Self Service capability is a characteristic of private cloud computing and must be present in any implementation. The intent is to permit users to approach a self-service capability and be presented with options available for provisioning in an organization. The capability may be basic provisioning of a virtual machine with a pre-defined configuration or may be more advanced allowing configuration options to the base configuration and leading up to a platform capability or service.

This document is part of a collection of documents that comprise the Reference Architecture for Private Cloud document set. The Reference Architecture for Private Cloud documentation is a community collaboration project. Please feel free to edit this document to improve its quality. If you would like to be recognized for your work on improving this article, please include your name and any contact information you wish to share at the bottom of this page.

This article is no longer being updated by the Microsoft team that originally published it.  It remains online for the community to update, if desired.  Current documents from Microsoft that help you plan for cloud solutions with Microsoft products are found at the TechNet Library Solutions or Cloud and Datacenter Solutions pages.

1 Introduction 

The self-service capability is a critical business driver that enables members of an organization to become more agile in responding to business needs with IT capabilities to meet those needs in a manner that aligns and conforms with internal business IT requirements and governance.

This means the interface between IT and the business are abstracted to simple, well defined and approved the set of options that are presented as a menu in a portal or available from the command line. The business selects these services from the catalog, begins the provisioning process and is notified upon completion, the business is then only charged for what is actually used.

This is analogous to capability available on Public Cloud platforms.

The entities that consume self-service in an organization are individual business units, project teams, or any other department in the organization that has a need to provision IT resources. These entities are referred to as tenants. In a private cloud, tenants are granted the ability to provision compute and storage resources as they need them to run their workload. Connectivity to these resources is managed behind the scenes by the fabric management layers of the private cloud.

Tenant administrators are granted access to a self-service portal where they can initiate workflows to provision virtualized services in the appropriate configuration and capacity. For example, computing resources may be available in small, medium or large instance capacities and also storage of the appropriate size and performance characteristics. Resources are provisioned without any intervention from infrastructure personnel in IT and the overall progress is tracked and reported by the Operations and Management Layers and reported through self-service.

A chargeback model defines how tenants will be charged for using the private cloud resources. This is typically the numbers and size of resources provisioned times the amount of time they are provisioned. This information is available to tenant administrators through self-service reporting.

Tenants are granted the right to manage, monitor and report on the resources that they have provisioned.

2 Self Service and the Reference Architecture

This article covers Private Cloud Self Service detailing the common and advanced capabilities provided and the architectural concerns that must be taken into account in designing self-service features that will be made available to users of the self-service feature interfaces.

As stated in the introduction, self-service is a required characteristic of cloud computing models such as the NIST definition. The NIST definition defines five key characteristics that a cloud computing platform must exhibit. Two of these characteristics apply directly to self-service:

  • On-demand self-service - The consumer of the cloud service should be able to obtain cloud services (such as computer, memory, network and storage resources) using a self-service mechanism (such as a web portal) so that acquiring the service does not require human intervention by the Cloud Service Provider (CSP).
  • Metered services - Sometimes referred to as the “pay-as-you-go” model, the cloud solution must make it possible to charge the consumer of the cloud service an amount based on actual use of cloud resources. Resource usage is monitored, reported, and controlled by the CSP and by service policy, which delivers billing transparency to both the CSP and the consumer of the service.

Additionally, one other characteristic may apply when business requirements demand self-service capability extend to grant accessibility to a broad set of devices and form factors:

  • Broad network access - The cloud solution should be accessible from almost anywhere (when required) and also be accessible from multiple form factors, such as smartphones, tablet PCs, laptops, desktops, and any other form factor existing currently or in the future.

The extent of the capability provided at initial deployment and plans for future growth over time will define the self-service architecture concerns that must be taken into account during the design.

The Private Cloud Reference Architecture contains a Private Cloud Reference Model that defines several layers of the architecture that together expose the necessary interfaces to enable a complete self-service experience for users of the capability. These layers include the Operations Layer and the Management Layer. These layers manage or act upon the Infrastructure Layer in Infrastructure as a Service to fulfill requests made through a self-service interface. Additionally, the Service Delivery Layer influences or defines the policies and catalog of services provided by the Private Cloud platform and possibly offered through self-service.

2.1 Key Terms Applicable to Self Service

Before exposing the common and advanced capabilities for self-service there are several key terms that must be either defined or reviewed since they generally apply to all or most of the self-service capabilities and associated design concerns. These are:

2.1.1 Tenant

A tenant is an organization or user of the Private Cloud platform usually through the creation of an account or subscription. The onboarding of tenants will likely be defined by policy implemented and enforced by the Service Delivery Layer of the Reference Model. A tenant will have a tenant administrator role assigned to the tenant management artifact maintained by the platform. One or more users may be assigned the administrator role.

