This article is contributed. See the original author and article here.
Introduction
As generative AI’s adoption rapidly expands across various industries, integrating it into products, services, and operations becomes increasingly commonplace. However, it’s crucial to address the environmental implications of such advancements, including their energy consumption, carbon footprint, water usage, and electronic waste, throughout the generative AI lifecycle. This lifecycle, often referred to as large language model operations (LLMOps), encompasses everything from model development and training to deployment and ongoing maintenance, all of which demand diligent resource optimisation.
This guide aims to extend Azure’s Well-Architected Framework (WAF) for sustainable workloads to the specific challenges and opportunities presented by generative AI. We’ll explore essential decision points, such as selecting the right models, optimising fine-tuning processes, leveraging Retrieval Augmented Generation (RAG), and mastering prompt engineering, all through a lens of environmental sustainability. By providing these targeted suggestions and best practices, we equip practitioners with the knowledge to implement generative AI not only effectively, but responsibly.
Image Description: A diagram titled “Sustainable Generative AI: Key Concepts” divided into four quadrants. Each quadrant contains bullet points summarising the key aspects of sustainable AI discussed in this article.
Select the foundation model
Choosing the right base model is crucial to optimising energy efficiency and sustainability within your AI initiatives. Consider this framework as a guide for informed decision-making:
Pre-built vs. Custom Models
When embarking on a generative AI project, one of the first decisions you’ll face is whether to use a pre-built model or train a custom model from scratch. While custom models can be tailored to your specific needs, the process of training them requires significant computational resources and energy, leading to a substantial carbon footprint. For example, training an LLM the size of GPT-3 is estimated to consume nearly 1,300 megawatt hours (MWh) of electricity. In contrast, initiating projects with pre-built models can conserve vast amounts of resources, making it an inherently more sustainable approach.
Azure AI Studio‘s comprehensive model catalogue is an invaluable resource for evaluating and selecting pre-built models based on your specific requirements, such as task relevance, domain specificity, and linguistic compatibility. The catalogue provides benchmarks covering common metrics like accuracy, coherence, and fluency, enabling informed comparisons across models. Additionally, for select models, you can test them before deployment to ensure they meet your needs. Choosing a pre-built model doesn’t limit your ability to customise it to your unique scenarios. Techniques like fine-tuning and retrieval augmented generation (RAG) allow you to adapt pre-built models to your specific domain or task without the need for resource-intensive training from scratch. This enables you to achieve highly tailored results while still benefiting from the sustainability advantages of using pre-built models, striking a balance between customisation and environmental impact.
Model Size
The correlation between a model’s parameter count and its performance (and resource demands) is significant. Before defaulting to the largest available models, consider whether more compact alternatives, such as Microsoft’s Phi-2, Mistral AI’s Mixtral 8x7B or similar sized models, could suffice for your needs. The efficiency “sweet spot”—where performance gains no longer justify the increased size and energy consumption—is critical for sustainable AI deployment. Opting for smaller, fine-tuneable models (known as small language models—or SLMs) can result in substantial energy savings without compromising effectiveness.
Model Selection
Considerations
Sustainability Impact
Pre-built Models
Leverage existing models and customise with fine-tuning, RAG and prompt engineering
Reduces training-related emissions
Custom Models
Tailor models to specific needs and customise further if needed
Higher carbon footprint due to training
Model Size
Larger models offer better output performance but require more resources
Balancing performance and efficiency is crucial
Improve the model’s performance
Improving your AI model’s performance involves strategic prompt engineering, grounding the model in relevant data, and potentially fine-tuning for specific applications. Consider these approaches:
Prompt Engineering
The art of prompt engineering lies in crafting inputs that elicit the most effective and efficient responses from your model, serving as a foundational step in customising its output to your needs. Beyond following the detailed guidelines from the likes of Microsoft and OpenAI, understanding the core principles of prompt construction—such as clarity, context, and specificity—can drastically improve model performance. Well-tuned prompts not only lead to better output quality but also contribute to sustainability by reducing the number of tokens required and the overall compute resources consumed. By getting the desired output in fewer input-output cycles, you inherently use less carbon per interaction. Orchestration frameworks like prompt flow and Semantic Kernel facilitate experimentation and refinement, enhancing prompt effectiveness with version control and reusability with templates.
Retrieval Augmented Generation (RAG)
Integrating RAG with your models taps into existing datasets, leveraging organisational knowledge without the extensive resources required for model training or extensive fine-tuning. This approach underscores the importance of how and where data is stored and accessed since its effectiveness and carbon efficiency is highly dependent on the quality and relevance of the retrieved data. End-to-end solutions like Microsoft Fabric facilitate comprehensive data management, while Azure AI Search enhances efficient information retrieval through hybrid search, combining vector and keyword search techniques. In addition, frameworks like prompt flow and Semantic Kernel enable you to successfully build RAG solutions with Azure AI Studio.
Fine-tuning
For domain-specific adjustments or to address knowledge gaps in pre-trained models, fine-tuning is a tailored approach. While involving additional computation, fine-tuning can be a more sustainable option than training a model from scratch or repeatedly passing large amounts of context via prompts and organisational data for each query. Azure OpenAI’s use of PEFT (parameter-efficient fine-tuning) techniques, like LoRA (low-rank approximation) uses far fewer computational resources over full fine-tuning. Not all models support fine-tuning so consider this in your base model selection.
