Last active
July 4, 2017 04:31
-
-
Save open-ruic/97ceed4d88cba3d74f3fc348f52348ba to your computer and use it in GitHub Desktop.
Create Secure Service Fabric with Custom Domain using ARM Template
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 一般情况下,如果我们没有为Azure Service Fabric开启群集安全证书功能,我们只需要将域名的DNS解析绑定到Service Fabric群集使用的负载均衡器对应的公网IP上即可。 | |
| 但对于开启了安全证书功能的群集,我们需要将证书和域名进行绑定,相对要麻烦一些。 | |
| 1. 生成证书 | |
| 我们可以在CA申请自定义域名的可信证书,也可以使用自签名证书,无论哪种证书,我们都需要将证书使用者的名称和自定义域名保持一致。 | |
| 借助Github上的PowerShell模块生成证书并上传KeyVault。 | |
| 下载地址:https://github.com/ChackDan/Service-Fabric/tree/master/Scripts/ServiceFabricRPHelpers | |
| Import-Module "C:\..\ServiceFabricRPHelpers\ServiceFabricRPHelpers.psm1" | |
| $ResouceGroup = "kevin-group" | |
| $VName = "kevinsfvault" | |
| $SubID = "e0fbea86-6cf2-4b2d-81e2-9c59f4f96bcb" | |
| $locationRegion = "chinanorth" | |
| $newCertName = "aruicert" | |
| $dnsName = "test.arui.me" | |
| $localCertPath = "C:\" | |
| Invoke-AddCertToKeyVault -SubscriptionId $SubID -ResourceGroupName $ResouceGroup -Location $locationRegion -VaultName $VName -CertificateName $newCertName -CreateSelfSignedCertificate -DnsName $dnsName -OutputPath $localCertPath | |
| 其中dnsName 必须和我们的自定义域名一致。 | |
| 2. 设置域名解析 | |
| 我们需要创建一个静态公网IP,并将我们的自定义域名DNS解析到该IP之上,绑定DNS域名并解析至之前创建静态公网IP地址, | |
| 3. 使用用ARM 资源模板创建Service Fabric | |
| 使用Azure Service Fabric 资源模板创建Service Fabric,在创建时,我们需要修改模板的一些地方,以确保整个群集都能够正常的使用自定义域名进行访问。 | |
| "frontendIPConfigurations": [ | |
| { | |
| "name": "LoadBalancerIPConfig", | |
| "properties": { | |
| "publicIPAddress": { | |
| "id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('staticIpResourceGroups'), '/providers/Microsoft.Network/publicIPAddresses/', parameters('staticIpName'))]" | |
| } | |
| } | |
| } | |
| ] | |
| 为群集配置安全证书,可参考此文档进行设置,之后修改群集的Manager Endpoint设置,使其使用自定义域名访问群集。此示例中的staticIpDnsFQDN指的是test.arui.me | |
| "managementEndpoint": "[concat('https://',parameters('staticIpDnsFQDN'),':',parameters('nt0fabricHttpGatewayPort'))]" | |
| 配置好之后,就可以使用该模板创建Service Fabric。当创建完成时,就可以使用https://test.arui.me:19080,如下图: | |
| 注意事项 | |
| 如果创建时,虚拟机规模集创建完成,但Service Fabric群集还是处于等待节点状态。很有可能是因为Service Fabric客户端无法与虚拟机规模集中的群集系统服务进行通信。 | |
| 造成这样情况的原因大部分是因为证书的使用者名称和设置managementEndpoint地址不匹配。 | |
| 相关文档 | |
| https://docs.microsoft.com/zh-cn/azure/service-fabric/service-fabric-cluster-creation-via-arm |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "clusterName": { | |
| "value": "sf-cluster" | |
| }, | |
| "clusterLocation": { | |
| "value": "chinanorth" | |
| }, | |
| "adminUserName": { | |
| "value": "testadr" | |
| }, | |
| "adminPassword": { | |
| "value": "Aa111111" | |
| }, | |
| "certificateThumbprint": { | |
| "value": "5DBFC1A3BEA03523681D7FED15A2F1D6B5825473", | |
| }, | |
| "sourceVaultValue": { | |
| "value": "/subscriptions/e0fbea86-6cf2-4b2d-81e2-9c59f4f96bcb/resourceGroups/kevin-group/providers/Microsoft.KeyVault/vaults/kevinsfvault", | |
| }, | |
| "certificateUrlValue": { | |
| "value": "https://kevinsfvault.vault.azure.cn:443/secrets/aruicert/f0826581180445aa9d51060e12b635cb", | |
| }, | |
| "vnetResourceGroups": { | |
| "value": "kevin-group" | |
| }, | |
| "vnetName": { | |
| "value": "kevin-net" | |
| }, | |
| "subnet0Name": { | |
| "value": "sf-net" | |
| }, | |
| "subnet0Prefix": { | |
| "value": "10.1.0.48/28" | |
| }, | |
| "staticIpResourceGroups": { | |
| "value": "kevin-group" | |
| }, | |
| "staticIpName": { | |
| "value": "kevin-ip" | |
| }, | |
| "staticIpDnsFQDN": { | |
| "value": "test.arui.me" | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json", | |