Tenants are responsible for all resources that have been provisioned by the Private Cloud platform on behalf of the tenant and generally, a metering or chargeback model exists to expose a cost structure assigned to each resource offered by the platform and chargeable to the tenant based upon usage.

2.1.2 Service

A service is a composition of resources offered by the platform and organized into a structure that forms an IT workload or capability required by the business owner or tenant. There may be many services owned by a tenant and multiple services may interoperate with each other to form higher levels of workload capabilities. Services may also be used to partition workloads into discrete units for deployment or upgrade within a site. Partitioning will likely also be used to enable fault domains that span sites or geographic regions.

2.1.3 Identity

Users of a self-service capability must uniquely identify themselves, also referred to as authentication. Once a user is authenticated that credential must be associated with a tenant and role. Roles have certain rights that have been assigned by the tenant administrator and rights define what actions are authorized to be performed on the platform by the tenant user.

Identity Management and Security are cross-cutting concerns across the Private Cloud Reference Architecture that define how a security identity principle is instantiated and propagated throughout the layers of the Private Cloud Reference Architecture during self-service requests.

2.2 High-Level Platform Capabilities

The Private Cloud platform chosen to implement the reference architecture will likely establish a baseline of self-service capabilities provided and more importantly the foundation of the design upon which it is based. One extreme may offer a fixed set of capabilities with limited integration points that provide for integrating the self-service capability with enterprise process workflows or extending the feature capabilities provided.

At the other extreme, a platform may provide a fully extensible set of capabilities that permit a high degree of integration, transparency and extensibility while fully integrated into the identity management framework of the platform.

The Self Service Capability is, therefore, a significant factor in deciding the platform selected for designing the Private Cloud Reference Architecture providing Infrastructure as a Service for an organization. The capabilities and design concerns may help the architect map the desired capabilities now and in the future to a platform providing an appropriate baseline.

3 Self Service Capabilities

In this section, various self-service capabilities will be outlined and categorized as either a common category likely to be found to conform to the cloud computing model requirements of On-demand self-service and Metered services or advanced category for those capabilities that enhance the user provisioning or IT platform management experience. Each capability will be aligned with one or more of the Private Cloud Reference Architecture Principles, Concepts, and Patterns.

3.1 Common Capabilities

3.1.1 Extend Functionality

Private Cloud computing platform vendors have partner relationships that provide enhanced capability integrated with the core platform. These capabilities are usually provided through well-defined integration points with the OperationsManagement, and Service Delivery Layers.

To fully realize a self-service capability to perform resource operations on enhanced hardware or software self-service must be extensible to manage these enhanced capabilities through industry standard management protocols.

Extensibility also enables the business IT organization to incorporate enterprise requirements or capabilities into the user experience that may not already be encoded into package or resource definitions.

While extensibility is not an explicit characteristic of cloud computing definitions, realistically a private cloud computing platform will likely be composed of hardware and software from multiple vendors and therefore common to self-service.

3.1.2 Lifecycle Domains or Partitions

Common software development lifecycles include development, test, staging, and deployment. In the context of private cloud development is:

  • The imaging process and configuration of computing resources.
  • The configuration of storage units, arrays, and volumes.
  • The configuration of networking end-points within the storage and network fabric of the private cloud.

Just as developers use models and tools to develop code, IT uses tools to configure and image resources that are appropriate to the cloud computing platform selected by the enterprise.

Testing of created resource artifacts includes verification that these artifacts conform to the business compliance standards as well as industry best practices and guidelines. Testing must occur in the runtime context of the actual private cloud computing platform to truly be an effective test of the artifact and fabric.

Staging permits the holistic composition of the package to be verified in the runtime context of the private cloud platform and deployment verification validates that a component will transition through the deployment lifecycle stages selected by the tenant through self-service.

Self-service, therefore, must provide the ability to partition and visualize the lifecycle domains that host resources and workloads as they transition through each stage of the lifecycle.

3.1.3 Package Selection

Packages are resource definitions that have been pre-defined or configured by IT to conform to enterprise compliance standards and practices. These packages may then be selected by the user from a catalog or package library to provision or include into a larger service deployment definition.

Packages may be simple compute resource definitions that leverage several available operating systems configurations that have been selected and validated by IT and storage resources to provision storage in configurations commonly used in the enterprise.

They may also be more complex such as building out complete farms of resources that conform to IT business and industry practices. These complex definitions may also include workloads in approved configurations.

Packages should define their capabilities and limitations. A package that provisions a single instance compute resource or storage without redundancy should be shown so the user may configure additional capability to the service if desired.

Users can be assured that packages appearing in the selection conform to the enterprise IT standards and practices and IT is assured that package creation is guided by the Private Cloud Reference Architecture Service Delivery Layer software delivery lifecycle and change management practices.

3.1.4 Reporting

Self-Service reporting capabilities include several aspects that span the OperationsManagement and Service Delivery Layers of Private Cloud Infrastructure as a Service. These are guided either by cloud computing models or the Private Cloud Reference Architecture. Included are:

  • User and Tenant Profile and Activity – Tenants have users associated with them and these users will likely have business unit classification attributes such as location, role and contact information that should be reported through self-service. Similarly, context about the tenant and subscriptions owned should be available through self-service.
  • Resource Quotas – Quotas assigned to tenant generally assigned to a subscription during onboarding.
  • Resource Usage – The actual resource usage and comparison against quota gathered from the Management Layer and reported in agreed cycles or near real-time. Usage is reported in units appropriate to the resource type and may be used to calculate the cost.
  • Chargeback and Billing – Information used to bill a tenant-owner or provide chargeback detail to the tenant organization is reported detailing the costs of resource unit usage.
  • Health – The health of resources, services, and workloads. These include alerts and remediation tasks.
  • Lifecycle – The status of Service Delivery process requests gathered from the Service Delivery Layer and the status of jobs reported from the Operations and Management Layers.
  • Notification Integration – The ability to integrate reporting with a message capability to enable tenant users to notify themselves or other staff of platform events.

3.1.5 Resource Management

Compute, storage and network instances in a private cloud are resources managed by the Operations and Management Layers of the private cloud. Tenants interact with these layers through self-service.

Compute resources may be created and deleted. These operations trigger the Operations Layer to allocate or de-allocate a computing resource within the private cloud Resource Pool.

Compute resources may be configured, upgraded or migrated. These operations cause the Operations and Management Layers to orchestrate configuration, upgrade or migration processes on an allocated compute resource resulting in an instance that has been sized and configured according to the package specification or resource request.

Compute resources may be associated with a Physical Fault Domain and Upgrade Domain. And lastly, compute resources may be stopped and started.

Storage resource instances compose units that present storage capacity to services with characteristics such as size, an allocation unit, speed, availability, and redundancy. Storage resources may also be allocated, de-allocated, configured, enabled and disabled guided by Operations and Management Layer orchestration.

Self-service must clearly expose the effects of resource operations on higher level fault domains, services, and workloads. For example, stopping a compute instance within a multi-instance service will impact the resilience of the service and of course stopping a single instance resource will result in failure of the fault domain and the service or workload if no other fault domains exist.

Resources and management of resources are the essence of Private Cloud Infrastructure as a Service and therefore all Private Cloud Principles, Concepts, and Patterns apply however these are key that the architect must consider in their design of self-service resource management:

3.1.6 Tenant Administration

Common tenant administration capabilities include those provided to the user acting on behalf of the tenant to perform tasks on the platform. The Private Cloud Reference Architecture Principle of Create a Seamless User Experience requires that as users of the platform traverse capabilities provided by the Operations, Management and Service Delivery Layers that the experience be seamless and appear to follow a consistent logical flow within the execution of a task.

The Private Cloud Reference Architecture Concept of Multitenancy requires that tenants must have an expectation and assurance that artifacts exposed through self-service are tenant specific and secure. When tenant services connect with services owned by other tenants’ only information relevant to the service connection end-point may be exposed.
Depending on platform capability a tenant may own multiple subscriptions and resources managed under each subscription must be clearly indicated to avoid accidental service disruption, exposure of sensitive data and chargeback errors.

The principle of Incentivize Desired Behavior also has design implications on self-service tenant administration as the subscriptions managed by each tenant will have associated platform quotas that guide the user in designing their services. Tenant administration should clearly expose when service definitions would exceed the established quota at design time and ongoing during the runtime of services.

3.1.7 User Authentication

The authentication of users is generally validated against an enterprise authentication store or secure token authority and self-service must provide a means of accessing and presenting an appropriate secure means to gather the users credential for validation. The cloud computing required characteristic of broad network access implies a wide number of use case scenarios for the architect to consider if enabling self-service in a broad manner is a goal of the enterprise.

3.2 Advanced Capabilities

3.2.1 Package Authoring

Packages that are exposed to tenant users must be authored, tested and deployed. An advanced capability of self-service enables IT staff to author the composition of packages that range from simple to complex and validate those definitions against business and industry best practices.

The authoring of packages must be tightly integrated into the enterprise software development lifecycle and change management processes defined by Service Delivery.

Rigorous testing of package definitions by IT on the private cloud staging environment is essential to providing a selection of package definitions that meet the requirements of the Private Cloud Reference Architecture Principle and Concept of Predictability.