Model Improvement
Considerations
Sustainability Impact
Prompt Engineering
Optimise prompts for more relevant output
Low carbon impact vs. fine-tuning, but consistently long prompts may reduce efficiency
Retrieval Augmented Generation (RAG)
Leverages existing data to ground model
Low carbon impact vs. fine-tuning, depending on relevance of retrieved data
Fine-tuning (with PEFT)
Adapt to specific domains or tasks not encapsulated in base model
Carbon impact depends on model usage and lifecycle, recommended over full fine-tuning
Deploy the model
Azure AI Studio simplifies model deployment, offering various pathways depending on your chosen model. Embracing Microsoft’s management of the underlying infrastructure often leads to greater efficiency and reduced responsibility on your part.
MaaS vs. MaaP
Model-as-a-Service (MaaS) provides a seamless API experience for deploying models like Llama 3 and Mistral Large, eliminating the need for direct compute management. With MaaS, you deploy a pay-as-you-go endpoint to your environment, while Azure handles all other operational aspects. This approach is often favoured for its energy efficiency, as Azure optimises the underlying infrastructure, potentially leading to a more sustainable use of resources. MaaS can be thought of as a SaaS-like experience applied to foundation models, providing a convenient and efficient way to leverage pre-trained models without the overhead of managing the infrastructure yourself.
On the other hand, Model-as-a-Platform (MaaP) caters to a broader range of models, including those not available through MaaS. When opting for MaaP, you create a real-time endpoint and take on the responsibility of managing the underlying infrastructure. This approach can be seen as a PaaS offering for models, combining the ease of deployment with the flexibility to customise the compute resources. However, choosing MaaP requires careful consideration of the sustainability trade-offs outlined in the WAF, as you have more control over the infrastructure setup. It’s essential to strike a balance between customisation and resource efficiency to ensure a sustainable deployment.
Model Parameters
Tailoring your model’s deployment involves adjusting various parameters—such as temperature, top p, frequency penalty, presence penalty, and max response—to align with the expected output. Understanding and adjusting these parameters can significantly enhance model efficiency. By optimising responses to reduce the need for extensive context or fine-tuning, you lower memory use and, consequently, energy consumption.
Provisioned Throughput Units (PTUs)
Provisioned Throughput Units (PTUs) are designed to improve model latency and ensure consistent performance, serving a dual purpose. Firstly, by allocating dedicated capacity, PTUs mitigate the risk of API timeouts—a common source of inefficiency that can lead to unnecessary repeat requests by the end application. This conserves computational resources. Secondly, PTUs grant Microsoft valuable insight into anticipated demand, facilitating more effective data centre capacity planning.
Semantic Caching
Implementing caching mechanisms for frequently used prompts and completions can significantly reduce the computational resources and energy consumption of your generative AI workloads. Consider using in-memory caching services like Azure Cache for Redis for high-speed access and persistent storage solutions like Azure Cosmos DB for longer-term storage. Ensure the relevance of cached results through appropriate invalidation strategies. By incorporating caching into your model deployment strategy, you can minimise the environmental impact of your deployments while improving efficiency and response times.
Model Deployment
Considerations
Sustainability Impact
MaaS
Serverless deployment, managed infrastructure
Lower carbon intensity due to optimised infrastructure
As base models evolve and user needs shift, regular assessment of model performance becomes essential. Azure AI Studio facilitates this through its suite of evaluation tools, enabling both manual and automated comparison of actual outputs against expected ones across various metrics, including groundedness, fluency, relevancy, and F1 score. Importantly, assessing performance also means scrutinising your model for risk and safety concerns, such as the presence of self-harm, hateful, and unfair content, to ensure compliance with an ethical AI framework.
Model Performance
Model deployment strategy—whether via MaaS or MaaP—affects how you should monitor resource usage within your Azure environment. Key metrics like CPU, GPU, memory utilisation, and network performance are vital indicators of your infrastructure’s health and efficiency. Tools like Azure Monitor and Azure carbon optimisation offer comprehensive insights, helping you check that your resources are allocated optimally. Consult the Azure Well-Architected Framework for detailed strategies on balancing performance enhancements with cost and energy efficiency, such as deploying to low-carbon regions, ensuring your AI implementations remain both optimal and sustainable.
A Note on Responsible AI
While sustainability is the main focus of this guide, it’s important to also consider the broader context of responsible AI. Microsoft’s Responsible AI Standard provides valuable guidance on principles like fairness, transparency, and accountability. Technical safeguards, such as Azure AI Content Safety, play a role in mitigating risks but should be part of a comprehensive approach that includes fostering a culture of responsibility, conducting ethical reviews, and combining technical, ethical, and cultural considerations. By taking a holistic approach, we can work towards the responsible development and deployment of generative AI while addressing potential challenges and promoting its ethical use.
Conclusion
As we explore the potential of generative AI, it’s clear that its use cases will continue to grow quickly. This makes it crucial to keep the environmental impact of our AI workloads in mind.
In this guide, we’ve outlined some key practices to help prioritise the environmental aspect throughout the lifecycle. With the field of generative AI changing rapidly, make sure to say up to its latest developments and keep learning.
Contributions
Special thanks to the UK GPS team who reviewed this article before it was published. In particular, Michael Gillett, George Tubb, Lu Calcagno, Sony John, and Chris Marchal.
This article is contributed. See the original author and article here.
In this era of rapid technological advancement, our industrial landscape is undergoing a significant transformation that affects many processes and people—from the way operational technology (OT) production data is leveraged to how frontline workers perform their jobs. While 2.7 billion skilled individuals keep manufacturing operations going, their attrition and retirement rates are on the rise. This heightened turnover is contributing to an ever-widening skills gap, pressuring organizations to look beyond traditional working and skilling to extend capabilities and ensure growth.
Microsoft developed Dynamics 365 Guides to address these challenges. The integration of Microsoft Copilot into Guides brings generative AI to this mixed reality solution. Copilot in Dynamics 365 Guides transforms frontline operations, putting AI in the flow of work, giving skilled and knowledge workers access to relevant information where and when they need it. This powerful combination—mixed reality together with AI—provides insight and context, allowing workers to focus on what truly matters.
Generative AI represents an enormous opportunity for manufacturers
With 63% of workers struggling to complete the repetitive tasks that take them away from more meaningful work, many are looking eagerly to technology for assistance. Generative AI addresses these realities by equipping skilled assembly, service, and knowledge workers with the information necessary to keep manufacturing moving. Integrating Copilot into Guides furthers Microsoft’s commitment to this underserved group within enterprises. Workers are using Copilot in Dynamics 365 Field Service to complete repair and service work orders faster, boosting overall productivity. Copilot is already creating efficiencies for organizations worldwide, though still in private preview, we’re excited to see how Guides unlocks frontline operations and use cases.
Copilot makes information and insight readily available. Generative AI enables Guides to put these details in context against neighboring machine components and functions, enabling technicians to repair and service faster. Copilot removes the guesswork or need to carry around those dusty old manuals. Users can ask questions using their natural language and simple gestures. Copilot summarizes relevant information to provide timely virtual guidance overlaid on top of their environment.
Manufacturers will see this innovation firsthand at Hannover Messe 2024. Partnering with Volvo Penta and BMW Group, Microsoft will illustrate generative AI’s potential on service and manufacturing frontlines. Read what we have planned at Hannover with Volvo and BMW, and what other private preview customers are doing with Copilot.
Volvo Penta is focused on transforming training in the field
Volvo Penta, a global leader in sustainable power solutions, is always looking for ways to utilize new technology to increase efficiency and accuracy and has recently been utilizing augmented reality (AR) capabilities that enhance worker training and productivity. As an early adopter of Guides and Microsoft HoloLens 2, Volvo Penta was eager to participate in the private preview for Copilot in Dynamics 365 Guides. For Volvo Penta, Copilot is another technology with the potential to unlock further value for their stakeholders.
Volvo Penta is part of a conceptual innovation exploration, to evaluate how Copilot can help optimize the training of entry-level technicians by enhancing self-guided instruction. As Volvo Penta’s Director of Diagnostics put it, “Copilot makes it feel as though a trainer is always on hand to answer questions in the context of your workflow.” Locating 10 to 15 sensors used to take new technicians an hour or more, and now it only takes five minutes. This time savings has the potential to significantly increase productivity and learning retention, helping Volvo Penta, its customers, and dealers, accomplish more. The company continues to innovate with AI and mixed reality solutions to modernize service and streamline frontline operations.
At Hannover Messe 2024, the company is showcasing how Copilot could serve their customers to improve uptime and productivity. In the demo scenario, Volvo Penta envisions its ferry captains using Copilot to address a filter issue prior to departure. Left without a service technician onboard, the captain troubleshoots replacing the filter, using Copilot and HoloLens 2 to do so with step-by-step guidance.
Volvo Penta
See how Volvo Penta streamlines frontline operations with Copilot in Dynamics 365 Guides
BMW Group is pushing the boundaries of vehicle design and development
BMW Group is improving its product lifecycle, incorporating generative AI, human-machine interactions, and software-hardware integrations for better predictability, optimization, and vehicle innovation. As a global HoloLens 2 customer, BMW Group has spent the last couple years developing its own immersive experiences and metaverse using mixed reality. Now participating in the private preview for Copilot in Dynamics 365 Guides, they are exploring how the combination of mixed reality and generative AI, together, can push the boundaries of innovation.
In private preview, BMW Group’s Digitization and virtual reality (VR) Team within research and development (R&D) is the first to evaluate Copilot’s potential on design and development. With Copilot, product designers and engineers are simulating how the use of different materials and components impact vehicle design and their environmental footprint. The insights gained through this approach will help BMW Group optimize engineering and production processes. The organization believes generative AI will also benefit its Aftersales frontline workers, providing them access to expert knowledge and guidance, whenever and where it is needed.
This joint collaboration will ultimately enable BMW Group to spark innovation and target the use cases that drive its own digital transformation forward.
Chevron is exploring the potential impact on frontline operations
AI, automation, and mixed reality solutions are poised to reshape industries everywhere. Within energy, a focus on safety and the desire to accelerate skilling has Chevron looking to advance the capabilities of its frontline workers for the future. Copilot in Dynamics 365 Guides offers Chevron the opportunity to optimize these operations, empower its workers, and infuse informed decisions throughout its value chain. AI and mixed reality, together enables Chevron to define energy in human terms.
Through the private preview for Copilot in Dynamics 365 Guides, Chevron is exploring new use cases at its El Segundo Refinery that could unlock further enhancements in worker skilling and safety.
Get started with Copilot in Dynamics 365 Guides
Interested customers can get started by deploying Dynamics 365 Guides and Dynamics 365 Remote Assist on either HoloLens 2 or mobile devices as the first step. If you want to see how AI can transform your workforce, learn how you can start implementing Microsoft Copilot today.
This article is contributed. See the original author and article here.
LeVar Burton—known for his role as Chief Engineer Geordi La Forge in Star Trek and as the host and executive producer of the beloved PBS children’s series Reading Rainbow—recently sat down for a one-on-one chatwith CVP of Microsoft Security, Vasu Jakkal, to discuss the impact of generative AI on our world.
