Adding Multi-Cloud Template
Overview
CloudLabs Template is the base of the Hands-on lab environment. You can do a variety of configurations under Templates such as adding prerequisites, enabling roles and policies for users, and much more.
Here we will learn more about how to work with CloudLabs Template.
Navigate to the Templates section that is available in the left menu and click on the + ADD button given in the top right corner.
Name: To identify the lab, give the Template a name.
Lab Code: is also used as an internal identifier; however, it is not used as any suffix/prefix in any of the resources deployed in your cloud environment.
Description: Provide a brief description to describe your lab, its resources, and technologies as well as its learnings and benefits. It will be visible to the end users as well.
Lab Launch Page Description: The Lab Launch page is basically where you launch your lab environment. You can add any additional instructions to this page that you think are relevant for the users.
Custom Page Title: In case you want to customize the title of the Hands-on-Lab Registration page, you can provide a title in this field.
Custom Logo URL: In case you want to customize the logo of the Hands-on-Lab Registration page, you can provide the URL of the logo in this field.
Note: The default page title and logo will be displayed, but if you wish to change them, you can use this field. End-users will be able to see it on the Hands-on Lab registration page, allowing you to customize what you want them to see.
Owner Email: In this field, you have to provide the Email address of the person who is responsible for building the Template.
Reviewed By: This field can be used to include the information of the reviewer who will be reviewing the template configurations.
Lab Guide URL: A lab guide is a document that gives users all of the directions they need to complete a hands-on lab. The Lab guide URL can be entered here, and it will appear on the users' lab details page. The lab guide will be available to them once they have accessed the URL.
Demo URL: If you want to provide any kind of demonstration like video, document, simulation, etc. for the lab to your users, provide the link to the content here. Users will be able to see the link and navigate to it once the lab starts.
Help Document URL: If you want to provide users with a help manual that will assist them in completing the lab, you can place that document URL here.
Prerequisites URL: If you wish to give people visibility into how the lab is set up or how the prerequisites for the lab are defined, you may write a document and enter the URL here.
Approx. Deployment Duration: Your environment's pre-requisite resources will take some time to deploy. The expected deployment duration will be defined throughout this time period. The period you enter in this area will be displayed to users as a countdown to the start of the Lab.
Excluding Output Parameters: Here, you specify values that are included in the Azure Resource Manager, Cloudformation, Deployment Manager template outputs but want to exclude them from appearing in the parameters after creating a lab deployment. For instance, the values related to the trainer's username and password, Access keys and Secret Access keys.
User Lab Experience Types: This field contains mainly 2 options, namely RDP over HTTP and Integrated Databricks Workspace (IFrame Concept).
Control Panel Resources: Here, you can specify which resources you want to be visible and controlled from the Control Panel on the CloudLabs Admin Portal. The current options available to configure are Virtual Machine, SQL Data Warehouse, and Azure DevTest Labs. Once selected, you can perform operations like start, stop, restart, etc. directly from the Control Panel on the CloudLabs Admin Portal.
Enable Lab Validation: Lab validation enables you to check whether lab tasks are completed appropriately. In case the user had issues performing the lab, that can be checked under validations.
Enable Leaderboard: If desired, a leaderboard can be utilized to track a user's score based on their performance as measured by Lab validation.
Delete Deployment Info After Success: Check the box if you wish to clean up the deployment history from the Azure portal. Deleting this won't affect the deployed resources.
Enable Lab Preview: If checked, this feature allows attendees to get insights about the lab's content before launching any lab environment. For more details, refer to Lab Preview.
Pre-deployment allocation of CloudLabs Licenses: When checked, the CloudLabs licenses will be allocated to your deployments even before the user registers for it. If not checked, the CloudLabs license allocation will only happen to the deployments when some user registers for it.
Now, we will move on to the next section where you have to provide the needed information for the cloud platform configuration.
Cloud Platform Configuration: click on the + ADD button given in the top right corner.
Cloud Platform: Select the cloud platform where you want to deploy the lab infrastructure from the dropdown list for example Microsoft Azure, Amazon Web Services, Google Cloud Platform, Oracle Cloud Infrastructure and provide the necessary information for the selected cloud platform.
Note: Following fields will be changed based on the selected cloud platform here we are selecting Microsoft Azure.
Platform Friendly Name: Unique name for the cloud platform.
Cloud Usage Type: This feature helps the system in calculating the cost of a Virtual Machine or the total cost of all Cloud resources. There are 2 options available, namely Cloud Resource Usage and VM Usage. Cloud Resource Usage will calculate the cost of all the resources deployed in the lab environment, however, VM Usage will only calculate the cost of the virtual machines and the related resources present in your cloud environment. Therefore, it is always recommended to select Cloud Resource Usage for efficient cost calculation.
Code: Use a code as an internal identifier; this code will also be concatenated in the name of the user Resource Group. As an example, if you use the code demolab, you'll be able to tell that the template is about a demo lab. The user's Resource Group will be named ODL-demolab-xxxxxx, where demolab is a lab code, ODL is the default prefix, and xxxxx is the CloudLabs-assigned user unique ID.
Subscription Type: This option is only available if you go for the Microsoft Azure cloud platform. For Amazon Web Services & Google Cloud Platform, it will be taken care of automatically.
CloudLabs provides three types of subscriptions as listed below:
Shared Subscription: Here, a single subscription can be shared by multiple users giving them access to the Resource group level. Depending on the lab's needs and access constraints, you can use shared subscriptions.
Dedicated Subscription: A dedicated subscription is used when a lab requires subscription-level access. Here, each user gets access to a single subscription.
Dedicated Tenant: A dedicated tenant is used when a lab requires tenant-level access or Global admin access. Here, each user has access to the entire tenant.
Deployment Plan: This allows you to choose several Resource Groups required in your lab. The selected number of Resource Groups will be pre-created in your environment.
Usage Policy URL: Usage policy is used to monitor cores/clusters of Azure resources. In the policy, we have to define a maximum limit of cores/clusters that is allowed for a user.
The usage policy revolves around these Azure resources - Virtual Machines, CosmosDB Accounts, SQL Servers/Databases, Virtual Machine Scale Sets, and Databricks Clusters.
For example: You prepared a policy in which the allowed value for VM is set to 4 vcpu cores. Now we have two users - User01 and User02, performing the same lab. User01 creates a VM that uses 2 cores and User02 creates a VM that uses 8 cores.
Here, for both users, we will have two different cases as follows:
Case 1: User01 with 2 cores falls under the allowed value and will not violate the usage policy.
Case 2: User02 with 8 cores exceeds the allowed value resulting in violating the usage policy.
Once the policy is violated, you will get alerted via email.
To receive the alert emails, a person/team can provide their email address while setting up the Lab.
To view a sample of the Usage Policy, go to this link - Usage Policy Sample
* **Region:** This field allows you to select the region where you want to deploy the lab infrastructure on the cloud platform.
* **Create Service Principal:** This feature is used to create a Service Principal as a part of pre-requisites. On the checking this box, a Service Principal will automatically get created in the user environment. On checking **Create Service Principal** box, two more features will appear on the page as given below:
* **Send Service Principal:** The details of the Service Principal, such as Application ID, Application secret key, subscription ID, Tenant ID, and Tenant domain, will be exposed to users in the lab details page.
* **Is Service Principal Dependent:** Enable this check box if you need to use the SPN in your pre-requisite configuration OR if any pre-requisite resources require the SPN during deployment.
* **Allow Global Admin Privilege:** If checked, the Global Admin Privilege will be enabled for the **ODL User**.
* **Enable Custom RG Name:** Checking this box will create resource groups with custom-suffix as its name. Once the RG is deployed, it will have -RG as the suffix.
* **Enable VM Access Over HTTP:** This option allows you to access the virtual machine through a web browser. If the Microsoft RDP client does not allow you to connect to the VM, here is another method is to connect to the VM via a browser. After enabling this functionality, we must complete further setups in order to set up RDP over HTTPS access, which we will cover in Virtual Machine Configuration. For more details, refer to [Enable RDP/SSH over HTTPS](https://docs.cloudlabs.ai/LabDeveloper/EnableRDPoverHttps).
* **Enable VM Shadow:** COVID-19 has changed the way training and workshops are conducted. Virtual workshops are the new normal in the learning industry now. Shadow feature allows instructors to shadow the user's environment/VMs (virtual machines) and provide support in real time.
* Shadow student’s lab environment
* Provide Support in real time
* Observe progress
* Collaboration
* **Dynamic RGs Available:** Check the box in order if you want CloudLabs to fetch Dynamic Resource Groups created by the deployments in your lab just for internal tracking.