3.2.2 Scheduling

The ability to schedule management and operations activities is a highly desired capability but not one that is necessary to fulfill the requirements for cloud computing. The architect will want to consider including scheduling capabilities into their design to enable users and IT to manage resources during off-peak times.

Scheduling should not be associated with an ability to accommodate seasonal or unexpected growth and contraction of service workload capability as this is inherent in a private cloud vs. a highly virtualized environment. Cloud computing models require that the cloud platform provide Rapid Elasticity and the Private Cloud Reference Architecture Principle of Perception of Infinite Capacity and Concept of Elastic Infrastructure set the private cloud apart from a traditional highly virtualized infrastructure.

The ability to schedule is used in the normal IT management processes defined by Service Delivery to maintain private cloud host and resource infrastructure.

3.2.3 Workload Integration

The integration of workloads such as messaging and collaboration into the self-service experience is out of scope since this series is focused on Private Cloud Infrastructure as a Service. However, since Infrastructure as a Service forms the foundation of higher-level service cloud models such as Platform as a Service and Software as a Service the architect would likely consider the needs of these layers in designing their organizations Private Cloud Self-Service capability.

3.2.4 Tenant Administration

An advanced capability of self-service may include the ability to onboard new tenants. This capability would be available only to tenant administrators and the architect must decide if onboarding of tenants through the platform self-service interfaces are desired.

The principle of Minimize Human Involvement could be extended into this domain allowing the onboarding of tenants in an automated manner that is integrated into a higher level IT process management workflow.

4 Design Concerns

This section outlines some design concerns that the architect will need to consider when designing a Private Cloud Self-Service capability for their organization. These concerns may already have been either addressed or constrained by the private cloud platform selected for the organization.

4.1 Access Control

Identity Management was briefly touched on in the Key Terms section above and here Identity Management will be expanded upon and connected to overall access control in private cloud self-service.

Every enterprise will already have a security authorization platform in place that a Private Cloud Infrastructure as a Service will leverage. The authorization platform would authenticate the user and return a user credential token that the private cloud would use to assign rights that may be performed on the private cloud infrastructure and accomplished through self-service.

Note it is also possible that the authorization platform may also return characteristics that the private cloud infrastructure could map into internal rights. For instance, a user authorization token that returns a characteristic of the administrator may be mapped certain administrative roles on the private cloud infrastructure. It’s very likely that this assignment would not be inherited but rather must be explicitly defined.

Once a user is authenticated the private cloud self-service platform must map and maintain a binding of users to roles on the private cloud. Roles such as Administrator, Service Author, and Operator may exist as will other roles within the organization.

The private cloud self-service platform must then map and maintain rights that may be performed on the platform to authorization roles.

The access control artifacts then become defined as:

  • Users – are unique credentials authorized by a secure enterprise authority.
  • Roles – define the canonical list of rights associated with a role.
  • Rights – define the activities a role may be performed on the platform.

4.2 Representing Scale

Tenants may have a large number of subscriptions with each subscription potentially containing a large number of services and those services containing a large number of resources. Further, each service may be partitioned into multiple fault domains and lifecycle domains.

This leads to a significant number of objects that must be presented through self-service that the platform provider and architect will need to consider.

Today the industry has been converging on a combination of tree-views and container objects to represent common elements of the infrastructure. For example, a production deployment may contain a large number of instances that could be represented in a tree-view or container enabling the tree or container to be expanded and collapsed when management operations are performed.

4.3 Self-Service Scripting

Self-Service is usually associated with some form of visual management console that would enable self-service over a wide set of presentation form factors using industry standard network delivery protocols.

However, there are use cases that demand automation for self-service activities that are repeated often or integrated into an enterprise process workflow.
Therefore a design constraint that architects should consider in their platform selection and design of custom self-service capabilities is that all self-service operations must be scriptable and available from the command line.

Ideally, self-service graphical interfaces should leverage the command line interfaces where applicable support is provided by the platform to reduce development and testing effort.

5 Summary

Self-Service in a provide cloud is a win-win scenario for both consumers of the private cloud and enterprise IT.

Users gain the agility they require in responding to new or changing business needs while empowering users to make decisions based on need contrasted with resources available to the organization. Transparent visibility into timing and costs enable users to make business decisions quickly and reliably.

IT gains confidence that users may deploy new services as needed using proven and approved practices developed and tested in the organization. IT is freed to develop new innovative services that leverage private cloud computing capabilities instead of spending time and resources responding to daily requests for common services.

6 Discuss Private Cloud Self-Service

Have a question about the design and implementation of a Private Cloud Self-Service Capability?
Join the Self-Service discussion forum at