Skip to content

Instantly share code, notes, and snippets.

@nilayparikh

nilayparikh/deploy.ps1

Last active April 6, 2017 16:38
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save nilayparikh/6d2b248a9c636d36efdc22b7961874fb to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save nilayparikh/6d2b248a9c636d36efdc22b7961874fb to your computer and use it in GitHub Desktop.
Download ZIP
Guide: A Step-by-Step Guide to Setup Service Fabric Cluster in Azure
Raw
deploy.ps1
<#
.SYNOPSIS
Deploys a template to Azure
.DESCRIPTION
Deploys an Azure Resource Manager template
.PARAMETER subscriptionId
The subscription id where the template will be deployed.
.PARAMETER resourceGroupName
The resource group where the template will be deployed. Can be the name of an existing or a new resource group.
.PARAMETER resourceGroupLocation
Optional, a resource group location. If specified, will try to create a new resource group in this location. If not specified, assumes resource group is existing.
.PARAMETER deploymentName
The deployment name.
.PARAMETER templateFilePath
Optional, path to the template file. Defaults to template.json.
.PARAMETER parametersFilePath
Optional, path to the parameters file. Defaults to parameters.json. If file is not found, will prompt for parameter values based on template.
#>
param(
[Parameter(Mandatory=$True)]
[string]
$subscriptionId,
[Parameter(Mandatory=$True)]
[string]
$resourceGroupName,
[string]
$resourceGroupLocation,
[Parameter(Mandatory=$True)]
[string]
$deploymentName,
[string]
$templateFilePath = "template.json",
[string]
$parametersFilePath = "parameters.json"
)
<#
.SYNOPSIS
Registers RPs
#>
Function RegisterRP {
Param(
[string]$ResourceProviderNamespace
)
Write-Host "Registering resource provider '$ResourceProviderNamespace'";
Register-AzureRmResourceProvider -ProviderNamespace $ResourceProviderNamespace;
}
#******************************************************************************
# Script body
# Execution begins here
#******************************************************************************
$ErrorActionPreference = "Stop"
# sign in
Write-Host "Logging in...";
Login-AzureRmAccount;
# select subscription
Write-Host "Selecting subscription '$subscriptionId'";
Select-AzureRmSubscription -SubscriptionID $subscriptionId;
# Register RPs
$resourceProviders = @("microsoft.storage","microsoft.network","microsoft.compute","microsoft.servicefabric");
if($resourceProviders.length) {
Write-Host "Registering resource providers"
foreach($resourceProvider in $resourceProviders) {
RegisterRP($resourceProvider);
}
}
#Create or check for existing resource group
$resourceGroup = Get-AzureRmResourceGroup -Name $resourceGroupName -ErrorAction SilentlyContinue
if(!$resourceGroup)
{
Write-Host "Resource group '$resourceGroupName' does not exist. To create a new resource group, please enter a location.";
if(!$resourceGroupLocation) {
$resourceGroupLocation = Read-Host "resourceGroupLocation";
}
Write-Host "Creating resource group '$resourceGroupName' in location '$resourceGroupLocation'";
New-AzureRmResourceGroup -Name $resourceGroupName -Location $resourceGroupLocation
}
else{
Write-Host "Using existing resource group '$resourceGroupName'";
}
# Start the deployment
Write-Host "Starting deployment...";
if(Test-Path $parametersFilePath) {
New-AzureRmResourceGroupDeployment -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath -TemplateParameterFile $parametersFilePath;
} else {
New-AzureRmResourceGroupDeployment -ResourceGroupName $resourceGroupName -TemplateFile $templateFilePath;
}
Raw
parameters.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"clusterName": {
"value": "npblogdemo"
},
"clusterLocation": {
"value": "uksouth"
},
"computeLocation": {
"value": "uksouth"
},
"adminUserName": {
"value": "nilayparikh"
},
"adminPassword": {
"value": null
},
"nicName": {
"value": "NIC-npblogdemo"
},
"publicIPAddressName": {
"value": "npblogdemo-PubIP"
},
"vmStorageAccountName": {
"value": "sfvmnpblogdemo7714"
},
"dnsName": {
"value": "npblogdemo"
},
"virtualNetworkName": {
"value": "VNet-npblogdemo"
},
"lbName": {
"value": "LB-npblogdemo"
},
"lbIPName": {
"value": "LBIP-npblogdemo"
},
"applicationDiagnosticsStorageAccountName": {
"value": "sfdgnpblogdemo2611"
},
"supportLogStorageAccountName": {
"value": "sflogsnpblogdemo2918"
},
"sourceVaultValue": {
"value": "/subscriptions/afb791fd-6337-4a87-b004-8ae08bc948a6/resourceGroups/blog.nilayparikh.com/providers/Microsoft.KeyVault/vaults/npblogdemosfkeyvault"
},
"certificateUrlValue": {
"value": "https://npblogdemosfkeyvault.vault.azure.net:443/secrets/npblogdemosfcertificate/6fbe1d46f7cb49bc94181cb0c07884f6"
},
"certificateThumbprint": {
"value": "7C96DC096A7998DCDD50985178AECD2AFA312889"
},
"vmImageSku": {
"value": "2016-Datacenter"
},
"nt0ephemeralStartPort": {
"value": 49152
},
"nt0ephemeralEndPort": {
"value": 65534
},
"nt0applicationStartPort": {
"value": 20000
},
"nt0applicationEndPort": {
"value": 30000
},
"nt0fabricTcpGatewayPort": {
"value": 19000
},
"nt0fabricHttpGatewayPort": {
"value": 19080
},
"nt1ephemeralStartPort": {
"value": 49152
},
"nt1ephemeralEndPort": {
"value": 65534
},
"nt1applicationStartPort": {
"value": 20000
},
"nt1applicationEndPort": {
"value": 30000
},
"nt1fabricTcpGatewayPort": {
"value": 19000
},
"nt1fabricHttpGatewayPort": {
"value": 19080
}
}
}
Raw
template.json
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"clusterLocation": {
"type": "string",
"metadata": {
"description": "Location of the Cluster"
}
},
"clusterName": {
"type": "string",
"defaultValue": "Cluster",
"metadata": {
"description": "Name of your cluster - Between 3 and 23 characters. Letters and numbers only"
}
},
"nt0applicationStartPort": {
"type": "int",
"defaultValue": 20000
},
"nt0applicationEndPort": {
"type": "int",
"defaultValue": 30000
},
"nt0ephemeralStartPort": {
"type": "int",
"defaultValue": 49152
},
"nt0ephemeralEndPort": {
"type": "int",
"defaultValue": 65534
},
"nt0fabricTcpGatewayPort": {
"type": "int",
"defaultValue": 19000
},
"nt0fabricHttpGatewayPort": {
"type": "int",
"defaultValue": 19080
},
"subnet0Name": {
"type": "string",
"defaultValue": "Subnet-0"
},
"subnet0Prefix": {
"type": "string",
"defaultValue": "10.0.0.0/24"
},
"nt1applicationStartPort": {
"type": "int",
"defaultValue": 20000
},
"nt1applicationEndPort": {
"type": "int",
"defaultValue": 30000
},
"nt1ephemeralStartPort": {
