Skip to content

azurermServiceFabricCluster

Manages a Service Fabric Cluster.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "example-resources",
  }
);
const azurermServiceFabricClusterExample =
  new azurerm.serviceFabricCluster.ServiceFabricCluster(this, "example_1", {
    cluster_code_version: "7.1.456.959",
    location: azurermResourceGroupExample.location,
    management_endpoint: "https://example:80",
    name: "example-servicefabric",
    node_type: [
      {
        client_endpoint_port: 2020,
        http_endpoint_port: 80,
        instance_count: 3,
        is_primary: true,
        name: "first",
      },
    ],
    reliability_level: "Bronze",
    resource_group_name: azurermResourceGroupExample.name,
    upgrade_mode: "Manual",
    vm_image: "Windows",
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermServiceFabricClusterExample.overrideLogicalId("example");

Argument Reference

The following arguments are supported:

  • name - (Required) The name of the Service Fabric Cluster. Changing this forces a new resource to be created.

  • resourceGroupName - (Required) The name of the Resource Group in which the Service Fabric Cluster exists. Changing this forces a new resource to be created.

  • location - (Required) Specifies the Azure Region where the Service Fabric Cluster should exist. Changing this forces a new resource to be created.

  • reliabilityLevel - (Required) Specifies the Reliability Level of the Cluster. Possible values include none, bronze, silver, gold and platinum.

-> NOTE: The Reliability Level of the Cluster depends on the number of nodes in the Cluster: platinum requires at least 9 VM's, gold requires at least 7 VM's, silver requires at least 5 VM's, bronze requires at least 3 VM's.

  • managementEndpoint - (Required) Specifies the Management Endpoint of the cluster such as http://exampleCom. Changing this forces a new resource to be created.

  • nodeType - (Required) One or more nodeType blocks as defined below.

  • upgradeMode - (Required) Specifies the Upgrade Mode of the cluster. Possible values are automatic or manual.

  • vmImage - (Required) Specifies the Image expected for the Service Fabric Cluster, such as windows. Changing this forces a new resource to be created.

  • clusterCodeVersion - (Optional) Required if Upgrade Mode set to manual, Specifies the Version of the Cluster Code of the cluster.

  • addOnFeatures - (Optional) A List of one or more features which should be enabled, such as dnsService.

  • azureActiveDirectory - (Optional) An azureActiveDirectory block as defined below.

  • certificateCommonNames - (Optional) A certificateCommonNames block as defined below. Conflicts with certificate.

  • certificate - (Optional) A certificate block as defined below. Conflicts with certificateCommonNames.

  • reverseProxyCertificate - (Optional) A reverseProxyCertificate block as defined below. Conflicts with reverseProxyCertificateCommonNames.

  • reverseProxyCertificateCommonNames - (Optional) A reverseProxyCertificateCommonNames block as defined below. Conflicts with reverseProxyCertificate.

  • clientCertificateThumbprint - (Optional) One or more clientCertificateThumbprint blocks as defined below.

  • clientCertificateCommonName - (Optional) A clientCertificateCommonName block as defined below.

-> NOTE: If Client Certificates are enabled then at a Certificate must be configured on the cluster.

  • diagnosticsConfig - (Optional) A diagnosticsConfig block as defined below.

  • fabricSettings - (Optional) One or more fabricSettings blocks as defined below.

  • upgradePolicy - (Optional) A upgradePolicy block as defined below.

  • serviceFabricZonalUpgradeMode - (Optional) Specifies the logical grouping of VMs in upgrade domains. Possible values are hierarchical or parallel.

  • vmssZonalUpgradeMode - (Optional) Specifies the upgrade mode for the virtual machine scale set updates that happen in all availability zones at once. Possible values are hierarchical or parallel.

  • tags - (Optional) A mapping of tags to assign to the resource.

A azureActiveDirectory block supports the following:

  • tenantId - (Required) The Azure Active Directory Tenant ID.

  • clusterApplicationId - (Required) The Azure Active Directory Cluster Application ID.

  • clientApplicationId - (Required) The Azure Active Directory Client ID which should be used for the Client Application.

A certificateCommonNames block supports the following:

  • commonNames - (Required) A commonNames block as defined below.

