ayan.poddar
/
eShopOnContainers
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 19 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2234 Commits
36 Branches
655 MiB
Tree: d114e1448a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd114e1448a'
${ noResults }
eShopOnContainers/deploy/az/servicefabric/LinuxContainers/readme.md

130 lines
6.9 KiB
Raw Normal View History

Update readme.md
7 years ago
Update readme.md
7 years ago
Update readme.md
7 years ago
Update readme.md
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Update readme.md
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Update readme.md
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
Update readme.md
7 years ago
Created deployment scripts for SF Linux
7 years ago
 
  1. # Deploying a Service Fabric cluster based on Linux nodes

  2. 

  3. ## A. Unsecured cluster (SF Linux cluster)

  4. For a secured cluster, see option B. below.
  5. 

  6. You can always deploy a SF cluster through the Azure portal, as explained in this article: https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-get-started-azure-cluster
  7. 

  8. However, when creating a cluster, there are quite a few configurations to take into account, like enabling the internal DNS service or Reverse Proxy service, choosing between Linux/Windows, open/publish your application ports in the load-balancer and most of all (the most complex setup) how to create a secure cluster.
  9. 

  10. Because of those reasons, we have created a set of ARM templates and scripts so you can create, re-create and configure the SF clusters much faster, as explained below: 
  11. 

  12. Within eShopOnContainers root folder, at the folder [..\deploy\az\servicefabric\LinuxContainers](https://github.com/dotnet-architecture/eShopOnContainers/tree/dev/deploy/az/servicefabric/LinuxContainers), you can find the ARM template `servicefabricdeploy.json` and its parameters file (`servicefabricdeploy.parameters.json`) to create a Service Fabric cluster environment for Linux Containers.
  13. 

  14. ## Edit the servicefabricdeploy.parameters.json file

  15. 

  16. Edit the following params in `servicefabricdeploy.parameters.json` file to set your values:
  17. 

  18. - clusterName: Name of your SF cluster
  19. - clusterLocation: Datacenter location, like westus or westeurope
  20. - computeLocation: Datacenter location, like westus or westeurope
  21. - adminUserName: user-name for VMs administration
  22. - adminPassword: user-password for VMs administration
  23. - dnsName: Name assigned to your SF dns
  24. 

  25. Optionally, you could modify which ports are opened in the LoadBalancer for the multiple eShopOnContainer apps and API services.
  26. By default, they are setup as:
  27. - webMvcHttpPort:       5100
  28. - webSpaHttpPort:       5104
  29. - webStatusHttpPort:    5107
  30. - IdSrvHttpRule:        5105
  31. - BasketApiHttpRule:    5103
  32. - CatalogApiHttpRule:   5101
  33. - OrderingApiHttpRule:  5102
  34. - MarketingApiHttpRule: 5110
  35. - LocationsApiHttpRule: 5109
  36. 

  37. ## Deploy the Service Fabric cluster using the script and ARM templates

  38. 

  39. Once parameter file is edited you can deploy it using [create-resources script](../readme.md).
  40. 

  41. For example, to deploy the cluster to a new resourcegroup located in westus, go to `deploy\az` folder and type:
  42. 

  43. ```
  44. create-resources.cmd servicefabric\LinuxContainers\servicefabricdeploy qa-eshop-sflinux-resgrp -c westus
  45. ```
  46. 

  47. You should see a similar execution to the following:
  48. ![image](https://user-images.githubusercontent.com/1712635/31638180-15da9f84-b287-11e7-9d4e-604f33690198.png)
  49. 

  50. Now, if you go to your subscription in Azure, you should be able to see the SF cluster already created and available, like in the following image:
  51. 

  52. ![image](https://user-images.githubusercontent.com/1712635/31638398-3fc08ad8-b288-11e7-879b-fc4df0daad2b.png)
  53. 

  54. In this case, this is an unsecured SF cluster with a single Linux node, good for initial tests and getting started with SF.
  55. 

  56. ## B. Secured cluster (SF Linux cluster)

  57. 

  58. Within eShopOnContainers root folder, at the folder [..\deploy\az\servicefabric\LinuxContainers](https://github.com/dotnet-architecture/eShopOnContainers/tree/dev/deploy/az/servicefabric/LinuxContainers), you can find the ARM template `servicefabricdeploysecured.json` and its parameter file (`servicefabricdeploysecured.parameters.json`) to create a secured Service Fabric cluster environment for Linux Containers (IN THIS CASE, IT IS A SECURED CLUSTER USING A CERTIFICATE).
  59. 