"type": "int",
"defaultValue": 49152
},
"nt1ephemeralEndPort": {
"type": "int",
"defaultValue": 65534
},
"nt1fabricTcpGatewayPort": {
"type": "int",
"defaultValue": 19000
},
"nt1fabricHttpGatewayPort": {
"type": "int",
"defaultValue": 19080
},
"subnet1Name": {
"type": "string",
"defaultValue": "Subnet-1"
},
"subnet1Prefix": {
"type": "string",
"defaultValue": "10.0.1.0/24"
},
"computeLocation": {
"type": "string"
},
"vmStorageAccountName": {
"type": "string"
},
"publicIPAddressName": {
"type": "string",
"defaultValue": "PublicIP-VM"
},
"publicIPAddressType": {
"type": "string",
"allowedValues": [
"Dynamic"
],
"defaultValue": "Dynamic"
},
"vmStorageAccountContainerName": {
"type": "string",
"defaultValue": "vhds"
},
"adminUserName": {
"type": "string",
"defaultValue": "testadm",
"metadata": {
"description": "Remote desktop user Id"
}
},
"adminPassword": {
"type": "securestring",
"metadata": {
"description": "Remote desktop user password. Must be a strong password"
}
},
"virtualNetworkName": {
"type": "string",
"defaultValue": "VNet"
},
"addressPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/16"
},
"dnsName": {
"type": "string"
},
"nicName": {
"type": "string",
"defaultValue": "NIC"
},
"lbName": {
"type": "string",
"defaultValue": "LoadBalancer"
},
"lbIPName": {
"type": "string",
"defaultValue": "PublicIP-LB-FE"
},
"overProvision": {
"type": "string",
"defaultValue": "false"
},
"vmImagePublisher": {
"type": "string",
"defaultValue": "MicrosoftWindowsServer"
},
"vmImageOffer": {
"type": "string",
"defaultValue": "WindowsServer"
},
"vmImageSku": {
"type": "string",
"defaultValue": "2012-R2-Datacenter"
},
"vmImageVersion": {
"type": "string",
"defaultValue": "latest"
},
"loadBalancedAppPort1": {
"type": "int",
"defaultValue": 80,
"metadata": {
"description": "Input endpoint1 for the application to use. Replace it with what your application uses"
}
},
"loadBalancedAppPort2": {
"type": "int",
"defaultValue": 443,
"metadata": {
"description": "Input endpoint2 for the application to use. Replace it with what your application uses"
}
},
"loadBalancedAppPort3": {
"type": "int",
"defaultValue": 9000,
"metadata": {
"description": "Input endpoint3 for the application to use. Replace it with what your application uses"
}
},
"loadBalancedAppPort4": {
"type": "int",
"defaultValue": 9001,
"metadata": {
"description": "Input endpoint4 for the application to use. Replace it with what your application uses"
}
},
"loadBalancedAppPort5": {
"type": "int",
"defaultValue": 9002,
"metadata": {
"description": "Input endpoint5 for the application to use. Replace it with what your application uses"
}
},
"loadBalancedAppPort6": {
"type": "int",
"defaultValue": 9003,
"metadata": {
"description": "Input endpoint6 for the application to use. Replace it with what your application uses"
}
},
"loadBalancedAppPort7": {
"type": "int",
"defaultValue": 9004,
"metadata": {
"description": "Input endpoint7 for the application to use. Replace it with what your application uses"
}
},
"loadBalancedAppPort8": {
"type": "int",
"defaultValue": 9005,
"metadata": {
"description": "Input endpoint8 for the application to use. Replace it with what your application uses"
}
},
"clusterProtectionLevel": {
"type": "string",
"allowedValues": [
"None",
"Sign",
"EncryptAndSign"
],
"defaultValue": "EncryptAndSign",
"metadata": {
"description": "Protection level.Three values are allowed - EncryptAndSign, Sign, None. It is best to keep the default of EncryptAndSign, unless you have a need not to"
}
},
"certificateStoreValue": {
"type": "string",
"allowedValues": [
"My"
],
"defaultValue": "My",
"metadata": {
"description": "The store name where the cert will be deployed in the virtual machine"
}
},
"certificateThumbprint": {
"type": "string",
"metadata": {
"description": "Certificate Thumbprint"
}
},
"sourceVaultValue": {
"type": "string",
"metadata": {
"description": "Resource Id of the key vault, is should be in the format of /subscriptions/<Sub ID>/resourceGroups/<Resource group name>/providers/Microsoft.KeyVault/vaults/<vault name>"
}
},
"certificateUrlValue": {
"type": "string",
"metadata": {
"description": "Refers to the location URL in your key vault where the certificate was uploaded, it is should be in the format of https://<name of the vault>.vault.azure.net:443/secrets/<exact location>"
}
},
"storageAccountType": {
"type": "string",
"allowedValues": [
"Standard_LRS",
"Standard_GRS"
],
"defaultValue": "Standard_LRS",
"metadata": {
"description": "Replication option for the VM image storage account"
}
},
"supportLogStorageAccountType": {
"type": "string",
"allowedValues": [
"Standard_LRS",
"Standard_GRS"
],
"defaultValue": "Standard_LRS",
"metadata": {
"description": "Replication option for the support log storage account"
}
},
"supportLogStorageAccountName": {
"type": "string",
"defaultValue": "[toLower( concat('sflogs', uniqueString(resourceGroup().id),'2'))]",
"metadata": {
"description": "Name for the storage account that contains support logs from the cluster"
}
},
"applicationDiagnosticsStorageAccountType": {
"type": "string",
"allowedValues": [
"Standard_LRS",
"Standard_GRS"
],
"defaultValue": "Standard_LRS",
"metadata": {
"description": "Replication option for the application diagnostics storage account"
}
},
"applicationDiagnosticsStorageAccountName": {
"type": "string",
"defaultValue": "[toLower(concat(uniqueString(resourceGroup().id), '3' ))]",
"metadata": {
"description": "Name for the storage account that contains application diagnostics data from the cluster"
}
},
"nt0InstanceCount": {
"type": "int",
"defaultValue": 3,
"metadata": {
"description": "Instance count for node type"
}
},
"vmNodeType0Name": {
"type": "string",
"defaultValue": "npblognt1",
"maxLength": 9
},
"vmNodeType0Size": {
"type": "string",
"defaultValue": "Standard_A0"
},
"nt1InstanceCount": {
"type": "int",
"defaultValue": 2,
"metadata": {
"description": "Instance count for node type"
}
},
"vmNodeType1Name": {
"type": "string",
"defaultValue": "npblognt2",
"maxLength": 9
},
"vmNodeType1Size": {
"type": "string",
"defaultValue": "Standard_A0"
}
},
"variables": {
"vmssApiVersion": "2016-03-30",
"lbApiVersion": "2015-06-15",
"vNetApiVersion": "2015-06-15",
"storageApiVersion": "2016-01-01",
"publicIPApiVersion": "2015-06-15",
"vnetID": "[resourceId('Microsoft.Network/virtualNetworks',parameters('virtualNetworkName'))]",