  • x509StoreName - (Required) The X509 Store where the Certificate Exists, such as my.

A commonNames block supports the following:

  • certificateCommonName - (Required) The common or subject name of the certificate.

  • certificateIssuerThumbprint - (Optional) The Issuer Thumbprint of the Certificate.

-> NOTE: Certificate Issuer Thumbprint may become required in the future, https://docsMicrosoftCom/azure/serviceFabric/serviceFabricCreateClusterUsingCertCn#downloadAndUpdateASampleTemplate.

A certificate block supports the following:

  • thumbprint - (Required) The Thumbprint of the Certificate.

  • thumbprintSecondary - (Optional) The Secondary Thumbprint of the Certificate.

  • x509StoreName - (Required) The X509 Store where the Certificate Exists, such as my.

A reverseProxyCertificate block supports the following:

  • thumbprint - (Required) The Thumbprint of the Certificate.

  • thumbprintSecondary - (Optional) The Secondary Thumbprint of the Certificate.

  • x509StoreName - (Required) The X509 Store where the Certificate Exists, such as my.

A reverseProxyCertificateCommonNames block supports the following:

  • commonNames - (Required) A commonNames block as defined below.

  • x509StoreName - (Required) The X509 Store where the Certificate Exists, such as my.

A clientCertificateThumbprint block supports the following:

  • thumbprint - (Required) The Thumbprint associated with the Client Certificate.

  • isAdmin - (Required) Does the Client Certificate have Admin Access to the cluster? Non-admin clients can only perform read only operations on the cluster.

A clientCertificateCommonName block supports the following:

  • commonName - (Required) The common or subject name of the certificate.

  • issuerThumbprint - (Optional) The Issuer Thumbprint of the Certificate.

-> NOTE: Certificate Issuer Thumbprint may become required in the future, https://docsMicrosoftCom/azure/serviceFabric/serviceFabricCreateClusterUsingCertCn#downloadAndUpdateASampleTemplate.

  • isAdmin - (Required) Does the Client Certificate have Admin Access to the cluster? Non-admin clients can only perform read only operations on the cluster.

A diagnosticsConfig block supports the following:

  • storageAccountName - (Required) The name of the Storage Account where the Diagnostics should be sent to.

  • protectedAccountKeyName - (Required) The protected diagnostics storage key name, such as storageAccountKey1.

  • blobEndpoint - (Required) The Blob Endpoint of the Storage Account.

  • queueEndpoint - (Required) The Queue Endpoint of the Storage Account.

  • tableEndpoint - (Required) The Table Endpoint of the Storage Account.

A fabricSettings block supports the following:

  • name - (Required) The name of the Fabric Setting, such as security or federation.

  • parameters - (Optional) A map containing settings for the specified Fabric Setting.

A nodeType block supports the following:

  • name - (Required) The name of the Node Type.

  • placementProperties - (Optional) The placement tags applied to nodes in the node type, which can be used to indicate where certain services (workload) should run.

  • capacities - (Optional) The capacity tags applied to the nodes in the node type, the cluster resource manager uses these tags to understand how much resource a node has.

  • instanceCount - (Required) The number of nodes for this Node Type.

  • isPrimary - (Required) Is this the Primary Node Type?

  • isStateless - (Optional) Should this node type run only stateless services?

  • multipleAvailabilityZones - (Optional) Does this node type span availability zones?

  • clientEndpointPort - (Required) The Port used for the Client Endpoint for this Node Type.

  • httpEndpointPort - (Required) The Port used for the HTTP Endpoint for this Node Type.

  • durabilityLevel - (Optional) The Durability Level for this Node Type. Possible values include bronze, gold and silver. Defaults to bronze.

  • applicationPorts - (Optional) A applicationPorts block as defined below.

  • ephemeralPorts - (Optional) A ephemeralPorts block as defined below.

  • reverseProxyEndpointPort - (Optional) The Port used for the Reverse Proxy Endpoint for this Node Type. Changing this will upgrade the cluster.

A applicationPorts block supports the following:

  • startPort - (Required) The start of the Application Port Range on this Node Type.

  • endPort - (Required) The end of the Application Port Range on this Node Type.

