Microsoft.ServiceFabric managedClusters 2023-11-01-preview
- Latest
- 2024-06-01-preview
- 2024-04-01
- 2024-02-01-preview
- 2023-12-01-preview
- 2023-11-01-preview
- 2023-09-01-preview
- 2023-07-01-preview
- 2023-03-01-preview
- 2023-02-01-preview
- 2022-10-01-preview
- 2022-08-01-preview
- 2022-06-01-preview
- 2022-02-01-preview
- 2022-01-01
- 2021-11-01-preview
- 2021-07-01-preview
- 2021-05-01
- 2021-01-01-preview
- 2020-01-01-preview
Bicep resource definition
The managedClusters resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ServiceFabric/managedClusters resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.ServiceFabric/managedClusters@2023-11-01-preview' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
sku: {
name: 'string'
}
properties: {
addonFeatures: [
'string'
]
adminPassword: 'string'
adminUserName: 'string'
allowRdpAccess: bool
applicationTypeVersionsCleanupPolicy: {
maxUnusedVersionsToKeep: int
maxUnusedVersionsToKeep: int
}
auxiliarySubnets: [
{
enableIpv6: bool
name: 'string'
networkSecurityGroupId: 'string'
privateEndpointNetworkPolicies: 'string'
privateLinkServiceNetworkPolicies: 'string'
}
]
azureActiveDirectory: {
clientApplication: 'string'
clusterApplication: 'string'
tenantId: 'string'
clientApplication: 'string'
clusterApplication: 'string'
tenantId: 'string'
}
clientConnectionPort: int
clients: [
{
commonName: 'string'
isAdmin: bool
issuerThumbprint: 'string'
thumbprint: 'string'
}
]
clusterCodeVersion: 'string'
clusterUpgradeCadence: 'string'
clusterUpgradeMode: 'string'
ddosProtectionPlanId: 'string'
dnsName: 'string'
enableAutoOSUpgrade: bool
enableIpv6: bool
enableServicePublicIP: bool
fabricSettings: [
{
name: 'string'
parameters: [
{
name: 'string'
value: 'string'
name: 'string'
value: 'string'
}
]
name: 'string'
parameters: [
{
name: 'string'
value: 'string'
name: 'string'
value: 'string'
}
]
}
]
httpGatewayConnectionPort: int
ipTags: [
{
ipTagType: 'string'
tag: 'string'
}
]
loadBalancingRules: [
{
backendPort: int
frontendPort: int
loadDistribution: 'string'
probePort: int
probeProtocol: 'string'
probeRequestPath: 'string'
protocol: 'string'
}
]
networkSecurityRules: [
{
access: 'string'
description: 'string'
destinationAddressPrefix: 'string'
destinationAddressPrefixes: [
'string'
]
destinationPortRange: 'string'
destinationPortRanges: [
'string'
]
direction: 'string'
name: 'string'
priority: int
protocol: 'string'
sourceAddressPrefix: 'string'
sourceAddressPrefixes: [
'string'
]
sourcePortRange: 'string'
sourcePortRanges: [
'string'
]
}
]
publicIPPrefixId: 'string'
publicIPv6PrefixId: 'string'
serviceEndpoints: [
{
locations: [
'string'
]
service: 'string'
}
]
subnetId: 'string'
upgradeDescription: {
deltaHealthPolicy: {
applicationDeltaHealthPolicies: {
{customized property}: {
defaultServiceTypeDeltaHealthPolicy: {
maxPercentDeltaUnhealthyServices: int
}
serviceTypeDeltaHealthPolicies: {
{customized property}: {
maxPercentDeltaUnhealthyServices: int
}
}
}
}
maxPercentDeltaUnhealthyApplications: int
maxPercentDeltaUnhealthyNodes: int
maxPercentUpgradeDomainDeltaUnhealthyNodes: int
maxPercentDeltaUnhealthyApplications: int
maxPercentDeltaUnhealthyNodes: int
maxPercentUpgradeDomainDeltaUnhealthyNodes: int
}
forceRestart: bool
healthCheckRetryTimeout: 'string'
healthCheckStableDuration: 'string'
healthCheckWaitDuration: 'string'
healthPolicy: {
applicationHealthPolicies: {
{customized property}: {
defaultServiceTypeHealthPolicy: {
maxPercentUnhealthyServices: int
maxPercentUnhealthyPartitionsPerService: int
maxPercentUnhealthyReplicasPerPartition: int
maxPercentUnhealthyServices: int
}
serviceTypeHealthPolicies: {
{customized property}: {
maxPercentUnhealthyServices: int
maxPercentUnhealthyPartitionsPerService: int
maxPercentUnhealthyReplicasPerPartition: int
maxPercentUnhealthyServices: int
}
}
considerWarningAsError: bool
defaultServiceTypeHealthPolicy: {
maxPercentUnhealthyServices: int
maxPercentUnhealthyPartitionsPerService: int
maxPercentUnhealthyReplicasPerPartition: int
maxPercentUnhealthyServices: int
}
maxPercentUnhealthyDeployedApplications: int
serviceTypeHealthPolicyMap: {
{customized property}: {
maxPercentUnhealthyServices: int
maxPercentUnhealthyPartitionsPerService: int
maxPercentUnhealthyReplicasPerPartition: int
maxPercentUnhealthyServices: int
}
}
}
}
maxPercentUnhealthyApplications: int
maxPercentUnhealthyNodes: int
maxPercentUnhealthyApplications: int
maxPercentUnhealthyNodes: int
}
upgradeDomainTimeout: 'string'
upgradeReplicaSetCheckTimeout: 'string'
upgradeTimeout: 'string'
deltaHealthPolicy: {
applicationDeltaHealthPolicies: {
{customized property}: {
defaultServiceTypeDeltaHealthPolicy: {
maxPercentDeltaUnhealthyServices: int
}
serviceTypeDeltaHealthPolicies: {
{customized property}: {
maxPercentDeltaUnhealthyServices: int
}
}
}
}
maxPercentDeltaUnhealthyApplications: int
maxPercentDeltaUnhealthyNodes: int
maxPercentUpgradeDomainDeltaUnhealthyNodes: int
maxPercentDeltaUnhealthyApplications: int
maxPercentDeltaUnhealthyNodes: int
maxPercentUpgradeDomainDeltaUnhealthyNodes: int
}
forceRestart: bool
healthPolicy: {
applicationHealthPolicies: {
{customized property}: {
defaultServiceTypeHealthPolicy: {
maxPercentUnhealthyServices: int
maxPercentUnhealthyPartitionsPerService: int
maxPercentUnhealthyReplicasPerPartition: int
maxPercentUnhealthyServices: int
}
serviceTypeHealthPolicies: {
{customized property}: {
maxPercentUnhealthyServices: int
maxPercentUnhealthyPartitionsPerService: int
maxPercentUnhealthyReplicasPerPartition: int
maxPercentUnhealthyServices: int
}
}
considerWarningAsError: bool
defaultServiceTypeHealthPolicy: {
maxPercentUnhealthyServices: int
maxPercentUnhealthyPartitionsPerService: int
maxPercentUnhealthyReplicasPerPartition: int
maxPercentUnhealthyServices: int
}
maxPercentUnhealthyDeployedApplications: int
serviceTypeHealthPolicyMap: {
{customized property}: {
maxPercentUnhealthyServices: int
maxPercentUnhealthyPartitionsPerService: int
maxPercentUnhealthyReplicasPerPartition: int
maxPercentUnhealthyServices: int
}
}
}
}
maxPercentUnhealthyApplications: int
maxPercentUnhealthyNodes: int
maxPercentUnhealthyApplications: int
maxPercentUnhealthyNodes: int
}
monitoringPolicy: {
healthCheckRetryTimeout: 'string'
healthCheckStableDuration: 'string'
healthCheckWaitDuration: 'string'
upgradeDomainTimeout: 'string'
upgradeTimeout: 'string'
}
upgradeReplicaSetCheckTimeout: 'string'
}
useCustomVnet: bool
zonalResiliency: bool
zonalUpdateMode: 'string'
}
}
Property values
managedClusters
Name | Description | Value |
---|---|---|
name | The resource name | string (required) |
location | Azure resource location. | string (required) |
tags | Azure resource tags. | Dictionary of tag names and values. See Tags in templates |
sku | The sku of the managed cluster | Sku (required) |
properties | The managed cluster resource properties | ManagedClusterProperties |
ManagedClusterProperties
Name | Description | Value |
---|---|---|
addonFeatures | List of add-on features to enable on the cluster. | String array containing any of: 'BackupRestoreService' 'DnsService' 'ResourceMonitorService' |
adminPassword | VM admin user password. | string Constraints: Sensitive value. Pass in as a secure parameter. |
adminUserName | VM admin user name. | string (required) |
allowRdpAccess | Setting this to true enables RDP access to the VM. The default NSG rule opens RDP port to Internet which can be overridden with custom Network Security Rules. The default value for this setting is false. | bool |
applicationTypeVersionsCleanupPolicy | The policy used to clean up unused versions. | ApplicationTypeVersionsCleanupPolicy |
auxiliarySubnets | Auxiliary subnets for the cluster. | Subnet[] |
azureActiveDirectory | The AAD authentication settings of the cluster. | AzureActiveDirectory |
clientConnectionPort | The port used for client connections to the cluster. | int |
clients | Client certificates that are allowed to manage the cluster. | ClientCertificate[] |
clusterCodeVersion | The Service Fabric runtime version of the cluster. This property is required when clusterUpgradeMode is set to 'Manual'. To get list of available Service Fabric versions for new clusters use ClusterVersion API. To get the list of available version for existing clusters use availableClusterVersions. | string |
clusterUpgradeCadence | Indicates when new cluster runtime version upgrades will be applied after they are released. By default is Wave0. Only applies when clusterUpgradeMode is set to 'Automatic'. | 'Wave0' 'Wave1' 'Wave2' |
clusterUpgradeMode | The upgrade mode of the cluster when new Service Fabric runtime version is available. | 'Automatic' 'Manual' |
ddosProtectionPlanId | Specify the resource id of a DDoS network protection plan that will be associated with the virtual network of the cluster. | string |
dnsName | The cluster dns name. | string (required) |
enableAutoOSUpgrade | Setting this to true enables automatic OS upgrade for the node types that are created using any platform OS image with version 'latest'. The default value for this setting is false. | bool |
enableIpv6 | Setting this to true creates IPv6 address space for the default VNet used by the cluster. This setting cannot be changed once the cluster is created. The default value for this setting is false. | bool |
enableServicePublicIP | Setting this to true will link the IPv4 address as the ServicePublicIP of the IPv6 address. It can only be set to True if IPv6 is enabled on the cluster. | bool |
fabricSettings | The list of custom fabric settings to configure the cluster. | SettingsSectionDescription[] |
httpGatewayConnectionPort | The port used for HTTP connections to the cluster. | int |
ipTags | The list of IP tags associated with the default public IP address of the cluster. | IPTag[] |
loadBalancingRules | Load balancing rules that are applied to the public load balancer of the cluster. | LoadBalancingRule[] |
networkSecurityRules | Custom Network Security Rules that are applied to the Virtual Network of the cluster. | NetworkSecurityRule[] |
publicIPPrefixId | Specify the resource id of a public IPv4 prefix that the load balancer will allocate a public IPv4 address from. This setting cannot be changed once the cluster is created. | string |
publicIPv6PrefixId | Specify the resource id of a public IPv6 prefix that the load balancer will allocate a public IPv6 address from. This setting cannot be changed once the cluster is created. | string |
serviceEndpoints | Service endpoints for subnets in the cluster. | ServiceEndpoint[] |
subnetId | If specified, the node types for the cluster are created in this subnet instead of the default VNet. The networkSecurityRules specified for the cluster are also applied to this subnet. This setting cannot be changed once the cluster is created. | string |
upgradeDescription | The policy to use when upgrading the cluster. | ClusterUpgradePolicy |
useCustomVnet | For new clusters, this parameter indicates that it uses Bring your own VNet, but the subnet is specified at node type level; and for such clusters, the subnetId property is required for node types. | bool |
zonalResiliency | Indicates if the cluster has zone resiliency. | bool |
zonalUpdateMode | Indicates the update mode for Cross Az clusters. | 'Fast' 'Standard' |
ApplicationTypeVersionsCleanupPolicy
Name | Description | Value |
---|---|---|
maxUnusedVersionsToKeep | Number of unused versions per application type to keep. | int (required) Constraints: Min value = 0 |