Figure 1: LeVar Burton- pop culture icon, content creator, and literacy advocate
The conversation began with a discussion of the impact of Star Trek on both speakers’ lives. Burton spoke about how seeing actressNichelle Nichols on the bridge of the USS Enterprise meant the world to him, as it showed him what creator Gene Roddenberry said was true: “When the future came, there would be a place for me.” Jakkal shared how Star Trekwas a pivotal influence in her childhood and is in part responsible for her career in cybersecurity. “Star Trek is a perfect example of what we imagine is what we create in this realm. Human beings, we are manifesting machines,” said Burton. “And Star Trek has been responsible for helping to sow the seeds of germination for a lot of different technologies that are in use in our everyday lives today.”
Figure 2: Vasu Jakkal and LeVar Burton discussing Star Trek’s impact on technology and their hope for how generative AI will transform our world.
Generative AI (GenAI) is the transformational technology of our generation. So, we asked LeVar Burton—one of the world’s foremost storytellers and champions of learning through his work in Reading Rainbow —to help us tell the story of how GenAI will improve education and opportunities for everyone across the globe. In addition to reshaping our everyday lives, our emails, and meetings, GenAI is changing how security work gets done. These new solutions—like Microsoft Copilot for Security—help SecOps professionals make sense of large amounts of data at machine speed. They simplify the complex to help defenders find a needle in the haystack, or even a specific needle in a needle stack. Jakkal also discussed how AI can help reduce the talent shortage in the security industry and make it more diverse.
The Microsoft mission is to empower every person and organization in the world to achieve more. And the security mission is to build a safer world for all. Burton expressed his hope that generative AI will help in ways that we haven’t thought of before, referencing the cultural shift that happened in just eight nights when the groundbreaking television miniseries Roots aired. “My hope, my prayer is that generative AI can help us educate our kids in ways that we haven’t been able to and perhaps haven’t even thought of,” stated Burton. He also emphasized the importance of making GenAI safe and accessible to all. Jakkal agreed, touching on the importance of responsibility when using AI, mentioning the Microsoft responsible AI framework—a set of steps to ensure AI systems uphold six principles: fairness, reliability and safety, privacy and security, inclusiveness, transparency, and accountability.
Central to the conversation was the concept of hope, and hope for the future. Burton said the younger generation gives him hope, as they see the world and technology in a different way. Jakkal expressed her hope that we can use GenAI to change the world in a good way, by working together and being responsible. Jakkal closed the discussion by saying “I think collectively together we have to use generative AI and the technologies that we have to change this course. Storytelling, the narrative to change the narrative to one of optimism, to one of hope, to one of inclusion… for all and done by all.”
This article is contributed. See the original author and article here.
If you’re an IT administrator who manages a fleet of devices, you know how important it is to have the right tools for deployment and management. You also know how challenging it can be to find and use those tools, especially when they are scattered across different locations and versions. That’s why we are excited to announce the Surface IT Toolkit, a modern desktop application that compiles essential commercial tools and streamlines the Surface device management experience for IT admins – all in a single application.
Surface IT Toolkit is designed to provide simplified access to important tools that complement cloud and traditional management. You can follow step-by-step instructions to configure, update, or troubleshoot your devices. Not only does it provide a centralized location, the Surface IT Toolkit also ensures you are using the latest versions of our tools and installers. You don’t need to worry about outdated or incompatible versions, the app utilizes MSIX which automatically checks for updates and downloads them for you.
In this blog post, we’ll take a closer look at what’s included and what’s new with the Surface IT Toolkit.
Home
After your initial configuration, the first screen you’ll see when you open the toolkit is the home screen where you’ll find quick tasks and choose the managed devices in your fleet which helps optimize the UI of the app. You can also see the status of your tools and installers, and access the settings and feedback options.
Data Eraser
Data Eraser removes data from a Surface device using a NIST [Special Publication 800-88 Revision 1 NVM Express] format command. Additionally, it allows for the creation of certificates of sanitization for record keeping and auditing purposes. This is useful when you need to repurpose, recycle, or retire a device and ensure that no sensitive data remains on it.
What’s new with Data Eraser:
You can easily generate a certificate of sanitization after the wiping of an SSD.
The tool now provides the ability to complete a disk verification post wipe.
UEFI Configurator
UEFI Configurator lets organizations apply Surface Enterprise Management Mode (SEMM) UEFI configurations on supported devices and docks so IT staff can effectively control and deactivate components at the firmware level. This can help enhance security and compliance by preventing unauthorized changes to the device settings.
What’s new with UEFI Configurator:
In a single pass of the tool, you can create all packages needed for devices and docks (both configuration and reset).
We’re building parity between app UI and configurations historically only available to PowerShell, for example you now control USB-C ports through the UI, including USB-C Dynamic & Granular disablement.
For those utilizing PowerShell for SEMM deployment, sample PowerShell scripts are now built right into toolkit, so you quickly copy the samples into your script editor of choice and build a solution for your environment.
Recovery Tool
Recovery Tool provides the ability to perform a device reset to revert a device back to a factory state for troubleshooting scenarios. It will also help manage previously downloaded factory images to assist in re-use. This can help you resolve common issues and restore the device to its original performance.
What’s new with Recovery Tool:
Guided processes that no longer require serial numbers and simplifies the steps for building a Bare Metal Recovery (BMR) USB.
The tool provides the ability to build new and build from an existing image that you’ve already downloaded so you don’t have to fuss with version control.
We’re also providing more insight into what’s included in the image itself like what version of Windows and Microsoft 365 Apps are included.
Tool Library
Tool Library stores the latest versions of additional tools and installers that can be deployed to end users and provides IT a description of their purpose and links to supporting documentation. These include Surface Asset Tag Tool, Surface Diagnostic Toolkit for Business, Surface Brightness Control Tool, and more.