| "contentVersion": "1.0.0.0", | |
| "parameters": { | |
| "clusterLocation": { | |
| "type": "string", | |
| "metadata": { | |
| "description": "Location of the Cluster" | |
| } | |
| }, | |
| "clusterName": { | |
| "type": "string", | |
| "defaultValue": "Cluster", | |
| "metadata": { | |
| "description": "Name of your cluster - Between 3 and 23 characters. Letters and numbers only" | |
| } | |
| }, | |
| "nt0applicationStartPort": { | |
| "type": "int", | |
| "defaultValue": 20000 | |
| }, | |
| "nt0applicationEndPort": { | |
| "type": "int", | |
| "defaultValue": 30000 | |
| }, | |
| "nt0ephemeralStartPort": { | |
| "type": "int", | |
| "defaultValue": 49152 | |
| }, | |
| "nt0ephemeralEndPort": { | |
| "type": "int", | |
| "defaultValue": 65534 | |
| }, | |
| "nt0fabricTcpGatewayPort": { | |
| "type": "int", | |
| "defaultValue": 19000 | |
| }, | |
| "nt0fabricHttpGatewayPort": { | |
| "type": "int", | |
| "defaultValue": 19080 | |
| }, | |
| "subnet0Name": { | |
| "type": "string", | |
| "defaultValue": "default" | |
| }, | |
| "vnetResourceGroups": { | |
| "type": "string", | |
| "defaultValue": "testgroup1" | |
| }, | |
| "vnetName": { | |
| "type": "string", | |
| "defaultValue": "network" | |
| }, | |
| "subnet0Prefix": { | |
| "type": "string", | |
| "defaultValue": "10.3.0.0/24" | |
| }, | |
| "staticIpResourceGroups": { | |
| "type": "string", | |
| "defaultValue": "testgroup1" | |
| }, | |
| "staticIpName": { | |
| "type": "string", | |
| "defaultValue": "staticIP" | |
| }, | |
| "staticIpDnsFQDN": { | |
| "type": "string", | |
| "defaultValue": "test.arui.me" | |
| }, | |
| "vmStorageAccountName": { | |
| "type": "string", | |
| "defaultValue": "vmhd" | |
| }, | |
| "vmStorageAccountContainerName": { | |
| "type": "string", | |
| "defaultValue": "vhds" | |
| }, | |
| "certificateStoreValue": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "My" | |
| ], | |
| "defaultValue": "My", | |
| "metadata": { | |
| "description": "The store name where the cert will be deployed in the virtual machine" | |
| } | |
| }, | |
| "certificateThumbprint": { | |
| "type": "string", | |
| "defaultValue": "5DBFC1A3BEA03523681D7FED15A2F1D6B5825473", | |
| "metadata": { | |
| "description": "Certificate Thumbprint" | |
| } | |
| }, | |
| "sourceVaultValue": { | |
| "type": "string", | |
| "defaultValue": "/subscriptions/e0fbea86-6cf2-4b2d-81e2-9c59f4f96bcb/resourceGroups/kevin-group/providers/Microsoft.KeyVault/vaults/kevinsfvault", | |
| "metadata": { | |
| "description": "Resource Id of the key vault, is should be in the format of /subscriptions/<Sub ID>/resourceGroups/<Resource group name>/providers/Microsoft.KeyVault/vaults/<vault name>" | |
| } | |
| }, | |
| "certificateUrlValue": { | |
| "type": "string", | |
| "defaultValue": "https://kevinsfvault.vault.azure.cn:443/secrets/aruicert/f0826581180445aa9d51060e12b635cb", | |
| "metadata": { | |
| "description": "Refers to the location URL in your key vault where the certificate was uploaded, it is should be in the format of https://<name of the vault>.vault.azure.net:443/secrets/<exact location>" | |
| } | |
| }, | |
| "clusterProtectionLevel": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "None", | |
| "Sign", | |
| "EncryptAndSign" | |
| ], | |
| "defaultValue": "EncryptAndSign", | |
| "metadata": { | |
| "description": "Protection level.Three values are allowed - EncryptAndSign, Sign, None. It is best to keep the default of EncryptAndSign, unless you have a need not to" | |
| } | |
| }, | |
| "adminUserName": { | |