maxUnusedVersionsToKeep | Number of unused versions per application type to keep. | int (required) Constraints: Min value = 0 |
Subnet
Name | Description | Value |
---|---|---|
enableIpv6 | Indicates wether to enable Ipv6 or not. If not provided, it will take the same configuration as the cluster. | bool |
name | Subnet name. | string (required) |
networkSecurityGroupId | Full resource id for the network security group. | string |
privateEndpointNetworkPolicies | Enable or Disable apply network policies on private end point in the subnet. | 'disabled' 'enabled' |
privateLinkServiceNetworkPolicies | Enable or Disable apply network policies on private link service in the subnet. | 'disabled' 'enabled' |
AzureActiveDirectory
Name | Description | Value |
---|---|---|
clientApplication | Azure active directory client application id. | string |
clusterApplication | Azure active directory cluster application id. | string |
tenantId | Azure active directory tenant id. | string |
clientApplication | Azure active directory client application id. | string |
clusterApplication | Azure active directory cluster application id. | string |
tenantId | Azure active directory tenant id. | string |
ClientCertificate
Name | Description | Value |
---|---|---|
commonName | Certificate common name. | string |
isAdmin | Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. | bool (required) |
issuerThumbprint | Issuer thumbprint for the certificate. Only used together with CommonName. | string |
thumbprint | Certificate thumbprint. | string |
SettingsSectionDescription
Name | Description | Value |
---|---|---|
name | The section name of the fabric settings. | string (required) |
parameters | The collection of parameters in the section. | SettingsParameterDescription[] (required) |
name | The section name of the fabric settings. | string (required) |
parameters | The collection of parameters in the section. | SettingsParameterDescription[] (required) |
SettingsParameterDescription
Name | Description | Value |
---|---|---|
name | The parameter name of fabric setting. | string (required) |
value | The parameter value of fabric setting. | string (required) |
name | The parameter name of fabric setting. | string (required) |
value | The parameter value of fabric setting. | string (required) |
IPTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. | string (required) |
tag | The value of the IP tag. | string (required) |
LoadBalancingRule
Name | Description | Value |
---|---|---|
backendPort | The port used for internal connections on the endpoint. Acceptable values are between 1 and 65535. | int (required) Constraints: Min value = 1 Max value = 65534 |
frontendPort | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values are between 1 and 65534. | int (required) Constraints: Min value = 1 Max value = 65534 |
loadDistribution | The load distribution policy for this rule. | string |
probePort | The prob port used by the load balancing rule. Acceptable values are between 1 and 65535. | int Constraints: Min value = 1 Max value = 65534 |
probeProtocol | the reference to the load balancer probe used by the load balancing rule. | 'http '' https ''tcp' (required) |
probeRequestPath | The probe request path. Only supported for HTTP/HTTPS probes. | string |
protocol | The reference to the transport protocol used by the load balancing rule. | 'tcp' 'udp' (required) |
NetworkSecurityRule
Name | Description | Value |
---|---|---|
access | The network traffic is allowed or denied. | 'allow' 'deny' (required) |
description | Network security rule description. | string |
destinationAddressPrefix | The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string |
destinationAddressPrefixes | The destination address prefixes. CIDR or destination IP ranges. | string[] |
destinationPortRange | he destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
destinationPortRanges | The destination port ranges. | string[] |
direction | Network security rule direction. | 'inbound' 'outbound' (required) |
name | Network security rule name. | string (required) |
priority | The priority of the rule. The value can be in the range 1000 to 3000. Values outside this range are reserved for Service Fabric ManagerCluster Resource Provider. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int (required) Constraints: Min value = 1000 Max value = 3000 |
protocol | Network protocol this rule applies to. | 'ah' 'esp' ' http '' https ''icmp' 'tcp' 'udp' (required) |
sourceAddressPrefix | The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string |
sourceAddressPrefixes | The CIDR or source IP ranges. | string[] |
sourcePortRange | The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
sourcePortRanges | The source port ranges. | string[] |
ServiceEndpoint
Name | Description | Value |
---|---|---|
locations | A list of locations. | string[] |
service | The type of the endpoint service. | string (required) |
ClusterUpgradePolicy
Name | Description | Value |
---|---|---|
deltaHealthPolicy | The cluster delta health policy used when upgrading the cluster. | ClusterUpgradeDeltaHealthPolicy |
forceRestart | If true, then processes are forcefully restarted during upgrade even when the code version has not changed (the upgrade only changes configuration or data). | bool |
healthCheckRetryTimeout | The amount of time to retry health evaluation when the application or cluster is unhealthy before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckStableDuration | The amount of time that the application or cluster must remain healthy before the upgrade proceeds to the next upgrade domain. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckWaitDuration | The length of time to wait after completing an upgrade domain before performing health checks. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthPolicy | The cluster health policy used when upgrading the cluster. | ClusterHealthPolicy (required) |
upgradeDomainTimeout | The amount of time each upgrade domain has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeReplicaSetCheckTimeout | The maximum amount of time to block processing of an upgrade domain and prevent loss of availability when there are unexpected issues. When this timeout expires, processing of the upgrade domain will proceed regardless of availability loss issues. The timeout is reset at the start of each upgrade domain. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeTimeout | The amount of time the overall upgrade has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
deltaHealthPolicy | The cluster delta health policy defines a health policy used to evaluate the health of the cluster during a cluster upgrade. | ClusterUpgradeDeltaHealthPolicy |
forceRestart | If true, then processes are forcefully restarted during upgrade even when the code version has not changed (the upgrade only changes configuration or data). | bool |
healthPolicy | The cluster health policy defines a health policy used to evaluate the health of the cluster during a cluster upgrade. | ClusterHealthPolicy |
monitoringPolicy | The cluster monitoring policy describes the parameters for monitoring an upgrade in Monitored mode. | ClusterMonitoringPolicy |
upgradeReplicaSetCheckTimeout | The maximum amount of time to block processing of an upgrade domain and prevent loss of availability when there are unexpected issues. When this timeout expires, processing of the upgrade domain will proceed regardless of availability loss issues. The timeout is reset at the start of each upgrade domain. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. This value must be between 00:00:00 and 49710.06:28:15 (unsigned 32 bit integer for seconds) |
string |
ClusterUpgradeDeltaHealthPolicy
Name | Description | Value |
---|---|---|
applicationDeltaHealthPolicies | Defines the application delta health policy map used to evaluate the health of an application or one of its child entities when upgrading the cluster. | ApplicationDeltaHealthPolicyMap |
maxPercentDeltaUnhealthyApplications | The maximum allowed percentage of applications health degradation allowed during cluster upgrades. The delta is measured between the state of the applications at the beginning of upgrade and the state of the applications at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. System services are not included in this. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentDeltaUnhealthyNodes | The maximum allowed percentage of nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the nodes at the beginning of upgrade and the state of the nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUpgradeDomainDeltaUnhealthyNodes | The maximum allowed percentage of upgrade domain nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the upgrade domain nodes at the beginning of upgrade and the state of the upgrade domain nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion for all completed upgrade domains to make sure the state of the upgrade domains is within tolerated limits. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentDeltaUnhealthyApplications | The maximum allowed percentage of applications health degradation allowed during cluster upgrades. The delta is measured between the state of the applications at the beginning of upgrade and the state of the applications at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. System services are not included in this. NOTE: This value will overwrite the value specified in properties.UpgradeDescription.HealthPolicy.MaxPercentUnhealthyApplications |
int Constraints: Min value = 0 Max value = 100 |
maxPercentDeltaUnhealthyNodes | The maximum allowed percentage of nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the nodes at the beginning of upgrade and the state of the nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUpgradeDomainDeltaUnhealthyNodes | The maximum allowed percentage of upgrade domain nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the upgrade domain nodes at the beginning of upgrade and the state of the upgrade domain nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion for all completed upgrade domains to make sure the state of the upgrade domains is within tolerated limits. |
int Constraints: Min value = 0 Max value = 100 |
ApplicationDeltaHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ApplicationDeltaHealthPolicy |
ApplicationDeltaHealthPolicy
Name | Description | Value |
---|---|---|
defaultServiceTypeDeltaHealthPolicy | The delta health policy used by default to evaluate the health of a service type when upgrading the cluster. | ServiceTypeDeltaHealthPolicy |
serviceTypeDeltaHealthPolicies | The map with service type delta health policy per service type name. The map is empty by default. | ServiceTypeDeltaHealthPolicyMap |
ServiceTypeDeltaHealthPolicy
Name | Description | Value |
---|---|---|
maxPercentDeltaUnhealthyServices | The maximum allowed percentage of services health degradation allowed during cluster upgrades. The delta is measured between the state of the services at the beginning of upgrade and the state of the services at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. |
int Constraints: Min value = 0 Max value = 100 |
ServiceTypeDeltaHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ServiceTypeDeltaHealthPolicy |
ClusterHealthPolicy
Name | Description | Value |
---|---|---|
