Skip to content
This repository has the template and Azure CLI commands needed to create a secure Azure Service Fabric running Linux.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Secure Service Fabric on Linux inside an existing Virtual Network

This guide will help you create a Secured Linux Service Fabric cluster that runs inside an existing Virtual Network and Subnet using the Azure CLI.

The template is based on the sample published here and is modified to provision into an existing Virtual Network and Subnet.

This guide assumes you already have a Virtual Network created with a Subnet where you want to deploy Service Fabric. If not, you need to create the Virtual Network and Subnet first and specify the values below.


  1. Specify variable values

    declare rg=sf-rg # Resource Group Name
    declare location=westeurope # Region
    declare sfName=sfcluster # Service Fabric cluster name
  2. Create Resource Group

    az group create -n $rg -l $location
  3. Modify the parameters.json file and fill in:

    • clusterName with your Service Fabric cluster name
    • clusterLocation with your region name
    • adminUserName with your VM admin username
    • adminPassword with your VM admin password
    • existingVirtualNetworkNameRGName with your existing Virtual Network Resource Group name
    • existingVirtualNetworkName with your existing Virtual Network name
    • existingSubnetName with your existing Virtual Network name
    • existingSubnetPrefix with your existing Virtual Network name
  4. Create the folder to store the certificates:

    mkdir -p certs
  5. Create the cluster and generate a certificate

    az sf cluster create -n $sfName -g $rg -l $location \
    --certificate-output-folder certs \
    --certificate-subject-name "$sfName.$" \
    --template-file template.json --parameter-file parameters.json
  6. Verify that the cluster is up

    Wait until the command below shows Succeeded. It may take a while.

    az sf cluster show -n $sfName -g $location --query clusterState
  7. Connect to the cluster

    Once the cluster is up and running, connect using sfctl. Make sure to replace /path/to/certificate.pem with the actual path to the generated certificate in the certs folder

    sfctl cluster select --endpoint "https://$sfName.$" --pem /path/to/certificate.pem --no-verify
  8. Verify cluster health

    sfctl cluster health
  9. Access the Service Fabric Explorer in your browser

    Make sure you install either the .pem or the .pfx certificate on your machine, depending on your operating system, then go to https://[clustername].[region]

    When prompted, select the cluster certificate to authenticate.

You can’t perform that action at this time.