"subnet0Ref": "[concat(variables('vnetID'),'/subnets/',parameters('subnet0Name'))]",
"subnet1Ref": "[concat(variables('vnetID'),'/subnets/',parameters('subnet1Name'))]",
"lbID0": "[resourceId('Microsoft.Network/loadBalancers', concat('LB','-', parameters('clusterName'),'-',parameters('vmNodeType0Name')))]",
"lbIPConfig0": "[concat(variables('lbID0'),'/frontendIPConfigurations/LoadBalancerIPConfig')]",
"lbPoolID0": "[concat(variables('lbID0'),'/backendAddressPools/LoadBalancerBEAddressPool')]",
"lbProbeID0": "[concat(variables('lbID0'),'/probes/FabricGatewayProbe')]",
"lbHttpProbeID0": "[concat(variables('lbID0'),'/probes/FabricHttpGatewayProbe')]",
"lbNatPoolID0": "[concat(variables('lbID0'),'/inboundNatPools/LoadBalancerBEAddressNatPool')]",
"vmStorageAccountName0": "[toLower(concat(uniqueString(resourceGroup().id), '1', '0' ))]",
"uniqueStringArray0": [
"[concat(variables('vmStorageAccountName0'), '0')]",
"[concat(variables('vmStorageAccountName0'), '1')]",
"[concat(variables('vmStorageAccountName0'), '2')]",
"[concat(variables('vmStorageAccountName0'), '3')]",
"[concat(variables('vmStorageAccountName0'), '4')]"
],
"lbID1": "[resourceId('Microsoft.Network/loadBalancers', concat('LB','-', parameters('clusterName'),'-',parameters('vmNodeType1Name')))]",
"lbIPConfig1": "[concat(variables('lbID1'),'/frontendIPConfigurations/LoadBalancerIPConfig')]",
"lbPoolID1": "[concat(variables('lbID1'),'/backendAddressPools/LoadBalancerBEAddressPool')]",
"lbProbeID1": "[concat(variables('lbID1'),'/probes/FabricGatewayProbe')]",
"lbHttpProbeID1": "[concat(variables('lbID1'),'/probes/FabricHttpGatewayProbe')]",
"lbNatPoolID1": "[concat(variables('lbID1'),'/inboundNatPools/LoadBalancerBEAddressNatPool')]",
"vmStorageAccountName1": "[toLower(concat(uniqueString(resourceGroup().id), '1', '1' ))]",
"uniqueStringArray1": [
"[concat(variables('vmStorageAccountName1'), '0')]",
"[concat(variables('vmStorageAccountName1'), '1')]",
"[concat(variables('vmStorageAccountName1'), '2')]",
"[concat(variables('vmStorageAccountName1'), '3')]",
"[concat(variables('vmStorageAccountName1'), '4')]"
]
},
"resources": [
{
"apiVersion": "[variables('storageApiVersion')]",
"type": "Microsoft.Storage/storageAccounts",
"name": "[parameters('supportLogStorageAccountName')]",
"location": "[parameters('computeLocation')]",
"dependsOn": [],
"properties": {},
"kind": "Storage",
"sku": {
"name": "[parameters('supportLogStorageAccountType')]"
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "[variables('storageApiVersion')]",
"type": "Microsoft.Storage/storageAccounts",
"name": "[parameters('applicationDiagnosticsStorageAccountName')]",
"location": "[parameters('computeLocation')]",
"dependsOn": [],
"properties": {},
"kind": "Storage",
"sku": {
"name": "[parameters('applicationDiagnosticsStorageAccountType')]"
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "[variables('vNetApiVersion')]",
"type": "Microsoft.Network/virtualNetworks",
"name": "[parameters('virtualNetworkName')]",
"location": "[parameters('computeLocation')]",
"dependsOn": [],
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('addressPrefix')]"
]
},
"subnets": [
{
"name": "[parameters('subnet0Name')]",
"properties": {
"addressPrefix": "[parameters('subnet0Prefix')]"
}
},
{
"name": "[parameters('subnet1Name')]",
"properties": {
"addressPrefix": "[parameters('subnet1Prefix')]"
}
}
]
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "[variables('publicIPApiVersion')]",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[concat(parameters('lbIPName'),'-','0')]",
"location": "[parameters('computeLocation')]",
"properties": {
"dnsSettings": {
"domainNameLabel": "[parameters('dnsName')]"
},
"publicIPAllocationMethod": "Dynamic"
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "[variables('lbApiVersion')]",
"type": "Microsoft.Network/loadBalancers",
"name": "[concat('LB','-', parameters('clusterName'),'-',parameters('vmNodeType0Name'))]",
"location": "[parameters('computeLocation')]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/',concat(parameters('lbIPName'),'-','0'))]"
],
"properties": {
"frontendIPConfigurations": [
{
"name": "LoadBalancerIPConfig",
"properties": {
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses',concat(parameters('lbIPName'),'-','0'))]"
}
}
}
],
"backendAddressPools": [
{
"name": "LoadBalancerBEAddressPool",
"properties": {}
}
],
"loadBalancingRules": [
{
"name": "LBRule",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID0')]"
},
"backendPort": "[parameters('nt0fabricTcpGatewayPort')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPort": "[parameters('nt0fabricTcpGatewayPort')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[variables('lbProbeID0')]"
},
"protocol": "tcp"
}
},
{
"name": "LBHttpRule",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID0')]"
},
"backendPort": "[parameters('nt0fabricHttpGatewayPort')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPort": "[parameters('nt0fabricHttpGatewayPort')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[variables('lbHttpProbeID0')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule1",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID0')]"
},
"backendPort": "[parameters('loadBalancedAppPort1')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPort": "[parameters('loadBalancedAppPort1')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID0'),'/probes/AppPortProbe1')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule2",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID0')]"
},
"backendPort": "[parameters('loadBalancedAppPort2')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPort": "[parameters('loadBalancedAppPort2')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID0'),'/probes/AppPortProbe2')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule3",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID0')]"
},
"backendPort": "[parameters('loadBalancedAppPort3')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPort": "[parameters('loadBalancedAppPort3')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID0'),'/probes/AppPortProbe3')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule4",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID0')]"
},