applicationHealthPolicies | Defines the application health policy map used to evaluate the health of an application or one of its children entities. | ApplicationHealthPolicyMap |
maxPercentUnhealthyApplications | The maximum allowed percentage of unhealthy applications before reporting an error. For example, to allow 10% of applications to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of applications that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy application, the health is evaluated as Warning. This is calculated by dividing the number of unhealthy applications over the total number of application instances in the cluster, excluding applications of application types that are included in the ApplicationTypeHealthPolicyMap. The computation rounds up to tolerate one failure on small numbers of applications. Default percentage is zero. |
int Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyNodes | The maximum allowed percentage of unhealthy nodes before reporting an error. For example, to allow 10% of nodes to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of nodes that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy node, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy nodes over the total number of nodes in the cluster. The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero. In large clusters, some nodes will always be down or out for repairs, so this percentage should be configured to tolerate that. |
int Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyApplications | The maximum allowed percentage of unhealthy applications before reporting an error. For example, to allow 10% of applications to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of applications that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy application, the health is evaluated as Warning. This is calculated by dividing the number of unhealthy applications over the total number of application instances in the cluster, excluding applications of application types that are included in the ApplicationTypeHealthPolicyMap. The computation rounds up to tolerate one failure on small numbers of applications. Default percentage is zero. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyNodes | The maximum allowed percentage of unhealthy nodes before reporting an error. For example, to allow 10% of nodes to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of nodes that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy node, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy nodes over the total number of nodes in the cluster. The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero. In large clusters, some nodes will always be down or out for repairs, so this percentage should be configured to tolerate that. |
int (required) Constraints: Min value = 0 Max value = 100 |
ApplicationHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ApplicationHealthPolicy |
ApplicationHealthPolicy
Name | Description | Value |
---|---|---|
defaultServiceTypeHealthPolicy | The health policy used by default to evaluate the health of a service type. | ServiceTypeHealthPolicy |
serviceTypeHealthPolicies | The map with service type health policy per service type name. The map is empty by default. | ServiceTypeHealthPolicyMap |
considerWarningAsError | Indicates whether warnings are treated with the same severity as errors. | bool (required) |
defaultServiceTypeHealthPolicy | The health policy used by default to evaluate the health of a service type. | ServiceTypeHealthPolicy |
maxPercentUnhealthyDeployedApplications | The maximum allowed percentage of unhealthy deployed applications. Allowed values are Byte values from zero to 100. The percentage represents the maximum tolerated percentage of deployed applications that can be unhealthy before the application is considered in error. This is calculated by dividing the number of unhealthy deployed applications over the number of nodes where the application is currently deployed on in the cluster. The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero. |
int (required) |
serviceTypeHealthPolicyMap | The map with service type health policy per service type name. The map is empty by default. | ServiceTypeHealthPolicyMap |
ServiceTypeHealthPolicy
Name | Description | Value |
---|---|---|
maxPercentUnhealthyServices | The maximum percentage of services allowed to be unhealthy before your application is considered in error. | int Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyPartitionsPerService | The maximum allowed percentage of unhealthy partitions per service. The percentage represents the maximum tolerated percentage of partitions that can be unhealthy before the service is considered in error. If the percentage is respected but there is at least one unhealthy partition, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy partitions over the total number of partitions in the service. The computation rounds up to tolerate one failure on small numbers of partitions. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyReplicasPerPartition | The maximum allowed percentage of unhealthy replicas per partition. The percentage represents the maximum tolerated percentage of replicas that can be unhealthy before the partition is considered in error. If the percentage is respected but there is at least one unhealthy replica, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy replicas over the total number of replicas in the partition. The computation rounds up to tolerate one failure on small numbers of replicas. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyServices | The maximum allowed percentage of unhealthy services. The percentage represents the maximum tolerated percentage of services that can be unhealthy before the application is considered in error. If the percentage is respected but there is at least one unhealthy service, the health is evaluated as Warning. This is calculated by dividing the number of unhealthy services of the specific service type over the total number of services of the specific service type. The computation rounds up to tolerate one failure on small numbers of services. |
int (required) Constraints: Min value = 0 Max value = 100 |
ServiceTypeHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ServiceTypeHealthPolicy |
ClusterMonitoringPolicy
Name | Description | Value |
---|---|---|
healthCheckRetryTimeout | The amount of time to retry health evaluation when the application or cluster is unhealthy before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckStableDuration | The amount of time that the application or cluster must remain healthy before the upgrade proceeds to the next upgrade domain. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckWaitDuration | The length of time to wait after completing an upgrade domain before performing health checks. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeDomainTimeout | The amount of time each upgrade domain has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeTimeout | The amount of time the overall upgrade has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
Sku
Name | Description | Value |
---|---|---|
name | Sku Name. | 'Basic' 'Standard' (required) |
ARM template resource definition
The managedClusters resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ServiceFabric/managedClusters resource, add the following JSON to your template.
{
"type": "Microsoft.ServiceFabric/managedClusters",
"apiVersion": "2023-11-01-preview",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"sku": {
"name": "string"
},
"properties": {
"addonFeatures": [ "string" ],
"adminPassword": "string",
"adminUserName": "string",
"allowRdpAccess": "bool",
"applicationTypeVersionsCleanupPolicy": {
"maxUnusedVersionsToKeep": "int",
"maxUnusedVersionsToKeep": "int"
},
"auxiliarySubnets": [
{
"enableIpv6": "bool",
"name": "string",
"networkSecurityGroupId": "string",
"privateEndpointNetworkPolicies": "string",
"privateLinkServiceNetworkPolicies": "string"
}
],
"azureActiveDirectory": {
"clientApplication": "string",
"clusterApplication": "string",
"tenantId": "string",
"clientApplication": "string",
"clusterApplication": "string",
"tenantId": "string"
},
"clientConnectionPort": "int",
"clients": [
{
"commonName": "string",
"isAdmin": "bool",
"issuerThumbprint": "string",
"thumbprint": "string"
}
],
"clusterCodeVersion": "string",
"clusterUpgradeCadence": "string",
"clusterUpgradeMode": "string",
"ddosProtectionPlanId": "string",
"dnsName": "string",
"enableAutoOSUpgrade": "bool",
"enableIpv6": "bool",
"enableServicePublicIP": "bool",
"fabricSettings": [
{
"name": "string",
"parameters": [
{
"name": "string",
"value": "string",
"name": "string",
"value": "string"
}
],
"name": "string",
"parameters": [
{
"name": "string",
"value": "string",
"name": "string",
"value": "string"
}
]
}
],
"httpGatewayConnectionPort": "int",
"ipTags": [
{
"ipTagType": "string",
"tag": "string"
}
],
"loadBalancingRules": [
{
"backendPort": "int",
"frontendPort": "int",
"loadDistribution": "string",
"probePort": "int",
"probeProtocol": "string",
"probeRequestPath": "string",
"protocol": "string"
}
],
"networkSecurityRules": [
{
"access": "string",
"description": "string",
"destinationAddressPrefix": "string",
"destinationAddressPrefixes": [ "string" ],
"destinationPortRange": "string",
"destinationPortRanges": [ "string" ],
"direction": "string",
"name": "string",
"priority": "int",
"protocol": "string",
"sourceAddressPrefix": "string",
"sourceAddressPrefixes": [ "string" ],
"sourcePortRange": "string",
"sourcePortRanges": [ "string" ]
}
],
"publicIPPrefixId": "string",
"publicIPv6PrefixId": "string",
"serviceEndpoints": [
{
"locations": [ "string" ],
"service": "string"
}
],
"subnetId": "string",
"upgradeDescription": {
"deltaHealthPolicy": {
"applicationDeltaHealthPolicies": {
"{customized property}": {
"defaultServiceTypeDeltaHealthPolicy": {
"maxPercentDeltaUnhealthyServices": "int"
},
"serviceTypeDeltaHealthPolicies": {
"{customized property}": {
"maxPercentDeltaUnhealthyServices": "int"
}
}
}
},
"maxPercentDeltaUnhealthyApplications": "int",
"maxPercentDeltaUnhealthyNodes": "int",
"maxPercentUpgradeDomainDeltaUnhealthyNodes": "int",
"maxPercentDeltaUnhealthyApplications": "int",
"maxPercentDeltaUnhealthyNodes": "int",
"maxPercentUpgradeDomainDeltaUnhealthyNodes": "int"
},
"forceRestart": "bool",
"healthCheckRetryTimeout": "string",
"healthCheckStableDuration": "string",
"healthCheckWaitDuration": "string",
"healthPolicy": {
"applicationHealthPolicies": {
"{customized property}": {
"defaultServiceTypeHealthPolicy": {
"maxPercentUnhealthyServices": "int",
"maxPercentUnhealthyPartitionsPerService": "int",
"maxPercentUnhealthyReplicasPerPartition": "int",
"maxPercentUnhealthyServices": "int"
},
"serviceTypeHealthPolicies": {
"{customized property}": {
"maxPercentUnhealthyServices": "int",
"maxPercentUnhealthyPartitionsPerService": "int",
"maxPercentUnhealthyReplicasPerPartition": "int",
"maxPercentUnhealthyServices": "int"
}
},
"considerWarningAsError": "bool",
"defaultServiceTypeHealthPolicy": {
"maxPercentUnhealthyServices": "int",
"maxPercentUnhealthyPartitionsPerService": "int",
"maxPercentUnhealthyReplicasPerPartition": "int",
"maxPercentUnhealthyServices": "int"
},
"maxPercentUnhealthyDeployedApplications": "int",
"serviceTypeHealthPolicyMap": {
"{customized property}": {
"maxPercentUnhealthyServices": "int",
"maxPercentUnhealthyPartitionsPerService": "int",
