Top / Microsoft Azure / Azure Service Fabric / Cluster

Azure Service Fabric Cluster

This page shows how to write Terraform and Azure Resource Manager for Service Fabric Cluster and write them securely.

terraform-logo

Review your .tf file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

azurerm_service_fabric_cluster (Terraform)

The Cluster in Service Fabric can be configured in Terraform with the resource name azurerm_service_fabric_cluster. The following sections describe 3 examples of how to use the resource and its parameters.

Example Usage from GitHub

positive2.tf#L1
resource "azurerm_service_fabric_cluster" "positive2" {
  name                 = "example-servicefabric"
  resource_group_name  = azurerm_resource_group.example.name
  location             = azurerm_resource_group.example.location
  reliability_level    = "Bronze"
  upgrade_mode         = "Manual"
positive1.tf#L1
resource "azurerm_service_fabric_cluster" "positive1" {
  name                 = "example-servicefabric"
  resource_group_name  = azurerm_resource_group.example.name
  location             = azurerm_resource_group.example.location
  reliability_level    = "Bronze"
  upgrade_mode         = "Manual"
negative.tf#L1
resource "azurerm_service_fabric_cluster" "negative" {
  name                 = "example-servicefabric"
  resource_group_name  = azurerm_resource_group.example.name
  location             = azurerm_resource_group.example.location
  reliability_level    = "Bronze"
  upgrade_mode         = "Manual"

Review your Terraform file for Azure best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Manages a Service Fabric Cluster.

>> from Terraform Registry

Microsoft.ServiceFabric/clusters (Azure Resource Manager)

The clusters in Microsoft.ServiceFabric can be configured in Azure Resource Manager with the resource name Microsoft.ServiceFabric/clusters. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Parameters

  • apiVersion required - string
  • location required - string

    Azure resource location.

  • name required - string

    The name of the cluster resource.

  • properties required
      • addOnFeatures optional - array

        The list of add-on features to enable in the cluster.

      • applicationTypeVersionsCleanupPolicy optional
          • maxUnusedVersionsToKeep required - integer

            Number of unused versions per application type to keep.

      • azureActiveDirectory optional
          • clientApplication optional - string

            Azure active directory client application id.

          • clusterApplication optional - string

            Azure active directory cluster application id.

          • tenantId optional - string

            Azure active directory tenant id.

      • certificate optional
          • thumbprint required - string

            Thumbprint of the primary certificate.

          • thumbprintSecondary optional - string

            Thumbprint of the secondary certificate.

          • x509StoreName optional - string
      • certificateCommonNames optional
          • commonNames optional array
              • certificateCommonName required - string

                The common name of the server certificate.

              • certificateIssuerThumbprint required - string

                The issuer thumbprint of the server certificate.

          • x509StoreName optional - string
      • clientCertificateCommonNames optional array
          • certificateCommonName required - string

            The common name of the client certificate.

          • certificateIssuerThumbprint required - string

            The issuer thumbprint of the client certificate.

          • isAdmin required - boolean

            Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster.

      • clientCertificateThumbprints optional array
          • certificateThumbprint required - string

            The thumbprint of the client certificate.

          • isAdmin required - boolean

            Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster.

      • clusterCodeVersion optional - string

        The Service Fabric runtime version of the cluster. This property can only by set the user when upgradeMode is set to 'Manual'. To get list of available Service Fabric versions for new clusters use ClusterVersion API. To get the list of available version for existing clusters use availableClusterVersions.

      • diagnosticsStorageAccountConfig optional
          • blobEndpoint required - string

            The blob endpoint of the azure storage account.

          • protectedAccountKeyName required - string

            The protected diagnostics storage key name.

          • protectedAccountKeyName2 optional - string

            The protected diagnostics storage key name.

          • queueEndpoint required - string

            The queue endpoint of the azure storage account.

          • storageAccountName required - string

            The Azure storage account name.

          • tableEndpoint required - string

            The table endpoint of the azure storage account.

