azurermServiceFabricCluster
Manages a Service Fabric Cluster.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "example-resources",
}
);
const azurermServiceFabricClusterExample =
new azurerm.serviceFabricCluster.ServiceFabricCluster(this, "example_1", {
cluster_code_version: "7.1.456.959",
location: azurermResourceGroupExample.location,
management_endpoint: "https://example:80",
name: "example-servicefabric",
node_type: [
{
client_endpoint_port: 2020,
http_endpoint_port: 80,
instance_count: 3,
is_primary: true,
name: "first",
},
],
reliability_level: "Bronze",
resource_group_name: azurermResourceGroupExample.name,
upgrade_mode: "Manual",
vm_image: "Windows",
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermServiceFabricClusterExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
-
name
- (Required) The name of the Service Fabric Cluster. Changing this forces a new resource to be created. -
resourceGroupName
- (Required) The name of the Resource Group in which the Service Fabric Cluster exists. Changing this forces a new resource to be created. -
location
- (Required) Specifies the Azure Region where the Service Fabric Cluster should exist. Changing this forces a new resource to be created. -
reliabilityLevel
- (Required) Specifies the Reliability Level of the Cluster. Possible values includenone
,bronze
,silver
,gold
andplatinum
.
-> NOTE: The Reliability Level of the Cluster depends on the number of nodes in the Cluster: platinum
requires at least 9 VM's, gold
requires at least 7 VM's, silver
requires at least 5 VM's, bronze
requires at least 3 VM's.
-
managementEndpoint
- (Required) Specifies the Management Endpoint of the cluster such ashttp://exampleCom
. Changing this forces a new resource to be created. -
nodeType
- (Required) One or morenodeType
blocks as defined below. -
upgradeMode
- (Required) Specifies the Upgrade Mode of the cluster. Possible values areautomatic
ormanual
. -
vmImage
- (Required) Specifies the Image expected for the Service Fabric Cluster, such aswindows
. Changing this forces a new resource to be created.
-
clusterCodeVersion
- (Optional) Required if Upgrade Mode set tomanual
, Specifies the Version of the Cluster Code of the cluster. -
addOnFeatures
- (Optional) A List of one or more features which should be enabled, such asdnsService
. -
azureActiveDirectory
- (Optional) AnazureActiveDirectory
block as defined below. -
certificateCommonNames
- (Optional) AcertificateCommonNames
block as defined below. Conflicts withcertificate
. -
certificate
- (Optional) Acertificate
block as defined below. Conflicts withcertificateCommonNames
. -
reverseProxyCertificate
- (Optional) AreverseProxyCertificate
block as defined below. Conflicts withreverseProxyCertificateCommonNames
. -
reverseProxyCertificateCommonNames
- (Optional) AreverseProxyCertificateCommonNames
block as defined below. Conflicts withreverseProxyCertificate
. -
clientCertificateThumbprint
- (Optional) One or moreclientCertificateThumbprint
blocks as defined below. -
clientCertificateCommonName
- (Optional) AclientCertificateCommonName
block as defined below.
-> NOTE: If Client Certificates are enabled then at a Certificate must be configured on the cluster.
-
diagnosticsConfig
- (Optional) AdiagnosticsConfig
block as defined below. -
fabricSettings
- (Optional) One or morefabricSettings
blocks as defined below. -
upgradePolicy
- (Optional) AupgradePolicy
block as defined below. -
serviceFabricZonalUpgradeMode
- (Optional) Specifies the logical grouping of VMs in upgrade domains. Possible values arehierarchical
orparallel
. -
vmssZonalUpgradeMode
- (Optional) Specifies the upgrade mode for the virtual machine scale set updates that happen in all availability zones at once. Possible values arehierarchical
orparallel
. -
tags
- (Optional) A mapping of tags to assign to the resource.
A azureActiveDirectory
block supports the following:
-
tenantId
- (Required) The Azure Active Directory Tenant ID. -
clusterApplicationId
- (Required) The Azure Active Directory Cluster Application ID. -
clientApplicationId
- (Required) The Azure Active Directory Client ID which should be used for the Client Application.
A certificateCommonNames
block supports the following:
-
commonNames
- (Required) AcommonNames
block as defined below. -
x509StoreName
- (Required) The X509 Store where the Certificate Exists, such asmy
.
A commonNames
block supports the following:
-
certificateCommonName
- (Required) The common or subject name of the certificate. -
certificateIssuerThumbprint
- (Optional) The Issuer Thumbprint of the Certificate.
-> NOTE: Certificate Issuer Thumbprint may become required in the future, https://docsMicrosoftCom/azure/serviceFabric/serviceFabricCreateClusterUsingCertCn#downloadAndUpdateASampleTemplate
.
A certificate
block supports the following:
-
thumbprint
- (Required) The Thumbprint of the Certificate. -
thumbprintSecondary
- (Optional) The Secondary Thumbprint of the Certificate. -
x509StoreName
- (Required) The X509 Store where the Certificate Exists, such asmy
.
A reverseProxyCertificate
block supports the following:
-
thumbprint
- (Required) The Thumbprint of the Certificate. -
thumbprintSecondary
- (Optional) The Secondary Thumbprint of the Certificate. -
x509StoreName
- (Required) The X509 Store where the Certificate Exists, such asmy
.
A reverseProxyCertificateCommonNames
block supports the following:
-
commonNames
- (Required) AcommonNames
block as defined below. -
x509StoreName
- (Required) The X509 Store where the Certificate Exists, such asmy
.
A clientCertificateThumbprint
block supports the following:
-
thumbprint
- (Required) The Thumbprint associated with the Client Certificate. -
isAdmin
- (Required) Does the Client Certificate have Admin Access to the cluster? Non-admin clients can only perform read only operations on the cluster.
A clientCertificateCommonName
block supports the following:
-
commonName
- (Required) The common or subject name of the certificate. -
issuerThumbprint
- (Optional) The Issuer Thumbprint of the Certificate.
-> NOTE: Certificate Issuer Thumbprint may become required in the future, https://docsMicrosoftCom/azure/serviceFabric/serviceFabricCreateClusterUsingCertCn#downloadAndUpdateASampleTemplate
.
isAdmin
- (Required) Does the Client Certificate have Admin Access to the cluster? Non-admin clients can only perform read only operations on the cluster.
A diagnosticsConfig
block supports the following:
-
storageAccountName
- (Required) The name of the Storage Account where the Diagnostics should be sent to. -
protectedAccountKeyName
- (Required) The protected diagnostics storage key name, such asstorageAccountKey1
. -
blobEndpoint
- (Required) The Blob Endpoint of the Storage Account. -
queueEndpoint
- (Required) The Queue Endpoint of the Storage Account. -
tableEndpoint
- (Required) The Table Endpoint of the Storage Account.
A fabricSettings
block supports the following:
-
name
- (Required) The name of the Fabric Setting, such assecurity
orfederation
. -
parameters
- (Optional) A map containing settings for the specified Fabric Setting.
A nodeType
block supports the following:
-
name
- (Required) The name of the Node Type. -
placementProperties
- (Optional) The placement tags applied to nodes in the node type, which can be used to indicate where certain services (workload) should run. -
capacities
- (Optional) The capacity tags applied to the nodes in the node type, the cluster resource manager uses these tags to understand how much resource a node has. -
instanceCount
- (Required) The number of nodes for this Node Type. -
isPrimary
- (Required) Is this the Primary Node Type? -
isStateless
- (Optional) Should this node type run only stateless services? -
multipleAvailabilityZones
- (Optional) Does this node type span availability zones? -
clientEndpointPort
- (Required) The Port used for the Client Endpoint for this Node Type. -
httpEndpointPort
- (Required) The Port used for the HTTP Endpoint for this Node Type. -
durabilityLevel
- (Optional) The Durability Level for this Node Type. Possible values includebronze
,gold
andsilver
. Defaults tobronze
. -
applicationPorts
- (Optional) AapplicationPorts
block as defined below. -
ephemeralPorts
- (Optional) AephemeralPorts
block as defined below. -
reverseProxyEndpointPort
- (Optional) The Port used for the Reverse Proxy Endpoint for this Node Type. Changing this will upgrade the cluster.
