This page provides a "pick and choose" guide to provisioning a new FL environment. Each section provides multiple alternatives depending on your setup. Some sections are optional and can be skipped if you already have the required infrastructure in place.
A lot of those steps are still marked 🚧, we are actively working to provide them im the coming iterations.
If you are looking for a ready-to-use sandbox environment, please check out our sandboxes.
To enjoy these quickstart, you will need to:
- have an active Azure subscription that you can use for development purposes,
- have permissions to create resources, set permissions, and create identities in this subscription (or at least in one resource group),
- Note that to set permissions, you typically need Owner role in the subscription or resource group - Contributor role is not enough. This is key for being able to secure the setup.
- install the Azure CLI.
Creating an Azure ML workspace is the starting point to create your full Federated Learning environment. Your workspace will be the one portal to:
- connect all your resources (computes, datastores),
- coordinate the jobs between the orchestrator (aggregation) and the silos (processing, training),
- run your experiments at scale,
- collect and analyze your experiment results, register your model candidates,
- deploy your models for production.
Below are two options you could use, drawing from the existing documentation. We invite you to check the existing Azure ML documentation for more options.
| Tutorial | Description |
|---|---|
| Docs | Create a workspace and then add compute resources to the workspace. You'll then have everything you need to get started with Azure Machine Learning. |
| Docs | Learn how to create and connect to a secure Azure Machine Learning workspace. A secure workspace uses Azure Virtual Network to create a security boundary around resources used by Azure Machine Learning. |
The orchestrator is the central server of the Federated Learning pipeline. It is responsible for managing the training process and the communication between the silos.
| Manual | Description |
|---|---|
| Tutorial | Create a sandbox open pair of compute and storage for the orchestrator. |
| Tutorial | Create a vnet with a compute and private endpoints to a new blob storage created in the same resource group. |
These tutorials will let you create silos as a pair of compute and storage, optionally behind a vnet with private endpoints. Use the button for convenience, but check the manual for more details.
| Manual | Description |
|---|---|
| Tutorial | Create a simple, open pair of compute and storage for the silos in a given region (for sandbox/dev use only). |
| Tutorial | Create an open pair (for sandbox/dev use only) using an AKS cluster with confidential compute. |
| Tutorial | Create a vnet with a compute and private endpoints to a new blob storage created in the same resource group. |
| Tutorial | Create a vnet with a compute and private endpoint to an existing blob storage, in the same tenant. |
| 🚧 | Create a vnet with an AKS cluster using confidential computes and private endpoint to an existing blob storage. |
These tutorials will let you create an external silo by creating a storage account and linking it to an existing kubernetes cluster, optionally behind a vnet with private endpoints.
| Manual | Description |
|---|---|
| Tutorial | Create a simple, external silo based on an existing k8s cluster (for sandbox/dev use only). |
| 🚧 | Create an open pair (for sandbox/dev use only) using an AKS cluster with confidential compute. |
🚧
| Manual | Description |
|---|---|
| Tutorial | Provision a virtual machine inside a vnet to operate private resources (ex: azureml workspace), optionally by using Azure Bastion. |