Skip to main content

clouder azure

Azure cloud operations — configure credentials, manage virtual machines, list resources and regions.

Setup

Before using Azure commands, you need to authenticate. Clouder supports two methods:

# Log in to Azure
az login

# Configure Clouder — auto-detects your az login session
clouder azure configure

The interactive flow:

  1. Clouder asks if you want to use az login credentials
  2. Fetches available subscriptions from your Azure account
  3. Displays a table and lets you select one
  4. Saves the subscription ID and tenant ID to ~/.clouder/clouds/azure/azure.yaml
# Create a service principal
az ad sp create-for-rbac \
    --name "clouder-cli" \
    --role Contributor \
    --scopes "/subscriptions/<SUBSCRIPTION_ID>"

# Configure Clouder with the service principal
clouder azure configure \
    --subscription-id <SUBSCRIPTION_ID> \
    --tenant-id <TENANT_ID> \
    --client-id <CLIENT_ID> \
    --client-secret <CLIENT_SECRET> \
    --no-interactive

See the Azure Setup guide for detailed instructions on creating service principals.

Verify Configuration

# Show current Azure configuration
clouder azure

# List subscriptions
clouder azure subscriptions

Commands

clouder azure configure

Configure Azure credentials for Clouder.

# Interactive (default) — prompts for everything
clouder azure configure

# Non-interactive with flags
clouder azure configure \
    --subscription-id <ID> \
    --tenant-id <ID> \
    --client-id <ID> \
    --client-secret <SECRET> \
    --no-interactive
OptionShortDescription
--subscription-id-sAzure subscription ID
--tenant-id-tAzure tenant ID
--client-id-cAzure app (client) ID
--client-secretAzure client secret
--interactive / --no-interactiveEnable/disable interactive prompts (default: interactive)

Configuration is stored in ~/.clouder/clouds/azure/azure.yaml with chmod 600.

clouder azure subscriptions

List all Azure subscriptions accessible by your credential.

clouder azure subscriptions

Output columns: Subscription ID, Name, State, Tenant ID.

clouder azure regions

List all available Azure regions/locations.

clouder azure regions

Output columns: Name (e.g., eastus), Display Name, Regional Name, Latitude, Longitude.

Example output:

NameDisplay NameRegional NameLatitudeLongitude
eastusEast US(US) East US37.3719-79.8164
westeuropeWest Europe(Europe) West Europe52.36674.9000
southeastasiaSoutheast Asia(Asia Pacific) Southeast Asia1.2830103.8330

clouder azure resource-groups

List resource groups in the current subscription.

clouder azure resource-groups

Output columns: Name, Location, State, Tags.

clouder azure resources

List resources, optionally filtered by region or resource group.

# Interactive — prompts for region
clouder azure resources

# Filter by region
clouder azure resources --region eastus

# Filter by resource group
clouder azure resources --resource-group my-rg
OptionShortDescription
--region-rFilter by region (interactive if omitted)
--resource-group-gFilter by resource group

In interactive mode, Clouder shows a list of popular regions (eastus, westeurope, etc.) and lets you select one.

clouder azure vm-sizes

List available VM sizes in a region.

# Interactive — prompts for region
clouder azure vm-sizes

# Specific region
clouder azure vm-sizes --region westeurope
OptionShortDescription
--region-rRegion to list VM sizes for (interactive if omitted)

Output columns: Name, Family, vCPUs, Memory (GB), Max Data Disks, Temp Disk (GB), OS Disk (GB), Arch, GPU, GPU Count, GPU Type, GPU Mem (GB).

Notes:

  • GPU is Yes when Azure SKU capabilities advertise GPU/accelerator support.
  • GPU Type and GPU Mem (GB) are shown when provided by Azure capability metadata; otherwise they appear as N/A.

Example output:

NameFamilyvCPUsMemory (GB)Max Data DisksTemp Disk (GB)OS Disk (GB)ArchGPUGPU CountGPU TypeGPU Mem (GB)
Standard_B2sstandardBSFamily24.048.032x64No0N/AN/A
Standard_D4s_v5standardDSv5Family416.0875.032x64No0N/AN/A
Standard_NC6s_v3standardNCSv3Family6112.012736.032x64Yes1NVIDIA Tesla V10016.0

clouder azure vm-ls

List Azure virtual machines.

# All VMs in the subscription
clouder azure vm-ls

# Filter by resource group
clouder azure vm-ls --resource-group my-rg
OptionShortDescription
--resource-group-gResource group to list VMs from

Output columns: Name, Location, VM Size, State, OS, Resource Group.

clouder azure vm-create

Create an Azure virtual machine. This is Clouder's primary command for provisioning cloud infrastructure.