A applicationPorts
block supports the following:
-
startPort
- (Required) The start of the Application Port Range on this Node Type. -
endPort
- (Required) The end of the Application Port Range on this Node Type.
A ephemeralPorts
block supports the following:
-
startPort
- (Required) The start of the Ephemeral Port Range on this Node Type. -
endPort
- (Required) The end of the Ephemeral Port Range on this Node Type.
A upgradePolicy
block supports the following:
-
forceRestartEnabled
- (Optional) Indicates whether to restart the Service Fabric node even if only dynamic configurations have changed. -
healthCheckRetryTimeout
- (Optional) Specifies the duration, in "hh:mm:ss" string format, after which Service Fabric retries the health check if the previous health check fails. Defaults to00:45:00
. -
healthCheckStableDuration
- (Optional) Specifies the duration, in "hh:mm:ss" string format, that Service Fabric waits in order to verify that the cluster is stable before it continues to the next upgrade domain or completes the upgrade. This wait duration prevents undetected changes of health right after the health check is performed. Defaults to00:01:00
. -
healthCheckWaitDuration
- (Optional) Specifies the duration, in "hh:mm:ss" string format, that Service Fabric waits before it performs the initial health check after it finishes the upgrade on the upgrade domain. Defaults to00:00:30
. -
upgradeDomainTimeout
- (Optional) Specifies the duration, in "hh:mm:ss" string format, that Service Fabric takes to upgrade a single upgrade domain. After this period, the upgrade fails. Defaults to02:00:00
. -
upgradeReplicaSetCheckTimeout
- (Optional) Specifies the duration, in "hh:mm:ss" string format, that Service Fabric waits for a replica set to reconfigure into a safe state, if it is not already in a safe state, before Service Fabric proceeds with the upgrade. Defaults to1067519902:48:054775807
. -
upgradeTimeout
- (Optional) Specifies the duration, in "hh:mm:ss" string format, that Service Fabric takes for the entire upgrade. After this period, the upgrade fails. Defaults to12:00:00
. -
healthPolicy
- (Optional) AhealthPolicy
block as defined below -
deltaHealthPolicy
- (Optional) AdeltaHealthPolicy
block as defined below
A healthPolicy
block supports the following:
-
maxUnhealthyApplicationsPercent
- (Optional) Specifies the maximum tolerated percentage of applications that can have aggregated health state of error. If the upgrade exceeds this percentage, the cluster is unhealthy. Defaults to0
. -
maxUnhealthyNodesPercent
- (Optional) Specifies the maximum tolerated percentage of nodes that can have aggregated health states of error. If an upgrade exceeds this percentage, the cluster is unhealthy. Defaults to0
.
A deltaHealthPolicy
block supports the following:
-
maxDeltaUnhealthyApplicationsPercent
- (Optional) Specifies the maximum tolerated percentage of delta unhealthy applications that can have aggregated health states of error. If the current unhealthy applications do not respect the percentage relative to the state at the beginning of the upgrade, the cluster is unhealthy. Defaults to0
. -
maxDeltaUnhealthyNodesPercent
- (Optional) Specifies the maximum tolerated percentage of delta unhealthy nodes that can have aggregated health states of error. If the current unhealthy nodes do not respect the percentage relative to the state at the beginning of the upgrade, the cluster is unhealthy. Defaults to0
. -
maxUpgradeDomainDeltaUnhealthyNodesPercent
- (Optional) Specifies the maximum tolerated percentage of upgrade domain delta unhealthy nodes that can have aggregated health state of error. If there is any upgrade domain where the current unhealthy nodes do not respect the percentage relative to the state at the beginning of the upgrade, the cluster is unhealthy. Defaults to0
.
Attributes Reference
The following attributes are exported:
-
id
- The ID of the Service Fabric Cluster. -
clusterEndpoint
- The Cluster Endpoint for this Service Fabric Cluster.
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 30 minutes) Used when creating the Service Fabric Cluster.update
- (Defaults to 30 minutes) Used when updating the Service Fabric Cluster.read
- (Defaults to 5 minutes) Used when retrieving the Service Fabric Cluster.delete
- (Defaults to 30 minutes) Used when deleting the Service Fabric Cluster.
Import
Service Fabric Clusters can be imported using the resourceId
, e.g.