Skip to content
Instruqt Lab Documentation

Sandbox Resources

Sandbox resources define the technical infrastructure and environment that powers your lab. These resources provide the compute, networking, storage, and services that participants interact with during hands-on activities.

Compute Resources

Section titled “Compute Resources”

Container

Section titled “Container”

Docker containers for running applications, services, and development environments.

Sidecar

Section titled “Sidecar”

Additional containers that run alongside main containers for specialized functions.

Networking

Section titled “Networking”

Network

Section titled “Network”

Isolated Docker networks for container communication and network segmentation.

Ingress

Section titled “Ingress”

HTTP/HTTPS ingress controllers for routing external traffic to services.

User Interface Tabs

Section titled “User Interface Tabs”

Terminal

Section titled “Terminal”

Interactive shell sessions that connect to containers or VMs.

Service

Section titled “Service”

Web service tabs that proxy HTTP traffic to running applications.

Editor

Section titled “Editor”

Code editor interfaces for file manipulation and development.

External Website

Section titled “External Website”

Tabs that display external websites and web applications.

Storage & Files

Section titled “Storage & Files”

Copy

Section titled “Copy”

File copying and directory synchronization between host and containers.

Template

Section titled “Template”

Template processing for generating configuration files and scripts.

Cloud Integrations

Section titled “Cloud Integrations”

AWS Resources

Section titled “AWS Resources”
  • Account - AWS account configuration
  • User - AWS IAM user management

Azure Resources

Section titled “Azure Resources”

Google Cloud Resources

Section titled “Google Cloud Resources”
  • Project - Google Cloud project configuration
  • Service Account - GCP service account management
  • User - Google Cloud user management

Container Orchestration

Section titled “Container Orchestration”

Kubernetes

Section titled “Kubernetes”
  • Cluster - Kubernetes cluster provisioning
  • Config - Kubernetes configuration management

Nomad

Section titled “Nomad”
  • Cluster - Nomad cluster deployment
  • Job - Nomad job scheduling

Helm

Section titled “Helm”
  • Helm - Helm chart deployment
  • Repository - Helm repository management

Utilities

Section titled “Utilities”

Core Utilities

Section titled “Core Utilities”
  • Exec - Execute commands on remote systems
  • HTTP - HTTP requests and API interactions
  • Terraform - Infrastructure as code with Terraform

Random Values

Section titled “Random Values”
  • Creature - Random creature names
  • ID - Random identifier generation
  • Number - Random number generation
  • Password - Random password generation
  • UUID - UUID generation

Caching

Section titled “Caching”

Certificates

Section titled “Certificates”

Certificate Management

Section titled “Certificate Management”

Infrastructure Planning

Section titled “Infrastructure Planning”
  1. Compute: Start with containers for your application stack
  2. Networking: Create isolated networks for different tiers
  3. Storage: Plan file sharing and persistent storage needs
  4. UI Access: Design terminal and service access patterns
  5. Integration: Add cloud services and orchestration as needed
  6. Security: Configure certificates and access controls

Best Practices

Section titled “Best Practices”
  • Resource Isolation: Use separate networks for different application tiers
  • Minimal Containers: Choose lightweight base images for faster startup
  • Health Checks: Configure health checks for reliable service availability
  • Resource Limits: Set appropriate CPU and memory limits
  • Security: Run containers as non-root users when possible
  • Naming: Use consistent, descriptive resource names

Common Patterns

Section titled “Common Patterns”

Web Application Stack

Section titled “Web Application Stack”
# Frontend container
resource "container" "frontend" {
  image { name = "nginx:alpine" }
  network { id = resource.network.web }
  port { local = 80, host = 8080 }
}


# Backend API container
resource "container" "api" {
  image { name = "node:16-alpine" }
  network { id = resource.network.web }
  network { id = resource.network.db }
  port { local = 3000 }
}


# Database container
resource "container" "database" {
  image { name = "postgres:14" }
  network { id = resource.network.db }
  volume {
    source = "postgres-data"
    destination = "/var/lib/postgresql/data"
    type = "volume"
  }
}

Development Environment

Section titled “Development Environment”
# Main development container
resource "container" "devbox" {
  image { name = "instruqt/devbox:latest" }
  privileged = true


  volume {
    source = "./workspace"
    destination = "/workspace"
    type = "bind"
  }


  volume {
    source = "/var/run/docker.sock"
    destination = "/var/run/docker.sock"
    type = "bind"
  }
}