I am planning to use service fabric chaos to test my service, however starting it gives me the following error:
Start-ServiceFabricChaos : An error occurred during this operation. Please check the trace logs for more details.
At line:1 char:1
+ Start-ServiceFabricChaos -TimeToRunMinute 60 -MaxConcurrentFaults 3 - ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (Microsoft.Servi...usterConnection:ClusterConnection) [Start-ServiceFabricChaos], FabricException
+ FullyQualifiedErrorId : StartChaosCommandErrorId,Microsoft.ServiceFabric.Powershell.StartChaos
I don't see any trace files but upon looking at Service Fabric explorer, I don't see the Fault Analysis Service listed under System application. The only system services I see are clustermanagerservice, failovermanagerservice, namingservice.
What is causing the fault analysis service to be missing ?
Control panel shows the following bits installed:
Microsoft Azure Service Fabric 6.2.283.9494
Microsoft Azure Service Fabric SDK 3.1.283.9494
The service only starts if minimum 5 node dev cluster used. After resetting the cluster by following the link here, it worked as expected. All services showed up.
reset SF cluster
Related
I'm currently trying to change the deployment model I have on my project so that I can deploy an existing Service Fabric application using ARM templates and enable Managed Identity in Azure.
During this process, I had to configure the managed identity on the application manifest:
<ManagedIdentities>
<ManagedIdentity Name="SystemAssigned" />
</ManagedIdentities>
and add identity binding policies to each of the services like so:
<Policies>
<IdentityBindingPolicy ServiceIdentityRef="KeyVaultUser" ApplicationIdentityRef="SystemAssigned" />
</Policies>
If I deploy this application manifest to Azure, I have no problems. However, locally is quite different since now I cannot deploy to my local development cluster, and this is the log of the deployment script:
>Application package is registered.
>Removing application package from image store...
>Remove application package succeeded
>Creating application...
>New-ServiceFabricApplication : Application managed identity PrincipalId cannot be null or empty.
>FileName: ManagedApplicationIdentity
>At C:\Program Files\Microsoft SDKs\Service
>Fabric\Tools\PSModule\ServiceFabricSDK\Publish-NewServiceFabricApplication.ps1:466 char:3
>+ New-ServiceFabricApplication -ApplicationName $ApplicationNam ...
>+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> + CategoryInfo : InvalidOperation: (Microsoft.Servi...usterConnection:ClusterConnection) [New-ServiceFabr
> icApplication], FabricException
> + FullyQualifiedErrorId : CreateApplicationInstanceErrorId,Microsoft.ServiceFabric.Powershell.NewApplication
>
>Finished executing script 'Deploy-FabricApplication.ps1'.
As far as I could investigate, there is no way to add the identity binding policies using the services ARM definitions, so those need to be in the manifest.
Any ideas on how to overcome this issue and be able to deploy both to Azure and local clusters?
I have created a new Azure DevOps project. Asp.Net core 2.1, Service Fabric deploy.
First deploy went fine. Without any changes subsequent releases are failing
warnings and error
2018-10-10T08:24:17.8368242Z ##[section]Starting: Deploy Service Fabric Application
2018-10-10T08:24:17.8375072Z ==============================================================================
2018-10-10T08:24:17.8375163Z Task : Service Fabric Application Deployment
2018-10-10T08:24:17.8375234Z Description : Deploy a Service Fabric application to a cluster.
2018-10-10T08:24:17.8375288Z Version : 1.7.22
2018-10-10T08:24:17.8375356Z Author : Microsoft Corporation
2018-10-10T08:24:17.8375410Z Help : [More Information](https://go.microsoft.com/fwlink/?LinkId=820528)
2018-10-10T08:24:17.8375479Z ==============================================================================
2018-10-10T08:24:20.0073284Z Searching for path: D:\a\r1\a\**\drop\projectartifacts\**\PublishProfiles\Cloud.xml
2018-10-10T08:24:20.2879096Z Found path: D:\a\r1\a\Drop\drop\projectartifacts\Application\Voting\PublishProfiles\Cloud.xml
2018-10-10T08:24:20.3657104Z Searching for path: D:\a\r1\a\**\drop\applicationpackage
2018-10-10T08:24:20.4618957Z Found path: D:\a\r1\a\Drop\drop\applicationpackage
2018-10-10T08:24:20.7317155Z Imported cluster client certificate with thumbprint '25826D862588CBFA3D2113D882255156F7233F44'.
2018-10-10T08:25:02.0637557Z ##[warning]Failed to contact Naming Service. Attempting to contact Failover Manager Service...
2018-10-10T08:25:42.0730582Z ##[warning]Failed to contact Failover Manager Service, Attempting to contact FMM...
2018-10-10T08:26:22.0962942Z ##[warning]No such host is known
2018-10-10T08:26:22.2408731Z Service fabric SDK version: 3.2.176.9494.
2018-10-10T08:26:22.4279087Z ##[error]No cluster endpoint is reachable, please check if there is connectivity/firewall/DNS issue.
2018-10-10T08:26:22.4687237Z ##[section]Finishing: Deploy Service Fabric Application
All other devops project releases are failing also for same reason.