What’s new with Tool Library:
Centralized location for our other installers and tools.
Installers and tools are always up-to-date.
You can download the IT Toolkit as an MSIX package which is available from IT Pro Download Center here. You’ll also find the download link in the Surface Management and Support Suite under the Surface IT Tools section. You’ll also find the download link in the Surface Management and Support Suite under the Surface IT Tools section.
As always, be sure to check back here for more updates on managing and securing your Surface devices.
This article is contributed. See the original author and article here.
I’m excited to attend the Microsoft 365 Community Conference next week, April 30 – May 2, in Orlando, Florida with Quentin Mackey, Global Product Manager of Viva Glint, delivering a session on Holistic Listening using Viva Glint, Viva Insights, and Viva Pulse. This session will help attendees understand how to seek and act on the many signals available in the employee experience to help people feel engaged, productive, and perform at their best. We’ll be sharing best practices, showcasing new technology, and highlighting a customer case study.
There is also a track dedicated to HR professionals, communicators, and business stakeholders in employee experience empowering attendees to:
Engage employees: Inspire employees to spark participation, contribution, and action toward cultural and business objectives. Accelerate innovation and drive a high-performance organization that is inclusive of everyone from the executive suite to the frontline.
Modernize internal communications: Evolve strategies to achieve communications objectives with engaging content that reaches audiences where they work, while reducing noise & interruption. Leverage advanced analytics and AI to measure and improve effectiveness.
Join us in person with over 175 Microsoft and community experts in one place by registering here. Note: use the MSCMTY discount code to save $100 USD.
Do you want to learn more about the conference and more reasons to attend? Check out this blog to learn more about the conference.
The Microsoft 365 Community Conference returns to Orlando, FL, April 30 – May 2, 2024 – with two pre-event and one post-event workshop days. It’s a wonderful event dedicated to Copilot and AI, SharePoint, Teams, OneDrive, Viva, Power Platform, and related Microsoft 365 apps and services. Plus, a full Transformation track for communicators, HR, and business stakeholders in workplace experience.
This article is contributed. See the original author and article here.
DevOpsGroup empowers organizations through IT modernization
DevOpsGroup is a Microsoft gold partner that empowers enterprises and scale-up organizations to achieve more in the digital economy by modernizing IT. The Cardiff, Wales, UK-based company’s team is 90 members strong, and its cloud and DevOps engineers have vast experience working with cloud platforms and DevOps toolchains.
SureView Systems, a multinational software company with headquarters in Tampa, Florida, and Swansea, Wales, specializes in physical security monitoring software for central stations and command centers. The company’s flagship product, Immix, integrates with more than 500 security products and systems. SureView Systems wanted to move Immix from TFS to Azure DevOps to accelerate software delivery and move toward a Software-as-a-Service (SaaS) model. Azure DevOps enables collaboration and modern DevOps services via its boards, pipelines, repositories, testing tools, and extensions marketplace.
“A key driver for the migration to Azure DevOps was the need to keep pace with the latest development and deployment tools as we migrated toward a continuous delivery/continuous integration DevOps model,” said Simon Morgan, Chief Technology Officer, SureView Systems.
The introduction of the Automatic re-waving of shipment lines failed to be allocated is solving issue where failed lines needed to be handled manually in the “Maintain shipments” form. This feature empowers warehouse managers to schedule checks for incomplete shipments to be re-waved and completed. In the past, this would have been a manual task for a warehouse manager to manage, actively going through a list of incomplete shipment lines and manually reprocessing them for the shipments to be completed. This process was time-consuming every time an exception happened, and lines did not manage to allocate inventory. A scenario where this could occur would be if inventory levels in a specific picking location were not available. If that was the case, the system would previously add that failed shipment to a list of incomplete shipments, which a warehouse manager would then have to manually manage.
With the Auto Add to Shipments feature, failed shipment lines will be automatically re-added to a new wave, ending the need for manual exception handling. Warehouse administrators have the flexibility to configure this as a batch job. This type of exception management allows our outbound processes to continue even when unforeseen accidents or events occur, without need for hours of manual labor spent on reprocessing the failed waves.
Image: Warehouse Manager reviewing inventory
In this image, we get a screenshot of the Auto add shipments to wave menu, where the user can do a variety of things, but most importantly we can set up the recurrence for how often we want our failed shipments to be re-run.
Left image: Auto add shipments to wave menu. Right image: Define Auto add shipments to wave Recurrence menu.
As we can see on the Auto add shipments to wave menu, there is a field named WHS rewave counter and has a default setting of 5. This means that we will only be able to re-wave our shipments a maximum of 5 times. If there is a scenario where we would like this shipment to be re-waved even after the fifth attempt, users can add a shipment ID manually through this page, which enables these previously failed shipment lines for another five re-wave attempts.
We can see on the image below that in the form “WHSWaveProcessingRemovedShipment” that one shipment line has failed, and we receive an error message that gives us a hint on why this happened. As we can see, the Shipment status is still “open”, which means the shipment will not be removed from the table. In the WHS rewave counter column there is a 0, which tells us we have not yet tried to re-run that shipment. In the Wave ID field, we can also see the Wave that was affected.
Image: Wave processing removed shipment line form in FnO.
In the image below, we get a snapshot of what the set up for the removal of re-waved shipment lines from the earlier mentioned form looks like. On this screen, users can set up when and how often the re-waving cleanup job should run.