"maxPercentUnhealthyReplicasPerPartition": "int",
"maxPercentUnhealthyServices": "int"
}
}
}
},
"maxPercentUnhealthyApplications": "int",
"maxPercentUnhealthyNodes": "int",
"maxPercentUnhealthyApplications": "int",
"maxPercentUnhealthyNodes": "int"
},
"upgradeDomainTimeout": "string",
"upgradeReplicaSetCheckTimeout": "string",
"upgradeTimeout": "string",
"deltaHealthPolicy": {
"applicationDeltaHealthPolicies": {
"{customized property}": {
"defaultServiceTypeDeltaHealthPolicy": {
"maxPercentDeltaUnhealthyServices": "int"
},
"serviceTypeDeltaHealthPolicies": {
"{customized property}": {
"maxPercentDeltaUnhealthyServices": "int"
}
}
}
},
"maxPercentDeltaUnhealthyApplications": "int",
"maxPercentDeltaUnhealthyNodes": "int",
"maxPercentUpgradeDomainDeltaUnhealthyNodes": "int",
"maxPercentDeltaUnhealthyApplications": "int",
"maxPercentDeltaUnhealthyNodes": "int",
"maxPercentUpgradeDomainDeltaUnhealthyNodes": "int"
},
"forceRestart": "bool",
"healthPolicy": {
"applicationHealthPolicies": {
"{customized property}": {
"defaultServiceTypeHealthPolicy": {
"maxPercentUnhealthyServices": "int",
"maxPercentUnhealthyPartitionsPerService": "int",
"maxPercentUnhealthyReplicasPerPartition": "int",
"maxPercentUnhealthyServices": "int"
},
"serviceTypeHealthPolicies": {
"{customized property}": {
"maxPercentUnhealthyServices": "int",
"maxPercentUnhealthyPartitionsPerService": "int",
"maxPercentUnhealthyReplicasPerPartition": "int",
"maxPercentUnhealthyServices": "int"
}
},
"considerWarningAsError": "bool",
"defaultServiceTypeHealthPolicy": {
"maxPercentUnhealthyServices": "int",
"maxPercentUnhealthyPartitionsPerService": "int",
"maxPercentUnhealthyReplicasPerPartition": "int",
"maxPercentUnhealthyServices": "int"
},
"maxPercentUnhealthyDeployedApplications": "int",
"serviceTypeHealthPolicyMap": {
"{customized property}": {
"maxPercentUnhealthyServices": "int",
"maxPercentUnhealthyPartitionsPerService": "int",
"maxPercentUnhealthyReplicasPerPartition": "int",
"maxPercentUnhealthyServices": "int"
}
}
}
},
"maxPercentUnhealthyApplications": "int",
"maxPercentUnhealthyNodes": "int",
"maxPercentUnhealthyApplications": "int",
"maxPercentUnhealthyNodes": "int"
},
"monitoringPolicy": {
"healthCheckRetryTimeout": "string",
"healthCheckStableDuration": "string",
"healthCheckWaitDuration": "string",
"upgradeDomainTimeout": "string",
"upgradeTimeout": "string"
},
"upgradeReplicaSetCheckTimeout": "string"
},
"useCustomVnet": "bool",
"zonalResiliency": "bool",
"zonalUpdateMode": "string"
}
}
Property values
managedClusters
Name | Description | Value |
---|---|---|
type | The resource type | 'Microsoft.ServiceFabric/managedClusters' |
apiVersion | The resource api version | '2023-11-01-preview' |
name | The resource name | string (required) |
location | Azure resource location. | string (required) |
tags | Azure resource tags. | Dictionary of tag names and values. See Tags in templates |
sku | The sku of the managed cluster | Sku (required) |
properties | The managed cluster resource properties | ManagedClusterProperties |
ManagedClusterProperties
Name | Description | Value |
---|---|---|
addonFeatures | List of add-on features to enable on the cluster. | String array containing any of: 'BackupRestoreService' 'DnsService' 'ResourceMonitorService' |
adminPassword | VM admin user password. | string Constraints: Sensitive value. Pass in as a secure parameter. |
adminUserName | VM admin user name. | string (required) |
allowRdpAccess | Setting this to true enables RDP access to the VM. The default NSG rule opens RDP port to Internet which can be overridden with custom Network Security Rules. The default value for this setting is false. | bool |
applicationTypeVersionsCleanupPolicy | The policy used to clean up unused versions. | ApplicationTypeVersionsCleanupPolicy |
auxiliarySubnets | Auxiliary subnets for the cluster. | Subnet[] |
azureActiveDirectory | The AAD authentication settings of the cluster. | AzureActiveDirectory |
clientConnectionPort | The port used for client connections to the cluster. | int |
clients | Client certificates that are allowed to manage the cluster. | ClientCertificate[] |
clusterCodeVersion | The Service Fabric runtime version of the cluster. This property is required when clusterUpgradeMode is set to 'Manual'. To get list of available Service Fabric versions for new clusters use ClusterVersion API. To get the list of available version for existing clusters use availableClusterVersions. | string |
clusterUpgradeCadence | Indicates when new cluster runtime version upgrades will be applied after they are released. By default is Wave0. Only applies when clusterUpgradeMode is set to 'Automatic'. | 'Wave0' 'Wave1' 'Wave2' |
clusterUpgradeMode | The upgrade mode of the cluster when new Service Fabric runtime version is available. | 'Automatic' 'Manual' |
ddosProtectionPlanId | Specify the resource id of a DDoS network protection plan that will be associated with the virtual network of the cluster. | string |
dnsName | The cluster dns name. | string (required) |
enableAutoOSUpgrade | Setting this to true enables automatic OS upgrade for the node types that are created using any platform OS image with version 'latest'. The default value for this setting is false. | bool |
enableIpv6 | Setting this to true creates IPv6 address space for the default VNet used by the cluster. This setting cannot be changed once the cluster is created. The default value for this setting is false. | bool |
enableServicePublicIP | Setting this to true will link the IPv4 address as the ServicePublicIP of the IPv6 address. It can only be set to True if IPv6 is enabled on the cluster. | bool |
fabricSettings | The list of custom fabric settings to configure the cluster. | SettingsSectionDescription[] |
httpGatewayConnectionPort | The port used for HTTP connections to the cluster. | int |
ipTags | The list of IP tags associated with the default public IP address of the cluster. | IPTag[] |
loadBalancingRules | Load balancing rules that are applied to the public load balancer of the cluster. | LoadBalancingRule[] |
networkSecurityRules | Custom Network Security Rules that are applied to the Virtual Network of the cluster. | NetworkSecurityRule[] |
publicIPPrefixId | Specify the resource id of a public IPv4 prefix that the load balancer will allocate a public IPv4 address from. This setting cannot be changed once the cluster is created. | string |
publicIPv6PrefixId | Specify the resource id of a public IPv6 prefix that the load balancer will allocate a public IPv6 address from. This setting cannot be changed once the cluster is created. | string |
serviceEndpoints | Service endpoints for subnets in the cluster. | ServiceEndpoint[] |
subnetId | If specified, the node types for the cluster are created in this subnet instead of the default VNet. The networkSecurityRules specified for the cluster are also applied to this subnet. This setting cannot be changed once the cluster is created. | string |
upgradeDescription | The policy to use when upgrading the cluster. | ClusterUpgradePolicy |
useCustomVnet | For new clusters, this parameter indicates that it uses Bring your own VNet, but the subnet is specified at node type level; and for such clusters, the subnetId property is required for node types. | bool |
zonalResiliency | Indicates if the cluster has zone resiliency. | bool |
zonalUpdateMode | Indicates the update mode for Cross Az clusters. | 'Fast' 'Standard' |
ApplicationTypeVersionsCleanupPolicy
Name | Description | Value |
---|---|---|
maxUnusedVersionsToKeep | Number of unused versions per application type to keep. | int (required) Constraints: Min value = 0 |
maxUnusedVersionsToKeep | Number of unused versions per application type to keep. | int (required) Constraints: Min value = 0 |
Subnet
Name | Description | Value |
---|---|---|
enableIpv6 | Indicates wether to enable Ipv6 or not. If not provided, it will take the same configuration as the cluster. | bool |
name | Subnet name. | string (required) |
networkSecurityGroupId | Full resource id for the network security group. | string |
privateEndpointNetworkPolicies | Enable or Disable apply network policies on private end point in the subnet. | 'disabled' 'enabled' |
privateLinkServiceNetworkPolicies | Enable or Disable apply network policies on private link service in the subnet. | 'disabled' 'enabled' |
AzureActiveDirectory
Name | Description | Value |
---|---|---|
clientApplication | Azure active directory client application id. | string |
clusterApplication | Azure active directory cluster application id. | string |
tenantId | Azure active directory tenant id. | string |
clientApplication | Azure active directory client application id. | string |
clusterApplication | Azure active directory cluster application id. | string |
tenantId | Azure active directory tenant id. | string |
ClientCertificate
Name | Description | Value |
---|---|---|
commonName | Certificate common name. | string |
isAdmin | Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. | bool (required) |
issuerThumbprint | Issuer thumbprint for the certificate. Only used together with CommonName. | string |
thumbprint | Certificate thumbprint. | string |
SettingsSectionDescription
Name | Description | Value |
---|---|---|
name | The section name of the fabric settings. | string (required) |
parameters | The collection of parameters in the section. | SettingsParameterDescription[] (required) |
name | The section name of the fabric settings. | string (required) |
parameters | The collection of parameters in the section. | SettingsParameterDescription[] (required) |
SettingsParameterDescription
Name | Description | Value |
---|---|---|
name | The parameter name of fabric setting. | string (required) |
value | The parameter value of fabric setting. | string (required) |
name | The parameter name of fabric setting. | string (required) |
value | The parameter value of fabric setting. | string (required) |
IPTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. | string (required) |
tag | The value of the IP tag. | string (required) |
LoadBalancingRule
Name | Description | Value |
---|---|---|
backendPort | The port used for internal connections on the endpoint. Acceptable values are between 1 and 65535. | int (required) Constraints: Min value = 1 Max value = 65534 |
frontendPort | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values are between 1 and 65534. | int (required) Constraints: Min value = 1 Max value = 65534 |
loadDistribution | The load distribution policy for this rule. | string |
probePort | The prob port used by the load balancing rule. Acceptable values are between 1 and 65535. | int Constraints: Min value = 1 Max value = 65534 |
probeProtocol | the reference to the load balancer probe used by the load balancing rule. | 'http '' https ''tcp' (required) |
probeRequestPath | The probe request path. Only supported for HTTP/HTTPS probes. | string |
protocol | The reference to the transport protocol used by the load balancing rule. | 'tcp' 'udp' (required) |
NetworkSecurityRule
Name | Description | Value |
---|---|---|
access | The network traffic is allowed or denied. | 'allow' 'deny' (required) |
description | Network security rule description. | string |
destinationAddressPrefix | The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string |
destinationAddressPrefixes | The destination address prefixes. CIDR or destination IP ranges. | string[] |
destinationPortRange | he destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
destinationPortRanges | The destination port ranges. | string[] |
direction | Network security rule direction. | 'inbound' 'outbound' (required) |
name | Network security rule name. | string (required) |
priority | The priority of the rule. The value can be in the range 1000 to 3000. Values outside this range are reserved for Service Fabric ManagerCluster Resource Provider. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int (required) Constraints: Min value = 1000 Max value = 3000 |
protocol | Network protocol this rule applies to. | 'ah' 'esp' ' http '' https ''icmp' 'tcp' 'udp' (required) |
sourceAddressPrefix | The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string |
sourceAddressPrefixes | The CIDR or source IP ranges. | string[] |
sourcePortRange | The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
sourcePortRanges | The source port ranges. | string[] |
ServiceEndpoint
Name | Description | Value |
---|---|---|
locations | A list of locations. | string[] |
service | The type of the endpoint service. | string (required) |
ClusterUpgradePolicy
Name | Description | Value |
---|---|---|
deltaHealthPolicy | The cluster delta health policy used when upgrading the cluster. | ClusterUpgradeDeltaHealthPolicy |
forceRestart | If true, then processes are forcefully restarted during upgrade even when the code version has not changed (the upgrade only changes configuration or data). | bool |
healthCheckRetryTimeout | The amount of time to retry health evaluation when the application or cluster is unhealthy before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckStableDuration | The amount of time that the application or cluster must remain healthy before the upgrade proceeds to the next upgrade domain. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckWaitDuration | The length of time to wait after completing an upgrade domain before performing health checks. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthPolicy | The cluster health policy used when upgrading the cluster. | ClusterHealthPolicy (required) |
upgradeDomainTimeout | The amount of time each upgrade domain has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeReplicaSetCheckTimeout | The maximum amount of time to block processing of an upgrade domain and prevent loss of availability when there are unexpected issues. When this timeout expires, processing of the upgrade domain will proceed regardless of availability loss issues. The timeout is reset at the start of each upgrade domain. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeTimeout | The amount of time the overall upgrade has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
deltaHealthPolicy | The cluster delta health policy defines a health policy used to evaluate the health of the cluster during a cluster upgrade. | ClusterUpgradeDeltaHealthPolicy |
forceRestart | If true, then processes are forcefully restarted during upgrade even when the code version has not changed (the upgrade only changes configuration or data). | bool |
healthPolicy | The cluster health policy defines a health policy used to evaluate the health of the cluster during a cluster upgrade. | ClusterHealthPolicy |
monitoringPolicy | The cluster monitoring policy describes the parameters for monitoring an upgrade in Monitored mode. | ClusterMonitoringPolicy |
upgradeReplicaSetCheckTimeout | The maximum amount of time to block processing of an upgrade domain and prevent loss of availability when there are unexpected issues. When this timeout expires, processing of the upgrade domain will proceed regardless of availability loss issues. The timeout is reset at the start of each upgrade domain. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. This value must be between 00:00:00 and 49710.06:28:15 (unsigned 32 bit integer for seconds) |
string |
ClusterUpgradeDeltaHealthPolicy
Name | Description | Value |
---|---|---|
applicationDeltaHealthPolicies | Defines the application delta health policy map used to evaluate the health of an application or one of its child entities when upgrading the cluster. | ApplicationDeltaHealthPolicyMap |
maxPercentDeltaUnhealthyApplications | The maximum allowed percentage of applications health degradation allowed during cluster upgrades. The delta is measured between the state of the applications at the beginning of upgrade and the state of the applications at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. System services are not included in this. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentDeltaUnhealthyNodes | The maximum allowed percentage of nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the nodes at the beginning of upgrade and the state of the nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUpgradeDomainDeltaUnhealthyNodes | The maximum allowed percentage of upgrade domain nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the upgrade domain nodes at the beginning of upgrade and the state of the upgrade domain nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion for all completed upgrade domains to make sure the state of the upgrade domains is within tolerated limits. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentDeltaUnhealthyApplications | The maximum allowed percentage of applications health degradation allowed during cluster upgrades. The delta is measured between the state of the applications at the beginning of upgrade and the state of the applications at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. System services are not included in this. NOTE: This value will overwrite the value specified in properties.UpgradeDescription.HealthPolicy.MaxPercentUnhealthyApplications |
int Constraints: Min value = 0 Max value = 100 |
maxPercentDeltaUnhealthyNodes | The maximum allowed percentage of nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the nodes at the beginning of upgrade and the state of the nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUpgradeDomainDeltaUnhealthyNodes | The maximum allowed percentage of upgrade domain nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the upgrade domain nodes at the beginning of upgrade and the state of the upgrade domain nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion for all completed upgrade domains to make sure the state of the upgrade domains is within tolerated limits. |
int Constraints: Min value = 0 Max value = 100 |
ApplicationDeltaHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ApplicationDeltaHealthPolicy |
ApplicationDeltaHealthPolicy
Name | Description | Value |
---|---|---|
defaultServiceTypeDeltaHealthPolicy | The delta health policy used by default to evaluate the health of a service type when upgrading the cluster. | ServiceTypeDeltaHealthPolicy |
serviceTypeDeltaHealthPolicies | The map with service type delta health policy per service type name. The map is empty by default. | ServiceTypeDeltaHealthPolicyMap |
ServiceTypeDeltaHealthPolicy
Name | Description | Value |
---|---|---|
maxPercentDeltaUnhealthyServices | The maximum allowed percentage of services health degradation allowed during cluster upgrades. The delta is measured between the state of the services at the beginning of upgrade and the state of the services at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. |
int Constraints: Min value = 0 Max value = 100 |
ServiceTypeDeltaHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ServiceTypeDeltaHealthPolicy |
ClusterHealthPolicy
Name | Description | Value |
---|---|---|
applicationHealthPolicies | Defines the application health policy map used to evaluate the health of an application or one of its children entities. | ApplicationHealthPolicyMap |
maxPercentUnhealthyApplications | The maximum allowed percentage of unhealthy applications before reporting an error. For example, to allow 10% of applications to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of applications that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy application, the health is evaluated as Warning. This is calculated by dividing the number of unhealthy applications over the total number of application instances in the cluster, excluding applications of application types that are included in the ApplicationTypeHealthPolicyMap. The computation rounds up to tolerate one failure on small numbers of applications. Default percentage is zero. |
int Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyNodes | The maximum allowed percentage of unhealthy nodes before reporting an error. For example, to allow 10% of nodes to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of nodes that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy node, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy nodes over the total number of nodes in the cluster. The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero. In large clusters, some nodes will always be down or out for repairs, so this percentage should be configured to tolerate that. |
int Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyApplications | The maximum allowed percentage of unhealthy applications before reporting an error. For example, to allow 10% of applications to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of applications that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy application, the health is evaluated as Warning. This is calculated by dividing the number of unhealthy applications over the total number of application instances in the cluster, excluding applications of application types that are included in the ApplicationTypeHealthPolicyMap. The computation rounds up to tolerate one failure on small numbers of applications. Default percentage is zero. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyNodes | The maximum allowed percentage of unhealthy nodes before reporting an error. For example, to allow 10% of nodes to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of nodes that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy node, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy nodes over the total number of nodes in the cluster. The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero. In large clusters, some nodes will always be down or out for repairs, so this percentage should be configured to tolerate that. |
int (required) Constraints: Min value = 0 Max value = 100 |
ApplicationHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ApplicationHealthPolicy |
ApplicationHealthPolicy
Name | Description | Value |
---|---|---|
defaultServiceTypeHealthPolicy | The health policy used by default to evaluate the health of a service type. | ServiceTypeHealthPolicy |
serviceTypeHealthPolicies | The map with service type health policy per service type name. The map is empty by default. | ServiceTypeHealthPolicyMap |
considerWarningAsError | Indicates whether warnings are treated with the same severity as errors. | bool (required) |
defaultServiceTypeHealthPolicy | The health policy used by default to evaluate the health of a service type. | ServiceTypeHealthPolicy |
maxPercentUnhealthyDeployedApplications | The maximum allowed percentage of unhealthy deployed applications. Allowed values are Byte values from zero to 100. The percentage represents the maximum tolerated percentage of deployed applications that can be unhealthy before the application is considered in error. This is calculated by dividing the number of unhealthy deployed applications over the number of nodes where the application is currently deployed on in the cluster. The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero. |