"backendPort": "[parameters('loadBalancedAppPort4')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPort": "[parameters('loadBalancedAppPort4')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID0'),'/probes/AppPortProbe4')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule5",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID0')]"
},
"backendPort": "[parameters('loadBalancedAppPort5')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPort": "[parameters('loadBalancedAppPort5')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID0'),'/probes/AppPortProbe5')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule6",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID0')]"
},
"backendPort": "[parameters('loadBalancedAppPort6')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPort": "[parameters('loadBalancedAppPort6')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID0'),'/probes/AppPortProbe6')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule7",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID0')]"
},
"backendPort": "[parameters('loadBalancedAppPort7')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPort": "[parameters('loadBalancedAppPort7')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID0'),'/probes/AppPortProbe7')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule8",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID0')]"
},
"backendPort": "[parameters('loadBalancedAppPort8')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPort": "[parameters('loadBalancedAppPort8')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID0'),'/probes/AppPortProbe8')]"
},
"protocol": "tcp"
}
}
],
"probes": [
{
"name": "FabricGatewayProbe",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('nt0fabricTcpGatewayPort')]",
"protocol": "tcp"
}
},
{
"name": "FabricHttpGatewayProbe",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('nt0fabricHttpGatewayPort')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe1",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort1')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe2",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort2')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe3",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort3')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe4",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort4')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe5",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort5')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe6",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort6')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe7",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort7')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe8",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort8')]",
"protocol": "tcp"
}
}
],
"inboundNatPools": [
{
"name": "LoadBalancerBEAddressNatPool",
"properties": {
"backendPort": "3389",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig0')]"
},
"frontendPortRangeEnd": "4500",
"frontendPortRangeStart": "3389",
"protocol": "tcp"
}
}
]
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[concat('nsg', parameters('subnet0Name'))]",
"location": "[resourceGroup().location]",
"properties": {
"securityRules": [
{
"name": "allowSvcFabSMB",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "445",
"direction": "Inbound",
"priority": 3950,
"protocol": "*",
"sourceAddressPrefix": "VirtualNetwork",
"sourcePortRange": "*"
},
"comments": "allow SMB traffic within the net, used by fabric to move packages around"
},
{
"name": "allowSvcFabCluser",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "1025-1027",
"direction": "Inbound",
"priority": 3920,
"protocol": "*",
"sourceAddressPrefix": "VirtualNetwork",
"sourcePortRange": "*"
},
"comments": "allow ports within vnet that are used by the fabric to talk between nodes"
},
{
"name": "allowSvcFabEphemeral",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[concat(parameters('nt0ephemeralStartPort'), '-', parameters('nt0ephemeralEndPort'))]",
"direction": "Inbound",
"priority": 3930,
"protocol": "*",
"sourceAddressPrefix": "VirtualNetwork",
"sourcePortRange": "*"
},
"comments": "allow fabric ephemeral ports within the vnet"
},
{
"name": "allowSvcFabPortal",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('nt0fabricHttpGatewayPort')]",
"direction": "Inbound",
"priority": 3900,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow port used to access the fabric cluster web portal"
},
{
"name": "allowSvcFabClient",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('nt0fabricTcpGatewayPort')]",
"direction": "Inbound",
"priority": 3910,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow port used by the fabric client (includes powershell)"
},
{
"name": "allowSvcFabApplication",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[concat(parameters('nt0applicationStartPort'), '-', parameters('nt0applicationEndPort'))]",
"direction": "Inbound",
"priority": 3940,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow fabric application ports within the vnet"
},
{
"name": "blockAll",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationPortRange": "*",
"direction": "Inbound",
"priority": 4095,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "block all traffic except what we've explicitly allowed"
},
{
"name": "allowVNetRDP",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "3389-4500",
"direction": "Inbound",
"priority": 3960,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow RDP within the net"
},
{
"name": "allowAppPort1",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort1')]",
"direction": "Inbound",
"priority": 2001,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 1"
},
{
"name": "allowAppPort2",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort2')]",
"direction": "Inbound",
"priority": 2002,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 2"
},
{
"name": "allowAppPort3",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort3')]",
"direction": "Inbound",
"priority": 2003,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 3"
},
{
"name": "allowAppPort4",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort4')]",
"direction": "Inbound",
"priority": 2004,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 4"
},
{
"name": "allowAppPort5",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort5')]",
"direction": "Inbound",
