Managing the cost of AVD is vital for any organisation. Cloud cost can quickly spur if not monitored with the correct tools. AVD session hosts’ start and stop timings are vital in managing the cost of the VMs. There are a few options to automate the start and stop timings of the VMs.
- Standard in AVD & VM feature
- Automation account
- Logic apps
We will look at the first option, utilising the features in the Virtual machine and AVD. Automation accounts and Logic app usage can be customised and implemented based on the requirement, however, they both will add to the cost.
What are the features of AVD and VM and how do we utilise them to shut down and start the VM? You may think why don’t we use a script to automate within the operating system to manage this? We can also go down this route, however, we need the VM to be in the ‘deallocated’ state so we are not charged.
Shutdown session host
Virtual machines in Azure come with a standard shutdown time customisation option where a specific time in a particular time zone can be set.
Start session host
To start the AVD session host we will utilise the AVD host pool configuration. Enabling this will start the session host server when the first user tries to log in.
Pros and cons of this method
Pros
- Could improve staff productivity as some users might start early if they know it can be turned on anytime instead of waiting for a set time.
- It could save cost because when setting a start time for a VM always it will be about 15 minutes or 30 minutes before the actual start time of the users
- In a ‘depth-first’ load balancing environment, it assists in saving cost as the second VM will not start until the first session host server’s capacity is full.
- It will save the cost of using an automation account and logic app solution.
- Session hosts can be set to shutdown on a specific time
Cons
- It can be more costly than setting a specific time as many users would log on to their AVD as and when required which could leave the server running until the next scheduled shutdown.
- Worse case scenario, someone might log in just after the server has shut down which means it will be running until the next day’s shutdown time which can have a cost hike. A proper usage monitoring alert could assist in responding to issues like this.
Implementing the solution
The solution can be implemented in two steps, one of the important prerequisites is to have the AVD app in Azure to be permitted to perform the start/stop function of the power on VM contributor role at the subscription level. If you set it to resource group level or any other scope this will not work. So make sure you perform this at the subscription level.
Assigning the VM power on the role to the AVD app
- Sign in to the Azure portal.
- In the search box, enter Microsoft Entra ID and select the matching service entry.
- On the Overview page, in the search box for Search your tenant, enter the application ID 9cdead84-a844-4324-93f2-b2e6bb768d07.
- In the results, select the matching enterprise application, either Azure Virtual Desktop or Windows Virtual Desktop.
- Under properties, make a note of the name and the object ID. The object ID correlates to the application ID and is unique to your tenant.
- In the search box, enter Subscriptions and select the matching service entry.
- Select the subscription you want to add the role assignment to.
- Select Access Control (IAM), then select + Add followed by Add role assignment.
- Select the role you want to assign to the Azure Virtual Desktop service principal, then select Next.
- Ensure Assign access is set to Microsoft Entra user, group, or service principal, then select Select members.
- Enter the name of the enterprise application you made a note of earlier, either Azure Virtual Desktop or Windows Virtual Desktop.
- Select the matching entry from the results, then select Select. If you have two entries with the same name, select them both.
- Review the list of members in the table. If you have two entries, remove the entry that doesn’t match the object ID you made a note of earlier.
- Select Next, then select Review + Assign to complete the role assignment.
Enabling autostart for the first user
- Sign in to the Azure portal.
- In the search bar, enter Azure Virtual Desktop and select the matching service entry.
- Select Host Pools, then select the name of the host pool where you want to enable the setting.
- Select Properties.
- In the configuration section, you’ll see Start VM on Connect. Select Yes to enable it, or No to disable it.
- Select Save to apply the settings.
Additional guidance on the steps can be found in Microsoft documentation: https://learn.microsoft.com/en-us/azure/virtual-desktop/start-virtual-machine-connect?tabs=azure-portal