Merge pull request #250452 from MicrosoftDocs/release-preview-mswb

Release preview mswb--scheduled release at 10AM of 9/07

Author: huypub

articles/modeling-simulation-workbench/concept-chamber.md

@@ -0,0 +1,43 @@
+---
+title: "Chamber: Azure Modeling and Simulation Workbench"
+description: Overview of Azure Modeling and Simulation Workbench chamber component.
+author: lynnar
+ms.author: lynnar
+ms.reviewer: yochu
+ms.service: modeling-simulation-workbench
+ms.topic: conceptual
+ms.date: 01/01/2023
+# Customer intent: As a Modeling and Simulation Workbench user, I want to understand the chamber component.
+---
+
+# Chamber: Azure Modeling and Simulation Workbench
+
+In Azure Modeling and Simulation Workbench, a chamber is defined as a group of connected computers (nodes) that work together as a single system.  A chamber provides a full-featured and secure environment for users to run engineering applications and workloads together.
+
+- Chambers offer optimized infrastructure, allowing users to choose from varied VM sizes, storage options, and compute resources to constitute workloads.
+- Chambers enable a preconfig environment for license server access and full-featured workload tools.
+- On-demand chambers are nested to Modeling and Simulation [Workbench](./concept-workbench.md) resource.
+
+## Chamber environment
+
+Chambers create a secure and isolated environment by adding private IP access and removing internet access. Public domain access is restricted to authorized networks over encrypted sessions enabled by the connector component. A [connector](./concept-connector.md)  exists per chamber that supports the protocols established through VPN, Azure Express Route, or allowlisted Public IP addresses.
+
+Only provisioned users can access the chamber environment. User provisioning is done at the chamber component using IAM [(Access Control)](/azure/role-based-access-control/role-assignments-portal).  This enables Cross team and/or cross-organization individuals to collaborate on the same projects through the chambers. Multifactor authentication (MFA) enabled through Azure AD is recommended to enhance your organization's security.
+
+## Chamber storage
+
+Users can resize and tailor the chambers to support storage requirement needs throughout the design process. Chamber users can also allocate Chamber VMs on demand, select the right-sized VM/CPU for the task/job at hand, and decommission the workload when the job is done to save costs.
+
+### Right-sizing
+
+The right-sizing feature reduces the Azure spend by identifying idle and underutilized resources. For example:
+
+- By managing the size and number of virtual machines.
+- By stopping unused workloads, connectors and chambers.
+- By managing the size and performance tier of chamber storages.
+
+Learn more about reducing service costs using [Azure Advisor](/azure/advisor/advisor-cost-recommendations#optimize-spend-for-mariadb-mysql-and-postgresql-servers-by-right-sizing) and [right-size VMs best practices](/azure/cloud-adoption-framework/migrate/azure-best-practices/migrate-best-practices-costs#best-practice-right-size-vms).
+
+## Next steps
+
+- [Connector](./concept-connector.md)

articles/modeling-simulation-workbench/concept-connector.md

@@ -0,0 +1,27 @@
+---
+title: "Connector: Azure Modeling and Simulation Workbench"
+description: Overview of how the Azure Modeling and Simulation Workbench implements connectors.
+author: lynnar
+ms.author: lynnar
+ms.reviewer: yochu
+ms.service: modeling-simulation-workbench
+ms.topic: conceptual
+ms.date: 01/01/2023
+#Customer intent: As a Modeling and Simulation Workbench user, I want to understand the connector component.
+---
+
+# Connector: Azure Modeling and Simulation Workbench
+
+Connectors are used to define and configure the network access between an organization's on-premises or cloud environment into the Azure Modeling and Simulation Workbench chamber. The connector supports protocols established through VPN, Azure Express Route, or network Access Control Lists.
+
+## VPN or Azure Express Route
+
+For organizations who have an Azure network setup to manage access for their employees, they can have strict controls of the virtual network subnet addresses used for connecting into the chamber. At creation time of the connector, the Chamber Admin or Workbench Owner can connect a virtual network subnet with VPN gateway or ExpressRoute gateway to establish a secure connection from your on-premises network to the chamber. The subnet selection should be a non gateway subnet within the same virtual network with the gateway subnet for VPN gateway or ExpressRoute gateway.
+
+## Allowlisted Public IP addresses
+
+For those organizations who don't have an Azure network setup, or prefer to use the public network, they can configure their connector to allow access to the chamber via allowlisted Public IP addresses. The connector object allows the allowed IP list to be configured at creation time or added or removed dynamically after the connector object is created.
+
+## Next steps
+
+- [Data pipeline](./concept-data-pipeline.md)

articles/modeling-simulation-workbench/concept-data-pipeline.md

@@ -0,0 +1,40 @@
+---
+title: "Data pipeline: Azure Modeling and Simulation Workbench"
+description: Overview of Azure Modeling and Simulation Workbench data pipeline component.
+author: lynnar
+ms.author: lynnar
+ms.reviewer: yochu
+ms.service: modeling-simulation-workbench
+ms.topic: conceptual
+ms.date: 01/01/2023
+#Customer intent: As a Modeling and Simulation Workbench user, I want to understand the data pipeline component.
+---
+
+# Data pipeline: Azure Modeling and Simulation Workbench
+
+For the Azure Modeling and Simulation Workbench user, getting data into and out of the chamber is done through the data pipeline. Since the chamber is secure and isolated from the public network, no direct method is provided to copy data into and out of the chamber.
+
+The data pipeline enables users to bring data into the [chamber](./concept-chamber.md), and remove data from the chamber. Users must have access (be provisioned) to the chamber and be on the same network as the chamber's [connector](./concept-connector.md) object.
+
+## Importing data overview
+
+Users with access to the chamber can bring data into the chamber via AzCopy and an expiring SAS URI token they get from the chamber component.  They then use AzCopy to move data into the data pipeline endpoint. The chamber recognizes the data pipeline request and moves the file into the chamber.  For traceability purposes, when a file is moved into the chamber, the data pipeline automatically creates a file object in the chamber that represents the file data.
+
+## Exporting data overview
+
+Users with access to the chamber can export data from the chamber via the data pipeline.
+
+1. **Identify file to export.** The export process is triggered when a user places a file to export into a designated area within the chamber.  A Chamber Admin or Chamber User copies the file to the data out folder within the pipeline. The data pipeline detects the copied file and creates a file object. The file creation activity is traceable in the logs and enables the next step of the data pipeline.
+
+1. **Request file to export.** A Chamber Admin reviews files in the data pipeline and requests to export files in the data out folder in the chamber. The pipeline creates a file request object. The export request activity is traceable in the logs and enables the next step of the data pipeline.
+
+1. **Approve/reject export request.** The Workbench Owner approves or rejects the file request object for export. The export approval step must be completed by the Workbench Owner and can't be the same person who requested to export the data.
+
+1. **Download file to export.** If a file is approved for export, the user gets a download URI from the file request object and copies it out of the chamber using AzCopy. The URI has an expiration timestamp and must be downloaded before it expires. If the URI expires, you need to request a new download URI.
+
+  > [!NOTE]
+  > Larger files take longer to be available to download after being approved and to download using AzCopy.  Check the expiration on the download URI and request a new one if the window has expired.
+
+## Next steps
+
+- [License service](./concept-license-service.md)

articles/modeling-simulation-workbench/concept-license-service.md

@@ -0,0 +1,35 @@
+---
+title: "License service: Azure Modeling and Simulation Workbench"
+description: Overview of Azure Modeling and Simulation Workbench license service component.
+author: lynnar
+ms.author: lynnar
+ms.reviewer: yochu
+ms.service: modeling-simulation-workbench
+ms.topic: conceptual
+ms.date: 01/01/2023
+#Customer intent: As a Modeling and Simulation Workbench user, I want to understand the license service component.
+---
+
+# License service: Azure Modeling and Simulation Workbench
+
+A license service automates the installation of a license manager to help customers accelerate their engineering design.  A license service is integrated into Azure Modeling and Simulation Workbench.
+
+## Overview
+
+Engineering design tools are widely used across industries to enable design teams to run their flows efficiently. Many of these proprietary software programs require licenses. License management is integrated into our flows via the most commonly used license manager, FLEXlm.
+
+Here's how the license service works:
+
+- For each deployed chamber within the workbench, we set up a license server and expose the FLEXlm HostID's to procure licenses.
+- Users request tool licenses for the specific HostID.
+- Once the license file is received from the tool vendor, users import it to enable the license service.
+
+## Additional information
+
+For silicon EDA, our service automation deploys license servers for each of the four common software vendors (Synopsys, Cadence, Siemens, and Ansys) as part of resource creation to enable multi-vendor flows. The workbench also supports license service beyond these common EDA tool vendors with some manual configuration.
+
+This flow is extendible and can also include other software vendors across industry verticals."
+
+## Next steps
+
+- [Manage users in Azure Modeling and Simulation Workbench](./how-to-guide-manage-users.md)

