How to power on your Windows Virtual Desktop personal VM from the comfort of your bed.

What's you're morning routine?

Wake up, rub eyes, grab phone, read news.
Do you start your Windows Virtual Desktop Session host from that phone?  - No?

Well now you can.

The Microsoft Cloud service gives you many services that you can make full use of, and many you can combine together to provide combined capability not previously possible.

Windows Virtual Desktop is our Virtual Desktop service running on Azure. Azure provides the capability to only pay per second that the Virtual Desktop is actually powered on, allowing you to reduce your costs and guarantee you are not paying for the VM when it's not in use.

We can also use a variety of other Microsoft Cloud services to do this.

What's the use case here?

In our global Windows Virtual Desktop platform there are two host pool types, Pooled and Personal. Pooled is designed for our multi-session operating systems (Windows 10 Multi Session & Windows server 2012+ with RDS). Multiple users log in at the same time to any VM in the pool.

Personal host pools are typically for single session operating systems and each VM is assigned to a user, either at first logon, known as automatic assignment which is the default or can be directly assigned ahead of time.

Of all our host pools globally, Personal host pools make up for approximately 40% of these.

Personal host pools are typically more expensive than their multi-session sibling. This is simply due to the fact you need a VM per user, as opposed to multiple users sharing a multi-session VM in a pooled host pool. Now Personal VM's do tend to be smaller than Pooled VM's but even with that at scale the costs of Personal are typically more than Pooled. 

This problem is made worse if those VM's are set to Pay As You Go and they are either powered on and not in use for periods of time resulting in wasted costs or not powered off at all.

So how do you power off these types of VM's in order to reduce your costs?

We have a number of tools.

Firstly we have an Autoscaling Tool using an Azure Automation account and an Azure Logic App. This however only works for Pooled host pools at this point in time.

You can also configure power off schedules using either Azure Automation using the Start/Stop feature. Or the auto-shutdown feature in the Azure Portal.

The problem in this Windows Virtual Desktop use case is both of those will simply power off the VM at a given time, regardless of if a user is busy working on that VM. This will cause potential data loss, and seriously poor user experience for your service, by preventing them to work late.

Also, there is no auto-power "on" feature via the portal. This can be achieved with the Start/Stop feature but the problem here is you might power it on at 08:00 but what if the user doesn't start until 09:00 or is only working in the afternoon today etc? You are paying for that time the VM is powered on and is a waste up until the user logs in and actually makes use of the VM.

So accurately scheduling this becomes a problem and any schedule will be inflexible for any users who don't work absolutely rigid hours.

So what is the solution?

The solution is to give the power to start and stop the VM to the actual user, this will mean they can power it on exactly when they need it, and power it off only when they have decided they have finished with it. This means no wasted costs having the VM on and waiting, and no poor user experience to have the VM auto-shutdown whilst it's in use.

Doing this by providing the user RBAC access to their VM and asking them to sign into the Azure portal and power it on before they start work is a poor user expereince. So is there another way?

This is where other Microsoft Cloud services come in. In this instance we are going to make use of Microsoft Power Automate (formerly Flow) and PowerApps.

Microsoft Power Automate is our cloud service to automate repetitive tasks, and PowerApps is another cloud service to build simple no-code or low-code applications.

So what does this look like?

This quick video shows you the user experience next to the Azure portal for reference. You will see the VM is Deallocated. The right hand side shows the user experience with the mobile application. The VM is started and this is reflected in the Azure portal. My Flow sends out a couple of alerts just as examples: the first is a mobile notification the second is a standard email. Then the user is free to launch their session, not best represented on a mobile, but they would normally have connected from something with a bigger screen - but it proves the point.

This is ideal for the Developer VDI use case, IT staff or any knowledge worker with their own personal session host who is comfortable with installing an app on their phone and clicking some buttons to manage their own VM.


So let's see how to set this up.

Let's work right to left in this diagram. We will assume you know how to create a Windows Virtual Desktop deployment and have your personal host pool set up with at least one VM in it.

So let's start with creating the two Flows to Start and Stop the VM.
Go to flow.microsoft.com. Once signed in, on the left hand side go to My flows.