Interactive mode (prompts for all values):

clouder azure vm-create

The interactive flow:

  1. VM name — enter the name
  2. Resource group — defaults to <name>-rg
  3. Region — shows popular regions (eastus, westeurope, francecentral, etc.)
  4. VM size — shows common sizes from free-tier to GPU:
    • Standard_B1s — 1 vCPU, 1 GB RAM (free tier eligible)
    • Standard_B2s — 2 vCPUs, 4 GB RAM
    • Standard_B4ms — 4 vCPUs, 16 GB RAM
    • Standard_D4s_v5 — 4 vCPUs, 16 GB RAM (compute optimized)
    • Standard_D8s_v5 — 8 vCPUs, 32 GB RAM
    • Standard_NC6s_v3 — 6 vCPUs, 112 GB RAM, 1 GPU V100
  5. SSH key — auto-detects ~/.ssh/id_rsa.pub and asks to use it
  6. Confirmation — shows a summary and asks to proceed

Non-interactive mode (all options specified):

clouder azure vm-create \
    --name my-vm \
    --resource-group my-rg \
    --region eastus \
    --vm-size Standard_B2s \
    --ssh-key ~/.ssh/id_rsa.pub \
    --image Ubuntu2204 \
    --tags "env=dev,team=data"
OptionShortDefaultDescription
--name-nVM name
--resource-group-gResource group (created if needed)
--region-rAzure region
--vm-sizeVM size (e.g., Standard_B2s)
--admin-userazureuserAdmin username
--ssh-keyPath to SSH public key file
--imageUbuntu2204OS image (see table below)
--tagsComma-separated tags (key=value,...)

Available images:

ImagePublisherOS
Ubuntu2204CanonicalUbuntu 22.04 LTS (default)
Ubuntu2404CanonicalUbuntu 24.04 LTS
Debian12DebianDebian 12

What gets created:

When you create a VM, Clouder automatically provisions:

  • A resource group (if it doesn't exist)
  • A virtual network and subnet (10.0.0.0/16)
  • A static public IP address
  • A network interface
  • The VM itself with SSH key authentication

After creation, Clouder shows the public IP and an SSH command:

┌─────────────── VM Created ───────────────┐
│  VM created successfully!                │
│                                          │
│  Name:             my-vm                 │
│  Location:         eastus                │
│  VM Size:          Standard_B2s          │
│  State:            Succeeded             │
│  Public IP:        20.xxx.xxx.xxx        │
│  Resource Group:   my-rg                 │
│                                          │
│  SSH:  ssh azureuser@20.xxx.xxx.xxx      │
└──────────────────────────────────────────┘

clouder azure vm-delete

Delete an Azure virtual machine.

# With confirmation prompt
clouder azure vm-delete my-vm --resource-group my-rg

# Skip confirmation
clouder azure vm-delete my-vm --resource-group my-rg --force
Argument / OptionShortDescription
NAME (required)VM name to delete
--resource-group (required)-gResource group containing the VM
--force-fSkip confirmation prompt

clouder azure helm-values

Generate a JSON values file containing all Azure credentials required by the datalayer-operator Helm chart:

  • operator.cloudCredentials.azure.tenantId
  • operator.cloudCredentials.azure.clientId
  • operator.cloudCredentials.azure.clientSecret
  • operator.cloudCredentials.azure.subscriptionId
  • operator.cloudCredentials.azure.resourceGroup
# Generate from configured Azure + kubeadm cluster metadata
clouder azure helm-values --cluster my-cluster -o datalayer-operator-azure.json

# Print JSON to stdout
clouder azure helm-values --cluster my-cluster --output -

# Disable service principal auto-creation (fail if client credentials are missing)
clouder azure helm-values --cluster my-cluster --no-create-sp

# Strict reuse mode (never creates an SP; fails if credentials are missing)
clouder azure helm-values --cluster my-cluster --reuse-sp-only

# Fully explicit mode
clouder azure helm-values \
    --tenant-id <TENANT_ID> \
    --client-id <CLIENT_ID> \
    --client-secret <CLIENT_SECRET> \
    --subscription-id <SUBSCRIPTION_ID> \
    --resource-group <RESOURCE_GROUP> \
    -o datalayer-operator-azure.json

Default output behavior:

  • If --cluster is set (or inferred from current kube context), output defaults to ~/.clouder/kubeadm/<cluster>/datalayer-operator-azure.json.
  • If no cluster can be resolved, output defaults to ~/.clouder/kubeadm/datalayer-operator-azure.json.
OptionShortDescription
--clusterKubeadm cluster name (reads ~/.clouder/kubeadm/<name>/kubeadm.json for subscription/resource group)
--output-oOutput JSON file path (- prints to stdout)
--tenant-idOverride tenant ID
--client-idOverride client ID
--client-secretOverride client secret
--subscription-idOverride subscription ID
--resource-group-gOverride resource group
--create-sp / --no-create-spAuto-create scoped Azure service principal if client credentials are missing (default: --create-sp)
--reuse-sp-onlyStrict mode: reuse existing credentials only and never create a service principal

Output file permissions are set to 600 because it contains secrets.

Use the generated file with Helm:

helm upgrade --install datalayer-operator \
    ./etc/helm/charts/datalayer-operator \
    --namespace datalayer-runtimes \
    --values datalayer-operator-azure.json

Example: Full Azure VM Workflow

# 1. Configure Azure (one-time)
clouder azure configure

# 2. Explore available regions and VM sizes
clouder azure regions
clouder azure vm-sizes --region eastus

# 3. Create a VM
clouder azure vm-create \
    --name jupyter-node-1 \
    --resource-group clouder-cluster-rg \
    --region eastus \
    --vm-size Standard_D4s_v5 \
    --ssh-key ~/.ssh/id_rsa.pub \
    --image Ubuntu2404 \
    --tags "role=jupyter,cluster=my-cluster"

# 4. SSH into the VM
ssh azureuser@<public-ip>

# 5. List your VMs
clouder azure vm-ls

# 6. Clean up
clouder azure vm-delete jupyter-node-1 \
    --resource-group clouder-cluster-rg