"priority": 2005,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 5"
},
{
"name": "allowAppPort6",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort6')]",
"direction": "Inbound",
"priority": 2006,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 6"
},
{
"name": "allowAppPort7",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort7')]",
"direction": "Inbound",
"priority": 2007,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 7"
},
{
"name": "allowAppPort8",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort8')]",
"direction": "Inbound",
"priority": 2008,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 8"
}
]
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "[variables('storageApiVersion')]",
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('uniqueStringArray0')[copyIndex()]]",
"location": "[parameters('computeLocation')]",
"dependsOn": [],
"properties": {},
"copy": {
"name": "storageLoop",
"count": 5
},
"kind": "Storage",
"sku": {
"name": "[parameters('storageAccountType')]"
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "[variables('vmssApiVersion')]",
"type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[parameters('vmNodeType0Name')]",
"location": "[parameters('computeLocation')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'))]",
"[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[0])]",
"[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[1])]",
"[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[2])]",
"[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[3])]",
"[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[4])]",
"[concat('Microsoft.Network/loadBalancers/', concat('LB','-', parameters('clusterName'),'-',parameters('vmNodeType0Name')))]",
"[concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName'))]",
"[concat('Microsoft.Storage/storageAccounts/', parameters('applicationDiagnosticsStorageAccountName'))]"
],
"properties": {
"overprovision": "[parameters('overProvision')]",
"upgradePolicy": {
"mode": "Automatic"
},
"virtualMachineProfile": {
"extensionProfile": {
"extensions": [
{
"name": "[concat(parameters('vmNodeType0Name'),'_ServiceFabricNode')]",
"properties": {
"type": "ServiceFabricNode",
"autoUpgradeMinorVersion": false,
"protectedSettings": {
"StorageAccountKey1": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('supportLogStorageAccountName')),'2015-05-01-preview').key1]",
"StorageAccountKey2": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('supportLogStorageAccountName')),'2015-05-01-preview').key2]"
},
"publisher": "Microsoft.Azure.ServiceFabric",
"settings": {
"clusterEndpoint": "[reference(parameters('clusterName')).clusterEndpoint]",
"nodeTypeRef": "[parameters('vmNodeType0Name')]",
"dataPath": "D:\\\\SvcFab",
"durabilityLevel": "Bronze",
"enableParallelJobs": true,
"nicPrefixOverride": "[parameters('subnet0Prefix')]",
"certificate": {
"thumbprint": "[parameters('certificateThumbprint')]",
"x509StoreName": "[parameters('certificateStoreValue')]"
}
},
"typeHandlerVersion": "1.0"
}
},
{
"name": "[concat('VMDiagnosticsVmExt','_vmNodeType0Name')]",
"properties": {
"type": "IaaSDiagnostics",
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"storageAccountName": "[parameters('applicationDiagnosticsStorageAccountName')]",
"storageAccountKey": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('applicationDiagnosticsStorageAccountName')),'2015-05-01-preview').key1]",
"storageAccountEndPoint": "https://core.windows.net/"
},
"publisher": "Microsoft.Azure.Diagnostics",
"settings": {
"WadCfg": {
"DiagnosticMonitorConfiguration": {
"overallQuotaInMB": "50000",
"EtwProviders": {
"EtwEventSourceProviderConfiguration": [
{
"provider": "Microsoft-ServiceFabric-Actors",
"scheduledTransferKeywordFilter": "1",
"scheduledTransferPeriod": "PT5M",
"DefaultEvents": {
"eventDestination": "ServiceFabricReliableActorEventTable"
}
},
{
"provider": "Microsoft-ServiceFabric-Services",
"scheduledTransferPeriod": "PT5M",
"DefaultEvents": {
"eventDestination": "ServiceFabricReliableServiceEventTable"
}
}
],
"EtwManifestProviderConfiguration": [
{
"provider": "cbd93bc2-71e5-4566-b3a7-595d8eeca6e8",
"scheduledTransferLogLevelFilter": "Information",
"scheduledTransferKeywordFilter": "4611686018427387904",
"scheduledTransferPeriod": "PT5M",
"DefaultEvents": {
"eventDestination": "ServiceFabricSystemEventTable"
}
}
]
}
}
},
"StorageAccount": "[parameters('applicationDiagnosticsStorageAccountName')]"
},
"typeHandlerVersion": "1.5"
}
}
]
},
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "[concat(parameters('nicName'), '-0')]",
"properties": {
"ipConfigurations": [
{
"name": "[concat(parameters('nicName'),'-',0)]",
"properties": {
"loadBalancerBackendAddressPools": [
{
"id": "[variables('lbPoolID0')]"
}
],
"loadBalancerInboundNatPools": [
{
"id": "[variables('lbNatPoolID0')]"
}
],
"subnet": {
"id": "[variables('subnet0Ref')]"
}
}
}
],
"primary": true
}
}
]
},
"osProfile": {
"adminPassword": "[parameters('adminPassword')]",
"adminUsername": "[parameters('adminUsername')]",
"computernamePrefix": "[parameters('vmNodeType0Name')]",
"secrets": [
{
"sourceVault": {
"id": "[parameters('sourceVaultValue')]"
},
"vaultCertificates": [
{
"certificateStore": "[parameters('certificateStoreValue')]",
"certificateUrl": "[parameters('certificateUrlValue')]"
}
]
}
]
},
"storageProfile": {
"imageReference": {
"publisher": "[parameters('vmImagePublisher')]",
"offer": "[parameters('vmImageOffer')]",
"sku": "[parameters('vmImageSku')]",
"version": "[parameters('vmImageVersion')]"
},
"osDisk": {
"vhdContainers": [
"[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[0]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]",
"[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[1]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]",
"[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[2]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]",
"[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[3]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]",
"[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray0')[4]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]"
],
"name": "vmssosdisk",
"caching": "ReadOnly",
"createOption": "FromImage"
}
}
}
},
"sku": {
"name": "[parameters('vmNodeType0Size')]",
"capacity": "[parameters('nt0InstanceCount')]",
"tier": "Standard"