Click on + New, and select + Instant-from blank


Give you're Flow a name and select the PowerApps trigger:


Click on Create
You now have a flow with just a PowerApps trigger, now we will add our automation to this flow.
Click on + New Step

In the Choose an action field type http:

In the resulting screen in the Method drop down box select "POST" as we will be posting a Start command to the Azure compute REST API below:

So now we need to go and grab the correct URI for the VM in question. To do this go to the Azure Compute REST API reference doc

Note: this is the Azure Compute REST API not the Windows Virtual Desktop REST API. The Windows Virtual Desktop session hosts are Compute objects not WVD objects. WVD objects such as Workspaces, Application Groups and Host pools are WVD objects and would use the WVD REST API

Scroll down and click on "Start"

If you know what you are doing you can just copy the HTTP operation directly and modify it to reference your VM:

If not we make this slightly easier. On the top right click on Try it. This will ask you to login to Azure.

Once signed in it will show you the REST API Try it window. Fill in the 'resourceGroupName*' field with the Resource group this VM is in, and put the name of the VM in the 'vmName*' field.



You will now see in the Request Preview field the full HTTP request has been populated with your Resource Group and VM name. Scroll to the right to check both the resource group and the VMName have been inserted, if not you can do this when you copy and paste the text, later.

You could test this by clicking on Run, but we won't as you will no doubt have powered on Azure VM's before. Instead we just need to copy it. 

In the first line copy everything after POST, just the URI.

Now go back to Flow and paste into the URI field:



Make sure the Resource Group and VM Name were populated correctly and appear correctly in the URI field, if not, manually correct them here.

We now need to authenticate this flow to Azure in order to complete the action. We will authenticate with a Service Principle to your Azure subscription. You can use an existing one or create a new one just for this purpose. When you create the Service Principle create a new secret and copy it.

Click Show advanced options and in the *Authentication field drop down click on Active Directory OAuth

Enter your Azure AD Tenant ID
The Audience is https://management.azure.com.
Enter the Client ID for your Service Principle.
In Credential Type select Secret
Paste in your Service Principle Secret into the Secret field.


Click on Save at the bottom.

We can also add an action to notify the end user that the VM has been powered on correctly. There are a whole raft of actions you can take like sending a Microsoft Teams message, a text message or a mobile notification etc. In this example we will send a simple email.

Back in the Flow designer Click on + New Step

In the Search connectors and actions type 'Send an email'. In here you could also type SMS, Teams, Notifications etc or browse all available actions.

Click on Send an email (V2)

Enter a recipient a Subject and Body of your email


Click on Save.

You can check for any errors by clicking on Flow Checker in the top right


You can also test this is all working by click on Test, selecting "I'll perform the trigger action"

Then click on Run flow. This should power on your VM in Azure.

Now go back to "My Flows" and we will create a new Flow to Deallocate the VM. Follow the same steps as above, but name it something like "Stop My WVD". Plus you will need to grab the Deallocate REST API. Back in the Compute REST API reference doc click on "Deallocate".

Copy out the URI once you have selected the same resource group and VM name as before. Notice at the end of the URI it uses "deallocate"

Complete the HTTP action with the same details as previously


Before moving to PowerApps now is a good time to test both of these flows.

Back in the My flows section hover Start my WVD and click on the Run button



Then click on Run Flow. This should Start you're VM. Repeat this for the Stop My WVD Flow.

Once confirmed both are working lets create the Power App so we can do this from a mobile phone.


Go to powerapps.microsoft.com and sign in.

On the Power Apps canvas click on + Create and select Canvas app from blank


Give your Power App a name. This app will appear in the list of PowerApps you can run as well as the mobile app on your phone, select the correct Format for your use case

Click on Create

This will take you to a blank canvas. This is where you add buttons logos text or other items


In my case I add a text header, two buttons for the Start and Stop buttons we link to the two Flows and the WVD logo.

Click on "Add an item from the insert pane". This will show you items you can add to this canvas


Click on Text Label and enter your text

And add two buttons. Modify the Text and colours if need be using the controls on the right.


To make these buttons start the two Flows we have created, first select the "Start" button, then click on the Action tab at the top and then Power Automate button


This will show you your Flows. Select Start My WVD


After it finishes adding the Start flow, go to the formula bar at the top and enter a closing bracket ")" at the end of the function text

Repeat this for the Stop button and the Stop Flow

To add a logo which could by your corporate logo click on the Media button on the left


Click on Upload and browse for your logo file, and once uploaded drag to your canvas.

Your canvas should look something like this

You can test this Power App and its interaction with your Flows by clicking on Run at the top right

This will bring your canvas app as a full page. Click on Start (if it already stopped) and once your VM is running click on Stop. Click on the X at the top right. 

Click on File and Settings, in here you can modify the name, colour and logo of the App itself as it will be seen on the mobile device.


 

Click on the Browse on the right and find your logo you would like and this will change in the Icon preview. Make any other visual changes you want to the application here.

Once you are happy click on Save

In the Save as option select "The Cloud" not "This computer", this will enable you to find it from your phone.


Click on Save 

This has published it to the cloud, only you can run this Power App at this point. You can share it with other people by clicking on Share, but beware that they could then manage this VM's power state - more on that later.

When you make subsequent changes to the application and save it you will see the "Publish" dialog. This will publish this new version to the cloud so that any users of it will get the latest version.

You have now created two Flows and called them from a Power App.


The next step is to get this Power App onto your phone.

On your phone in open your Application Store and search for Power Apps. This is using iOS

Install this app and sign in with your same credentials.

Once PowerApps is installed, open the App and you will see your app in the list:



Click on the ellipse to the right , and Pin to Home


Then tap Add to Home Screen


And finally Add


On you home screen you will have what looks like an iOS app


Which will launch and look like the original canvas application created earlier


And as we have already tested, these buttons will now allow you to start and stop your Windows Virtual Desktop Session Host VM at anytime from anywhere from your mobile phone.


Some things to note here. This one application will only launch the one VM listed in the API, so is not very scalable. There are a couple of options.

For a Personal host pool with multiple assignments you just need to run the following PowerShell command:

Get-AzWvdSessionHost -ResourceGroupName  -HostPoolName | fl Name, AssignedUser

This will list each VM name and the assigned user, and IT can create an app per user. This is still not largely scalable, hence the next action is to make this app dynamic and add an action into the Flow that will grab the username and the assigned VM name from the Windows Virtual Desktop API and populate it when the Flow runs -watch this space

Also this is actually not a Windows Virtual Desktop service as we are just calling the standard Azure compute REST API, and this has no support from Windows Virtual Desktop within Microsoft support.

This also shows you a tiny element of the capabilities within both Microsoft Power Automate and Power Apps both of which you could make more use to automate a massive number of repetitive tasks outside of starting VM's that could add value and save time within your organisation.

Comments

  1. This is great @Tom!
    Any plan for the flow implementation in near future, which can grab the VM base on the users assigned VM? (A dynamic implementation of VM selection based on the username -specifically in the scenario of host pool type personal with direct assignment)

    ReplyDelete
  2. Yes indeed, there is a piece of work in WVD underway to enable this.

    ReplyDelete
  3. Hi Tom, thanks for write such a nice article.

    ReplyDelete
  4. Thanks Tom for the article, is it possible to add status(running or stopped) of the VM in the same APP?

    ReplyDelete
  5. Nicely explained Tom, thank you.

    ReplyDelete
  6. This is a wonderful article, Given so much info in it, These type of articles keeps the users interest in the website, and keep on sharing more. SimFront

    ReplyDelete
  7. Tom, any luck getting the app to grab the assigned WVD based off user? We like this solution but would have to create 30+ of them. I would be interested in seeing status as well like starting, started, stopping, stopped. Guess I need to dig in to Power Apps and Flow.

    ReplyDelete
  8. Hi Tom, Wanted to know how to see the VM status on the same screen.
    How about in case of large environment where you have more than 1000+ machines how can we make use of this powerapp

    ReplyDelete
  9. This is great piece of article on windows virtual. Thanks for sharing with us.

    ReplyDelete

Post a Comment

Popular posts from this blog

Reassign a WVD Personal Session Host

AVD and Azure Active Directory Domain Join public preview

How to deploy a Windows Virtual Desktop host pool using Infrastructure as code from Azure DevOps