      • eventStoreServiceEnabled optional - boolean

        Indicates if the event store service is enabled.

      • fabricSettings optional array
          • name required - string

            The section name of the fabric settings.

          • parameters required array
              • name required - string

                The parameter name of fabric setting.

              • value required - string

                The parameter value of fabric setting.

      • infrastructureServiceManager optional - boolean

        Indicates if infrastructure service manager is enabled.

      • managementEndpoint required - string

        The http management endpoint of the cluster.

      • nodeTypes required array
          • applicationPorts optional
              • endPort required - integer

                End port of a range of ports

              • startPort required - integer

                Starting port of a range of ports

          • capacities optional - string

            The capacity tags applied to the nodes in the node type, the cluster resource manager uses these tags to understand how much resource a node has.

          • clientConnectionEndpointPort required - integer

            The TCP cluster management endpoint port.

          • durabilityLevel optional - string
          • ephemeralPorts optional
              • endPort required - integer

                End port of a range of ports

              • startPort required - integer

                Starting port of a range of ports

          • httpGatewayEndpointPort required - integer

            The HTTP cluster management endpoint port.

          • isPrimary required - boolean

            The node type on which system services will run. Only one node type should be marked as primary. Primary node type cannot be deleted or changed for existing clusters.

          • isStateless optional - boolean

            Indicates if the node type can only host Stateless workloads.

          • multipleAvailabilityZones optional - boolean

            Indicates if the node type is enabled to support multiple zones.

          • name required - string

            The name of the node type.

          • placementProperties optional - string

            The placement tags applied to nodes in the node type, which can be used to indicate where certain services (workload) should run.

          • reverseProxyEndpointPort optional - integer

            The endpoint used by reverse proxy.

          • vmInstanceCount required - integer

            VMInstanceCount should be 1 to n, where n indicates the number of VM instances corresponding to this nodeType. VMInstanceCount = 0 can be done only in these scenarios: NodeType is a secondary nodeType. Durability = Bronze or Durability >= Bronze and InfrastructureServiceManager = true. If VMInstanceCount = 0, implies the VMs for this nodeType will not be used for the initial cluster size computation.

      • notifications optional array
          • isEnabled required - boolean

            Indicates if the notification is enabled.

          • notificationCategory required - string

            The category of notification.

          • notificationLevel required - string

            The level of notification.

          • notificationTargets required array
              • notificationChannel required - string

                The notification channel indicates the type of receivers subscribed to the notification, either user or subscription.

              • receivers required - array

                List of targets that subscribe to the notification.

      • reliabilityLevel optional - string
      • reverseProxyCertificate optional
          • thumbprint required - string

            Thumbprint of the primary certificate.

          • thumbprintSecondary optional - string

            Thumbprint of the secondary certificate.

          • x509StoreName optional - string
      • reverseProxyCertificateCommonNames optional
          • commonNames optional array
              • certificateCommonName required - string

                The common name of the server certificate.

              • certificateIssuerThumbprint required - string

                The issuer thumbprint of the server certificate.

          • x509StoreName optional - string
      • sfZonalUpgradeMode optional - string
      • upgradeDescription optional
          • deltaHealthPolicy optional
              • applicationDeltaHealthPolicies optional - undefined

                Defines a map that contains specific application delta health policies for different applications. Each entry specifies as key the application name and as value an ApplicationDeltaHealthPolicy used to evaluate the application health when upgrading the cluster. The application name should include the 'fabric:' URI scheme. The map is empty by default.

              • maxPercentDeltaUnhealthyApplications required - integer

                The maximum allowed percentage of applications health degradation allowed during cluster upgrades. The delta is measured between the state of the applications at the beginning of upgrade and the state of the applications at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. System services are not included in this.

              • maxPercentDeltaUnhealthyNodes required - integer

                The maximum allowed percentage of nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the nodes at the beginning of upgrade and the state of the nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits.

              • maxPercentUpgradeDomainDeltaUnhealthyNodes required - integer

                The maximum allowed percentage of upgrade domain nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the upgrade domain nodes at the beginning of upgrade and the state of the upgrade domain nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion for all completed upgrade domains to make sure the state of the upgrade domains is within tolerated limits.

