One of our customers runs on Azure Service Fabric (SF) which is backed by a Virtual machine scale set (VMSS). We had a connectivity problem recently and one of the developers enabled remote debugging on the SF cluster to see what went wrong. Little did he know that (among other things) a large number of additional TCP ports are opened on the cluster load balancers to allow debuggers to attach.
4 posts tagged with "Azure Service Fabric"
View All TagsClient certificate authentication for Azure Service Fabric cluster API endpoint
In two previous posts I explained [how to setup TLS for a local Azure Service Fabric cluster][1] and [how to configure this for a cluster running on Azure][2]. In this post I describe how to setup client certificate authentication for the same API endpoint. Client certificate authentication requires that a client can only access the API with a client authentication certificate (certificate purpose [1.3.6.1.5.5.7.3.2][7]).
Custom domain name and certificate for your Azure Service Fabric cluster
This is a follow-up to my [previous post][1] about getting TLS working on a local Azure Service Fabric cluster. This time I'm aiming for the real goal: running a custom API endpoint (micro-service) on a custom domain name behind https on a cluster running on Azure.
Running a local Azure Service Fabric cluster on SSL/TLS
[Azure Service Fabric][1] is Microsofts [micro-services][2] platform. Well, it's actually more than that but that is all well-documented in other places on the interwebs.
It is relatively new and documentation is still a bit behind so I had some trouble in getting the following setup working:
- I want to run my production cluster on a domain name that is not the default. So instead of
mycluster.westeurope.cloudapp.azure.com
I wantmy-api.my-services.nl
. - The custom API endpoint that is exposed through my cluster should run on
https
and not the defaulthttp
.