如何将现有规模集用作 Azure Service Fabric 集群中的集群节点
How to use existing scale set as cluster node in Azure Service Fabric cluster
我正在尝试通过 ARM 模板部署 Service Fabric 集群并附加现有的规模集。管道正在正确执行,没有错误,但是当我在门户中打开服务结构时,状态为“正在等待节点”。我不知道我在哪里犯了错误。我使用的是规模集中存在的相同证书指纹。我的证书存储在 KeyVault 中。这是我的 ARM 模板
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"clusterName": {
"type": "string",
"defaultValue": "GEN-UNIQUE",
"metadata": {
"description": "Name of your cluster - Between 3 and 23 characters. Letters and numbers only"
}
},
"clusterLocation": {
"type": "string",
"defaultValue": "westus",
"metadata": {
"description": "Location of the Cluster"
}
},
"applicationStartPort": {
"type": "int",
"defaultValue": 20000
},
"applicationEndPort": {
"type": "int",
"defaultValue": 30000
},
"ephemeralStartPort": {
"type": "int",
"defaultValue": 49152
},
"ephemeralEndPort": {
"type": "int",
"defaultValue": 65534
},
"fabricTcpGatewayPort": {
"type": "int",
"defaultValue": 19000
},
"fabricHttpGatewayPort": {
"type": "int",
"defaultValue": 19080
},
"clusterProtectionLevel": {
"type": "string",
"allowedValues": [
"None",
"Sign",
"EncryptAndSign"
],
"defaultValue": "EncryptAndSign",
"metadata": {
"description": "Protection level.Three values are allowed - EncryptAndSign, Sign, None. It is best to keep the default of EncryptAndSign, unless you have a need not to"
}
},
"certificateThumbprint": {
"type": "string",
"defaultValue": "GEN-CUSTOM-DOMAIN-SSLCERT-THUMBPRINT",
"metadata": {
"description": "Certificate Thumbprint"
}
},
"certificateStoreValue": {
"defaultValue": "My",
"allowedValues": [
"My"
],
"type": "string",
"metadata": {
"description": "The store name where the cert will be deployed in the virtual machine"
}
},
"supportLogStorageAccountName": {
"type": "string",
"defaultValue": "[toLower( concat('sflogs', uniqueString(resourceGroup().id),'2'))]",
"metadata": {
"description": "Name for the storage account that contains support logs from the cluster"
}
},
"blobEndpoint":{
"type": "string"
},
"queueEndpoint":{
"type": "string"
},
"tableEndpoint":{
"type": "string"
},
"InstanceCount": {
"type": "int",
"defaultValue": 5,
"metadata": {
"description": "Instance count for node type"
}
},
"vmNodeTypeName": {
"type": "string"
},
"nodeTypes":{
"type": "array"
},
"lbIPName": {
"type": "string"
},
"fqdn":{
"type": "string"
},
"reliabilityLevel":{
"type": "string"
},
"upgradeMode":{
"type": "string"
}
},
"variables":{
"storageApiVersion": "2016-01-01",
"publicIPApiVersion": "2015-06-15"
},
"resources": [
{
"apiVersion": "2018-02-01",
"type": "Microsoft.ServiceFabric/clusters",
"name": "[parameters('clusterName')]",
"location": "[parameters('clusterLocation')]",
"dependsOn": [],
"properties": {
"addonFeatures": [
"DnsService"
],
"certificate": {
"thumbprint": "[parameters('certificateThumbprint')]",
"x509StoreName": "[parameters('certificateStoreValue')]"
},
"clientCertificateCommonNames": [],
"clientCertificateThumbprints": [],
"clusterState": "Default",
"diagnosticsStorageAccountConfig": {
"storageAccountName": "[parameters('supportLogStorageAccountName')]",
"protectedAccountKeyName": "StorageAccountKey1",
"blobEndpoint": "[parameters('blobEndpoint')]",
"queueEndpoint": "[parameters('queueEndpoint')]",
"tableEndpoint": "[parameters('tableEndpoint')]"
},
"fabricSettings": [
{
"parameters": [
{
"name": "ClusterProtectionLevel",
"value": "[parameters('clusterProtectionLevel')]"
}
],
"name": "Security"
}
],
"managementEndpoint": "[concat('https://',parameters('fqdn'),':',parameters('fabricHttpGatewayPort'))]",
"nodeTypes": "[parameters('nodeTypes')]",
"reliabilityLevel": "[parameters('reliabilityLevel')]",
"upgradeMode": "[parameters('upgradeMode')]"
}
}
]
}
对于这个部署错误,您可以在this blog中查看这些问题和解决方案。
这可能是由证书指纹问题和 KeyVault 问题引起的。
如果不走运,请尝试更改 VM 大小或更改节点区域或像 this 一样重建。