* **Any Post-Manual Steps Required:** There are some steps that cannot be automated as part of a lab's prerequisites, therefore you may have to do them manually. This feature serves as a reminder to you that there are manual actions that must be completed after your lab's automated deployment is complete.
* **Any Pre-Manual Steps Required:** We may need to create VM Images or Snapshots in some scenarios because some VM customization is not feasible with the ARM template's custom script extensions. There are various requirements for using VM images or snapshots, such as having the images available in the expected regions and subscriptions taht we are using for a lab.
We will ensure that the Images are available in the required regions and subscriptions as a pre-manual step.
* **Enable Optimize Disk Cost:** This feature helps in optmizing the virtual machine's disk cost in your lab environment. Once checked you will providing the related Virtual Machine name whose disk cost needs to be optimized. If you have attached a Premium disk to your virtual machine, CloudLabs will replace the disk with more economical disk like Standard HDD when the VM is shut down, and replaces it back to the Premium disk when it is restarted without any data loss. This way, it helps avoiding a higher cloud bill when the resource is not being used.
* **Show Resources Tab:** If checked, users will be able to see the tab named Resources in their lab environment, from where they can perform some resource operations like starting a VM, stopping a VM, etc.
>**Note:** Similarly if you select the Amazon Web Services cloud platform, the fields will be changed accordingly and the fields will be available for configuration are shown below.
Once you have provided the necessary information for the cloud platform configuration, click on the Submit button to move on to the next section.
- In the Cloud Template section you have to provide the your Iac Template based on the cloud platform you are using. If you are using Azure then you have to provide the Azure Resource Manager Template details, if you are using AWS then you have to provide the Cloudformation Template details.
Click on the + ADD button given in the top right corner.
For Cloud Platform type: select the cloud platform you are using from the dropdown list here we are selecting Microsoft Azure.
Note: Similarly if you are using AWS then you have to select the AWS cloud platform from the dropdown list few fields will be changed accordingly.
Deployment scope: This field allows you to select the deployment scope for your Iac template. The options available are Subscription and Resource Group.
Template Type: This field allows you to select the type of Iac template you are using. The options available are cloud provisioning and terraform script.
Note: If you select the cloud provisioning option then you have to provide the Azure Resource Manager Template details, if you select the terraform script option then you have to provide the Terraform Script details.
Resource Group: This field allows you to select the Resource Group where you want to deploy the Iac template.
Cloud Template URL: This field allows you to provide the URL of the Iac template in json format.
Parameters template URL: This field allows you to provide the URL of the parameters template in json format.
Note: The urls must be coming from public storage account.
Once you have provided the necessary information for the cloud template configuration, click on the Submit.
In the Template Permissions section you have to configure permissions that you would like to attach to AAD Users or Service Principal for Azure, IAM users for AWS.
Click on the + ADD button given in the top right corner to add the template permission.
For Platform Friendly Name: Choose the Microsoft Azure or Amazon Web Service or any other cloud platform from drop down menu.
Note: Fields which are mentioned below will change based on the cloud platform considering Microsoft Azure below.
For Permission Type: Choose whether you want to attach built in permissions or attach custom from drop down menu.
For Profile Type: Choose Attendee, Instructor or Group Member from drop down menu.
For Identity: Choose from AAD User or Service Principal for Azure.
For Scope Type: Select Azure from the drop-down.
For Scope Level: You can specify a scope at the resource group level/subscription level based on the subscription type.
For Launch Type: We have two options available here, they define when should the restriction be applied.
Apply at Launch: This will apply for the role before starting the deployment of the lab.
Apply Manually: Here, you have to apply for the role manually, it won't get assigned automatically.
At last, click on the SUBMIT button to save it.
MS CLOUD LICENSES
There are some conditions that must be met before a user can access Microsoft products. To fulfill those conditions, we have Microsoft licenses to provide software services and hosted applications for the users performing your lab.
This function grants you access to a variety of Microsoft licenses which include Power BI Pro, Office 365 Business Essentials, Azure Active Directory Premium P1, and much more. Some of those are shown in the image below:
For attaching cloud license click on the + ADD button given in the top right corner.
Perform the following steps to pick a license:
Platform Friendly Name: currently it is just available for Azure.
MS Cloud License: Select the required license from drop-down.
Click on SUBMIT to save the configurations.