int (required) |
serviceTypeHealthPolicyMap | The map with service type health policy per service type name. The map is empty by default. | ServiceTypeHealthPolicyMap |
ServiceTypeHealthPolicy
Name | Description | Value |
---|---|---|
maxPercentUnhealthyServices | The maximum percentage of services allowed to be unhealthy before your application is considered in error. | int Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyPartitionsPerService | The maximum allowed percentage of unhealthy partitions per service. The percentage represents the maximum tolerated percentage of partitions that can be unhealthy before the service is considered in error. If the percentage is respected but there is at least one unhealthy partition, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy partitions over the total number of partitions in the service. The computation rounds up to tolerate one failure on small numbers of partitions. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyReplicasPerPartition | The maximum allowed percentage of unhealthy replicas per partition. The percentage represents the maximum tolerated percentage of replicas that can be unhealthy before the partition is considered in error. If the percentage is respected but there is at least one unhealthy replica, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy replicas over the total number of replicas in the partition. The computation rounds up to tolerate one failure on small numbers of replicas. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyServices | The maximum allowed percentage of unhealthy services. The percentage represents the maximum tolerated percentage of services that can be unhealthy before the application is considered in error. If the percentage is respected but there is at least one unhealthy service, the health is evaluated as Warning. This is calculated by dividing the number of unhealthy services of the specific service type over the total number of services of the specific service type. The computation rounds up to tolerate one failure on small numbers of services. |
int (required) Constraints: Min value = 0 Max value = 100 |
ServiceTypeHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ServiceTypeHealthPolicy |
ClusterMonitoringPolicy
Name | Description | Value |
---|---|---|
healthCheckRetryTimeout | The amount of time to retry health evaluation when the application or cluster is unhealthy before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckStableDuration | The amount of time that the application or cluster must remain healthy before the upgrade proceeds to the next upgrade domain. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckWaitDuration | The length of time to wait after completing an upgrade domain before performing health checks. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeDomainTimeout | The amount of time each upgrade domain has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeTimeout | The amount of time the overall upgrade has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
Sku
Name | Description | Value |
---|---|---|
name | Sku Name. | 'Basic' 'Standard' (required) |
Terraform (AzAPI provider) resource definition
The managedClusters resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.ServiceFabric/managedClusters resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.ServiceFabric/managedClusters@2023-11-01-preview"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
body = jsonencode({
properties = {
addonFeatures = [
"string"
]
adminPassword = "string"
adminUserName = "string"
allowRdpAccess = bool
applicationTypeVersionsCleanupPolicy = {
maxUnusedVersionsToKeep = int
maxUnusedVersionsToKeep = int
}
auxiliarySubnets = [
{
enableIpv6 = bool
name = "string"
networkSecurityGroupId = "string"
privateEndpointNetworkPolicies = "string"
privateLinkServiceNetworkPolicies = "string"
}
]
azureActiveDirectory = {
clientApplication = "string"
clusterApplication = "string"
tenantId = "string"
clientApplication = "string"
clusterApplication = "string"
tenantId = "string"
}
clientConnectionPort = int
clients = [
{
commonName = "string"
isAdmin = bool
issuerThumbprint = "string"
thumbprint = "string"
}
]
clusterCodeVersion = "string"
clusterUpgradeCadence = "string"
clusterUpgradeMode = "string"
ddosProtectionPlanId = "string"
dnsName = "string"
enableAutoOSUpgrade = bool
enableIpv6 = bool
enableServicePublicIP = bool
fabricSettings = [
{
name = "string"
parameters = [
{
name = "string"
value = "string"
name = "string"
value = "string"
}
]
name = "string"
parameters = [
{
name = "string"
value = "string"
name = "string"
value = "string"
}
]
}
]
httpGatewayConnectionPort = int
ipTags = [
{
ipTagType = "string"
tag = "string"
}
]
loadBalancingRules = [
{
backendPort = int
frontendPort = int
loadDistribution = "string"
probePort = int
probeProtocol = "string"
probeRequestPath = "string"
protocol = "string"
}
]
networkSecurityRules = [
{
access = "string"
description = "string"
destinationAddressPrefix = "string"
destinationAddressPrefixes = [
"string"
]
destinationPortRange = "string"
destinationPortRanges = [
"string"
]
direction = "string"
name = "string"
priority = int
protocol = "string"
sourceAddressPrefix = "string"
sourceAddressPrefixes = [
"string"
]
sourcePortRange = "string"
sourcePortRanges = [
"string"
]
}
]
publicIPPrefixId = "string"
publicIPv6PrefixId = "string"
serviceEndpoints = [
{
locations = [
"string"
]
service = "string"
}
]
subnetId = "string"
upgradeDescription = {
deltaHealthPolicy = {
applicationDeltaHealthPolicies = {
{customized property} = {
defaultServiceTypeDeltaHealthPolicy = {
maxPercentDeltaUnhealthyServices = int
}
serviceTypeDeltaHealthPolicies = {
{customized property} = {
maxPercentDeltaUnhealthyServices = int
}
}
}
}
maxPercentDeltaUnhealthyApplications = int
maxPercentDeltaUnhealthyNodes = int
maxPercentUpgradeDomainDeltaUnhealthyNodes = int
maxPercentDeltaUnhealthyApplications = int
maxPercentDeltaUnhealthyNodes = int
maxPercentUpgradeDomainDeltaUnhealthyNodes = int
}
forceRestart = bool
healthCheckRetryTimeout = "string"
healthCheckStableDuration = "string"
healthCheckWaitDuration = "string"
healthPolicy = {
applicationHealthPolicies = {
{customized property} = {
defaultServiceTypeHealthPolicy = {
maxPercentUnhealthyServices = int
maxPercentUnhealthyPartitionsPerService = int
maxPercentUnhealthyReplicasPerPartition = int
maxPercentUnhealthyServices = int
}
serviceTypeHealthPolicies = {
{customized property} = {
maxPercentUnhealthyServices = int
maxPercentUnhealthyPartitionsPerService = int
maxPercentUnhealthyReplicasPerPartition = int
maxPercentUnhealthyServices = int
}
}
considerWarningAsError = bool
defaultServiceTypeHealthPolicy = {
maxPercentUnhealthyServices = int
maxPercentUnhealthyPartitionsPerService = int
maxPercentUnhealthyReplicasPerPartition = int
maxPercentUnhealthyServices = int
}
maxPercentUnhealthyDeployedApplications = int
serviceTypeHealthPolicyMap = {
{customized property} = {
maxPercentUnhealthyServices = int
maxPercentUnhealthyPartitionsPerService = int
maxPercentUnhealthyReplicasPerPartition = int
maxPercentUnhealthyServices = int
}
}
}
}
maxPercentUnhealthyApplications = int
maxPercentUnhealthyNodes = int
maxPercentUnhealthyApplications = int
maxPercentUnhealthyNodes = int
}
upgradeDomainTimeout = "string"
upgradeReplicaSetCheckTimeout = "string"
upgradeTimeout = "string"
deltaHealthPolicy = {
applicationDeltaHealthPolicies = {
{customized property} = {
defaultServiceTypeDeltaHealthPolicy = {
maxPercentDeltaUnhealthyServices = int
}
serviceTypeDeltaHealthPolicies = {
{customized property} = {
maxPercentDeltaUnhealthyServices = int
}
}
}
}
maxPercentDeltaUnhealthyApplications = int
maxPercentDeltaUnhealthyNodes = int
maxPercentUpgradeDomainDeltaUnhealthyNodes = int
maxPercentDeltaUnhealthyApplications = int
maxPercentDeltaUnhealthyNodes = int
maxPercentUpgradeDomainDeltaUnhealthyNodes = int
}
forceRestart = bool
healthPolicy = {
applicationHealthPolicies = {
{customized property} = {
defaultServiceTypeHealthPolicy = {
maxPercentUnhealthyServices = int
maxPercentUnhealthyPartitionsPerService = int
maxPercentUnhealthyReplicasPerPartition = int
maxPercentUnhealthyServices = int
}
serviceTypeHealthPolicies = {
{customized property} = {
maxPercentUnhealthyServices = int
maxPercentUnhealthyPartitionsPerService = int
maxPercentUnhealthyReplicasPerPartition = int
maxPercentUnhealthyServices = int
}
}
considerWarningAsError = bool
defaultServiceTypeHealthPolicy = {
maxPercentUnhealthyServices = int
maxPercentUnhealthyPartitionsPerService = int
maxPercentUnhealthyReplicasPerPartition = int
maxPercentUnhealthyServices = int
}
maxPercentUnhealthyDeployedApplications = int
serviceTypeHealthPolicyMap = {
{customized property} = {
maxPercentUnhealthyServices = int
maxPercentUnhealthyPartitionsPerService = int
maxPercentUnhealthyReplicasPerPartition = int
maxPercentUnhealthyServices = int
}
}
}
}
maxPercentUnhealthyApplications = int
maxPercentUnhealthyNodes = int
maxPercentUnhealthyApplications = int
maxPercentUnhealthyNodes = int
}
monitoringPolicy = {
healthCheckRetryTimeout = "string"
healthCheckStableDuration = "string"
healthCheckWaitDuration = "string"
upgradeDomainTimeout = "string"
upgradeTimeout = "string"
}
upgradeReplicaSetCheckTimeout = "string"
}
useCustomVnet = bool
zonalResiliency = bool
zonalUpdateMode = "string"
}
sku = {
name = "string"
}
})
}
Property values
managedClusters
Name | Description | Value |
---|---|---|
type | The resource type | "Microsoft.ServiceFabric/managedClusters@2023-11-01-preview" |
name | The resource name | string (required) |
location | Azure resource location. | string (required) |
parent_id | To deploy to a resource group, use the ID of that resource group. | string (required) |
tags | Azure resource tags. | Dictionary of tag names and values. |
sku | The sku of the managed cluster | Sku (required) |
properties | The managed cluster resource properties | ManagedClusterProperties |
ManagedClusterProperties
Name | Description | Value |
---|---|---|
addonFeatures | List of add-on features to enable on the cluster. | String array containing any of: "BackupRestoreService" "DnsService" "ResourceMonitorService" |
adminPassword | VM admin user password. | string Constraints: Sensitive value. Pass in as a secure parameter. |
adminUserName | VM admin user name. | string (required) |
allowRdpAccess | Setting this to true enables RDP access to the VM. The default NSG rule opens RDP port to Internet which can be overridden with custom Network Security Rules. The default value for this setting is false. | bool |
applicationTypeVersionsCleanupPolicy | The policy used to clean up unused versions. | ApplicationTypeVersionsCleanupPolicy |
auxiliarySubnets | Auxiliary subnets for the cluster. | Subnet[] |
azureActiveDirectory | The AAD authentication settings of the cluster. | AzureActiveDirectory |
clientConnectionPort | The port used for client connections to the cluster. | int |
clients | Client certificates that are allowed to manage the cluster. | ClientCertificate[] |
