Configuring Self-Service in VMM Overview
Updated: May 13, 2016
Applies To: System Center 2012 SP1 - Virtual Machine Manager, System Center 2012 R2 Virtual Machine Manager, System Center 2012 - Virtual Machine Manager
In Virtual Machine Manager (VMM), self-service user roles provide a way for self-service users to create, deploy, and manage virtual machines as well as services in a private cloud.
VMM offers multiple self-service features, in the following categories:
Actions That Self-Service Users Can Take: Self-service users now deploy their virtual machines and services to private clouds. They can create their own templates and profiles. They can also create virtual machines from building blocks such as virtual hard disks (VHDs) rather than just templates.
Ways That Self-Service Users Can Work with the Interface: Self-service users can use the VMM console or the VMM command shell (instead of having to use a portal). Also, a person who is a member of more than one user role can open a second VMM session to operate under a different user role, and then switch between sessions as needed.
Ways That Resources and Run As Accounts Can Be Made Available to Self-Service Users: More types of library resources, including virtual machine templates, service templates, and multiple types of profiles, can be assigned to a self-service user role. Resources can be shared between self-service user roles if an administrator assigns the Share and Receive actions to self-service users. Also, an administrator can assign Run As accounts (to provide credentials) to the user role of a self-service user.
The following sections provide more details about these additions and enhancements.
As of VMM in System Center 2012, self-service users can take additional actions, compared to previous versions. The following list provides details:
As of VMM in System Center 2012, self-service users deploy their virtual machines and services to private clouds. This is a change from earlier versions of VMM, in which self-service user roles are assigned host groups, and virtual machines are deployed automatically (and transparently) to the most suitable host in the host group. A private cloud consists of one or more host groups that provide computing capacity and disk resources to self-service user roles. A private cloud can be assigned to multiple self-service user roles. Role-level quotas on each self-service user role that has the private cloud within its scope are used to allocate computing capacity and other storage within the cloud. Member-level quotas set individual limits for self-service user role members.
During virtual machine and service deployment in VMM, self-service users view a simplified placement map that shows the private cloud that their virtual machine or service will be deployed to. If the self-service user role has more than one private cloud within its scope, users select the appropriate cloud before placement runs.
Self-service users can create their own templates and profiles. The Author action for a self-service user role grants self-service users authoring rights. Users with authoring rights can create hardware profiles, guest operating system profiles, application profiles, SQL Server profiles, virtual machine templates, and service templates.
Self-service users can create virtual machines from building blocks such as virtual hard disks (VHDs) rather than just templates. In VMM 2008 R2, self-service users were allowed to create virtual machines only from existing templates that an administrator assigned to their self-service user role. As of VMM in System Center 2012, you can require users to use templates by granting the Deploy (From template only) action. However, to enable self-service users to create virtual machines from building blocks such as VHDs, you can add the Deploy action to the self-service user role. That action allows self-service users to create virtual machines from the VHDs that they have access to. Both the Deploy action and the Deploy (From template only) action extend the virtual machine creation capabilities for self-service users to include service creation.
As of VMM in System Center 2012, self-service users can work with the interface in the following ways:
Self-service users can use the VMM console or the VMM command shell to create and manage their own virtual machines and services. In the VMM console, self-service users can view status, resource usage, jobs, and PRO tips (by permission only) for their own virtual machines and services. They can view available capacity and quota usage within their assigned private clouds, but they cannot see host groups, hosts, library servers and shares, or network and storage configurations.
For customers who are using self-service in VMM 2008 R2 and who migrate to System Center 2012 – Virtual Machine Manager, System Center 2012 – Virtual Machine Manager provides backward compatibility for existing self-service user accounts through an updated version of the VMM Self-Service Portal. The updated portal supports capabilities provided in the legacy self-service user roles but will not support new self-service capabilities in System Center 2012 – Virtual Machine Manager.
As of System Center 2012 Service Pack 1 (SP1), the VMM Self-Service Portal has been removed. If you need a self-service portal solution, we recommend that you use App Controller. For more information, see App Controller.
While working in the VMM console, a person who is a member of more than one user role can open another VMM session to operate under a different user role by using the Open New Connection action, and can then switch between VMM sessions by using the Taskbar or CTRL+TAB.
As of VMM in System Center 2012, a self-service user who belongs to more than one self-service user role must choose one self-service user role for each VMM session. This is different than in VMM 2008 R2, which allows a self-service user who belongs to more than one self-service user role to choose which self-service user role to use when creating or deploy a virtual machine within a VMM session.
As of VMM in System Center 2012, resources and Run As accounts can be made available to self-service users in the following ways:
To support application deployment and the additional profiles and templates associated with service creation, more types of library resources can be assigned to a self-service user role as of VMM in System Center 2012. Self-service user roles can be assigned hardware profiles, guest operating system profiles, virtual machine templates, application profiles, SQL Server profiles, and service templates.
In VMM, resources can be shared between self-service user roles. The Share action allows user role members to share resources that they own with members of self-service user roles that allow the Receive action. Sharable resources include hardware profiles, guest operating system profiles, virtual machine templates, application profiles, SQL Server profiles, service templates, virtual machines, and services.
In VMM, the credentials for application, virtual machine, and service deployment are provided by Run As accounts. An administrator assigns Run As accounts to the user role of self-service users to provide the credentials that the users need to deploy their virtual machines and services.