articles/modeling-simulation-workbench/concept-user-personas.md

@@ -0,0 +1,33 @@
+---
+title: "User personas: Azure Modeling and Simulation Workbench"
+description: Overview of Azure Modeling and Simulation Workbench user personas.
+author: lynnar
+ms.author: lynnar
+ms.reviewer: yochu
+ms.service: modeling-simulation-workbench
+ms.topic: conceptual
+ms.date: 01/01/2023
+# Customer intent: As a Modeling and Simulation Workbench user, I want to understand the user personas.
+---
+
+# User personas: Azure Modeling and Simulation Workbench
+
+There are three user personas within Azure Modeling and Simulation Workbench:  IT Admin, Project Manager, and Design Engineer. This article explains the user personas, and the activities and responsibilities associated with each one."
+
+## IT Admin (Workbench Owner)
+
+The IT Admin is responsible for infrastructure deployment and user provisioning, referenced as the *Workbench Owner*. The Workbench Owner initializes the service in the customer tenant and has full administrative rights to manage chambers and users in the environment. They have Azure 'Owner' role assignment, or 'Contributor' and 'User Access Administrator' role assignments.
+
+A Workbench Owner can create and delete chambers, and invite, remove, or change user roles. They can also define the connectivity methods that their users employ to connect into the workload. The Workbench Owner is also responsible for approving all data export requests and costs accrued by resource consumption during workbench usage.
+
+## Project Manager (Chamber Admin)
+
+The Project Manager, also known as the *Chamber Admin*, is responsible for installing and managing applications and licenses. They also own the installation and configuration of tools related to compute, network, and storage within the chamber. Chamber Admins set up and manage the chamber and have a higher elevated access within the workloads and the environment. They're responsible for procuring the licenses from the software vendors to enable design teams to run simulations on the deployed workloads.
+
+## Design Engineer (Chamber User)
+
+The Design Engineer is responsible for execution of the workflows and simulations leading up to the final design approval. This role is referred to as the *Chamber User*. Chamber Users have a lower level of access to the environment, but can deploy workloads, execute scripts and schedulers based on their access permissions to chamber storages. They can also use the [data pipeline](./concept-data-pipeline.md), to bring data into the chamber and request data to be exported from chamber.
+
+## Next steps
+
+- [Chamber](./concept-chamber.md)

articles/modeling-simulation-workbench/concept-workbench.md

@@ -0,0 +1,51 @@
+---
+title: "Workbench: Azure Modeling and Simulation Workbench"
+description: Overview of Azure Modeling and Simulation Workbench workbench component.
+author: lynnar
+ms.author: lynnar
+ms.reviewer: yochu
+ms.service: modeling-simulation-workbench
+ms.topic: conceptual
+ms.date: 01/01/2023
+# Customer intent: As a Modeling and Simulation Workbench user, I want to understand the workbench component.
+---
+
+# Workbench: Azure Modeling and Simulation Workbench
+
+An Azure Modeling and Simulation Workbench is a placeholder for housing several workbench components for users. A workbench refers to a series of supporting services that optimize workload performance in Azure Modeling and Simulation Workbench, such as: computing, storage, and networking.
+
+## Workbench components
+
+A workbench hosts Azure resources in a closed environment of virtual machines, storage devices, and databases. A workbench is the parent container for [chamber](./concept-chamber.md) objects that run engineering applications and workloads in isolated environments.
+
+Multiple teams can work on shared projects within a workbench using Modeling and Simulation Workbench's collaborative and secure design environment.
+
+The chamber and [connector](./concept-connector.md) have its own admin that manages the space, the components, and its users. Authorized users can access and modify systems and transform the components and services as per their project requirements. Users can also delete high-performance VMs after use to save on costs.
+
+## Workbench infrastructure
+
+The infrastructure of the Azure Modeling and Simulation Workbench is optimized for compute and memory intensive applications. The workbenches ensure maximum throughput and performance for engineering workloads, supported by high performance file systems and efficient job scheduling.
+
+The workbench includes the following types of components:
+
+### Compute
+
+Azure offers varied classes of virtual machines (VMs) that span diverse memory-to-core ratios and suit different workload requirements. Some of the VMs include General purpose VMs, Compute optimized VMs, and Memory optimized VMs.
+
+### Storage
+
+Key storage components work together to provide high performance for engineering workflows. The storage service enables you to migrate and run enterprise file applications.
+
+### Networking
+
+The Azure virtual network enables over-provisioned network resources with high bandwidth and low latency. Network quality and throughput impacts job runtime drastically. Azure offers built-in, custom options for fast, scalable, and secure connectivity aided by its wide and private optical-fiber capacity, enabling low-latency access globally. Azure also offers accelerated networking to reduce the number of hops and deliver improved performance.
+
+- [Azure ExpressRoute](/azure/expressroute/expressroute-introduction) - The network service creates private connections between the infrastructure on-premises without traversing the public internet. The service offers immense reliability, quicker speeds, and lower latencies than regular internet connections.
+
+- [Azure VPN](/azure/vpn-gateway/vpn-gateway-about-vpngateways) - A VPN gateway is a specific type of virtual network gateway, sending encrypted traffic between an Azure virtual network and an on-premises network over the public network.
+
+- Remote desktop service - As robust security is mandatory to protect IP within and outside chambers, remote desktop access needs to be secured, with custom restrictions on data transfer through the sessions. Customer IT admins can enable multifactor authentication through [Azure Active Directory](/azure/active-directory/) and provision role assignments to Modeling and Simulation Workbench users.
+
+## Next steps
+
+- [User personas](./concept-user-personas.md)