| "type": "string", | |
| "defaultValue": "testadm", | |
| "metadata": { | |
| "description": "Remote desktop user Id" | |
| } | |
| }, | |
| "adminPassword": { | |
| "type": "securestring", | |
| "metadata": { | |
| "description": "Remote desktop user password. Must be a strong password" | |
| } | |
| }, | |
| "nicName": { | |
| "type": "string", | |
| "defaultValue": "NIC" | |
| }, | |
| "overProvision": { | |
| "type": "string", | |
| "defaultValue": "false" | |
| }, | |
| "vmImagePublisher": { | |
| "type": "string", | |
| "defaultValue": "MicrosoftWindowsServer" | |
| }, | |
| "vmImageOffer": { | |
| "type": "string", | |
| "defaultValue": "WindowsServer" | |
| }, | |
| "vmImageSku": { | |
| "type": "string", | |
| "defaultValue": "2012-R2-Datacenter" | |
| }, | |
| "vmImageVersion": { | |
| "type": "string", | |
| "defaultValue": "latest" | |
| }, | |
| "storageAccountType": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "Standard_LRS", | |
| "Standard_GRS" | |
| ], | |
| "defaultValue": "Standard_LRS", | |
| "metadata": { | |
| "description": "Replication option for the VM image storage account" | |
| } | |
| }, | |
| "supportLogStorageAccountType": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "Standard_LRS", | |
| "Standard_GRS" | |
| ], | |
| "defaultValue": "Standard_LRS", | |
| "metadata": { | |
| "description": "Replication option for the support log storage account" | |
| } | |
| }, | |
| "supportLogStorageAccountName": { | |
| "type": "string", | |
| "defaultValue": "[toLower( concat('sflogs', uniqueString(resourceGroup().id),'2'))]", | |
| "metadata": { | |
| "description": "Name for the storage account that contains support logs from the cluster" | |
| } | |
| }, | |
| "applicationDiagnosticsStorageAccountType": { | |
| "type": "string", | |
| "allowedValues": [ | |
| "Standard_LRS", | |
| "Standard_GRS" | |
| ], | |
| "defaultValue": "Standard_LRS", | |
| "metadata": { | |
| "description": "Replication option for the application diagnostics storage account" | |
| } | |
| }, | |
| "applicationDiagnosticsStorageAccountName": { | |
| "type": "string", | |
| "defaultValue": "[toLower(concat('sfapplogs', uniqueString(resourceGroup().id),'3'))]", | |
| "metadata": { | |
| "description": "Name for the storage account that contains application diagnostics data from the cluster" | |
| } | |
| }, | |
| "nt0InstanceCount": { | |
| "type": "int", | |
| "defaultValue": 3, | |
| "metadata": { | |
| "description": "Instance count for node type" | |
| } | |
| }, | |
| "vmNodeType0Name": { | |
| "type": "string", | |
| "defaultValue": "N1", | |
| "maxLength": 9 | |
| }, | |
| "vmNodeType0Size": { | |
| "type": "string", | |
| "defaultValue": "Standard_D2" | |
| } | |
| }, | |
| "variables": { | |
| "vmssApiVersion": "2016-03-30", | |
| "lbApiVersion": "2015-06-15", | |
| "vNetApiVersion": "2015-06-15", | |
| "storageApiVersion": "2016-01-01", | |
| "publicIPApiVersion": "2015-06-15", | |
| "vnetID": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('vnetResourceGroups'), '/providers/Microsoft.Network/virtualNetworks/', parameters('vnetName'))]", | |
| "subnet0Ref": "[concat(variables('vnetID'),'/subnets/',parameters('subnet0Name'))]", | |
| "staticIp":"[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('staticIpResourceGroups'), '/providers/Microsoft.Network/publicIPAddresses/', parameters('staticIpName'))]", | |
| "lbID0": "[resourceId('Microsoft.Network/loadBalancers', concat('LB','-', parameters('clusterName'),'-',parameters('vmNodeType0Name')))]", | |