  60. The ARM template `servicefabricdeploysecured.json` and its parameter file (`servicefabricdeploysecured.parameters.json`) are used to create a service fabric cluster environment for linux containers secured with a certificate.
  61. 

  62. ## Create Azure Keyvault service

  63. Go to PortalAzure and create a Keyvault service. Make sure Enable access for deployment checkboxes are selected.
  64. 

  65. ![image](https://user-images.githubusercontent.com/1712635/31638848-9b266530-b28a-11e7-953b-1e3ec1a54f77.png)
  66. 

  67. ## Generate a certificate in Azure Keyvault

  68. In a POWER-SHELL window, move to the folder [..\deploy\az\servicefabric\LinuxContainers](https://github.com/dotnet-architecture/eShopOnContainers/tree/dev/deploy/az/servicefabric/LinuxContainers).
  69. 

  70. **Select your Azure subscription** You might have [several Azure subscriptions](https://docs.microsoft.com/en-us/cli/azure/account#set) as shown if you type the following.
  71. 

  72.     >```
  73.     >az account list
  74.     >```
  75.     If you have multiple subscription accounts, you first need to select the Azure subscription account you want to target. Type the following:
  76.     >```
  77.     >az account set --subscription "Your Azure Subscription Name or ID"
  78.     >```
  79. 

  80. Execute the gen-keyvaultcert.ps1 script to generate and download a certificate from Keyvault.
  81. 

  82. ```
  83. .\gen-keyvaultcert.ps1 -vaultName <your_keyvault_service> -certName <your_cert_name> -certPwd <your_cert_pwd> -subjectName CN=<your_sf_dns_name>.westeurope.cloudapp.azure.com -saveDir C:\Users\<user>\Downloads
  84. 

  85. ```
  86. 

  87. You should see a similar execution to the following:
  88. ![image](https://user-images.githubusercontent.com/1712635/31640172-93efcca0-b291-11e7-970e-5b5e6bf07042.png)
  89. 

  90. IMPORTANT: At this point, copy/cut the .PFX certifiacte file saved in the downloads forlder and save it in a secure place.
  91. 

  92. ## Install the certificate

  93. Install the certificate (by double-clicking on the .PFX file) under 'Current User' store location (by default location) and check it as exportable.
  94. 

  95. <img src="https://github.com/dotnet-architecture/eShopOnContainers/blob/dev/img/sf/install-cert.PNG">
  96. 

  97. ## Editing servicefabricdeploysecured.parameters.json file

  98. 

  99. Edit the following params in `servicefabricdeploysecured.parameters.json` file to set your values:
  100. 

  101. - clusterName: Name of your SF cluster
  102. - dnsName: Name assigned to your SF dns
  103. - adminUserName: user name for administration
  104. - adminPassword: user password for administration
  105. - sourceVaultValue: keyvault resource id (check azure keyvault properties)
  106. - certificateUrlValue: certificate url (check azure Keyvault certificate properties)
  107. - certificateThumbprint: certificate thumbprint (check azure Keyvault certificate properties)
  108. 

  109. Optionally, you can modify which ports are opened in the LoadBalancer for accessing externally to the apps:
  110. 

  111. - webMvcHttpPort: port externally exposed for the WebMVC app
  112. - webSpaHttpPort: port externally exposed for the WebSPA app
  113. - webStatusHttpPort: port externally exposed for the WebStatus app
  114. - IdSrvHttpRule: port externally exposed for the Identity app
  115. 

  116. ## Deploy the template

  117. 

  118. Once parameter file is edited you can deploy it using [create-resources script](../readme.md).
  119. 

  120. ```
  121. create-resources.cmd servicefabric\LinuxContainers\servicefabricdeploysecured newResourceGroup -c westus
  122. ```
  123. ## Deploy eShopOnServiceFabric with Visual Studio.

  124. 

  125. Modify the cloud.xml file of each Service Fabric application in PublishProfile directory and set  your certificate settings to be able to deploy eshopOnContainers in the secured cluster:
  126. 

  127. <img src="../../../../img/sf/cloud_publishProfile.png">
  128. 

  129. 

  130.