diff --git a/deploy/az/servicefabric/LinuxContainers/readme.md b/deploy/az/servicefabric/LinuxContainers/readme.md index de87936b6..8e52fa8b6 100644 --- a/deploy/az/servicefabric/LinuxContainers/readme.md +++ b/deploy/az/servicefabric/LinuxContainers/readme.md @@ -94,21 +94,35 @@ Install the certificate (by double-clicking on the .PFX file) under 'Current Use +Also, install the same certificate as CA (Certificate Authority) under Current User, too. + +![image](https://user-images.githubusercontent.com/1712635/31642795-c6ffa434-b2a1-11e7-8ff8-2a63549a780e.png) + ## Editing servicefabricdeploysecured.parameters.json file -Edit the parameters in `servicefabricdeploysecured.parameters.json` in a similar way you can do with tthe unsecured .json file shown above (clusterName, dnsName, etc.), plus edit the following values: +Edit the parameters in `servicefabricdeploysecured.parameters.json` in a similar way you can do with the unsecured .json file shown above (clusterName, dnsName, etc.), plus edit the following values: + +- sourceVaultValue: Your Azure Keyvault's RESOURCE ID (check Azure keyvault properties, similar to: /subscriptions/e1234ac1-c09c-3jaf-6767-98b3c5f1f246/resourceGroups/eshop-global-resgrp/providers/Microsoft.KeyVault/vaults/eshopkeyvault") + +- certificateUrlValue: Your certificate Secret Identifier (check Azure Keyvault secret certificate properties, should be in the format of https://.vault.azure.net:443/secrets/, similar to: +https://eshopkeyvault.vault.azure.net/secrets/pro-eshop-sflinux-cluster-cert/fd47684442c04cdj83b3hfe4h8e08123) -- sourceVaultValue: keyvault resource id (check azure keyvault properties) -- certificateUrlValue: certificate url (check azure Keyvault certificate properties) -- certificateThumbprint: certificate thumbprint (check azure Keyvault certificate properties) +- certificateThumbprint: certificate thumbprint (check azure Keyvault certificate thumbprint, something like 69JK453486D55A6818577Z0699100365HDK70FCE) ## Deploy the template -Once parameter file is edited you can deploy it using [create-resources script](../readme.md). +Once parameters file is edited you can deploy it using [create-resources script](../readme.md). +Use a command prompt window positioned into the deploy\az folder. ``` -create-resources.cmd servicefabric\LinuxContainers\servicefabricdeploysecured newResourceGroup -c westus +create-resources.cmd servicefabric\LinuxContainers\servicefabricdeploysecured pro-eshop-sflinux-resgrp -c westus ``` +The execution should be something like the following: +![image](https://user-images.githubusercontent.com/1712635/31642529-54479704-b2a0-11e7-90ee-2abf32c92205.png) + +Once the cluster is created you can explore it with Azure's portal, like in the following image: + + ## Deploy eShopOnServiceFabric with Visual Studio. Modify the cloud.xml file of each Service Fabric application in PublishProfile directory and set your certificate settings to be able to deploy eshopOnContainers in the secured cluster: