Azure Cloud Based Lab Onboarding

Overview:​

This document provides a comprehensive guide to the end-to-end process of onboarding an Azure-based lab scenario using the CloudLabs portal. Within this document, you will learn how to create an ARM template, a CloudLabs template, set up a CloudLabs On Demand Lab (ODL), manage users, and troubleshoot basic issues.

Azure-based labs are effective when you want to provide Hands-On learning experience to your users or students on Azure Cloud. These labs are particularly useful for learning about Azure, like using Azure Entra ID (Formerly Azure Active Directory) for identity and access management to users, deploying resources such as Storage Accounts, VMs and many more. To set up a lab successfully, follow the instructions listed below.

In this document you will be going through with the below topics:

Link to be replaced

• Prerequisites

• Information used to onboard a Azure based lab

• Setup Template on CloudLabs

• Setup ODL on CloudLabs

• Launch the lab

• Common Issues & Resolutions

Prerequisites​

Before you begin onboarding an Azure-based lab through CloudLabs, ensure you have the following prerequisites:

1. Admin access to CloudLabs Admin Portal (If access is unavailable, kindly reach out to your point of content or CloudLabs Support).

2. Active subscription(s) in CloudLabs. To Onboard a VM based lab, you would require one or more shared subscription(s) depending on the expected user count. If you would like to use Spektra's subscriptions, then please reach out to your point of contact or CloudLabs Support. If you would like to use your subscriptions, refer Onboard the Subscriptions to CloudLabs document.

3. Lab Guide/Reference documents containing necessary instructions, often provided through GitHub which are in GitMarkdown format.

Information used to onboard an Azure lab​

To onboard an Azure based lab to CloudLabs, use the below details:

• Subscription Types: To onboard an Azure based lab, you should firstly determine what type of access the participants would require and post that you need to select the Subscription type from one of the three types below that CloudLabs offers:

  • Shared Subscription : Here, a single subscription can be shared by multiple users giving them access at the Resource Group level, therefore, users will only be able to see and work on the Resource Group provided to them. Depending on the lab's needs and access constraints, you can use shared subscriptions and the users will be having the permission to access the Azure Portal.

  • Dedicated Subscription : In this type, a subscription can only be used by one user giving them access at the Subscription scope, therefore, attendees can view and manage all the Resource Groups under that subscription if they are assigned with the necessary privileges. Depending on the lab's requirements and access limitations, this subscription type can be suitable in cases where you would like to give access to multiple Resoruce Groups or when some services like Azure Synapse Analytics worksapce require a user to have permissions at subscription scope.

  • Dedicated Tenant : This deployment type assigns one tenant containing one subscription to the user, where a user can have privileges at tenant(Azure Entra ID) and Subscription scope which allows users to view and manage all the Resource Groups under that subscription if they are assigned with the necessary privileges. This subscription type can be specifically suitable in cases where you would like to provide users with Azure Entra ID based privilieges, such as Global Administrator access so that users can perform actions at the tenant level whilst also at the subscription level to manage multiple Resoruce Groups. Dedicated tenant isolates the user so that their actions will only be effective in one of the tenants assigned to them.

Once you are ready to Onboard the labs on CloudLabs Admin Portal, you need to follow the instructions mentioned below:

Let’s begin with the Onboarding Process:

Setup Template on CloudLabs​

1. The first step in the onboarding process is to create an ARM template through CloudLabs

2. You can follow the detailed guide mentioned here to login to the CloudLabs Admin Portal

   • Access CloudLabs Admin Portal

3. Follow the below mentioned guide to Add Template in CloudLabs.

   • Add template in CloudLabs

You have successfully onboarded the template into CloudLabs.

Setup ODL on CloudLabs​

1. Now, you need to create the ODL and map the template which you have created in the previous step to it. Also, the ODL must be created and managed only by the admins and not users.

   Note: One template can be mapped with multiple ODLs.

2. To create ODL from CloudLabs Admin Portal follow instructions mentioned in the below guide:

   • Create ODL in CloudLabs

You have successfully onboarded the On-Demand Lab (ODL) into CloudLabs.

Note:

a) Once you have tested the lab configurations from the ODL you created, it is recommended to create another ODL for production labs.

b) For information on how to invite users, manage users, extend lab duration and much more, refer Manage Access documentation.

Launch the lab​

1. From the On Demand Labs Page (1), choose your ODL (2) and click on the Users icon (3) to register into the environment.

   

2. Click on + Add User and enter your details, then click on Submit.

   

3. Now you have successfully registered yourself as a user.

4. Within the Users page, you will find an instance registered under your name, indicated by its status being in the Approved state (1). Proceed by clicking the Launch (2) button.

   

5. Now you will be navigated to a different browser tab where you will be able to view the page as shown in the screenshot below. On this page, click on the Launch Lab button.

   

6. Upon clicking the Launch Lab button, the deployment process will initiate, leading you to the screen illustrated in the provided screenshot below:

   

7. After the instance is successfully deployed, you will encounter the screen depicted in the below provided screenshot:

   

8. You can also activate the lab at bulk using Bit.ly URL by following the below steps.

9. From the On Demand Labs Page, choose your ODL (1) and note down the ODL ID. Click on the Elipses icon (2) and select Manage Activation Codes (3) to create an activation code.

   

10. Click on + ADD ACTIVATION CODE

    

11. Provide the below values for the Activation Code properties.

• Name: The Activation code should always follow the naming convention ACTIVATE<--ODL-ID-->. For instance, if your ODL ID is 1462, then the Activation Code will be ACTIVATE1462.

• Customer: Provide your company/customer name.

• City: Provide your city name.

• Country: Select your country from the dropdown.

• Expiry Date: Select an expiry date for the Activation code, post which the Activation code will be invalid.

Finally, click Submit to save details.

9. Copy the Bit.ly URL and share it with the users.

   

10. Users can activate their labs by following the below steps:

    • Navigate to the Bit.ly URL.

    • Provide the required details.

    • Click on Submit.

      

Common Issues and Resolutions​

1. If you are creating files for Rbac, Policy and UsagePolicy and adding it in CloudLabs, make sure the URLs of files are publically accessible.

2. Make sure you are adding the URLs of Rbac, Policy and UsagePolicy files in its respective fields.

3. If you are facing issues in deploying resources from Azure due to permission issues, follow the below mentioned steps:

   • Update the Rbac/Policy according to the requirment in the Storage account.

   • Navigate to the respected ODL from CloudLabs Portal and click on Control Panel button.

      

   • In the CONTROL PANEL page, scroll down to ---Others section and click on Manage Permissions button. 
     
     

   • Click on x Remove (1) button next to the RBAC/Policy permission you want remove. 
     
     

     Note: If the Actions of the RBAC/Policy deosn't update to > Apply post clicking on x Remove, then click REFRESH (2) to reload the changes.

   • Click on > Apply button to re-apply the RBAC/Policy. Once the permission is re-applied, the button will revert to x Remove again. 
     
     

     Note: If the Actions of the RBAC/Policy deosn't update to x Remove post clicking on > Apply, then click REFRESH to reload the changes.

   • Navigate back to the browser where you have logged in to the Azure Portal, Sign-Out and Sign-In to the Azure Portal so that the changes gets reflected.

4. While creating the ODL, make sure you map the ODL with correct template to avoid conflict in labs.

5. Ensure you are following the Syntax correctly while creating the RBAC, Policy and UsagePolicy to avoid deployment failures.