The cleanup job was introduced to this feature to avoid failed shipment lines being stuck in the “WHSWaveProcessingRemovedShipmentCleanup” form if they could not be re-waved. Users do not have to set up a cleanup job for the Auto add to shipments feature, however, that means that the staging form will hold lots of shipment lines that have not been re-waved successfully after the maximum number of attempts. The cleanup job will remove lines from the form either via the Cleanup wave threshold field or the Last update older than given number field. This allows users to choose whether they want to remove that line from the form either through a re-wave threshold or after a certain number of days have passed.
In the Cleanup rewave threshold field, users can select how many times they want their shipment lines to be re-waved before they are removed from the ‘WHSWaveProcessingRemovedShipment‘ form. That means, even as we have the default setting of five attempted re-waves, the cleanup job can remove shipments from the ‘WHSWaveProcessingRemovedShipment’ form earlier than after 5 attempts, by selecting a number lower than 5. This can be useful if you would only like failed shipment lines to be re-waved a maximum of let’s say 3 times, before they are removed from the ‘WHSWaveProcessingRemovedShipment‘ form.
In the Last update older than given number field, users can select to remove failed shipment lines based on this criterion as well. Setting this to 30 means cleanup job will run and remove all failed shipment lines with the last update being older than the given number. This means, if we select 30 as our number, if we have a shipment line that was last updated 31 days ago, when the cleanup job runs, that line will be removed from the ‘WHSWaveProcessingRemovedShipment‘ form.
Areas of use:
Conceptually, this feature is suited for all kinds of industries, and can aid your outbound processes in more ways, but primarily focuses on scenarios that require exception management related to failed allocation of inventory from a picking zone. This mainly occurs when we allow inventory reservations for e.g., sales orders that are not stored in a picking location or your inventory due that inbound receiving and put-away has not been completed yet, or that production facility has reported inventory after production has been completed but not yet conducted finished goods put-away.
By enabling the re-waving feature for Dynamics 365 Warehouse Management, users reduce time consumption by handling uncompleted shipments, avoiding manual exception handling, and making sure that all shipment lines not allocated will be automatically re-waved and not forgotten.
Take your warehouse to the next level and achieve more with Microsoft Dynamics 365!
This article is contributed. See the original author and article here.
We are excited to announce that summary configuration for work order recap with Copilot in Dynamics 365 Field Service is now available in public preview. It builds on the work order recap feature released last year, which provides an AI-generated summary of the work order for service managers and technicians.
What is summary configuration?
Customers loved our work order recap feature and wanted to configure the summary to reflect their business-critical information. With summary configuration, admins can now specify the data used by Copilot in Field Service, whether in web or mobile. They can select specific columns from the base or related tables based on their organization’s business needs. You can also preview the summary using real data from Dataverse to ensure that it contains the right information.
Enable the summary configuration
To use the summary configuration, you need to be an administrator of the environment, and have the Work Order Summary feature enabled in your Dynamics 365 Field Service settings. Go to Field Service > Settings > Field Service Settings > Features. Find the Copilot in Field Service section, then turn on Copilot for work order.
Then, navigate to Summary Configuration on the site map. In public preview, you can choose between Work Order summary and Bookable Resource Booking summary. After selecting the table, turn on the Configure summary toggle to start configuring the table and columns to include in the summary.
Add columns to the summary
Now we are ready to start adding columns. For example, you want to add Primary Incident to the Work Order summary.
Open the Table list.
Select the Work Order table.
Go to the Column list and select Primary Incident Description.
You can also add a field from a related table. For example, in the Work Order summary, you want to include the Account Name column from the Billing Account associated with the Work Order.
Select + Add data to add a new row.
Open the Table list. Related tables are marked with chevrons (>).
Either type in the search box or scroll down to find the Billing Account table and select it.
Once it becomes the current table (first item in the list), select it.
Then go to the Column list and select Account Name.
Preview the summary
When you are done configuring, you can test your configuration using any record from Dataverse and preview the summary that Copilot would generate for that record. You can be confident that your service managers and technicians will have the relevant information in the summary to perform their job.
Once you have finished testing, select Save to publish this summary configuration.
Enable this feature today and learn more about it through the feature documentation and FAQ. We’re looking forward to hearing your feedback.
This article is contributed. See the original author and article here.
Trusted Signing has launched into Public Preview! The Trusted Signing service (formerly Azure Code Signing) is a Microsoft fully managed end-to-end signing solution for developers.
What is the Trusted Signing service?
Trusted Signing is a complete code signing service with an intuitive experience for developers and IT professionals, backed by a Microsoft managed certification authority. The service supports both public and private trust signing scenarios and includes a timestamping service. With Trusted Signing, users enjoy a productive, performant, and delightful experience on Windows withmodern security protection features enabled such as Smart App Control and SmartScreen.
The service offers several key features that make signing easy:
We manage the full certificate lifecycle – generation, renewal, issuance – and key storage that is FIPS 140-2 Level 3 HSMs. The certificates are short lived certificates, which helps reduce the impact on your customers in abuse or misuse scenarios.
We have integrated into popular developer toolsets such as SignTool.exe and GitHub and Visual Studio experiences for CI/CD pipelines enabling signing to easily integrate into application build workflows. For Private Trust, there is also PowerShell cmdlets for IT Pros to sign WDAC policy and future integrations with IT endpoint management solutions.
Signing is digest signing, meaning it is fast and confidential – your files never leave your endpoint.
We have support for different certificate profile types including Public Trust, Private Trust, and Test with more coming soon!
Trusted Signing enables easy resource management and access control for all signing resources with Azure role-based access control as an Azure native resource.