Any help to debug appreciated
well, this clearly has nothing to do with the release if all the releases are failing. Something happened to your cluster or to your service endpoint
You would need to check if you can connect to the cluster endpoint manually with powershell, for example (connect-servicefabricluster or something along those lines).
misunderstanding of built in release task.
guess cluster was created by DevOps project create and not release task as I thought.
I am currently investigating VSTS for our CI/CD processes and am having a lot of trouble with deploying anything to our on prem webservers (IIS). All of the documentation I've found says to Create a new Deployment group by using the provided powershell script,as admin which I do, but always get the following error message:
Exception calling "DownloadFile" with "2" argument(s): "The request was aborted: Could not create SSL/TLS secure
channel."
At line:1 char:880
+ ... nalString, $True);}; $WebClient.DownloadFile($Uri, $agentZip);Add-Typ ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : WebException
!Full Error message]1
It feels to me like it's having an issue with downloading the agent,possibly due to the firewall, but our network team have confirmed everything should be alright. Does anyone have any experience or suggestions with what the cause of error message might be?
I have raised a call with Microsoft, but they weren't sure either and suggested I manually download the Agent, which I managed to do successfully and can see an active agent, but that doesn't seem to have any relationship to the Deployment Group and I cant find anything that explains the relationship between Deployment Groups, Deployment Pools, Agent Pools and Agents!
I am really excited to get things working, but this is throwing a spanner in the works - Any help would be gratefully appreciated!!
The deployment agent is the build/release agent too, so you can configure it manually with --deploymentgroup parameter.
You can find the detail code in the provided powershell script:
.\config.cmd --deploymentgroup --deploymentgroupname "{deploy group name}" --agent $env:COMPUTERNAME --runasservice --work '_work' --url 'https://{account}.visualstudio.com/' --projectname '{project name}'
I'm trying to publish a solution to a service fabric cluster, but something's going wrong. I've got access to a party cluster, downloaded the cert and installed. Connecting to Service Fabric Explorer works fine. Connecting to the cluster using Powershell seems to work. But the "Publish Service Fabric Application" dialog in Visual Studio 2017 does not accept the Connection Endpoint and shows a red icon next to the textbox. If I try to publish the solution anyway I get the following output in the console:
WARNING: Failed to contact Naming Service. Attempting to contact Failover Manager Service...
4>WARNING: Failed to contact Failover Manager Service, Attempting to contact FMM...
4>Connect-ServiceFabricCluster : Could not ping any of the provided Service Fabric gateway endpoints.
4>At C:\Users\jnsst\source\repos\Voting\Voting\Scripts\Deploy-FabricApplication.ps1:185 char:16
4>+ ... [void](Connect-ServiceFabricCluster #ClusterConnectionParameters ...
4>+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4> + CategoryInfo : InvalidOperation: (:) [Connect-ServiceFabricCluster], FabricTransientException
4> + FullyQualifiedErrorId : TestClusterConnectionerror.Id,Microsoft.ServiceFabric.Powershell.ConnectCluster
4>
4>WARNING: Unable to Verify connection to Service Fabric cluster.
4>Test-ServiceFabricClusterConnection : Cluster connection instance is null
I've followed all the instructions on learn.microsoft.com, but I'm obviously doing something wrong. Probably some silly small mistake.
I'm running Visual Studio 2017 Community on Windows 10.
Maybe I need to tell Visual Studio where the certs are stored?
Do you have any ideas?
install the certificate in your personal store, make sure it has the private key
make sure your publish profile (cloud.xml) looks similar to this:
<ClusterConnectionParameters
ConnectionEndpoint="mycluster.westus.cloudapp.azure.com:19000"
X509Credential="true"
ServerCertThumbprint="0123456789012345678901234567890123456789"
FindType="FindByThumbprint"
FindValue="9876543210987654321098765432109876543210"
StoreLocation="CurrentUser"
StoreName="My" />
My app service is
running on Azure
has authentication enabled (API Management - ClientId and Secret)
has a deployment slot called staging
Before we enabled the authentication we could run the following powershell command to swap staging and production slots:
Switch-AzureRmWebAppSlot -SourceSlotName "staging" -DestinationSlotName "production" -Name "app1" -ResourceGroupName "group1" -verbose -SwapWithPreviewAction ApplySlotConfig
Swap with preview allows us to verify the deployed code works with the production configuration settings before switching users over to the newly deployed version.
However, after we enabled authentication to protect our app, we now receive the following error using the SwapWithPreviewAction
Switch-AzureRmWebAppSlot : Swap with Preview cannot be used when one of the slots has site authentication enabled.
At line:3 char:19
+ ... e-Command { Switch-AzureRmWebAppSlot -SourceSlotName "staging" -Desti ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Switch-AzureRmWebAppSlot], CloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.WebApps.Cmdlets.DeploymentSlots.SwitchAzureWebAppSlot
Does anyone know if it is possible to run swaps with authentication enabled? If so, how?
If you are using Authentication Authorization you can't 2 stage swap (aka swap with preview) however you should be able to do regular swap.
The main reason here is that Authentication/Authorization feature relies on having the right hostnames configured so that requests can be redirected back to the application after the authentication handshake.
This is also the reason why authentication/authorization is sticky to the slot.
EDIT
I have included a screenshot that shows the error the API generates for this operation.