LastPass Enterprise, a password management system, which is now available on an opt-in basis.
What & Why
Managed Workstation has purchased LastPass Enterprise for all Managed Workstation users. LastPass helps improve password management practices by:
- securely storing and generating complex passwords,
- providing secure sharing mechanisms for passwords, both individually between users and via UW Groups
- automatically entering usernames and passwords on most websites, including the UW web login interfaces,
- providing warnings about password entry on malicious websites, or about at-risk or compromised passwords
We believe these security features are valuable to all users. LastPass is approved by the UW Office of the Chief Information Security Officer.
How
Adoption of LastPass is a self-service action taken by each individual user. We are not planning to send email to every MWS user to notify them of this new capability.
You are welcome to notify users in your unit and we encourage that. If you’d like help notifying your users, let us know.
Interested users will need the above information, along with the information documented at https://it.uw.edu/wares/mws/mgmt/lastpass/adoption/ on how to get a LastPass Enterprise account created and setup.
More Info
It’s important to note that:
- unlike most Managed Workstation services, customer account contacts will not be able to control whether their users get a LastPass account or not,
- we cannot recover or reset lost or forgotten LastPass master passwords; lost or forgotten master passwords will result in the complete loss of all stored passwords that aren’t in a Shared Folder.
Our support for LastPass will be limited. We have some critical information documented and provide very basic assistance. Because this is a vendor provided solution and their documentation is excellent, we expect users to leverage the vendor resources for primary support. The LastPass Help Center is an excellent place to start.
Our documentation is available at https://it.uw.edu/wares/mws/mgmt/lastpass/.
Thank you,
Brian Arkills
Managed Workstation Service Owner and Manager
UW-IT
help@uw.edu
206-221-5000
We’ve moved Windows 10 1709, also known as the Fall Creators Update, to Baseline and will start upgrading Windows 10 computers running an older version this week.
What and when
Over the next several weeks, we will be upgrading all computers running Windows 10 to version 1709, which is also known as the Fall Creators Update. We are moving to this version ahead of the normal schedule, to enable new security functionality. This upgrade is mandatory.
The upgrade will be done automatically in the evenings, requires no user interaction, and will not impact any user settings or files. The upgrades will mostly run on the weekends, but if a computer is not on, the upgrade will not start on Monday morning.
While we cannot provide a specific date of when any given computer will be upgraded, individual users can choose to start the process any time using the ‘Software Center’ or via the shortcut on their desktop..
What you need to do
There is no action required.
If you have any questions or concerns, send an email to help@uw.edu and with ‘MWS – 1709 Upgrade’ in the subject line.