0

I am trying to deploy Service Fabric cluster through ARM template and attach the existing scale set. The pipeline is getting executed properly with no error but when i open service fabric in portal the status is "waiting for nodes". I don't know where i am making mistake. I am using the same certificate thumbprint which is there in scale set. my certificate is stored in KeyVault. Here is my ARM template

{
    "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "clusterName": {
            "type": "string",
            "defaultValue": "GEN-UNIQUE",
            "metadata": {
                "description": "Name of your cluster - Between 3 and 23 characters. Letters and numbers only"
            }
        },
        "clusterLocation": {
            "type": "string",
            "defaultValue": "westus",
            "metadata": {
                "description": "Location of the Cluster"
            }
        }, 
        "applicationStartPort": {
            "type": "int",
            "defaultValue": 20000
        },
        "applicationEndPort": {
            "type": "int",
            "defaultValue": 30000
        },
        "ephemeralStartPort": {
            "type": "int",
            "defaultValue": 49152
        },
        "ephemeralEndPort": {
            "type": "int",
            "defaultValue": 65534
        },
        "fabricTcpGatewayPort": {
            "type": "int",
            "defaultValue": 19000
        },
        "fabricHttpGatewayPort": {
            "type": "int",
            "defaultValue": 19080
        },
        "clusterProtectionLevel": {
            "type": "string",
            "allowedValues": [
                "None",
                "Sign",
                "EncryptAndSign"
            ],
            "defaultValue": "EncryptAndSign",
            "metadata": {
                "description": "Protection level.Three values are allowed - EncryptAndSign, Sign, None. It is best to keep the default of EncryptAndSign, unless you have a need not to"
            }
        },
        "certificateThumbprint": {
            "type": "string",
            "defaultValue": "GEN-CUSTOM-DOMAIN-SSLCERT-THUMBPRINT",
            "metadata": {
                "description": "Certificate Thumbprint"
            }
        },
        "certificateStoreValue": {
            "defaultValue": "My",
            "allowedValues": [
                "My"
            ],
            "type": "string",
            "metadata": {
                "description": "The store name where the cert will be deployed in the virtual machine"
            }
        },
        "supportLogStorageAccountName": {
            "type": "string",
            "defaultValue": "[toLower( concat('sflogs', uniqueString(resourceGroup().id),'2'))]",
            "metadata": {
                "description": "Name for the storage account that contains support logs from the cluster"
            }
        },
        "blobEndpoint":{
            "type": "string"
        },
        "queueEndpoint":{
            "type": "string"
        },
        "tableEndpoint":{
            "type": "string"
        },
        "InstanceCount": {
            "type": "int",
            "defaultValue": 5,
            "metadata": {
                "description": "Instance count for node type"
            }
        },
        "vmNodeTypeName": {
            "type": "string"
        },
        "nodeTypes":{
            "type": "array"
        },
        "lbIPName": {
            "type": "string"
        },
        "fqdn":{
            "type": "string"
        },
        "reliabilityLevel":{
            "type": "string"
        },
        "upgradeMode":{
            "type": "string"
        }
    },
    "variables":{       
        "storageApiVersion": "2016-01-01",
        "publicIPApiVersion": "2015-06-15"
        },
"resources": [
   {
    "apiVersion": "2018-02-01",
    "type": "Microsoft.ServiceFabric/clusters",
    "name": "[parameters('clusterName')]",
    "location": "[parameters('clusterLocation')]",
    "dependsOn": [],
    "properties": {
        "addonFeatures": [
            "DnsService"
        ],
        "certificate": {
            "thumbprint": "[parameters('certificateThumbprint')]",
            "x509StoreName": "[parameters('certificateStoreValue')]"
        },
        "clientCertificateCommonNames": [],
        "clientCertificateThumbprints": [],
        "clusterState": "Default",
        "diagnosticsStorageAccountConfig": {
            "storageAccountName": "[parameters('supportLogStorageAccountName')]",
            "protectedAccountKeyName": "StorageAccountKey1",
            "blobEndpoint": "[parameters('blobEndpoint')]",
            "queueEndpoint": "[parameters('queueEndpoint')]",
            "tableEndpoint": "[parameters('tableEndpoint')]"
        },
        "fabricSettings": [
            {
                "parameters": [
                    {
                        "name": "ClusterProtectionLevel",
                        "value": "[parameters('clusterProtectionLevel')]"
                    }
                ],
                "name": "Security"
            }
        ],
        "managementEndpoint": "[concat('https://',parameters('fqdn'),':',parameters('fabricHttpGatewayPort'))]",
        "nodeTypes": "[parameters('nodeTypes')]",
        "reliabilityLevel": "[parameters('reliabilityLevel')]",
        "upgradeMode": "[parameters('upgradeMode')]"
    }
   }
 ]  

}
Nitesh Singh
  • 338
  • 3
  • 10

1 Answers1

0

For this deployment error, you can look through these problems and solutions in this blog. It might be caused by the Certificate Thumbprint Issue and KeyVault issue.

If it's no luck, try to change the VM sizes or change the region of the nodes or just rebuild like this.

For more reference about SFC deployment with key vault cert, you also could refer to this article.

Nancy
  • 26,865
  • 3
  • 18
  • 34
  • can we use the already created scale set or existing scale set as node in Service fabric cluster. – Nitesh Singh Feb 18 '20 at 04:55
  • I think we can't use the existing scale set as there isn't an option for allowing us to select the existing scale set when you create SFC resources on the Azure portal. Refer to this [NodeTypeDescription](https://learn.microsoft.com/en-us/azure/templates/microsoft.servicefabric/2019-06-01-preview/clusters#nodetypedescription-object) object, there is also no such attribute for this. – Nancy Feb 18 '20 at 05:36
  • that's what i am trying to achieve from last week and i am failing. One last question, How many scale set or node types we can attach in service fabric cluster because in portal we can attach max 3 node types, if we are trying to deploy it from ARM template. – Nitesh Singh Feb 18 '20 at 05:44
  • The node types attach max 3 in the [cluster configuration](https://learn.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-creation-via-portal#2-cluster-configuration), it defines the scale set numbers. But for each VM instance in one node type, it depends on the [reliability tier of the cluster](https://learn.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-capacity#the-reliability-characteristics-of-the-cluster). – Nancy Feb 18 '20 at 06:16