With the latest round of updates released at Build 2017, Service Fabric has become more powerful than ever, and getting started is now a breeze. This quick guide will help you get started with a secure Service Fabric cluster that you can start tinkering with.
- Azure subscription
- Azure PowerShell
- TL;DR install: run
Install-Module AzureRMin a PowerShell window
- TL;DR install: run
Get started with a new PowerShell window. Running the following commands will automatically create all the required Azure resources on your behalf and will output a ton of great info about your newly created cluster. This cmdlet is doing a lot of work behind the scenes, so expect this to take a few minutes to complete.
Here’s an example of the output generated. Hold onto your output to be used in a later step.
Let’s take a quick trip to the Azure Portal and look at what was created. I’m going to use the search bar at the top of the portal to look at my newly created Resource Group
Selecting the resource group, you’ll see something like the following
That’s a lot going on to support your cluster. You’ve got a Key Vault, a Virtual Network, a Load Balancer with a public IP, several Storage Accounts, a VM Scale Set, and finally, your Service Fabric cluster itself. Not bad for a 1-line command!
Select the cluster resource to see some more details
5 VM’s and a couple of endpoints. So far, so good! In the past it was pretty easy to get to this point with an Unsecure cluster, but then anyone on the Internet could access your cluster. The good news is that the new Service Fabric cmdlets are secure by default.
Click into Security in the left menu
Great! There’s a Primary certificate. This cert will be used to grant access to inspect, deploy, and remove applications on the cluster.
It’s time to dive in deeper and look at the services running on your cluster. To do that, you’ll need to install the aforementioned primary certificate to your local machine so that your browser can use it to authenticate to the HTTP managmement endpoint.
Because you passed in the
CertificateOutputFolder switch earlier, the cmdlet downloaded it from Key Vault and saved it as a local PFX file. You’ll see the specific file in the cmdlet output in the
CertificateSavedLocalPath property. Use that file to import to your CurrentUser\My certificate store with the following command
Now it’s time to access Service Fabric Explorer running on your cluster. Get your cluster management endpoint either from the Azure Portal, or from the
ManagementEndpoint property in the cmdlet output, and visit it in a browser.
Uh oh! Don’t worry, this is expected. Since you didn’t specify a cert for the cluster, Key Vault generated a self-signed one for you. Accept the warnings and proceed. When prompted for a cert, select the one with your cluster’s name
Great success! Expanding Nodes and System, you can see your five nodes and the various built-in services that Service Fabric uses to keep everything up and running. At this point, you’re ready to use Visual Studio, PowerShell, or the tool of your choice to deploy and manage applications on your secure cluster.
To remove everything after you’re done, simply delete the Resource Group that was previously created