DEPLOYMENT SCRIPT REPOSITORY:
This feature allows you to run any or multiple PowerShell scripts which can be utilized for automation in different scenarios like creation of any kind of Azure resources, Microsoft Entra ID objects, deletion of resources etc. You can also choose to run the script at different instances of your choice, like creation of a new deployment, success of a new deployment and more.
Follow the below steps to get started:
Click on the + ADD button.
Under Add Deployment Script, add the following values:
Platform Friendly Name: Choose your cloud platform from drop down.
Type: PowerShellV2
Name: Provide a name for your deployment script.
Script: Here, provide the PowerShell script you created which performs certain actions in your lab. Note that you don't need to configure the authorisation code block in your script as CloudLabs does that for you!
Parameters: Here, you can add the custom parameters you have used in your script (if any). To do so, select ADD+ and provide the Name and Value of the parameters in the respective fields. The value you provide in the Value field will be passed to the parameter you have set, which can then be used by the deployment script.
Run: Choose Per User to run the script for every user of your lab environment specifically.
Run As: You can run the deployment script either using the CloudLabs or any service principal you create. Select System to run the script through CloudLabs, or select AAD Service Principal if you want to run the script through other service principal, conditionally it has the authorization to do so.
Run On: Here, you can choose when to run your script. You are provided with the following options, each running your script differently:
Deployment Initiation: This will run the script as soon as the deployment starts. You can choose this if your script doesn't have any dependencies on any of the resources deployed using ARM template.
Deployment Success: This will run the script only after the deployment is succeeded. Choose this option if you have any kinds of dependencies on any resource(s) deployed through the ARM template, which requires your ARM template to be deployed before the script runs.
Manual Run: This will not run the script automatically anytime during the complete deployment. You will only be able to run the script manually using the Run button on the CloudLabs Admin Portal whenever you want.
Deployment Deletion: This will run the script only after the deployment is deleted.
VIRTUAL MACHINE CONFIGURATION:
This feature allows you to configure your host virtual machine and complete the setup for RDP over HTTPS access. As we stated earlier, once your lab is ready, the environment you receive will include a VM on the left side of the browser and the Lab Guide on the right.
Therefore, by providing the required configuration here, it will reflect your host VM in your lab environment.
Take the steps below to get started:
Click on the + ADD button.
Under Add VM Configuration, add the following values:
Note: Fields which are mentioned below will change based on the cloud platform.
Name: In this column, you must enter the exact name of the VM that you supplied in your ARM Template.
Type: Here you have to choose the type of your virtual machine. There are two options available - RDP and SSH, so choose one based on the type of your VM.
Server DNS Name: From your ARM Template, pick up the output parameter that has the VM DNS name stored in it and paste it into this field.
Server User Name: From your ARM Template, pick up the output parameter that has the VM Username stored in it and paste it into this field.
Server Password: From your ARM Template, pick up the output parameter that has the VM Password stored in it and paste it into this field.
Server Domain: Enter the domain name.
Enable Hyper-V Guest VMs over HTTPS: If this lab is based on the Hyper-V and you required to access the Hyper-V Guest VMs over HTTPS (from browser) just like Main Host VM then only mark this flag as enabled.
Is Default VM: If there are more than one VM Configurations in your CloudLabs template, then you can check this box for the VM you want users to navigate to by default as soon as the lab launches. The users will always be able to switch to different VM(s) using a drop-down present on the top-right on their lab.
Enable Audio Input: Check this flag to enable audio input for the virtual machine. It is an Accessibility feature whch reads out the contents of the screen aloud for those with visual impairment.
Instructor Username: From your ARM Template, pick up the output parameter that has the Instructor Username stored in it and paste it into this field. It will be used in setting up the CloudLabs VM Shadow connection.
Instructor Password: From your ARM Template, pick up the output parameter that has the Instructor Password stored in it and paste it into this field. It will be used in setting up the CloudLabs VM Shadow connection.
At last, click on SUBMIT to save the configurations.
For AWS follow: Enable VM Access over https for AWS
Course Details:
This section allows you to configure PowerShell based Validations for your labs. Validations are used by CloudLabs to enable Instructors to verify whether the students/attendees have done their labs in the way they are expected to.CloudLabs currently enables Admins to author custom PowerShell validations based on Azure and AWS. In addition to Cloud specific PowerShell commands, you can utilize the capabilities of PowerShell to call APIs to author even more specific validation commands. For further details, refer to PowerShell Based Validations.