| "lbIPConfig0": "[concat(variables('lbID0'),'/frontendIPConfigurations/LoadBalancerIPConfig')]", | |
| "lbPoolID0": "[concat(variables('lbID0'),'/backendAddressPools/LoadBalancerBEAddressPool')]", | |
| "lbProbeID0": "[concat(variables('lbID0'),'/probes/FabricGatewayProbe')]", | |
| "lbHttpProbeID0": "[concat(variables('lbID0'),'/probes/FabricHttpGatewayProbe')]", | |
| "lbNatPoolID0": "[concat(variables('lbID0'),'/inboundNatPools/LoadBalancerBEAddressNatPool')]", | |
| "vmStorageAccountName0": "[toLower(concat(parameters('vmStorageAccountName'), uniqueString(resourceGroup().id), '0' ))]", | |
| "uniqueStringArray0": [ | |
| "[concat(variables('vmStorageAccountName0'), '0')]", | |
| "[concat(variables('vmStorageAccountName0'), '1')]", | |
| "[concat(variables('vmStorageAccountName0'), '2')]", | |
| "[concat(variables('vmStorageAccountName0'), '3')]", | |
| "[concat(variables('vmStorageAccountName0'), '4')]" | |
| ] | |
| }, | |
| "resources": [ | |
| { | |
| "apiVersion": "[variables('storageApiVersion')]", | |
| "type": "Microsoft.Storage/storageAccounts", | |
| "name": "[parameters('supportLogStorageAccountName')]", | |
| "location": "[parameters('clusterLocation')]", | |
| "dependsOn": [], | |
| "properties": {}, | |
| "kind": "Storage", | |
| "sku": { | |
| "name": "[parameters('supportLogStorageAccountType')]" | |
| }, | |
| "tags": { | |
| "resourceType": "Service Fabric", | |
| "clusterName": "[parameters('clusterName')]" | |
| } | |
| }, | |
| { | |
| "apiVersion": "[variables('storageApiVersion')]", | |
| "type": "Microsoft.Storage/storageAccounts", | |
| "name": "[parameters('applicationDiagnosticsStorageAccountName')]", | |
| "location": "[parameters('clusterLocation')]", | |
| "dependsOn": [], | |
| "properties": {}, | |
| "kind": "Storage", | |
| "sku": { | |
| "name": "[parameters('applicationDiagnosticsStorageAccountType')]" | |
| }, | |
| "tags": { | |
| "resourceType": "Service Fabric", | |
| "clusterName": "[parameters('clusterName')]" | |
| } | |
| }, | |
| { | |
| "apiVersion": "[variables('lbApiVersion')]", | |
| "type": "Microsoft.Network/loadBalancers", | |
| "name": "[concat('LB','-', parameters('clusterName'),'-',parameters('vmNodeType0Name'))]", | |
| "location": "[parameters('clusterLocation')]", | |
| "dependsOn": [], | |
| "properties": { | |
| "frontendIPConfigurations": [ | |
| { | |
| "name": "LoadBalancerIPConfig", | |
| "properties": { | |
| "publicIPAddress": { | |
| "id": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('staticIpResourceGroups'), '/providers/Microsoft.Network/publicIPAddresses/', parameters('staticIpName'))]" | |
| } | |
| } | |
| } | |
| ], | |
| "backendAddressPools": [ | |
| { | |
| "name": "LoadBalancerBEAddressPool", | |
| "properties": {} | |
| } | |
| ], | |
| "loadBalancingRules": [ | |
| { | |
| "name": "LBRule", | |
| "properties": { | |
| "backendAddressPool": { | |
| "id": "[variables('lbPoolID0')]" | |
| }, | |
| "backendPort": "[parameters('nt0fabricTcpGatewayPort')]", | |
| "enableFloatingIP": "false", | |
| "frontendIPConfiguration": { | |
| "id": "[variables('lbIPConfig0')]" | |
| }, | |
| "frontendPort": "[parameters('nt0fabricTcpGatewayPort')]", | |
| "idleTimeoutInMinutes": "5", | |
| "probe": { | |
| "id": "[variables('lbProbeID0')]" | |
| }, | |
| "protocol": "tcp" | |
| } | |
| }, | |
| { | |
| "name": "LBHttpRule", | |
| "properties": { | |
| "backendAddressPool": { | |
| "id": "[variables('lbPoolID0')]" | |
| }, | |
| "backendPort": "[parameters('nt0fabricHttpGatewayPort')]", | |
| "enableFloatingIP": "false", | |
