Azure Service Fabric is a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable microservices. Service Fabric also addresses the significant challenges in developing and managing cloud applications.
Plan your cluster configuration before deploying the charm as the current release doesn't support dynamically changing the configuration options.
Supported deployment scenarios at the moment are:
-
Unsecured cluster node-to-node and client-to-node. This is the default behavior and the charm doesn't have any relation with other charms, but this is not recommended in the production due to security concerns.
-
Secured using Active Directory Windows credentials. This requires a relation with the active directory charm and it can be achieved by deploying the current charm with
security-type
config option set toWindows
.
For both scenarios make sure you properly adjust the reliability-level
config option as this dictates the minimum number of units necessary to form the cluster. By default the reliability level is set to Bronze
and it requires at least three nodes to form the cluster. More info about reliability levels can be found at the following url.
Take care when using Juju OpenStack provider to always set the config option change-hostname
to True
. Due to the fact that Juju spawns nova instances with long names, all instances end up with the same prefix. After instances finish the initializing process, they all have the same hostname as cloudbase-init just gets the first 15 characters from the nova instance name. This is problematic when joining an Active Directory domain. Config option change-hostname
will enable the charm to rename the computer name to a unique name formed from unit name and unit number.
The charm has two dependencies. Whenever someone deploys the charm, these needs to be passed as Juju resources (resources are available in Juju versions >= 2.0).
Make sure you download the dependencies before you deploy the charm:
- Full version of .NET framework version 4.5.1 or higher. This can be obtained from the following download url;
- Service Fabric standalone zip package. This can be downloaded from the Microsoft website at the following url, section Download the Service Fabric standalone package.
When you have your resources ready, you can deploy the charm.
NOTE: The default Juju resources from charm store are just some dummy files and they are the not real resources. If the user doesn't provide the real resources at deploy time, the charm will not work.
The following commands will deploy a cluster using AD Windows security type, Bronze
reliability level and HAProxy load balancer in order to do a reverse proxy for the API and GUI endpoints.
juju deploy cs:~cloudbaseit/azure-service-fabric --num-units 3 --series win2012r2 \
--resource dotnet-installer="<dot_net_framework_installer_path>" \
--resource asf-zip-package="<service_fabric_zip_package_path>"
juju config azure-service-fabric security-type=Windows \
change-hostname=True
juju deploy cs:~cloudbaseit/active-directory --series win2012r2
juju config active-directory administrator-password="<secure_password>" \
safe-mode-password="<secure_password>" \
domain-user="jujuadmin" \
domain-user-password="<secure_password>" \
domain-name="<fully_qualified_domain_name>" \
change-hostname=True
juju deploy cs:haproxy --series xenial
juju add-relation azure-service-fabric active-directory
juju add-relation azure-service-fabric haproxy
juju expose haproxy
Once the deployment finishes, find the public address of HAProxy unit and you can access the web portal the the following url: http://<haproxy_public_address>:19080
. Also if you'd like to query the API, this can be done at the following endpoint: <haproxy_public_address>:19000
.
To access either the GUI or the API, you need the AD credentials. The charm requests two users from the Active Directory charm and both are granted with cluster access. One of the users named asf-admin
has cluster administrative privileges and the other one named asf-user
is just a normal user with read-only access to the cluster.
Passwords for these domain users are randomly generated by the AD charm. After the deployment is finished, you can find their passwords by running the get-ad-user-credentials
Juju action:
ACTION_ID=$(juju run-action <any_deployed_service_fabric_unit> get-ad-user-credentials | awk '{print $5}')
juju show-action-output $ACTION_ID
For scaling up your cluster, adding another node to your cluster is just as easy as typing the following command:
juju add-unit azure-service-fabric
Unfortunately, the current version of the charm doesn't support scaling down, but this will be added in the upcoming release of the charm.