clusterCodeVersion | The Service Fabric runtime version of the cluster. This property is required when clusterUpgradeMode is set to 'Manual'. To get list of available Service Fabric versions for new clusters use ClusterVersion API. To get the list of available version for existing clusters use availableClusterVersions. | string |
clusterUpgradeCadence | Indicates when new cluster runtime version upgrades will be applied after they are released. By default is Wave0. Only applies when clusterUpgradeMode is set to 'Automatic'. | "Wave0" "Wave1" "Wave2" |
clusterUpgradeMode | The upgrade mode of the cluster when new Service Fabric runtime version is available. | "Automatic" "Manual" |
ddosProtectionPlanId | Specify the resource id of a DDoS network protection plan that will be associated with the virtual network of the cluster. | string |
dnsName | The cluster dns name. | string (required) |
enableAutoOSUpgrade | Setting this to true enables automatic OS upgrade for the node types that are created using any platform OS image with version 'latest'. The default value for this setting is false. | bool |
enableIpv6 | Setting this to true creates IPv6 address space for the default VNet used by the cluster. This setting cannot be changed once the cluster is created. The default value for this setting is false. | bool |
enableServicePublicIP | Setting this to true will link the IPv4 address as the ServicePublicIP of the IPv6 address. It can only be set to True if IPv6 is enabled on the cluster. | bool |
fabricSettings | The list of custom fabric settings to configure the cluster. | SettingsSectionDescription[] |
httpGatewayConnectionPort | The port used for HTTP connections to the cluster. | int |
ipTags | The list of IP tags associated with the default public IP address of the cluster. | IPTag[] |
loadBalancingRules | Load balancing rules that are applied to the public load balancer of the cluster. | LoadBalancingRule[] |
networkSecurityRules | Custom Network Security Rules that are applied to the Virtual Network of the cluster. | NetworkSecurityRule[] |
publicIPPrefixId | Specify the resource id of a public IPv4 prefix that the load balancer will allocate a public IPv4 address from. This setting cannot be changed once the cluster is created. | string |
publicIPv6PrefixId | Specify the resource id of a public IPv6 prefix that the load balancer will allocate a public IPv6 address from. This setting cannot be changed once the cluster is created. | string |
serviceEndpoints | Service endpoints for subnets in the cluster. | ServiceEndpoint[] |
subnetId | If specified, the node types for the cluster are created in this subnet instead of the default VNet. The networkSecurityRules specified for the cluster are also applied to this subnet. This setting cannot be changed once the cluster is created. | string |
upgradeDescription | The policy to use when upgrading the cluster. | ClusterUpgradePolicy |
useCustomVnet | For new clusters, this parameter indicates that it uses Bring your own VNet, but the subnet is specified at node type level; and for such clusters, the subnetId property is required for node types. | bool |
zonalResiliency | Indicates if the cluster has zone resiliency. | bool |
zonalUpdateMode | Indicates the update mode for Cross Az clusters. | "Fast" "Standard" |
ApplicationTypeVersionsCleanupPolicy
Name | Description | Value |
---|---|---|
maxUnusedVersionsToKeep | Number of unused versions per application type to keep. | int (required) Constraints: Min value = 0 |
maxUnusedVersionsToKeep | Number of unused versions per application type to keep. | int (required) Constraints: Min value = 0 |
Subnet
Name | Description | Value |
---|---|---|
enableIpv6 | Indicates wether to enable Ipv6 or not. If not provided, it will take the same configuration as the cluster. | bool |
name | Subnet name. | string (required) |
networkSecurityGroupId | Full resource id for the network security group. | string |
privateEndpointNetworkPolicies | Enable or Disable apply network policies on private end point in the subnet. | "disabled" "enabled" |
privateLinkServiceNetworkPolicies | Enable or Disable apply network policies on private link service in the subnet. | "disabled" "enabled" |
AzureActiveDirectory
Name | Description | Value |
---|---|---|
clientApplication | Azure active directory client application id. | string |
clusterApplication | Azure active directory cluster application id. | string |
tenantId | Azure active directory tenant id. | string |
clientApplication | Azure active directory client application id. | string |
clusterApplication | Azure active directory cluster application id. | string |
tenantId | Azure active directory tenant id. | string |
ClientCertificate
Name | Description | Value |
---|---|---|
commonName | Certificate common name. | string |
isAdmin | Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. | bool (required) |
issuerThumbprint | Issuer thumbprint for the certificate. Only used together with CommonName. | string |
thumbprint | Certificate thumbprint. | string |
SettingsSectionDescription
Name | Description | Value |
---|---|---|
name | The section name of the fabric settings. | string (required) |
parameters | The collection of parameters in the section. | SettingsParameterDescription[] (required) |
name | The section name of the fabric settings. | string (required) |
parameters | The collection of parameters in the section. | SettingsParameterDescription[] (required) |
SettingsParameterDescription
Name | Description | Value |
---|---|---|
name | The parameter name of fabric setting. | string (required) |
value | The parameter value of fabric setting. | string (required) |
name | The parameter name of fabric setting. | string (required) |
value | The parameter value of fabric setting. | string (required) |
IPTag
Name | Description | Value |
---|---|---|
ipTagType | The IP tag type. | string (required) |
tag | The value of the IP tag. | string (required) |
LoadBalancingRule
Name | Description | Value |
---|---|---|
backendPort | The port used for internal connections on the endpoint. Acceptable values are between 1 and 65535. | int (required) Constraints: Min value = 1 Max value = 65534 |
frontendPort | The port for the external endpoint. Port numbers for each rule must be unique within the Load Balancer. Acceptable values are between 1 and 65534. | int (required) Constraints: Min value = 1 Max value = 65534 |
loadDistribution | The load distribution policy for this rule. | string |
probePort | The prob port used by the load balancing rule. Acceptable values are between 1 and 65535. | int Constraints: Min value = 1 Max value = 65534 |
probeProtocol | the reference to the load balancer probe used by the load balancing rule. | "http "" https ""tcp" (required) |
probeRequestPath | The probe request path. Only supported for HTTP/HTTPS probes. | string |
protocol | The reference to the transport protocol used by the load balancing rule. | "tcp" "udp" (required) |
NetworkSecurityRule
Name | Description | Value |
---|---|---|
access | The network traffic is allowed or denied. | "allow" "deny" (required) |
description | Network security rule description. | string |
destinationAddressPrefix | The destination address prefix. CIDR or destination IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. | string |
destinationAddressPrefixes | The destination address prefixes. CIDR or destination IP ranges. | string[] |
destinationPortRange | he destination port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
destinationPortRanges | The destination port ranges. | string[] |
direction | Network security rule direction. | "inbound" "outbound" (required) |
name | Network security rule name. | string (required) |
priority | The priority of the rule. The value can be in the range 1000 to 3000. Values outside this range are reserved for Service Fabric ManagerCluster Resource Provider. The priority number must be unique for each rule in the collection. The lower the priority number, the higher the priority of the rule. | int (required) Constraints: Min value = 1000 Max value = 3000 |
protocol | Network protocol this rule applies to. | "ah" "esp" " http "" https ""icmp" "tcp" "udp" (required) |
sourceAddressPrefix | The CIDR or source IP range. Asterisk '*' can also be used to match all source IPs. Default tags such as 'VirtualNetwork', 'AzureLoadBalancer' and 'Internet' can also be used. If this is an ingress rule, specifies where network traffic originates from. | string |
sourceAddressPrefixes | The CIDR or source IP ranges. | string[] |
sourcePortRange | The source port or range. Integer or range between 0 and 65535. Asterisk '*' can also be used to match all ports. | string |
sourcePortRanges | The source port ranges. | string[] |
ServiceEndpoint
Name | Description | Value |
---|---|---|
locations | A list of locations. | string[] |
service | The type of the endpoint service. | string (required) |
ClusterUpgradePolicy
Name | Description | Value |
---|---|---|
deltaHealthPolicy | The cluster delta health policy used when upgrading the cluster. | ClusterUpgradeDeltaHealthPolicy |
forceRestart | If true, then processes are forcefully restarted during upgrade even when the code version has not changed (the upgrade only changes configuration or data). | bool |
healthCheckRetryTimeout | The amount of time to retry health evaluation when the application or cluster is unhealthy before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckStableDuration | The amount of time that the application or cluster must remain healthy before the upgrade proceeds to the next upgrade domain. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckWaitDuration | The length of time to wait after completing an upgrade domain before performing health checks. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthPolicy | The cluster health policy used when upgrading the cluster. | ClusterHealthPolicy (required) |
upgradeDomainTimeout | The amount of time each upgrade domain has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeReplicaSetCheckTimeout | The maximum amount of time to block processing of an upgrade domain and prevent loss of availability when there are unexpected issues. When this timeout expires, processing of the upgrade domain will proceed regardless of availability loss issues. The timeout is reset at the start of each upgrade domain. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeTimeout | The amount of time the overall upgrade has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
deltaHealthPolicy | The cluster delta health policy defines a health policy used to evaluate the health of the cluster during a cluster upgrade. | ClusterUpgradeDeltaHealthPolicy |
forceRestart | If true, then processes are forcefully restarted during upgrade even when the code version has not changed (the upgrade only changes configuration or data). | bool |
healthPolicy | The cluster health policy defines a health policy used to evaluate the health of the cluster during a cluster upgrade. | ClusterHealthPolicy |
monitoringPolicy | The cluster monitoring policy describes the parameters for monitoring an upgrade in Monitored mode. | ClusterMonitoringPolicy |
upgradeReplicaSetCheckTimeout | The maximum amount of time to block processing of an upgrade domain and prevent loss of availability when there are unexpected issues. When this timeout expires, processing of the upgrade domain will proceed regardless of availability loss issues. The timeout is reset at the start of each upgrade domain. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. This value must be between 00:00:00 and 49710.06:28:15 (unsigned 32 bit integer for seconds) |
