How-To: Serie Deploy Secure Azure Service Fabric Cluster with ARM in a CI/CD pipeline

This post serie is about How To installing a secure Service Azure Fabric Cluster (ASF) with Azure Resource Management (ARM) Template and run the ARM from Visual Studio Team Services (VSTS) in a CI/CD pipeline. Also in this serie is how to deploy an Azure Service Fabric Application to the earlier deployed ASF from VSTS with ARM.

Because the post will be too long for a single post, I made a serie of posts about this. The serie of posts is equal to the steps which has to be made. See table below for the different steps/posts. In this post the requirement are mentioned which are needed to fulfill this blog post serie.

The posts will become available in the next 72 hours.

Overview of the steps/posts
01. Create and import the certificates
02. Register SF Application in AAD and create AppKey
03. Generate encrypted AppKey
04. Lookup the service principles
05. Create the Key Vaults with ARM
06. Adjust the SF Application settings
07. Upload certificates to Key Vault
08. Register the Service Fabric System Applications
09. Install SF Cluster with ARM
10. Install the SF Application(s) with ARM
Step 0: Pre requirements
Pre-requirements
01. Azure Subscription you have access to deploy on Keep in mind that running a Service Fabric Cluster is not cheap.
02. Access to VSTS to execute deployment (releases) We going to define multiple environments defined. e.g.: Development, Test, Acceptance and Production.
03. Powershell installed on your machine with CLI tools installed. To get values for input parameters in the release, you need to run some powershell commands.
04. Have a group in Azure Active Directory (AAD), which has users as member who may add secrets to the KeyVault. During setup of an environment there are some manual actions required, one of these steps is adding some secrets to the KeyVault.
05. Certificates for Service Fabric Cluster To make a secure Service Fabric Cluster, it is necessary to have certificates. For the non-production environments, it is possible to use self-signed certificates. For production, it is highly recommended to use certificates trusted by root authority.
06. Service Fabric Application A simple Stateless Service Fabric Application. If you don’t have one of your own, you can find one over here.