| "frontendIPConfiguration": { | |
| "id": "[variables('lbIPConfig0')]" | |
| }, | |
| "frontendPort": "[parameters('nt0fabricHttpGatewayPort')]", | |
| "idleTimeoutInMinutes": "5", | |
| "probe": { | |
| "id": "[variables('lbHttpProbeID0')]" | |
| }, | |
| "protocol": "tcp" | |
| } | |
| } | |
| ], | |
| "probes": [ | |
| { | |
| "name": "FabricGatewayProbe", | |
| "properties": { | |
| "intervalInSeconds": 5, | |
| "numberOfProbes": 2, | |
| "port": "[parameters('nt0fabricTcpGatewayPort')]", | |
| "protocol": "tcp" | |
| } | |
| }, | |
| { | |
| "name": "FabricHttpGatewayProbe", | |
| "properties": { | |
| "intervalInSeconds": 5, | |
| "numberOfProbes": 2, | |
| "port": "[parameters('nt0fabricHttpGatewayPort')]", | |
| "protocol": "tcp" | |
| } | |
| } | |
| ], | |
| "inboundNatPools": [ | |
| { | |
| "name": "LoadBalancerBEAddressNatPool", | |
| "properties": { | |
| "backendPort": "3389", | |
| "frontendIPConfiguration": { | |
| "id": "[variables('lbIPConfig0')]" | |
| }, | |
| "frontendPortRangeEnd": "4500", | |
| "frontendPortRangeStart": "3389", | |
| "protocol": "tcp" | |
| } | |
| } | |
| ] | |
| }, | |
| "tags": { | |
| "resourceType": "Service Fabric", | |
| "clusterName": "[parameters('clusterName')]" | |
| } | |
| }, | |
| { | |
| "apiVersion": "[variables('storageApiVersion')]", | |
| "type": "Microsoft.Storage/storageAccounts", | |
| "name": "[variables('uniqueStringArray0')[copyIndex()]]", | |
| "location": "[parameters('clusterLocation')]", | |
| "dependsOn": [], | |
| "properties": {}, | |
| "copy": { | |
| "name": "storageLoop", | |
| "count": 3 | |
| }, | |
| "kind": "Storage", | |
| "sku": { | |
| "name": "[parameters('storageAccountType')]" | |
| }, | |
| "tags": { | |
| "resourceType": "Service Fabric", | |
| "clusterName": "[parameters('clusterName')]" | |
| } | |
| }, | |
| { | |
| "apiVersion": "[variables('vmssApiVersion')]", | |
| "type": "Microsoft.Compute/virtualMachineScaleSets", | |
| "name": "[parameters('vmNodeType0Name')]", | |
| "location": "[parameters('clusterLocation')]", | |
| "dependsOn": [ | |
| "[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[0])]", | |
| "[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[1])]", | |
| "[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[2])]", | |
| "[concat('Microsoft.Network/loadBalancers/', concat('LB','-', parameters('clusterName'),'-',parameters('vmNodeType0Name')))]", | |
| "[concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName'))]", | |
| "[concat('Microsoft.Storage/storageAccounts/', parameters('applicationDiagnosticsStorageAccountName'))]" | |
| ], | |
| "properties": { | |
| "overprovision": "[parameters('overProvision')]", | |
| "upgradePolicy": { | |
| "mode": "Automatic" | |
| }, | |
| "virtualMachineProfile": { | |
| "extensionProfile": { | |
| "extensions": [ | |
| { | |
| "name": "[concat(parameters('vmNodeType0Name'),'_ServiceFabricNode')]", | |
| "properties": { | |
| "type": "ServiceFabricNode", | |
| "autoUpgradeMinorVersion": false, | |
| "protectedSettings": { | |
| "StorageAccountKey1": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('supportLogStorageAccountName')),'2015-05-01-preview').key1]", | |
| "StorageAccountKey2": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('supportLogStorageAccountName')),'2015-05-01-preview').key2]" | |
| }, | |
| "publisher": "Microsoft.Azure.ServiceFabric", | |
| "settings": { | |
| "clusterEndpoint": "[reference(parameters('clusterName')).clusterEndpoint]", | |
| "nodeTypeRef": "[parameters('vmNodeType0Name')]", | |