有关使用 Key Vault 证书部署 SFC 的更多参考,您也可以参考 this article。
我正在尝试通过 ARM 模板部署 Service Fabric 集群并附加现有的规模集。管道正在正确执行,没有错误,但是当我在门户中打开服务结构时,状态为“正在等待节点”。我不知道我在哪里犯了错误。我使用的是规模集中存在的相同证书指纹。我的证书存储在 KeyVault 中。这是我的 ARM 模板
{
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"clusterName": {
"type": "string",
"defaultValue": "GEN-UNIQUE",
"metadata": {
"description": "Name of your cluster - Between 3 and 23 characters. Letters and numbers only"
}
},
"clusterLocation": {
"type": "string",
"defaultValue": "westus",
"metadata": {
"description": "Location of the Cluster"
}
},
"applicationStartPort": {
"type": "int",
"defaultValue": 20000
},
"applicationEndPort": {
"type": "int",
"defaultValue": 30000
},
"ephemeralStartPort": {
"type": "int",
"defaultValue": 49152
},
"ephemeralEndPort": {
"type": "int",
"defaultValue": 65534
},
"fabricTcpGatewayPort": {
"type": "int",
"defaultValue": 19000
},
"fabricHttpGatewayPort": {
"type": "int",
"defaultValue": 19080
},
"clusterProtectionLevel": {
"type": "string",
"allowedValues": [
"None",
"Sign",
"EncryptAndSign"
],
"defaultValue": "EncryptAndSign",
"metadata": {
"description": "Protection level.Three values are allowed - EncryptAndSign, Sign, None. It is best to keep the default of EncryptAndSign, unless you have a need not to"
}
},
"certificateThumbprint": {
"type": "string",
"defaultValue": "GEN-CUSTOM-DOMAIN-SSLCERT-THUMBPRINT",
"metadata": {
"description": "Certificate Thumbprint"
}
},
"certificateStoreValue": {
"defaultValue": "My",
"allowedValues": [
"My"
],
"type": "string",
"metadata": {
"description": "The store name where the cert will be deployed in the virtual machine"
}
},
"supportLogStorageAccountName": {
"type": "string",
"defaultValue": "[toLower( concat('sflogs', uniqueString(resourceGroup().id),'2'))]",
"metadata": {
"description": "Name for the storage account that contains support logs from the cluster"
}
},
"blobEndpoint":{
"type": "string"
},
"queueEndpoint":{
"type": "string"
},
"tableEndpoint":{
"type": "string"
},
"InstanceCount": {
"type": "int",
"defaultValue": 5,
"metadata": {
"description": "Instance count for node type"
}
},
"vmNodeTypeName": {
"type": "string"
},
"nodeTypes":{
"type": "array"
},
"lbIPName": {
"type": "string"
},
"fqdn":{
"type": "string"
},
"reliabilityLevel":{
"type": "string"
},
"upgradeMode":{
"type": "string"
}
},
"variables":{
"storageApiVersion": "2016-01-01",
"publicIPApiVersion": "2015-06-15"
},
"resources": [
{
"apiVersion": "2018-02-01",
"type": "Microsoft.ServiceFabric/clusters",
"name": "[parameters('clusterName')]",
"location": "[parameters('clusterLocation')]",
"dependsOn": [],
"properties": {
"addonFeatures": [
"DnsService"
],
"certificate": {
"thumbprint": "[parameters('certificateThumbprint')]",
"x509StoreName": "[parameters('certificateStoreValue')]"
},
"clientCertificateCommonNames": [],
"clientCertificateThumbprints": [],
"clusterState": "Default",
"diagnosticsStorageAccountConfig": {
"storageAccountName": "[parameters('supportLogStorageAccountName')]",
"protectedAccountKeyName": "StorageAccountKey1",
"blobEndpoint": "[parameters('blobEndpoint')]",
"queueEndpoint": "[parameters('queueEndpoint')]",
"tableEndpoint": "[parameters('tableEndpoint')]"
},
"fabricSettings": [
{
"parameters": [
{
"name": "ClusterProtectionLevel",
"value": "[parameters('clusterProtectionLevel')]"
}
],
"name": "Security"
}
],
"managementEndpoint": "[concat('https://',parameters('fqdn'),':',parameters('fabricHttpGatewayPort'))]",
"nodeTypes": "[parameters('nodeTypes')]",
"reliabilityLevel": "[parameters('reliabilityLevel')]",
"upgradeMode": "[parameters('upgradeMode')]"
}
}
]
}
对于这个部署错误,您可以在this blog中查看这些问题和解决方案。 这可能是由证书指纹问题和 KeyVault 问题引起的。
如果不走运,请尝试更改 VM 大小或更改节点区域或像 this 一样重建。
有关使用 Key Vault 证书部署 SFC 的更多参考,您也可以参考 this article。