ayan.poddar
/
eShopOnContainers
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 19 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2200 Commits
36 Branches
655 MiB
Tree: d79e7e2dac
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd79e7e2dac'
${ noResults }
eShopOnContainers/deploy/az/servicefabric/WindowsContainers/readme.md

93 lines
4.8 KiB
Raw Normal View History

Update readme.md
7 years ago
Added Service Fabric deployment scripts & docu
7 years ago
Update readme.md
7 years ago
Added Service Fabric deployment scripts & docu
7 years ago
Update readme.md
7 years ago
Added Service Fabric deployment scripts & docu
7 years ago
Update ARM template for SF deployment
7 years ago
Added Service Fabric deployment scripts & docu
7 years ago
Moved SF ARM templates to WindowsContainers directory
7 years ago
Added Service Fabric deployment scripts & docu
7 years ago
Created ARM template for deploying a secured SF Created ps1 to generate certificates in keyvault Updated readme
7 years ago
Update readme.md
7 years ago
Created ARM template for deploying a secured SF Created ps1 to generate certificates in keyvault Updated readme
7 years ago
Created deployment scripts for SF Linux
7 years ago
Created ARM template for deploying a secured SF Created ps1 to generate certificates in keyvault Updated readme
7 years ago
Update readme.md
7 years ago
Created ARM template for deploying a secured SF Created ps1 to generate certificates in keyvault Updated readme
7 years ago
Update readme.md
7 years ago
Added Service Fabric deployment scripts & docu
7 years ago
 
  1. # Deploying a Service Fabric cluster based on Windows nodes (No Secured)

  2. You can always deploy a SF cluster through the Azure portal, as explained in this article: https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-get-started-azure-cluster
  3. 

  4. However, when creating a cluster, there are quite a few configurations to take into account, like enabling the internal DNS service or Reverse Proxy service, choosing between Linux/Windows, open/publish your application ports in the load-balancer and most of all (the most complex setup) how to create a secure cluster.
  5. 

  6. Because of those reasons, we have created a set of ARM templates and scripts so you can create, re-create and configure the SF clusters much faster, as explained below: 
  7. 

  8. Within eShopOnContainers root folder, at the folder [..\deploy\az\servicefabric\WindowsContainers](https://github.com/dotnet-architecture/eShopOnContainers/tree/dev/deploy/az/servicefabric/WindowsContainers), you can find the ARM template `servicefabricdeploy.json` and its parameters file (`servicefabricdeploy.parameters.json`) to create a Service Fabric cluster environment for Windows Containers.
  9. 

  10. ## Edit the servicefabricdeploy.parameters.json file

  11. 

  12. Edit the following params in `servicefabricdeploy.parameters.json` file to set your values:
  13. 

  14. - clusterName: Name of your SF cluster
  15. - dnsName: Name assigned to your SF dns
  16. - adminUserName: user name for administration
  17. - adminPassword: user password for administration
  18. 

  19. Optionally, you can modify which ports are opened in the LoadBalancer for accessing externally to the apps:
  20. 

  21. - webMvcHttpPort: port externally exposed for the WebMVC app
  22. - webSpaHttpPort: port externally exposed for the WebSPA app
  23. - webStatusHttpPort: port externally exposed for the WebStatus app
  24. - IdSrvHttpRule: port externally exposed for the Identity app
  25. 

  26. ## Deploy the template

  27. 

  28. Once parameter file is edited you can deploy it using [create-resources script](../readme.md).
  29. 

  30. i. e. if you are in windows, to deploy sql databases in a new resourcegroup located in westus, go to `deploy\az` folder and type:
  31. 

  32. ```
  33. create-resources.cmd servicefabric\WindowsContainers\servicefabricdeploy newResourceGroup -c westus
  34. ```
  35. ## Deploy eShopOnServiceFabric with Visual Studio.

  36. 

  37. Alternatively, instead of using ARM templates, you can deploy eShop on service fabric directly by publishing the project eShopOnServiceFabric in eShopOnContainers-ServicesAndWebApps.sln with Visual Studio publish tool.
  38. 

  39. # Deploying Azure Service Fabric (Secured)

  40. 

  41. The ARM template `servicefabricdeploysecured.json` and its parameter file (`servicefabricdeploysecured.parameters.json`) are used to create a service fabric cluster environment for windows containers secured with a certificate.
  42. 

  43. ## Create Azure Keyvault service

  44. Go to PortalAzure and create a Keyvault service. Make sure Enable access for deployment checkboxes are selected.
  45. 

  46. <img src="../../../../img/sf/create-kv.PNG">
  47. 

  48. ## Generate a certificate in Azure Keyvault

  49. Execute the gen-keyvaultcert.ps1 script to generate and download a certificate from Keyvault.
  50. 

  51. ```
  52. .\gen-keyvaultcert.ps1 -vaultName <your_keyvault_service> -certName <your_cert_name> -certPwd <your_cert_pwd> -subjectName CN=<your_sf_dns_name>.westeurope.cloudapp.azure.com -saveDir C:\Users\<user>\Downloads
  53. 

  54. ```
  55. ## Install the certificate

  56. Install the certificate under 'Current User' store location and check it as exportable.
  57. 

  58. <img src="../../../../img/sf/install-cert.PNG">
  59. 

  60. ## Editing servicefabricdeploysecured.parameters.json file

  61. 

  62. Edit the following params in `servicefabricdeploysecured.parameters.json` file to set your values:
  63. 

  64. - clusterName: Name of your SF cluster
  65. - dnsName: Name assigned to your SF dns
  66. - adminUserName: user name for administration
  67. - adminPassword: user password for administration
  68. - sourceVaultValue: keyvault resource id (check azure keyvault properties)
  69. - certificateUrlValue: certificate url (check azure Keyvault certificate properties)
  70. - certificateThumbprint: certificate thumbprint (check azure Keyvault certificate properties)
  71. 

  72. Optionally, you can modify which ports are opened in the LoadBalancer for accessing externally to the apps:
  73. 

  74. - webMvcHttpPort: port externally exposed for the WebMVC app
  75. - webSpaHttpPort: port externally exposed for the WebSPA app
  76. - webStatusHttpPort: port externally exposed for the WebStatus app
  77. - IdSrvHttpRule: port externally exposed for the Identity app
  78. 

  79. ## Deploy the template

  80. 

  81. Once parameter file is edited you can deploy it using [create-resources script](../readme.md).
  82. 

  83. ```
  84. create-resources.cmd servicefabric\WindowsContainers\servicefabricdeploysecured newResourceGroup -c westus
  85. ```
  86. ## Deploy eShopOnServiceFabric with Visual Studio.

  87. 

  88. Modify the cloud.xml file of each Service Fabric application in PublishProfile directory and set  your certificate settings to be able to deploy eshopOnContainers in the secured cluster:
  89. 

  90. <img src="../../../../img/sf/cloud_publishProfile.PNG">
  91. 

  92. 

  93.