A ephemeralPorts block supports the following:

  • startPort - (Required) The start of the Ephemeral Port Range on this Node Type.

  • endPort - (Required) The end of the Ephemeral Port Range on this Node Type.

A upgradePolicy block supports the following:

  • forceRestartEnabled - (Optional) Indicates whether to restart the Service Fabric node even if only dynamic configurations have changed.

  • healthCheckRetryTimeout - (Optional) Specifies the duration, in "hh:mm:ss" string format, after which Service Fabric retries the health check if the previous health check fails. Defaults to 00:45:00.

  • healthCheckStableDuration - (Optional) Specifies the duration, in "hh:mm:ss" string format, that Service Fabric waits in order to verify that the cluster is stable before it continues to the next upgrade domain or completes the upgrade. This wait duration prevents undetected changes of health right after the health check is performed. Defaults to 00:01:00.

  • healthCheckWaitDuration - (Optional) Specifies the duration, in "hh:mm:ss" string format, that Service Fabric waits before it performs the initial health check after it finishes the upgrade on the upgrade domain. Defaults to 00:00:30.

  • upgradeDomainTimeout - (Optional) Specifies the duration, in "hh:mm:ss" string format, that Service Fabric takes to upgrade a single upgrade domain. After this period, the upgrade fails. Defaults to 02:00:00.

  • upgradeReplicaSetCheckTimeout - (Optional) Specifies the duration, in "hh:mm:ss" string format, that Service Fabric waits for a replica set to reconfigure into a safe state, if it is not already in a safe state, before Service Fabric proceeds with the upgrade. Defaults to 1067519902:48:054775807.

  • upgradeTimeout - (Optional) Specifies the duration, in "hh:mm:ss" string format, that Service Fabric takes for the entire upgrade. After this period, the upgrade fails. Defaults to 12:00:00.

  • healthPolicy - (Optional) A healthPolicy block as defined below

  • deltaHealthPolicy - (Optional) A deltaHealthPolicy block as defined below

A healthPolicy block supports the following:

  • maxUnhealthyApplicationsPercent - (Optional) Specifies the maximum tolerated percentage of applications that can have aggregated health state of error. If the upgrade exceeds this percentage, the cluster is unhealthy. Defaults to 0.

  • maxUnhealthyNodesPercent - (Optional) Specifies the maximum tolerated percentage of nodes that can have aggregated health states of error. If an upgrade exceeds this percentage, the cluster is unhealthy. Defaults to 0.

A deltaHealthPolicy block supports the following:

  • maxDeltaUnhealthyApplicationsPercent - (Optional) Specifies the maximum tolerated percentage of delta unhealthy applications that can have aggregated health states of error. If the current unhealthy applications do not respect the percentage relative to the state at the beginning of the upgrade, the cluster is unhealthy. Defaults to 0.

  • maxDeltaUnhealthyNodesPercent - (Optional) Specifies the maximum tolerated percentage of delta unhealthy nodes that can have aggregated health states of error. If the current unhealthy nodes do not respect the percentage relative to the state at the beginning of the upgrade, the cluster is unhealthy. Defaults to 0.

  • maxUpgradeDomainDeltaUnhealthyNodesPercent - (Optional) Specifies the maximum tolerated percentage of upgrade domain delta unhealthy nodes that can have aggregated health state of error. If there is any upgrade domain where the current unhealthy nodes do not respect the percentage relative to the state at the beginning of the upgrade, the cluster is unhealthy. Defaults to 0.

Attributes Reference

The following attributes are exported:

  • id - The ID of the Service Fabric Cluster.

  • clusterEndpoint - The Cluster Endpoint for this Service Fabric Cluster.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

  • create - (Defaults to 30 minutes) Used when creating the Service Fabric Cluster.
  • update - (Defaults to 30 minutes) Used when updating the Service Fabric Cluster.
  • read - (Defaults to 5 minutes) Used when retrieving the Service Fabric Cluster.
  • delete - (Defaults to 30 minutes) Used when deleting the Service Fabric Cluster.

Import

Service Fabric Clusters can be imported using the resourceId, e.g.

terraform import azurerm_service_fabric_cluster.cluster1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/mygroup1/providers/Microsoft.ServiceFabric/clusters/cluster1