| "dataPath": "D:\\\\SvcFab", | |
| "durabilityLevel": "Bronze", | |
| "enableParallelJobs": true, | |
| "nicPrefixOverride": "[parameters('subnet0Prefix')]", | |
| "certificate": { | |
| "thumbprint": "[parameters('certificateThumbprint')]", | |
| "x509StoreName": "[parameters('certificateStoreValue')]" | |
| } | |
| }, | |
| "typeHandlerVersion": "1.0" | |
| } | |
| }, | |
| { | |
| "name": "[concat('VMDiagnosticsVmExt','_vmNodeType0Name')]", | |
| "properties": { | |
| "type": "IaaSDiagnostics", | |
| "autoUpgradeMinorVersion": true, | |
| "protectedSettings": { | |
| "storageAccountName": "[parameters('applicationDiagnosticsStorageAccountName')]", | |
| "storageAccountKey": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('applicationDiagnosticsStorageAccountName')),'2015-05-01-preview').key1]", | |
| "storageAccountEndPoint": "https://core.chinacloudapi.cn/" | |
| }, | |
| "publisher": "Microsoft.Azure.Diagnostics", | |
| "settings": { | |
| "WadCfg": { | |
| "DiagnosticMonitorConfiguration": { | |
| "overallQuotaInMB": "50000", | |
| "EtwProviders": { | |
| "EtwEventSourceProviderConfiguration": [ | |
| { | |
| "provider": "Microsoft-ServiceFabric-Actors", | |
| "scheduledTransferKeywordFilter": "1", | |
| "scheduledTransferPeriod": "PT5M", | |
| "DefaultEvents": { | |
| "eventDestination": "ServiceFabricReliableActorEventTable" | |
| } | |
| }, | |
| { | |
| "provider": "Microsoft-ServiceFabric-Services", | |
| "scheduledTransferPeriod": "PT5M", | |
| "DefaultEvents": { | |
| "eventDestination": "ServiceFabricReliableServiceEventTable" | |
| } | |
| } | |
| ], | |
| "EtwManifestProviderConfiguration": [ | |
| { | |
| "provider": "cbd93bc2-71e5-4566-b3a7-595d8eeca6e8", | |
| "scheduledTransferLogLevelFilter": "Information", | |
| "scheduledTransferKeywordFilter": "4611686018427387904", | |
| "scheduledTransferPeriod": "PT5M", | |
| "DefaultEvents": { | |
| "eventDestination": "ServiceFabricSystemEventTable" | |
| } | |
| } | |
| ] | |
| } | |
| } | |
| }, | |
| "StorageAccount": "[parameters('applicationDiagnosticsStorageAccountName')]" | |
| }, | |
| "typeHandlerVersion": "1.5" | |
| } | |
| } | |
| ] | |
| }, | |
| "networkProfile": { | |
| "networkInterfaceConfigurations": [ | |
| { | |
| "name": "[concat(parameters('nicName'), '-0')]", | |
| "properties": { | |
| "ipConfigurations": [ | |
| { | |
| "name": "[concat(parameters('nicName'),'-',0)]", | |
| "properties": { | |
| "loadBalancerBackendAddressPools": [ | |
| { | |
| "id": "[variables('lbPoolID0')]" | |
| } | |
| ], | |
| "loadBalancerInboundNatPools": [ | |
| { | |
| "id": "[variables('lbNatPoolID0')]" | |
| } | |
| ], | |
| "subnet": { | |
| "id": "[variables('subnet0Ref')]" | |
| } | |
| } | |
| } | |
| ], | |
| "primary": true | |
| } | |
| } | |
| ] | |
| }, | |
| "osProfile": { | |
| "adminPassword": "[parameters('adminPassword')]", | |
| "adminUsername": "[parameters('adminUsername')]", | |
| "computernamePrefix": "[parameters('vmNodeType0Name')]", | |
| "secrets": [ | |
| { | |
| "sourceVault": { | |
| "id": "[parameters('sourceVaultValue')]" | |
| }, | |
| "vaultCertificates": [ | |
| { | |
| "certificateStore": "[parameters('certificateStoreValue')]", | |
| "certificateUrl": "[parameters('certificateUrlValue')]" | |
| } | |
| ] | |
| } | |
| ] | |
| }, | |
| "storageProfile": { | |
| "imageReference": { | |
| "publisher": "[parameters('vmImagePublisher')]", | |
| "offer": "[parameters('vmImageOffer')]", | |
| "sku": "[parameters('vmImageSku')]", | |
| "version": "[parameters('vmImageVersion')]" | |
| }, | |
| "osDisk": { | |
| "vhdContainers": [ | |
| "[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[0]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]", | |
| "[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[1]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]", | |
| "[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[2]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]" | |
| ], | |
| "name": "vmssosdisk", | |
| "caching": "ReadOnly", | |
| "createOption": "FromImage" | |
| } | |
| } | |
| } | |
| }, | |
| "sku": { | |
| "name": "[parameters('vmNodeType0Size')]", | |
| "capacity": "[parameters('nt0InstanceCount')]", | |
| "tier": "Standard" | |
| }, | |
| "tags": { | |
| "resourceType": "Service Fabric", | |
| "clusterName": "[parameters('clusterName')]" | |
| } | |
| }, | |
| { | |
| "apiVersion": "2016-09-01", | |
| "type": "Microsoft.ServiceFabric/clusters", | |
| "name": "[parameters('clusterName')]", | |
| "location": "[parameters('clusterLocation')]", | |
| "dependsOn": [ | |
| "[concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName'))]" | |
| ], | |
| "properties": { | |
| "certificate": { | |
| "thumbprint": "[parameters('certificateThumbprint')]", | |
| "x509StoreName": "[parameters('certificateStoreValue')]" | |
| }, | |
| "clientCertificateCommonNames": [], | |
| "clientCertificateThumbprints": [], | |
| "clusterState": "Default", | |
| "diagnosticsStorageAccountConfig": { | |
| "blobEndpoint": "[reference(concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName')), variables('storageApiVersion')).primaryEndpoints.blob]", | |
| "protectedAccountKeyName": "StorageAccountKey1", | |
| "queueEndpoint": "[reference(concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName')), variables('storageApiVersion')).primaryEndpoints.queue]", | |
| "storageAccountName": "[parameters('supportLogStorageAccountName')]", | |
| "tableEndpoint": "[reference(concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName')), variables('storageApiVersion')).primaryEndpoints.table]" | |
| }, | |
| "fabricSettings": [ | |
| { | |
| "parameters": [ | |
| { | |
| "name": "ClusterProtectionLevel", | |
| "value": "[parameters('clusterProtectionLevel')]" | |
| } | |
| ], | |
| "name": "Security" | |
| } | |
| ], | |
| "managementEndpoint": "[concat('https://',parameters('staticIpDnsFQDN'),':',parameters('nt0fabricHttpGatewayPort'))]", | |
| "nodeTypes": [ | |
| { | |
| "name": "[parameters('vmNodeType0Name')]", | |
| "applicationPorts": { | |
| "endPort": "[parameters('nt0applicationEndPort')]", | |
| "startPort": "[parameters('nt0applicationStartPort')]" | |
| }, | |
| "clientConnectionEndpointPort": "[parameters('nt0fabricTcpGatewayPort')]", | |
| "durabilityLevel": "Bronze", | |
| "ephemeralPorts": { | |
| "endPort": "[parameters('nt0ephemeralEndPort')]", | |
| "startPort": "[parameters('nt0ephemeralStartPort')]" | |
| }, | |
| "httpGatewayEndpointPort": "[parameters('nt0fabricHttpGatewayPort')]", | |
| "isPrimary": true, | |
| "vmInstanceCount": "[parameters('nt0InstanceCount')]" | |
| } | |
| ], | |
| "provisioningState": "Default", | |
| "reliabilityLevel": "Bronze", | |
| "upgradeMode": "Automatic", | |
| "vmImage": "Windows" | |
| }, | |
| "tags": { | |
| "resourceType": "Service Fabric", | |
| "clusterName": "[parameters('clusterName')]" | |
| } | |
| } | |
| ], | |
| "outputs": { | |
| "clusterProperties": { | |
| "value": "[reference(parameters('clusterName'))]", | |
| "type": "object" | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment