April 8, 2018 · service-fabric linux containers

Secure Service Fabric on Linux inside an existing Virtual Network

This guide will help you create a Secured Linux Service Fabric cluster that runs inside an existing Virtual Network and Subnet using the Azure CLI.

You can get the required template and parameters json files from my GitHub. The template is based on the sample published here and is modified to provision into an existing Virtual Network and Subnet.

This guide assumes you already have a Virtual Network created with a Subnet where you want to deploy Service Fabric. If not, you need to create the Virtual Network and Subnet first and specify the values below.

Specify variable values

declare rg=sf-rg # Resource Group Name  
export location=westeurope # Region  
export sfName=sfcluster # Service Fabric cluster name  

Create Resource Group

az group create -n $rg -l $location  

Modify the parameters.json file and replace:

Create the folder to store the certificates

mkdir -p certs  

Create the cluster and generate a certificate

az sf cluster create-n $sfName -g $rg -l $location \  
--certificate-output-folder certs \
--certificate-subject-name "$sfName.$location.cloudapp.azure.com" \
--template-file template.json --parameter-file parameters.json

Verify that the cluster is up

Wait until the command below shows Ready. It may take a while.

az sf cluster show -n $sfName -g $location --query clusterState  

Connect to the cluster

Once the cluster is up and running, connect using sfctl

sfctl cluster select --endpoint https://"$sfName.$location.cloudapp.azure.com":19080 --pem /path/to/certificate.pem --no-verify  

Verify cluster health

sfctl cluster health  

Access the Service Fabric Explorer in your browser

Make sure you install either the .pem or the .pfx certificate on your machine, depending on your operating system, then:


Comments powered by Disqus