We want to make this affordable for ISVs and developers in a way that allows the community of all demographics to be able to sign. While we have two pricing SKUs, basic and premium accounts, the initial Public Preview release is free until June 2024. The details of each SKU are outlined below:
Model type
Basic
Premium
Base price (monthly)
$9.99
$99.99
Quota (signatures / month)
5,000
100,000
Price after quota is reached
$0.005 / signature
$0.005 / signature
Includes
Public and Private Signing
1 of each Certificate Profile type
Public and Private Signing
10 of each Certificate Profile Type
Try out Trusted Signing today by visiting the Azure portal.
This article is contributed. See the original author and article here.
Fabric Multi-Tenant Architecture
ISVs often face challenges in managing data for multiple tenants in a secure manner while keeping costs low. Traditional solutions may prove costly for scenarios with more than 100 tenants, especially with the common ISV scenario where the volume of trial and free tenants is much larger than the volume of paying tenants.
The motivation for ISVs to use Fabric is that it brings together experiences such as Data Engineering, Data Factory, Data Science, Data Warehouse, Real-Time Analytics, and Power BI onto a shared SaaS foundation.
In this article, we will explore the Workspace per tenant-based architecture, which is a cost-effective solution for managing data for all tenants in Microsoft Fabric, including ETL and reporting.
Challenges of Multi-Tenant Data Solutions
Let us start with the questions that this article will answer:
What are my options to isolate data between tenants?
What are the security requirements/regulation that I should consider?
What are the implications of the various solutions?
Note: You should explore the cost/performance/maintenance aspects of each solution and balance them according to well defined policy that is suited to you as an ISV in specific industry, under specific regulations and upon understanding the sensitivity of the data.
ISVs are reporting that their customers demand solutions that are “fully isolated” in the meaning of data separation between tenants. However, the industry (as well as the regulation) has not defined yet what is “fully isolated.”
The possibility of querying data from multiple tenants is quite common even though it is against the isolated concept. Fabric implementation concepts will be discussed in this article.
Application scenarios:
Microsoft Fabric is designed for multiple application scenarios as defined here.
This article will focus on the typical following two: 1. Data analytics and workflow processing 2. Data gathering, processing, and IoT.
OLTP applications are a native source for Fabric but are not recommended to be the data platform for such systems.
Typical ISVs projects need to ensure that the architecture will support:
Multi-tenants that need data isolation between different tenants. We will discuss briefly what is data isolation in this document.
Power BI reporting.
Performance and cost challenges with relational engine.
Easy migration to Fabric.
The Workspace approach is well-suited to support all those scenarios.
Terminology
OneLake:
OneLake is a single, unified, logical data lake for your whole organization. For our discussions, all the ISV’s tenants’ data will be hosted on the same OneLake. As you can see from the diagram below, Fabric supports multiple services that can connect to OneLake.
Capacity:
A Microsoft Fabric capacity resides on a tenant. Each capacity that sits under a specific tenant is a distinct pool of resources allocated to Microsoft Fabric. The size of the capacity determines the amount of computation power available.
Workspace:
Workspaces reside within capacities and are used as containers for Microsoft Fabric items. Workspace is the place in OneLake that holds the data.
Within a tenant, you can create any number of workspaces. Workspaces enable various parts of the organization to distribute ownership and access policies. Each workspace is part of a capacity that is tied to a specific region and is billed separately.
Within a workspace, you can create data items and you access all data in OneLake through data items. Fabric stores are like lakehouses, warehouses, and other items in OneLake.
Of course. License considerations must take place. Our assumption is that most ISVs will utilize Capacity License.
Data Storage:
The assumption of this article is that a typical ISV wants to store all the data for all his tenants in a central location (multi-region provisioning might be needed due to end-customer location) in a secure and cost-effective way. This is a repeatable demand that we hear from our ISVs. Fabric can offer a new way to achieve this goal by four concepts (more details provided) in this article:
One OneLake for all your data
Tenants’ separation/isolation by workspace
Affordable storage – Parquet files is the storage format. The price per GB is similar the price of Blob storage in the hot tier..
Serverless oriented – no need to pay for unused compute resources.
Data acquiring (ETL and/or IoT) and hybrid scenarios will not be discussed in this article.
Fabric Direct Lake
One of the key components is Fabric Direct Lake, which includes a semantic model capability for analyzing large data volumes in Power BI. Direct Lake is based on loading parquet-formatted files directly from a data lake without having to query a Lakehouse endpoint, and without having to import or duplicate data into a Power BI model.
In other words, Direct Lake eliminates the need to load the data to a relational database or to Power BI and uses Direct Lake as a one-step solution to query the data instead of multiple steps. The following figure (not a replacement for reading the full article here) can help us understand the solution:
As shown in the diagram, Direct Lake streamlines the user’s path by eliminating the need to create, maintain, and pay for a separate lakehouse or warehouse, as well as the need to use import or direct query processes. This results in a more efficient and cost-effective solution for analyzing large data volumes in Power BI.
Workspace based Multi-Tenant Architecture
One of the ground building blocks of Fabric is a workspace. Workspaces are containers that are places to collaborate with colleagues to create collections of items such as lakehouses, warehouses, and reports. You can grant permission per workspace (see the security part later), which can be extremely helpful to associate the tenant’s login with the tenant’s workspace and to his workspace only.
As you can see from the diagram, OneLake can utilize the workspaces for tenant isolation.
Advantages of using workspace per tenant approach:
Security
Avoiding the need to manage security between workspaces
Manageability
The ability to move/delete/archive tenants without any impact on other tenants
Simplicity
One OneLake per ISV; One workspace per tenant; No service to manage and patch
Monitoring
Monitor resource usage per tenant easily
SLA
Ability to give different SLAs to different tenants by provisioning different services according to the tenants’ needs and or budget
Cost per Tenant
Ability to know (and bill) each tenant’s data size according to usage
Due to business, regulation and security considerations, any multi-tenant should ensure that each tenant can access only his data. From a high-level perspective, the solutions that enable us to achieve this granularity are divided into two types:
Physical separation of the data to separate locations.