          • forceRestart optional - boolean

            If true, then processes are forcefully restarted during upgrade even when the code version has not changed (the upgrade only changes configuration or data).

          • healthCheckRetryTimeout required - string

            The amount of time to retry health evaluation when the application or cluster is unhealthy before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format.

          • healthCheckStableDuration required - string

            The amount of time that the application or cluster must remain healthy before the upgrade proceeds to the next upgrade domain. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format.

          • healthCheckWaitDuration required - string

            The length of time to wait after completing an upgrade domain before performing health checks. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format.

          • healthPolicy required
              • applicationHealthPolicies optional - undefined

                Defines a map that contains specific application health policies for different applications. Each entry specifies as key the application name and as value an ApplicationHealthPolicy used to evaluate the application health. The application name should include the 'fabric:' URI scheme. The map is empty by default.

              • maxPercentUnhealthyApplications optional - integer

                The maximum allowed percentage of unhealthy applications before reporting an error. For example, to allow 10% of applications to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of applications that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy application, the health is evaluated as Warning. This is calculated by dividing the number of unhealthy applications over the total number of application instances in the cluster, excluding applications of application types that are included in the ApplicationTypeHealthPolicyMap. The computation rounds up to tolerate one failure on small numbers of applications. Default percentage is zero.

              • maxPercentUnhealthyNodes optional - integer

                The maximum allowed percentage of unhealthy nodes before reporting an error. For example, to allow 10% of nodes to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of nodes that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy node, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy nodes over the total number of nodes in the cluster. The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero. In large clusters, some nodes will always be down or out for repairs, so this percentage should be configured to tolerate that.

          • upgradeDomainTimeout required - string

            The amount of time each upgrade domain has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format.

          • upgradeReplicaSetCheckTimeout required - string

            The maximum amount of time to block processing of an upgrade domain and prevent loss of availability when there are unexpected issues. When this timeout expires, processing of the upgrade domain will proceed regardless of availability loss issues. The timeout is reset at the start of each upgrade domain. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format.

          • upgradeTimeout required - string

            The amount of time the overall upgrade has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format.

      • upgradeMode optional - string
      • upgradePauseEndTimestampUtc optional - string

        Indicates the end date and time to pause automatic runtime version upgrades on the cluster for an specific period of time on the cluster (UTC).

      • upgradePauseStartTimestampUtc optional - string

        Indicates the start date and time to pause automatic runtime version upgrades on the cluster for an specific period of time on the cluster (UTC).

      • upgradeWave optional - string

        Indicates when new cluster runtime version upgrades will be applied after they are released. By default is Wave0. Only applies when upgradeMode is set to 'Automatic'.

      • vmImage optional - string

        The VM image VMSS has been configured with. Generic names such as Windows or Linux can be used.

      • vmssZonalUpgradeMode optional - string
      • waveUpgradePaused optional - boolean

        Boolean to pause automatic runtime version upgrades to the cluster.

  • systemData optional
      • createdAt optional - string

        The timestamp of resource creation (UTC).

      • createdBy optional - string

        The identity that created the resource.

      • createdByType optional - string

        The type of identity that created the resource.

      • lastModifiedAt optional - string

        The timestamp of resource last modification (UTC).

      • lastModifiedBy optional - string

        The identity that last modified the resource.

      • lastModifiedByType optional - string

        The type of identity that last modified the resource.

  • tags optional - string

    Azure resource tags.

  • type required - string

>> from Azure Resource Manager Documentation

Frequently asked questions

What is Azure Service Fabric Cluster?

Azure Service Fabric Cluster is a resource for Service Fabric of Microsoft Azure. Settings can be wrote in Terraform.

Where can I find the example code for the Azure Service Fabric Cluster?

For Terraform, the Checkmarx/kics, Checkmarx/kics and Checkmarx/kics source code examples are useful. See the Terraform Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents