Streamlining virtual software provisioning at scale with MyWorkspace

|

MyWorkspace helps Microsoft employees provision templatized virtual labs at the click of a button.

Microsoft Digital storiesEvery software company has unique virtual provisioning needs.

Creating complex virtual infrastructure from scratch and maintaining it for even a short period can be labor-intensive, costly, and risky from a security standpoint. When it needs to happen multiple times per day throughout an organization’s workforce, handling these challenges can be overwhelming.

At a company the size of Microsoft, managing those efforts across multiple lines of business can consume hundreds of hours of administration, computing time, and review. To help our teams generate their virtual labs quickly and securely, our Microsoft Digital Employee Experience (MDEE) team created MyWorkspace, a cloud solution that helps teams templatize their setups in the cloud and provision replicas on demand.

It’s revolutionizing how we handle virtual software provisioning.

[Learn how we’re doing more with less internally at Microsoft with Microsoft Azure. Find out how we’re simplifying compliance evidence management with Microsoft Azure confidential ledger. See how we’re adopting Microsoft Azure Resource Manager internally at Microsoft. Read how Microsoft Azure resource inventory is helping us manage our operational efficiency and compliance.]

Virtual software provisioning: Diverse organizational needs

All across Microsoft, teams generate infrastructure labs for many different reasons:

  • Support engineers replicate customer environments as accurately as possible to reproduce and troubleshoot issues.
  • Field engineers recreate common configurations for easier customer demos or collaboration.
  • Build engineers bulk-create virtual machines for load testing, then tear those labs down when their tests are done.
  • Employees create customized virtual machines they can use for daily work, which they can keep powered on for development or testing.

Manually spinning up and configuring these labs from scratch is time-consuming and resource-intensive for engineers. It also leaves their virtual machines vulnerable to security risks or dependent on lengthy reviews to ensure compliance.

“To create these labs, engineers used to set up the entire environment manually and put it through a review by our security team, so that was a really time-consuming process lasting up to three or four days,” says Vikram Dadwal, principal software engineering manager for MDEE’s Infrastructure and Engineering Services team. “To solve that issue for our engineers, we wanted to create a secure platform where they could rapidly provision those labs using Azure services, which helped them save time and reduce manual and repetitive tasks.”

The new service offering leveraged the cloud to prioritize security, compliance, reliability, and availability. It also focused on better performance, lower costs for Microsoft as a whole, and more efficient utilization of resources and capacity.

They called the solution MyWorkspace.

Creating a solution that’s cloud-based and compliant

MyWorkspace is a cloud-based provisioning engine that enables the rapid creation, configuration, and distribution of virtual infrastructure. It helps end users templatize any environment setup and use it to provision on-demand replicas securely and cost-effectively.

The tool combines several technologies across the Microsoft Azure stack. Azure Kubernetes Service runs all of MyWorkspace’s services, and it also leverages other Azure serverless offerings including Azure Functions, Azure Container Services, and Azure Logic Apps.

Azure Cosmos DB handles the data, and we use Azure Cache for Redis for our cache strategy. Finally, Azure SignalR Service enables real-time notifications and communications. Each of these components contributes to making MyWorkspace robust and easy to use, and they’re all readily available to customers who want to create a similar solution.

The tool streamlines the provisioning experience by allowing users to manage resource deployment and configuration in Microsoft Azure with a simplified UI. As a result, engineers can quickly spin up a pre-configured infrastructure stack to reproduce any number of environments for short-term or long-term lab setups.

Because it’s cloud-based, MyWorkspace naturally fosters resilience, high availability, and multi-geo presence. Meanwhile, baked-in security policies eliminate the need to submit every new virtual environment for individual security review.

Templatization is the real key to the tool’s success. Engineers and administrators have the ability to create templates from common virtual labs and add them to a Microsoft-wide library that colleagues can access as they carry out their own work.

As a result, what once took days now takes just a few clicks and a few minutes.

Elite customer service through the cloud

Our support engineers are the biggest MyWorkspace adopters. They frequently provision virtual labs that reflect our customers’ software setups in order to troubleshoot and work through issues.

“Every customer is different, and we can’t set up one single environment to service them all,” says Rick Andring, support escalation engineer for Microsoft OneDrive and SharePoint. “We reproduce customer issues daily, and we have to have clean environments that we can customize to each specific scenario.”

Business continuity for Microsoft customers is often on the line, so support teams face enormous time pressure. MyWorkspace provides the velocity they need to get to the root of a problem fast.

When a support escalation comes across the team’s desk, the process is straightforward. Andring or one of his engineers heads to the MyWorkspace dashboard, accesses the template library, loads up a template that reflects the situation, and the virtual lab is ready to go within an hour.

From there, the engineer simply troubleshoots within the environment until they reproduce the issue and can advise the customer. In complex cases, the support team can tag relevant product teams into their lab to help with more intensive fixes.

Once they’ve reached a successful outcome, the team can archive the solution in the template library for educational purposes or reuse on similar cases. They even have the power to share the template with other support teams to build competency and capacity across our organization.

Automation drives ease and efficiency

The ability to create templates out of real-world support situations is a powerful asset, so MDEE was intent on making that workflow as smooth as possible.

“Creating templates is actually very simple,” says Nathan Prentice, senior product manager with MDEE Infrastructure and Engineering Services. “Once we built the automation on the backend, an end user just has to select the workspace they’ve already configured and click ‘Create Template From’.”

In terms of virtual environment creation and management, every time I publish a new template, I save a week. Now scale that out: I publish four templates every six months at a minimum, so that’s a month or two of time savings a year.

—Rick Andring, support escalation engineer, OneDrive and SharePoint.

Prentice and Dadwal pose for a photo outside a Microsoft office.
Nathan Prentice (left) and Vikram Dadwal helped create MyWorkspace to streamline virtual device provisioning.

Of course, administrators within each business group have the ability to limit who can create templates and the degree of access they need. That helps less technical staff obtain exactly the level of depth they need to do their jobs while administrators can execute higher-level operations at speed.

As the administrator for his line of business, Andring’s most substantial time savings come from template creation. He’s eliminated much of the lag time associated with spinning up custom labs for each project.

“In terms of virtual environment creation and management, every time I publish a new template, I save a week,” Andring says. “Now scale that out. I publish four templates every six months at a minimum, so that’s a month or two of time savings a year.”

Automation also drives more efficient computing consumption. Administrators can set up rules that automatically terminate virtual labs if teams haven’t used them for predetermined lengths of time.

As a result, an engineer won’t leave a virtual environment running overnight by accident and waste valuable computing power and cost. That saves money and capacity, not to mention carbon emissions. Automations like these mean the average cost per workspace is down 30 percent in lines of business that leverage MyWorkspace.

Users can set up a substantial lab of 20 virtual machines in whatever configuration they want and then use Azure services to spin them up. What might have taken four to five days in the past now takes just minutes.

—Vikram Dadwal, principal software engineering manager, for MDEE Infrastructure and Engineering Services

A revolution in device provisioning

With more than 3,000 daily active users creating almost 7,000 workspaces and utilizing 60,000 virtual machines at any given time, MyWorkspace is quickly gaining traction across Microsoft. That’s not surprising considering the time savings the average user experiences.

“Users can set up a substantial lab of 20 virtual machines in whatever configuration they want and then use Azure services to spin them up,” Dadwal says. “What might have taken four to five days in the past now takes just minutes.”

As more and more lines of business bring MyWorkspace online, the benefits for our teams and the value it generates for our organization will continue to grow. But the most important outcome is providing speed, value, and excellence in supporting our customers through innovation in the cloud.

Key Takeaways

  • Start with low-hanging fruit for use cases and build complexity over time.
  • Prototype, pilot, and iterate while making partners of people whose standards you need to meet.
  • Encourage your users to voice their criticism as part of your development relationship.
  • Scaling is important: Use resilient services from the outset.
  • Security should always be a priority with cloud provisioning.
  • On the user side, build a relationship with a product team you trust to be decisive.

Related links

We'd like to hear from you!
Please share your feedback with us—take our survey and let us know what kind of content is most useful to you.

Recent