Ensuring that the application will filter the data from the relevant tenants by mechanisms like Row Level Security.
This document discusses the physical separation type only since this type is aligned with Fabric’s architecture.
Shared data
For shared data the suggested usage is to have a separate workspace that will be shared by a shortcut to all the tenants’ environments. If the shared data is managed by a database, you might be able to use mirroring to sync the database to the shared data workspace. Mirroring is in preview now for Cosmos DB, Azure SQL DB and Snowflake. However, SQL Server, Azure PostgreSQL, Azure MySQL, MongoDB and other databases and data warehouses will be coming in CY24.
Features of Fabric that support multitenancy
Capacities and multi-Region
In Fabric you will have only OneLake per the ISV’s tenant. However, you can deploy your system in multiple regions by having capacity defined in each region.
There is only one OneLake per tenant.
A tenant can have multiple capacities in one or more regions.
Any capacity is attached to a specific region.
A workspace can be assigned to only one capacity.
Every item stored in a lakehouse/warehouse of a workspace will be stored in the region of the tied capacity.
Multitenancy friendly cost structure
Storage
Delta-Parquet files which are the basic building block in Fabric. Those files charged per volume so the number of workspaces will not affect the cost.
Serverless Service
Fabric is a serverless solution which means that there is separation between storage and compute resources payments.
As you expect, you are paying for the storage you are using and you should try to optimize the size of the storage. Since storage costs are low, the storage cost will not be a significant percentage of your total cloud bill.
For compute, you will pay according to the usage. In the BI environment, the user load is expected to vary and such models will save money.
With classic Fabric implementation, you can skip the need for relational database which usually can be one of the main cloud expenses.
ETL
Most ISVs run ETL per tenant, therefore the cost will be the same.
In rare cases where one ETL process can deal with multiple tenants, a single workspace for all tenants might run with less pipelines and save costs.
Power BI
In Power BI, a workspace per tenant is the best practice. Please read the Develop scalable multitenancy applications with Power BI embedding article for deep discussion. From the Power BI perspective, the limitations are based on the largest workspace size (and not on the total workspace size) as defined here.
Capacity and Chargeback Management
The recommended approach for segregating tenants through distinct workspaces facilitates a frequently requested feature: chargeback support. By allocating separate capacities to each tenant’s workspace (or multiple workspaces), monitoring and accessing data regarding each tenant’s usage becomes straightforward. Microsoft Fabric concepts and licensing article provides essential guidance for creating a deployment that enables ISVs to implement chargeback mechanisms. This allows for precise billing of end customers based on their actual consumption, streamlining the process and ensuring transparency in usage and cost allocation.
Workspace Security
Granular permissions per tenant
As written above, you can use permission per workspace to ensure tenant’s isolation per workspace. The same mechanism is used to give more granular permissions to specific items inside the users of the tenants (good description can be found here).
Note, the same concept is true for permissions inside a lakehouse or warehouse inside a workspace.
For example, the user Mark-CustomerA might be associated with the CustomerA tenant to see only the data related to his tenant. If you want to give him read access to the Orders data you will define a role named OrdersRead-CustomerA and associate Mark with this role. To define a global role OrdersRead instead is possible but will not be a satisfactory solution.
In Fabric you can give permissions by sharing – see here and here. Detail granular permission discussion is beyond the scope of this document – this document is discussing only the security aspects of the multi-tenant scenario.
Multi-tenants Network security
There is no IP separation nor any other network isolation between workspaces. The good news is that a solution is coming. As stated in What’s new and planned for Administration and governance in Microsoft Fabric, Private Link support is planned for Q2 24 (it is not available now and plans might be changed). The Private Link capability will expand from Power BI to other workloads in phases, including workspace-level support. Once Azure Private Link is configured and public internet access is restricted, all the supported scenarios for that workspace will be routed through private links.
Identity Management
We strongly recommend using different users per tenant and not letting an application-based security mechanism to be the only authorization gate.
In these days, you can even utilize multitenant organization in Microsoft Entra ID which is in preview. Detail discussion of this option is beyond the scope of this article. Some highlights can be found in multitenant organization scenario and Microsoft Entra ID capabilities.
The importance of those practices us crucial in ensuring robust security.
To avoid potential overriding privacy and regulation policies, you should allow cross-tenant queries only in specific cases. You should design such implementation carefully from both security and architecture aspects.
Organizations might separate their data into multi workspaces due to internal security reasons (Separating Gold from Silver/Bronze, according to the data sensitivity).
For other ISVs, the need is even more complex. The data (or at least part of it) comes in a multi-tenant stream and this data should be divided into different single-tenant streams with a minimal effort.
Currently, Fabric does not support this functionality but the ability to enable Cross-workspace Pipelines is in the roadmap.
However, you can clone your data pipelines across workspaces by using the “Save as” button (see here). This makes it easier to develop pipelines collaboratively inside Fabric workspaces without having to redesign your pipelines from scratch. Another solution, based on dynamic content is described here.
Using Cross Workspace Pipelines might simplify the ETL code as well as reduce the expected costs. With proper design, the expected running time of the processes will be better.
Conclusion
If you are an ISV that has multiple tenants, you can use the new Fabric platform to host those tenants. Fabric will help you host the data received from those customers on an isolated basis, paying only for the actual storage that you are using while being able to load the data will all the transformations needed and build a reporting layer for your customers.
Recent Comments