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "[variables('publicIPApiVersion')]",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[concat(parameters('lbIPName'),'-','1')]",
"location": "[parameters('computeLocation')]",
"properties": {
"dnsSettings": {
"domainNameLabel": "[concat(parameters('dnsName'),'-','npblognt2')]"
},
"publicIPAllocationMethod": "Dynamic"
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "[variables('lbApiVersion')]",
"type": "Microsoft.Network/loadBalancers",
"name": "[concat('LB','-', parameters('clusterName'),'-',parameters('vmNodeType1Name'))]",
"location": "[parameters('computeLocation')]",
"dependsOn": [
"[concat('Microsoft.Network/publicIPAddresses/',concat(parameters('lbIPName'),'-','1'))]"
],
"properties": {
"frontendIPConfigurations": [
{
"name": "LoadBalancerIPConfig",
"properties": {
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses',concat(parameters('lbIPName'),'-','1'))]"
}
}
}
],
"backendAddressPools": [
{
"name": "LoadBalancerBEAddressPool",
"properties": {}
}
],
"loadBalancingRules": [
{
"name": "LBRule",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID1')]"
},
"backendPort": "[parameters('nt1fabricTcpGatewayPort')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPort": "[parameters('nt1fabricTcpGatewayPort')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[variables('lbProbeID1')]"
},
"protocol": "tcp"
}
},
{
"name": "LBHttpRule",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID1')]"
},
"backendPort": "[parameters('nt1fabricHttpGatewayPort')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPort": "[parameters('nt1fabricHttpGatewayPort')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[variables('lbHttpProbeID1')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule1",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID1')]"
},
"backendPort": "[parameters('loadBalancedAppPort1')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPort": "[parameters('loadBalancedAppPort1')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID1'),'/probes/AppPortProbe1')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule2",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID1')]"
},
"backendPort": "[parameters('loadBalancedAppPort2')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPort": "[parameters('loadBalancedAppPort2')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID1'),'/probes/AppPortProbe2')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule3",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID1')]"
},
"backendPort": "[parameters('loadBalancedAppPort3')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPort": "[parameters('loadBalancedAppPort3')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID1'),'/probes/AppPortProbe3')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule4",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID1')]"
},
"backendPort": "[parameters('loadBalancedAppPort4')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPort": "[parameters('loadBalancedAppPort4')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID1'),'/probes/AppPortProbe4')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule5",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID1')]"
},
"backendPort": "[parameters('loadBalancedAppPort5')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPort": "[parameters('loadBalancedAppPort5')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID1'),'/probes/AppPortProbe5')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule6",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID1')]"
},
"backendPort": "[parameters('loadBalancedAppPort6')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPort": "[parameters('loadBalancedAppPort6')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID1'),'/probes/AppPortProbe6')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule7",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID1')]"
},
"backendPort": "[parameters('loadBalancedAppPort7')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPort": "[parameters('loadBalancedAppPort7')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID1'),'/probes/AppPortProbe7')]"
},
"protocol": "tcp"
}
},
{
"name": "AppPortLBRule8",
"properties": {
"backendAddressPool": {
"id": "[variables('lbPoolID1')]"
},
"backendPort": "[parameters('loadBalancedAppPort8')]",
"enableFloatingIP": "false",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPort": "[parameters('loadBalancedAppPort8')]",
"idleTimeoutInMinutes": "5",
"probe": {
"id": "[concat(variables('lbID1'),'/probes/AppPortProbe8')]"
},
"protocol": "tcp"
}
}
],
"probes": [
{
"name": "FabricGatewayProbe",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('nt1fabricTcpGatewayPort')]",
"protocol": "tcp"
}
},
{
"name": "FabricHttpGatewayProbe",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('nt1fabricHttpGatewayPort')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe1",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort1')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe2",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort2')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe3",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort3')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe4",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort4')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe5",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort5')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe6",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort6')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe7",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort7')]",
"protocol": "tcp"
}
},
{
"name": "AppPortProbe8",
"properties": {
"intervalInSeconds": 5,
"numberOfProbes": 2,
"port": "[parameters('loadBalancedAppPort8')]",
"protocol": "tcp"
}
}
],
"inboundNatPools": [
{
"name": "LoadBalancerBEAddressNatPool",
"properties": {
"backendPort": "3389",
"frontendIPConfiguration": {
"id": "[variables('lbIPConfig1')]"
},
"frontendPortRangeEnd": "4500",
"frontendPortRangeStart": "3389",
"protocol": "tcp"
}
}
]
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[concat('nsg', parameters('subnet1Name'))]",
"location": "[resourceGroup().location]",
"properties": {
"securityRules": [
{
"name": "allowSvcFabSMB",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "445",
