Skip to content

Clone Templates

Compute and Service profiles are based on environment templates powered by Rafay's Environment Manager.

We will be using Rafay's curated and pre-created templates available from the Template Catalog in our compute and service profiles. The Org Admin for the user's Rafay Org has the privileges to share the system templates from Rafay's Catalog to specific/all projects.

Users can also create and configure Custom environment templates for use cases outside the list supported out of the box in Rafay's Template Catalog.

Info

Please check Rafay's Public Roadmap or contact support for details on additional templates for the Template Catalog.

Compute Template

As an Org Admin, navigate to "System->Template Catalog".

  • On the "Multi-tenancy on K8s" template card, click on "Get Started"
  • Follow the wizard: Provide a name, version and select the name of the project you created in the previous step (e.g. gpu-paas)
  • Save as Draft

Share Compute Template

Configure Compute Template

When executed, the Rafay agent operating behind the firewall will receive the configured template, the associated Infra as Code (IaC), credentials and policies from the Rafay Platform. It will then execute this code on the behalf of the user.

1. Specify Agent

Let's configure the template to be received and executed by the Rafay Agent we created in a prior step.

  • Under the "Agents" tab, click on "Add Agent"
  • Select the name of the agent you configured in the prior step
  • Ensure that the override configuration is specified to "Not Allowed" because we do not want the downstream users to be able to change this
  • Save your changes

Select Agent

2. Config Context

The config context will typically encapsulate credentials and environment variables required for the agent to perform its job. In this case, we will configure the Rafay Agent with credentials so that it can make programmatic (API) calls to the specified Rafay Org.

To get the API Key + Secret for the administrator user,

  • Navigate to "My Tools -> Manage Keys" and click on "New API Key".
  • Copy the API Key + Secret combination.

Info

Click here to learn more about API Key & Secret for programmatic access.

Now, we are ready to configure our agent's config context.

  • Click on the Environment Template → Config Context
  • Click on the Edit icon in the pre-created config context
  • Expand "Environment Variables" and you should see two entries: API Key & Controller Endpoint
  • Click on Edit for API Key

Config Context Step 1

  • Paste the API Key/Secret string from the above step
  • Select Override to "Not Allowed" to ensure none of the downstream users have visibility or access to the config context
  • Save & Continue

Paste API Key

Controller API Endpoint

For self hosted Rafay Controller deployments, the agent will need to be configured to point to its URL. In our Get Started Guide, we will be using the URL for Rafay's SaaS option.

  • Click on Edit for "Controller Endpoint".
  • Note that Rafay's SaaS Endpoint URL is already configured and can be updated if required
  • Select Override to "Not Allowed" to ensure none of the downstream users have visibility or access to the config context
  • Save & Continue

Controller Endpoint

Jupyter Notebook Template

Jupyter Notebooks are web based applications that are used by almost all data scientists. When these are deployed on your compute instance, they will be exposed to users via Kubernetes based Ingress or a Load Balancer.

Please ensure that you have a properly configured Ingress Controller in your host cluster by following the infrastructure related instructions. The Ingress for the notebook will be exposed via a https URL on a domain.

As an Org Admin, navigate to "System->Template Catalog".

  • On the "Jupyter Notebook" template card, click on "Get Started"
  • Follow the wizard by providing a name, version and select the name of the project you created in the previous step (e.g. gpu-paas)
  • Save as Draft

Share Notebook Template

Info

To aid with testing and evaluation, the Rafay platform provides the option to automatically publish the DNS and inject a certificate for the https URL on a Rafay managed domain. We will use this option for our exercise.

Configure Notebook Template

When the notebook template is executed by the Rafay agent operating behind the firewall, it will receive the configured template, the associated Infra as Code (IaC), credentials and policies from the Rafay Platform. It will then execute this code on the behalf of the user.

Info

These steps are identical to the steps performed for the compute instance template.

1. Specify Agent

Let's configure the template to be received and executed by the Rafay Agent we created in a prior step.

  • Under the "Agents" tab, click on "Add Agent"
  • Select the name of the agent you configured in the prior step
  • Ensure that the override configuration is specified to "Not Allowed" because we do not want the downstream users to be able to change this
  • Save your changes

Select Agent

2. Config Context

The config context will typically encapsulate credentials and environment variables required for the agent to perform its job. In this case, we will configure the Rafay Agent with credentials so that it can make programmatic (API) calls to the specified Rafay Org.

To get the API Key + Secret for the administrator user,

  • Navigate to "My Tools -> Manage Keys" and click on "New API Key".
  • Copy the API Key + Secret combination.

Info

Click here to learn more about API Key & Secret for programmatic access.

Now, we are ready to configure our agent's config context.

  • Click on the Environment Template → Config Context → "Rafay Auth Config"

  • Click on the Edit icon for this config context

  • Expand "Environment Variables" and you should see two entries: API Key & Controller Endpoint
  • Click on Edit for API Key

Config Context Step 1

  • Paste the API Key/Secret string from the above step
  • Select Override to "Not Allowed" to ensure none of the downstream users have visibility or access to the config context
  • Save & Continue

Paste API Key

Controller API Endpoint

For self hosted Rafay Controller deployments, the agent will need to be configured to point to its URL. In our Get Started Guide, we will be using the URL for Rafay's SaaS option.

  • Click on Edit for "Controller Endpoint".
  • Note that Rafay's SaaS Endpoint URL is already configured and can be updated if required
  • Select Override to "Not Allowed" to ensure none of the downstream users have visibility or access to the config context
  • Save & Continue

Controller Endpoint