string |
ClusterUpgradeDeltaHealthPolicy
Name | Description | Value |
---|---|---|
applicationDeltaHealthPolicies | Defines the application delta health policy map used to evaluate the health of an application or one of its child entities when upgrading the cluster. | ApplicationDeltaHealthPolicyMap |
maxPercentDeltaUnhealthyApplications | The maximum allowed percentage of applications health degradation allowed during cluster upgrades. The delta is measured between the state of the applications at the beginning of upgrade and the state of the applications at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. System services are not included in this. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentDeltaUnhealthyNodes | The maximum allowed percentage of nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the nodes at the beginning of upgrade and the state of the nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUpgradeDomainDeltaUnhealthyNodes | The maximum allowed percentage of upgrade domain nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the upgrade domain nodes at the beginning of upgrade and the state of the upgrade domain nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion for all completed upgrade domains to make sure the state of the upgrade domains is within tolerated limits. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentDeltaUnhealthyApplications | The maximum allowed percentage of applications health degradation allowed during cluster upgrades. The delta is measured between the state of the applications at the beginning of upgrade and the state of the applications at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. System services are not included in this. NOTE: This value will overwrite the value specified in properties.UpgradeDescription.HealthPolicy.MaxPercentUnhealthyApplications |
int Constraints: Min value = 0 Max value = 100 |
maxPercentDeltaUnhealthyNodes | The maximum allowed percentage of nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the nodes at the beginning of upgrade and the state of the nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUpgradeDomainDeltaUnhealthyNodes | The maximum allowed percentage of upgrade domain nodes health degradation allowed during cluster upgrades. The delta is measured between the state of the upgrade domain nodes at the beginning of upgrade and the state of the upgrade domain nodes at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion for all completed upgrade domains to make sure the state of the upgrade domains is within tolerated limits. |
int Constraints: Min value = 0 Max value = 100 |
ApplicationDeltaHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ApplicationDeltaHealthPolicy |
ApplicationDeltaHealthPolicy
Name | Description | Value |
---|---|---|
defaultServiceTypeDeltaHealthPolicy | The delta health policy used by default to evaluate the health of a service type when upgrading the cluster. | ServiceTypeDeltaHealthPolicy |
serviceTypeDeltaHealthPolicies | The map with service type delta health policy per service type name. The map is empty by default. | ServiceTypeDeltaHealthPolicyMap |
ServiceTypeDeltaHealthPolicy
Name | Description | Value |
---|---|---|
maxPercentDeltaUnhealthyServices | The maximum allowed percentage of services health degradation allowed during cluster upgrades. The delta is measured between the state of the services at the beginning of upgrade and the state of the services at the time of the health evaluation. The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. |
int Constraints: Min value = 0 Max value = 100 |
ServiceTypeDeltaHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ServiceTypeDeltaHealthPolicy |
ClusterHealthPolicy
Name | Description | Value |
---|---|---|
applicationHealthPolicies | Defines the application health policy map used to evaluate the health of an application or one of its children entities. | ApplicationHealthPolicyMap |
maxPercentUnhealthyApplications | The maximum allowed percentage of unhealthy applications before reporting an error. For example, to allow 10% of applications to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of applications that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy application, the health is evaluated as Warning. This is calculated by dividing the number of unhealthy applications over the total number of application instances in the cluster, excluding applications of application types that are included in the ApplicationTypeHealthPolicyMap. The computation rounds up to tolerate one failure on small numbers of applications. Default percentage is zero. |
int Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyNodes | The maximum allowed percentage of unhealthy nodes before reporting an error. For example, to allow 10% of nodes to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of nodes that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy node, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy nodes over the total number of nodes in the cluster. The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero. In large clusters, some nodes will always be down or out for repairs, so this percentage should be configured to tolerate that. |
int Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyApplications | The maximum allowed percentage of unhealthy applications before reporting an error. For example, to allow 10% of applications to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of applications that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy application, the health is evaluated as Warning. This is calculated by dividing the number of unhealthy applications over the total number of application instances in the cluster, excluding applications of application types that are included in the ApplicationTypeHealthPolicyMap. The computation rounds up to tolerate one failure on small numbers of applications. Default percentage is zero. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyNodes | The maximum allowed percentage of unhealthy nodes before reporting an error. For example, to allow 10% of nodes to be unhealthy, this value would be 10. The percentage represents the maximum tolerated percentage of nodes that can be unhealthy before the cluster is considered in error. If the percentage is respected but there is at least one unhealthy node, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy nodes over the total number of nodes in the cluster. The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero. In large clusters, some nodes will always be down or out for repairs, so this percentage should be configured to tolerate that. |
int (required) Constraints: Min value = 0 Max value = 100 |
ApplicationHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ApplicationHealthPolicy |
ApplicationHealthPolicy
Name | Description | Value |
---|---|---|
defaultServiceTypeHealthPolicy | The health policy used by default to evaluate the health of a service type. | ServiceTypeHealthPolicy |
serviceTypeHealthPolicies | The map with service type health policy per service type name. The map is empty by default. | ServiceTypeHealthPolicyMap |
considerWarningAsError | Indicates whether warnings are treated with the same severity as errors. | bool (required) |
defaultServiceTypeHealthPolicy | The health policy used by default to evaluate the health of a service type. | ServiceTypeHealthPolicy |
maxPercentUnhealthyDeployedApplications | The maximum allowed percentage of unhealthy deployed applications. Allowed values are Byte values from zero to 100. The percentage represents the maximum tolerated percentage of deployed applications that can be unhealthy before the application is considered in error. This is calculated by dividing the number of unhealthy deployed applications over the number of nodes where the application is currently deployed on in the cluster. The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero. |
int (required) |
serviceTypeHealthPolicyMap | The map with service type health policy per service type name. The map is empty by default. | ServiceTypeHealthPolicyMap |
ServiceTypeHealthPolicy
Name | Description | Value |
---|---|---|
maxPercentUnhealthyServices | The maximum percentage of services allowed to be unhealthy before your application is considered in error. | int Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyPartitionsPerService | The maximum allowed percentage of unhealthy partitions per service. The percentage represents the maximum tolerated percentage of partitions that can be unhealthy before the service is considered in error. If the percentage is respected but there is at least one unhealthy partition, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy partitions over the total number of partitions in the service. The computation rounds up to tolerate one failure on small numbers of partitions. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyReplicasPerPartition | The maximum allowed percentage of unhealthy replicas per partition. The percentage represents the maximum tolerated percentage of replicas that can be unhealthy before the partition is considered in error. If the percentage is respected but there is at least one unhealthy replica, the health is evaluated as Warning. The percentage is calculated by dividing the number of unhealthy replicas over the total number of replicas in the partition. The computation rounds up to tolerate one failure on small numbers of replicas. |
int (required) Constraints: Min value = 0 Max value = 100 |
maxPercentUnhealthyServices | The maximum allowed percentage of unhealthy services. The percentage represents the maximum tolerated percentage of services that can be unhealthy before the application is considered in error. If the percentage is respected but there is at least one unhealthy service, the health is evaluated as Warning. This is calculated by dividing the number of unhealthy services of the specific service type over the total number of services of the specific service type. The computation rounds up to tolerate one failure on small numbers of services. |
int (required) Constraints: Min value = 0 Max value = 100 |
ServiceTypeHealthPolicyMap
Name | Description | Value |
---|---|---|
{customized property} | ServiceTypeHealthPolicy |
ClusterMonitoringPolicy
Name | Description | Value |
---|---|---|
healthCheckRetryTimeout | The amount of time to retry health evaluation when the application or cluster is unhealthy before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckStableDuration | The amount of time that the application or cluster must remain healthy before the upgrade proceeds to the next upgrade domain. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
healthCheckWaitDuration | The length of time to wait after completing an upgrade domain before performing health checks. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeDomainTimeout | The amount of time each upgrade domain has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
upgradeTimeout | The amount of time the overall upgrade has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. | string (required) |
Sku
Name | Description | Value |
---|---|---|
name | Sku Name. | "Basic" "Standard" (required) |