"direction": "Inbound",
"priority": 3950,
"protocol": "*",
"sourceAddressPrefix": "VirtualNetwork",
"sourcePortRange": "*"
},
"comments": "allow SMB traffic within the net, used by fabric to move packages around"
},
{
"name": "allowSvcFabCluser",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "1025-1027",
"direction": "Inbound",
"priority": 3920,
"protocol": "*",
"sourceAddressPrefix": "VirtualNetwork",
"sourcePortRange": "*"
},
"comments": "allow ports within vnet that are used by the fabric to talk between nodes"
},
{
"name": "allowSvcFabEphemeral",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[concat(parameters('nt1ephemeralStartPort'), '-', parameters('nt1ephemeralEndPort'))]",
"direction": "Inbound",
"priority": 3930,
"protocol": "*",
"sourceAddressPrefix": "VirtualNetwork",
"sourcePortRange": "*"
},
"comments": "allow fabric ephemeral ports within the vnet"
},
{
"name": "allowSvcFabPortal",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('nt1fabricHttpGatewayPort')]",
"direction": "Inbound",
"priority": 3900,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow port used to access the fabric cluster web portal"
},
{
"name": "allowSvcFabClient",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('nt1fabricTcpGatewayPort')]",
"direction": "Inbound",
"priority": 3910,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow port used by the fabric client (includes powershell)"
},
{
"name": "allowSvcFabApplication",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[concat(parameters('nt1applicationStartPort'), '-', parameters('nt1applicationEndPort'))]",
"direction": "Inbound",
"priority": 3940,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow fabric application ports within the vnet"
},
{
"name": "blockAll",
"properties": {
"access": "Deny",
"destinationAddressPrefix": "*",
"destinationPortRange": "*",
"direction": "Inbound",
"priority": 4095,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "block all traffic except what we've explicitly allowed"
},
{
"name": "allowVNetRDP",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "3389-4500",
"direction": "Inbound",
"priority": 3960,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow RDP within the net"
},
{
"name": "allowAppPort1",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort1')]",
"direction": "Inbound",
"priority": 2001,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 1"
},
{
"name": "allowAppPort2",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort2')]",
"direction": "Inbound",
"priority": 2002,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 2"
},
{
"name": "allowAppPort3",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort3')]",
"direction": "Inbound",
"priority": 2003,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 3"
},
{
"name": "allowAppPort4",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort4')]",
"direction": "Inbound",
"priority": 2004,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 4"
},
{
"name": "allowAppPort5",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort5')]",
"direction": "Inbound",
"priority": 2005,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 5"
},
{
"name": "allowAppPort6",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort6')]",
"direction": "Inbound",
"priority": 2006,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 6"
},
{
"name": "allowAppPort7",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort7')]",
"direction": "Inbound",
"priority": 2007,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 7"
},
{
"name": "allowAppPort8",
"properties": {
"access": "Allow",
"destinationAddressPrefix": "*",
"destinationPortRange": "[parameters('loadBalancedAppPort8')]",
"direction": "Inbound",
"priority": 2008,
"protocol": "*",
"sourceAddressPrefix": "*",
"sourcePortRange": "*"
},
"comments": "allow public application port 8"
}
]
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "[variables('storageApiVersion')]",
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('uniqueStringArray1')[copyIndex()]]",
"location": "[parameters('computeLocation')]",
"dependsOn": [],
"properties": {},
"copy": {
"name": "storageLoop",
"count": 5
},
"kind": "Storage",
"sku": {
"name": "[parameters('storageAccountType')]"
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "[variables('vmssApiVersion')]",
"type": "Microsoft.Compute/virtualMachineScaleSets",
"name": "[parameters('vmNodeType1Name')]",
"location": "[parameters('computeLocation')]",
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'))]",
"[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray1')[0])]",
"[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray1')[1])]",
"[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray1')[2])]",
"[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray1')[3])]",
"[concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray1')[4])]",
"[concat('Microsoft.Network/loadBalancers/', concat('LB','-', parameters('clusterName'),'-',parameters('vmNodeType1Name')))]",
"[concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName'))]",
"[concat('Microsoft.Storage/storageAccounts/', parameters('applicationDiagnosticsStorageAccountName'))]"
],
"properties": {
"overprovision": "[parameters('overProvision')]",
"upgradePolicy": {
"mode": "Automatic"
},
"virtualMachineProfile": {
"extensionProfile": {
"extensions": [
{
"name": "[concat(parameters('vmNodeType1Name'),'_ServiceFabricNode')]",
"properties": {
"type": "ServiceFabricNode",
"autoUpgradeMinorVersion": false,
"protectedSettings": {
"StorageAccountKey1": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('supportLogStorageAccountName')),'2015-05-01-preview').key1]",
"StorageAccountKey2": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('supportLogStorageAccountName')),'2015-05-01-preview').key2]"
},
"publisher": "Microsoft.Azure.ServiceFabric",
"settings": {
"clusterEndpoint": "[reference(parameters('clusterName')).clusterEndpoint]",
"nodeTypeRef": "[parameters('vmNodeType1Name')]",
"dataPath": "D:\\\\SvcFab",
"durabilityLevel": "Bronze",
"enableParallelJobs": true,
"nicPrefixOverride": "[parameters('subnet1Prefix')]",
"certificate": {
"thumbprint": "[parameters('certificateThumbprint')]",
"x509StoreName": "[parameters('certificateStoreValue')]"
}
},
"typeHandlerVersion": "1.0"
}
},
{
"name": "[concat('VMDiagnosticsVmExt','_vmNodeType1Name')]",
