How to create a Service Fabric standalone cluster with AWS EC2 instances
Published Aug 06 2019 04:00 PM 1,816 Views
Bronze Contributor
First published on MSDN on May 18, 2017
The Service Fabric for Windows Server deployment (standalone) offers you the option to choose your own environment and create a cluster as part of our "any OS, any cloud" approach with Service Fabric. Creating a cluster in Azure is the easier choice since this is available as a service and manages Service Fabric upgrades for you amongst other things. However, you can use your own PCs on-premise and other cloud providers to create clusters. This post uses Amazon EC2 instances to create a Service Fabric standalone cluster for Windows. There are three steps involved:

1) Create EC2 instances
2) Configure EC2 instances
3) Deploy a Service Fabric cluster.

Let's do them one by one!

1) Create EC2 instances

First log onto http://aws.amazon.com/ . I assume you already have an Amazon account. Click the Services icon, choose EC, and then "Launch Instance". Choose any Amazon Machine Image (AMI) type that you want. In this tutorial, I will be using Microsoft Windows Server 2016 Base. Next, choose an instance type that fits your use case. I am using m4.4*large Type, 16vCUPS, 64 GiB Memory with high network performance.

screenshot_1

Let's move on to "Next: Configure Instance Details". There are many fields that are needed to be completed here, as seen below, and some of the fields require extra setup. I will go through each of them.

screenshot_8

I want to create a three node Service Fabric cluster so I need three instances. Set the number of instances to 3. Then, in the network section, you need to create a new VPC. Here is an example of how you would do that:

screenshot_3

Choose the fabric-VPC you just created in "Configure Instance Details". The Subnet field states that "A Subnet is required when launching into a VPC". I will be using Simple AD and it requires two subnets, so I will create a two of them.

First Subnet:

screenshot_5

Second Subnet:

screenshot_6

Next, go back to "Configure Instance Detail" page, and set auto-assign public IP to "Enabled". There is no need to set placement group. Domain join directory is not mandatory in Service Fabric. But in order to get Service Fabric cluster to come up, each VM in the cluster needs to share the same credentials. Since an Amazon EC2 Instance by default creates the password randomly, to make it easier I will use domain join here. Here is how I create a Simple AD:

screenshot_7

Go to this link to create a new IAM policy: https://console.aws.amazon.com/iam/home?region=us-west-2#/policies . You should choose "Create your own policy" and name it "allow-all-ssm". Attach this JSON to the policy document area.
{
"Version":"2012-10-17",
"Statement": [
{
"Sid": "AllowaccesstoSSM",
"Effect": "Allow",
"Action": [
"ssm:DescribeAssociations",
"ssm:ListAssociations",
"ssm:GetDocument",
"ssm:UpdateAssociationStatus",
"ds:CreateComputer",
"ec2:DescribeInstancesStatus"
],
"Resource": [
"*"
]
}]
}



Go back to the "Configure Instance Details" page and create a new IAM role. Choose Amazon EC2. Attach AdministratorAccess, AmazonSSMFullAccess, and the new policy that you just created, allow-all-ssm .

Now "Configure Instance Details" is all set. You can feel free to skip Add Storage and Add Tags. Jump to Configure Security Group. You should create a new security group. Keep the existing RDP type. Add a new one with Custom ICMP type; set the protocol to Echo request. Set the source to Anywhere. Add another All traffic type and set the source to Custom. Once everything is done, you can "Review and Launch".



2) Configure EC2 Instances

Once the VMs are launched, there are a few more things that you need to change. Log in to each of them with your admin domain joined credentials. For each VM, go to Windows Firewall with Advanced Security. Choose inbound Rules, create a new rule to allow ICMPv4 for any IP address.

Inbound -> Custom -> All programs -> ICMPv4 Protocol -> Next -> Choose Any IP Address for both local and remote -> allow the connection -> apply to domain, private and public -> name it and finish.

Also for each VM, you need to enable file share and need to ensure that the RemoteRegistry Service is enabled. Once these are all set, try to ping the private IP from one instance to the other two. If it works, congratulations! The virtual machines are now ready for deploying a Service Fabric cluster.



3) Deploy a Service Fabric Cluster

The most exciting step! Go to: http://go.microsoft.com/fwlink/?LinkId=730690 to download Service Fabric for Windows Server standalone package and copy this to one of the EC2 instances. Follow the instruction here: https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-creation-for-w... to create a cluster. Note when you modify the IP address in the clusterConfig.json , use the private IP of the instances instead of the public IP.

If you run into issues setting this up, go to our Github issue page or StackOverflow and post an issue or question. Also try this out on Azure , where it is super easy to create 1 node clusters, through to 1000 node clusters, that are fully managed and can be scaled in and out with PowerShell commands.
Version history
Last update:
‎Aug 06 2019 04:00 PM
Updated by: