Bodo Managed Cloud Platform on Azure
Contact Bodo to be onboarded onto Bodo Cloud Platform on Azure. You will be provided with an onboarding link.
The provided link will take you to Bodo Platform’s registration page.
Fill out the fields with your information. If this is your individual account, use a unique name such as firstname_lastname for the Organization Name field.
Check the box for accepting terms and conditions and click on
A page confirming that an activation link was sent to your email will appear. Please open the email and click on the activation link:
Clicking on the confirmation link will take you to the bodo platform page where you can use your newly created credentials to sign in:
Setting Azure Credentials
To use Bodo on Azure, you need to link your Azure account to the Bodo platform. This can be done either using the Settings page in the left bar or the first item in the Onboarding list highlighted in green as shown in the picture below:
In order to use the Bodo Platform to launch clusters and notebooks, you must grant it permission to access your Azure account and provision the required resources in it. You can do this by creating a Service Principal for the Bodo Platform application and assigning a role to it.
Create a Service Principal
Login to your Azure Portal. Click on the icon next to the search bar to open a Cloud-Shell. Execute the following command to create a service principal:
az ad sp create --id APP_ID
where APP_ID is the Application ID for Bodo-Platform which is displayed on the Settings Page.
Once you have created a service principal, you need to assign a role to it. You can assign a role to this service principal at either a subscription level or a resource group level. Subscription level permissions are only required if you want Bodo to create a new resource group. If you provide an existing resource group, only permissions at the resource group level are required. As shown below, go to the IAM section of your subscription or resource group and add a Contributor Role to the service principal you created for the Bodo Platform Application.
Once you have created the service principal and assigned a role to it, you are now ready to fill the Settings Form on the Bodo Platform.
Enter your Azure subscription ID in the Subscription ID field. You can find this in the Subscription Overview.
Enter your Azure Tenant ID in the Tenant ID field. You can find this in Azure AD.
If you’ve given Bodo subscription level permissions and want Bodo to create a new resource group in your Azure subscription, enter the name of the resource group you want it to create in the Resource Group field. A suggested name is pre-filled for you. If you’ve given Bodo resource group level permissions to an existing resource group, enter the name of this resource group.
Select a region from the dropdown list. This is the region that all Bodo resources will be deployed in. If you’re providing an existing resource group, this must be the region this resource group is located in.
Note: It is highly recommended that you ensure sufficient limits on your Azure subscription to launch resources. See Resources Created in Your Azure Environment for the resources required for Bodo Cloud Platform.
Required Resource Providers on Azure subscription
Ensure that the following resource providers are registered on your Azure subscription:
Resources Created in Your Azure Environment
Bodo deploys cluster/notebook resources in your own Azure environment to ensure security of your data. Below is a list of Azure resources that the Bodo Platform creates in your account to enable clusters and notebooks.
Shared file system for clusters
Secure networking for clusters/notebooks
Cluster secrets (e.g. SSH keys)
VM Identity for Clusters
Allow cluster workers to access resources above
These resources incur additional Azure infrastructure charges and are not included in the Bodo Platform charges.
Azure Account Cleanup
As explained in Resources Created in Your Azure Environment, the platform creates two types of resources in the users’ Azure environments:
organization level resources and cluster specific resources. Organization level resources are created by the platform to set
up shared resources (such as a VNets, File-Share, etc) that are used later by all created resources. Cluster specific resources
(such as virtual machines, NICs, etc) are created by the platform to host/manage a specific cluster. This includes notebooks and
corresponding resources as well.
The cluster specific resources are removed when you request a cluster to be removed.
The organization level resources persist in the user account so they can be used by clusters deployed in the future.
However, if you need to remove these resources for any reason (Azure resource limits, etc.), an option to do so is provided.
Navigate to the Settings page and click on
Show Advanced in the bottom-right corner.
This will bring up a section called Azure Resource Cleanup.
Select the region from which you would like to remove these resources
(i.e. the region in which the resources you want to delete have been created), and click
CLEANUP AZURE RESOURCES.
Note that this will only work if you don’t have any active clusters in that region deployed through the platform.
Else, the request will be rejected, and you’ll be asked to remove all clusters in that region before trying again.
Removing active clusters (including clusters with a FAILED status) is necessary because
this process will make them inaccessible to the platform.
Manually Purge Azure Keyvault
Purging key vaults requires subscription level permissions. You can read more about this here and here. To avoid having to assign subscription level roles to Bodo Platform’s service principal, we require users to do this step manually.
Navigate to Key vaults on your Azure Portal.
Manage deleted vaults. In the form, select the subscription associated with Bodo KeyVault to see a list of deleted key vaults.
Select the key vault with bodo in its name, click on
Purgeand confirm by clicking
As shown in the notification, the purge process can take up to 10 minutes to complete. The purged key vault may continue to show up on the list of deleted key vaults until it has been successfully purged.
Once the key vault has been successfully purged, the list of deleted keyvaults should not feature it. At this point you can use the Bodo Platform again to provision clusters, etc.