"properties": {
"type": "IaaSDiagnostics",
"autoUpgradeMinorVersion": true,
"protectedSettings": {
"storageAccountName": "[parameters('applicationDiagnosticsStorageAccountName')]",
"storageAccountKey": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', parameters('applicationDiagnosticsStorageAccountName')),'2015-05-01-preview').key1]",
"storageAccountEndPoint": "https://core.windows.net/"
},
"publisher": "Microsoft.Azure.Diagnostics",
"settings": {
"WadCfg": {
"DiagnosticMonitorConfiguration": {
"overallQuotaInMB": "50000",
"EtwProviders": {
"EtwEventSourceProviderConfiguration": [
{
"provider": "Microsoft-ServiceFabric-Actors",
"scheduledTransferKeywordFilter": "1",
"scheduledTransferPeriod": "PT5M",
"DefaultEvents": {
"eventDestination": "ServiceFabricReliableActorEventTable"
}
},
{
"provider": "Microsoft-ServiceFabric-Services",
"scheduledTransferPeriod": "PT5M",
"DefaultEvents": {
"eventDestination": "ServiceFabricReliableServiceEventTable"
}
}
],
"EtwManifestProviderConfiguration": [
{
"provider": "cbd93bc2-71e5-4566-b3a7-595d8eeca6e8",
"scheduledTransferLogLevelFilter": "Information",
"scheduledTransferKeywordFilter": "4611686018427387904",
"scheduledTransferPeriod": "PT5M",
"DefaultEvents": {
"eventDestination": "ServiceFabricSystemEventTable"
}
}
]
}
}
},
"StorageAccount": "[parameters('applicationDiagnosticsStorageAccountName')]"
},
"typeHandlerVersion": "1.5"
}
}
]
},
"networkProfile": {
"networkInterfaceConfigurations": [
{
"name": "[concat(parameters('nicName'), '-1')]",
"properties": {
"ipConfigurations": [
{
"name": "[concat(parameters('nicName'),'-',1)]",
"properties": {
"loadBalancerBackendAddressPools": [
{
"id": "[variables('lbPoolID1')]"
}
],
"loadBalancerInboundNatPools": [
{
"id": "[variables('lbNatPoolID1')]"
}
],
"subnet": {
"id": "[variables('subnet1Ref')]"
}
}
}
],
"primary": true
}
}
]
},
"osProfile": {
"adminPassword": "[parameters('adminPassword')]",
"adminUsername": "[parameters('adminUsername')]",
"computernamePrefix": "[parameters('vmNodeType1Name')]",
"secrets": [
{
"sourceVault": {
"id": "[parameters('sourceVaultValue')]"
},
"vaultCertificates": [
{
"certificateStore": "[parameters('certificateStoreValue')]",
"certificateUrl": "[parameters('certificateUrlValue')]"
}
]
}
]
},
"storageProfile": {
"imageReference": {
"publisher": "[parameters('vmImagePublisher')]",
"offer": "[parameters('vmImageOffer')]",
"sku": "[parameters('vmImageSku')]",
"version": "[parameters('vmImageVersion')]"
},
"osDisk": {
"vhdContainers": [
"[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray1')[0]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]",
"[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray1')[1]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]",
"[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray1')[2]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]",
"[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray1')[3]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]",
"[concat(reference(concat('Microsoft.Storage/storageAccounts/', variables('uniqueStringArray1')[4]), variables('storageApiVersion')).primaryEndpoints.blob, parameters('vmStorageAccountContainerName'))]"
],
"name": "vmssosdisk",
"caching": "ReadOnly",
"createOption": "FromImage"
}
}
}
},
"sku": {
"name": "[parameters('vmNodeType1Size')]",
"capacity": "[parameters('nt1InstanceCount')]",
"tier": "Standard"
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
},
{
"apiVersion": "2016-09-01",
"type": "Microsoft.ServiceFabric/clusters",
"name": "[parameters('clusterName')]",
"location": "[parameters('clusterLocation')]",
"dependsOn": [
"[concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName'))]"
],
"properties": {
"certificate": {
"thumbprint": "[parameters('certificateThumbprint')]",
"x509StoreName": "[parameters('certificateStoreValue')]"
},
"clientCertificateCommonNames": [],
"clientCertificateThumbprints": [],
"clusterState": "Default",
"diagnosticsStorageAccountConfig": {
"blobEndpoint": "[reference(concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName')), variables('storageApiVersion')).primaryEndpoints.blob]",
"protectedAccountKeyName": "StorageAccountKey1",
"queueEndpoint": "[reference(concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName')), variables('storageApiVersion')).primaryEndpoints.queue]",
"storageAccountName": "[parameters('supportLogStorageAccountName')]",
"tableEndpoint": "[reference(concat('Microsoft.Storage/storageAccounts/', parameters('supportLogStorageAccountName')), variables('storageApiVersion')).primaryEndpoints.table]"
},
"fabricSettings": [
{
"parameters": [
{
"name": "ClusterProtectionLevel",
"value": "[parameters('clusterProtectionLevel')]"
}
],
"name": "Security"
}
],
"managementEndpoint": "[concat('https://',reference(concat(parameters('lbIPName'),'-','0')).dnsSettings.fqdn,':',parameters('nt0fabricHttpGatewayPort'))]",
"nodeTypes": [
{
"name": "[parameters('vmNodeType0Name')]",
"applicationPorts": {
"endPort": "[parameters('nt0applicationEndPort')]",
"startPort": "[parameters('nt0applicationStartPort')]"
},
"clientConnectionEndpointPort": "[parameters('nt0fabricTcpGatewayPort')]",
"durabilityLevel": "Bronze",
"ephemeralPorts": {
"endPort": "[parameters('nt0ephemeralEndPort')]",
"startPort": "[parameters('nt0ephemeralStartPort')]"
},
"httpGatewayEndpointPort": "[parameters('nt0fabricHttpGatewayPort')]",
"isPrimary": true,
"vmInstanceCount": "[parameters('nt0InstanceCount')]"
},
{
"name": "[parameters('vmNodeType1Name')]",
"applicationPorts": {
"endPort": "[parameters('nt1applicationEndPort')]",
"startPort": "[parameters('nt1applicationStartPort')]"
},
"clientConnectionEndpointPort": "[parameters('nt1fabricTcpGatewayPort')]",
"durabilityLevel": "Bronze",
"ephemeralPorts": {
"endPort": "[parameters('nt1ephemeralEndPort')]",
"startPort": "[parameters('nt1ephemeralStartPort')]"
},
"httpGatewayEndpointPort": "[parameters('nt1fabricHttpGatewayPort')]",
"isPrimary": false,
"vmInstanceCount": "[parameters('nt1InstanceCount')]"
}
],
"provisioningState": "Default",
"reliabilityLevel": "Bronze",
"upgradeMode": "Automatic",
"vmImage": "Windows"
},
"tags": {
"resourceType": "Service Fabric",
"clusterName": "[parameters('clusterName')]"
}
}
],
"outputs": {
"clusterProperties": {
"value": "[reference(parameters('clusterName'))]",
"type": "object"
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment