Microsoft.ServiceFabric clusters 2020-12-01-preview

Bicep resource definition

The clusters resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.ServiceFabric/clusters resource, add the following Bicep to your template.

resource symbolicname 'Microsoft.ServiceFabric/clusters@2020-12-01-preview' = {
  name: 'string'
  location: 'string'
  tags: {
    tagName1: 'tagValue1'
    tagName2: 'tagValue2'
  }
  properties: {
    addOnFeatures: [
      'string'
    ]
    applicationTypeVersionsCleanupPolicy: {
      maxUnusedVersionsToKeep: int
    }
    azureActiveDirectory: {
      clientApplication: 'string'
      clusterApplication: 'string'
      tenantId: 'string'
    }
    certificate: {
      thumbprint: 'string'
      thumbprintSecondary: 'string'
      x509StoreName: 'string'
    }
    certificateCommonNames: {
      commonNames: [
        {
          certificateCommonName: 'string'
          certificateIssuerThumbprint: 'string'
        }
      ]
      x509StoreName: 'string'
    }
    clientCertificateCommonNames: [
      {
        certificateCommonName: 'string'
        certificateIssuerThumbprint: 'string'
        isAdmin: bool
      }
    ]
    clientCertificateThumbprints: [
      {
        certificateThumbprint: 'string'
        isAdmin: bool
      }
    ]
    clusterCodeVersion: 'string'
    diagnosticsStorageAccountConfig: {
      blobEndpoint: 'string'
      protectedAccountKeyName: 'string'
      protectedAccountKeyName2: 'string'
      queueEndpoint: 'string'
      storageAccountName: 'string'
      tableEndpoint: 'string'
    }
    eventStoreServiceEnabled: bool
    fabricSettings: [
      {
        name: 'string'
        parameters: [
          {
            name: 'string'
            value: 'string'
          }
        ]
      }
    ]
    managementEndpoint: 'string'
    nodeTypes: [
      {
        applicationPorts: {
          endPort: int
          startPort: int
        }
        capacities: {
          {customized property}: 'string'
        }
        clientConnectionEndpointPort: int
        durabilityLevel: 'string'
        ephemeralPorts: {
          endPort: int
          startPort: int
        }
        httpGatewayEndpointPort: int
        isPrimary: bool
        name: 'string'
        placementProperties: {
          {customized property}: 'string'
        }
        reverseProxyEndpointPort: int
        vmInstanceCount: int
      }
    ]
    reliabilityLevel: 'string'
    reverseProxyCertificate: {
      thumbprint: 'string'
      thumbprintSecondary: 'string'
      x509StoreName: 'string'
    }
    reverseProxyCertificateCommonNames: {
      commonNames: [
        {
          certificateCommonName: 'string'
          certificateIssuerThumbprint: 'string'
        }
      ]
      x509StoreName: 'string'
    }
    upgradeDescription: {
      deltaHealthPolicy: {
        applicationDeltaHealthPolicies: {
          {customized property}: {
            defaultServiceTypeDeltaHealthPolicy: {
              maxPercentDeltaUnhealthyServices: int
            }
            serviceTypeDeltaHealthPolicies: {
              {customized property}: {
                maxPercentDeltaUnhealthyServices: int
              }
            }
          }
        }
        maxPercentDeltaUnhealthyApplications: int
        maxPercentDeltaUnhealthyNodes: int
        maxPercentUpgradeDomainDeltaUnhealthyNodes: int
      }
      forceRestart: bool
      healthCheckRetryTimeout: 'string'
      healthCheckStableDuration: 'string'
      healthCheckWaitDuration: 'string'
      healthPolicy: {
        applicationHealthPolicies: {
          {customized property}: {
            defaultServiceTypeHealthPolicy: {
              maxPercentUnhealthyServices: int
            }
            serviceTypeHealthPolicies: {
              {customized property}: {
                maxPercentUnhealthyServices: int
              }
            }
          }
        }
        maxPercentUnhealthyApplications: int
        maxPercentUnhealthyNodes: int
      }
      upgradeDomainTimeout: 'string'
      upgradeReplicaSetCheckTimeout: 'string'
      upgradeTimeout: 'string'
    }
    upgradeMode: 'string'
    vmImage: 'string'
  }
}

Property values

clusters

Name Description Value
name The resource name string (required)

Character limit: 4-23

Valid characters:
Lowercase letters, numbers, and hyphens.

Start with lowercase letter. End with lowercase letter or number.
location Azure resource location. string (required)
tags Azure resource tags. Dictionary of tag names and values. See Tags in templates
properties The cluster resource properties ClusterProperties

ClusterProperties

Name Description Value
addOnFeatures The list of add-on features to enable in the cluster. String array containing any of:
'BackupRestoreService'
'DnsService'
'RepairManager'
'ResourceMonitorService'
applicationTypeVersionsCleanupPolicy The policy used to clean up unused versions. ApplicationTypeVersionsCleanupPolicy
azureActiveDirectory The AAD authentication settings of the cluster. AzureActiveDirectory
certificate The certificate to use for securing the cluster. The certificate provided will be used for node to node security within the cluster, SSL certificate for cluster management endpoint and default admin client. CertificateDescription
certificateCommonNames Describes a list of server certificates referenced by common name that are used to secure the cluster. ServerCertificateCommonNames
clientCertificateCommonNames The list of client certificates referenced by common name that are allowed to manage the cluster. ClientCertificateCommonName[]
clientCertificateThumbprints The list of client certificates referenced by thumbprint that are allowed to manage the cluster. ClientCertificateThumbprint[]
clusterCodeVersion The Service Fabric runtime version of the cluster. This property can only by set the user when upgradeMode is set to 'Manual'. To get list of available Service Fabric versions for new clusters use ClusterVersion API. To get the list of available version for existing clusters use availableClusterVersions. string
diagnosticsStorageAccountConfig The storage account information for storing Service Fabric diagnostic logs. DiagnosticsStorageAccountConfig
eventStoreServiceEnabled Indicates if the event store service is enabled. bool
fabricSettings The list of custom fabric settings to configure the cluster. SettingsSectionDescription[]
managementEndpoint The http management endpoint of the cluster. string (required)
nodeTypes The list of node types in the cluster. NodeTypeDescription[] (required)
reliabilityLevel The reliability level sets the replica set size of system services. Learn about ReliabilityLevel.

- None - Run the System services with a target replica set count of 1. This should only be used for test clusters.
- Bronze - Run the System services with a target replica set count of 3. This should only be used for test clusters.
- Silver - Run the System services with a target replica set count of 5.
- Gold - Run the System services with a target replica set count of 7.
- Platinum - Run the System services with a target replica set count of 9.
'Bronze'
'Gold'
'None'
'Platinum'
'Silver'
reverseProxyCertificate The server certificate used by reverse proxy. CertificateDescription
reverseProxyCertificateCommonNames Describes a list of server certificates referenced by common name that are used to secure the cluster. ServerCertificateCommonNames
upgradeDescription The policy to use when upgrading the cluster. ClusterUpgradePolicy
upgradeMode The upgrade mode of the cluster when new Service Fabric runtime version is available.

- Automatic - The cluster will be automatically upgraded to the latest Service Fabric runtime version as soon as it is available.
- Manual - The cluster will not be automatically upgraded to the latest Service Fabric runtime version. The cluster is upgraded by setting the clusterCodeVersion property in the cluster resource.
'Automatic'
'Manual'
vmImage The VM image VMSS has been configured with. Generic names such as Windows or Linux can be used. string

ApplicationTypeVersionsCleanupPolicy

Name Description Value
maxUnusedVersionsToKeep Number of unused versions per application type to keep. int (required)

Constraints:
Min value = 0

AzureActiveDirectory

Name Description Value
clientApplication Azure active directory client application id. string
clusterApplication Azure active directory cluster application id. string
tenantId Azure active directory tenant id. string

CertificateDescription

Name Description Value
thumbprint Thumbprint of the primary certificate. string (required)
thumbprintSecondary Thumbprint of the secondary certificate. string
x509StoreName The local certificate store location. 'AddressBook'
'AuthRoot'
'CertificateAuthority'
'Disallowed'
'My'
'Root'
'TrustedPeople'
'TrustedPublisher'

ServerCertificateCommonNames

Name Description Value
commonNames The list of server certificates referenced by common name that are used to secure the cluster. ServerCertificateCommonName[]
x509StoreName The local certificate store location. 'AddressBook'
'AuthRoot'
'CertificateAuthority'
'Disallowed'
'My'
'Root'
'TrustedPeople'
'TrustedPublisher'

ServerCertificateCommonName

Name Description Value
certificateCommonName The common name of the server certificate. string (required)
certificateIssuerThumbprint The issuer thumbprint of the server certificate. string (required)

ClientCertificateCommonName

Name Description Value
certificateCommonName The common name of the client certificate. string (required)
certificateIssuerThumbprint The issuer thumbprint of the client certificate. string (required)
isAdmin Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. bool (required)

ClientCertificateThumbprint

Name Description Value
certificateThumbprint The thumbprint of the client certificate. string (required)
isAdmin Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. bool (required)

DiagnosticsStorageAccountConfig

Name Description Value
blobEndpoint The blob endpoint of the azure storage account. string (required)
protectedAccountKeyName The protected diagnostics storage key name. string (required)
protectedAccountKeyName2 The secondary protected diagnostics storage key name. If one of the storage account keys is rotated the cluster will fallback to using the other. string
queueEndpoint The queue endpoint of the azure storage account. string (required)
storageAccountName The Azure storage account name. string (required)
tableEndpoint The table endpoint of the azure storage account. string (required)

SettingsSectionDescription

Name Description Value
name The section name of the fabric settings. string (required)
parameters The collection of parameters in the section. SettingsParameterDescription[] (required)

SettingsParameterDescription

Name Description Value
name The parameter name of fabric setting. string (required)
value The parameter value of fabric setting. string (required)

NodeTypeDescription

Name Description Value
applicationPorts The range of ports from which cluster assigned port to Service Fabric applications. EndpointRangeDescription
capacities The capacity tags applied to the nodes in the node type, the cluster resource manager uses these tags to understand how much resource a node has. NodeTypeDescriptionCapacities
clientConnectionEndpointPort The TCP cluster management endpoint port. int (required)
durabilityLevel The durability level of the node type. Learn about DurabilityLevel.

- Bronze - No privileges. This is the default.
- Silver - The infrastructure jobs can be paused for a duration of 10 minutes per UD.
- Gold - The infrastructure jobs can be paused for a duration of 2 hours per UD. Gold durability can be enabled only on full node VM skus like D15_V2, G5 etc.
'Bronze'
'Gold'
'Silver'
ephemeralPorts The range of ephemeral ports that nodes in this node type should be configured with. EndpointRangeDescription
httpGatewayEndpointPort The HTTP cluster management endpoint port. int (required)
isPrimary The node type on which system services will run. Only one node type should be marked as primary. Primary node type cannot be deleted or changed for existing clusters. bool (required)
name The name of the node type. string (required)
placementProperties The placement tags applied to nodes in the node type, which can be used to indicate where certain services (workload) should run. NodeTypeDescriptionPlacementProperties
reverseProxyEndpointPort The endpoint used by reverse proxy. int
vmInstanceCount The number of nodes in the node type. This count should match the capacity property in the corresponding VirtualMachineScaleSet resource. int (required)

Constraints:
Min value = 1
Max value = 2147483647

EndpointRangeDescription

Name Description Value
endPort End port of a range of ports int (required)
startPort Starting port of a range of ports int (required)

NodeTypeDescriptionCapacities

Name Description Value
{customized property} string

NodeTypeDescriptionPlacementProperties

Name Description Value
{customized property} string

ClusterUpgradePolicy

Name Description Value
deltaHealthPolicy The cluster delta health policy used when upgrading the cluster. ClusterUpgradeDeltaHealthPolicy
forceRestart If true, then processes are forcefully restarted during upgrade even when the code version has not changed (the upgrade only changes configuration or data). bool
healthCheckRetryTimeout The amount of time to retry health evaluation when the application or cluster is unhealthy before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
healthCheckStableDuration The amount of time that the application or cluster must remain healthy before the upgrade proceeds to the next upgrade domain. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
healthCheckWaitDuration The length of time to wait after completing an upgrade domain before performing health checks. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
healthPolicy The cluster health policy used when upgrading the cluster. ClusterHealthPolicy (required)
upgradeDomainTimeout The amount of time each upgrade domain has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
upgradeReplicaSetCheckTimeout The maximum amount of time to block processing of an upgrade domain and prevent loss of availability when there are unexpected issues. When this timeout expires, processing of the upgrade domain will proceed regardless of availability loss issues. The timeout is reset at the start of each upgrade domain. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
upgradeTimeout The amount of time the overall upgrade has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)

ClusterUpgradeDeltaHealthPolicy

Name Description Value
applicationDeltaHealthPolicies Defines the application delta health policy map used to evaluate the health of an application or one of its child entities when upgrading the cluster. ApplicationDeltaHealthPolicyMap
maxPercentDeltaUnhealthyApplications The maximum allowed percentage of applications health degradation allowed during cluster upgrades.
The delta is measured between the state of the applications at the beginning of upgrade and the state of the applications at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. System services are not included in this.
int (required)

Constraints:
Min value = 0
Max value = 100
maxPercentDeltaUnhealthyNodes The maximum allowed percentage of nodes health degradation allowed during cluster upgrades.
The delta is measured between the state of the nodes at the beginning of upgrade and the state of the nodes at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits.
int (required)

Constraints:
Min value = 0
Max value = 100
maxPercentUpgradeDomainDeltaUnhealthyNodes The maximum allowed percentage of upgrade domain nodes health degradation allowed during cluster upgrades.
The delta is measured between the state of the upgrade domain nodes at the beginning of upgrade and the state of the upgrade domain nodes at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion for all completed upgrade domains to make sure the state of the upgrade domains is within tolerated limits.
int (required)

Constraints:
Min value = 0
Max value = 100

ApplicationDeltaHealthPolicyMap

Name Description Value
{customized property} ApplicationDeltaHealthPolicy

ApplicationDeltaHealthPolicy

Name Description Value
defaultServiceTypeDeltaHealthPolicy The delta health policy used by default to evaluate the health of a service type when upgrading the cluster. ServiceTypeDeltaHealthPolicy
serviceTypeDeltaHealthPolicies The map with service type delta health policy per service type name. The map is empty by default. ServiceTypeDeltaHealthPolicyMap

ServiceTypeDeltaHealthPolicy

Name Description Value
maxPercentDeltaUnhealthyServices The maximum allowed percentage of services health degradation allowed during cluster upgrades.
The delta is measured between the state of the services at the beginning of upgrade and the state of the services at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits.
int

Constraints:
Min value = 0
Max value = 100

ServiceTypeDeltaHealthPolicyMap

Name Description Value
{customized property} ServiceTypeDeltaHealthPolicy

ClusterHealthPolicy

Name Description Value
applicationHealthPolicies Defines the application health policy map used to evaluate the health of an application or one of its children entities. ApplicationHealthPolicyMap
maxPercentUnhealthyApplications The maximum allowed percentage of unhealthy applications before reporting an error. For example, to allow 10% of applications to be unhealthy, this value would be 10.

The percentage represents the maximum tolerated percentage of applications that can be unhealthy before the cluster is considered in error.
If the percentage is respected but there is at least one unhealthy application, the health is evaluated as Warning.
This is calculated by dividing the number of unhealthy applications over the total number of application instances in the cluster, excluding applications of application types that are included in the ApplicationTypeHealthPolicyMap.
The computation rounds up to tolerate one failure on small numbers of applications. Default percentage is zero.
int

Constraints:
Min value = 0
Max value = 100
maxPercentUnhealthyNodes The maximum allowed percentage of unhealthy nodes before reporting an error. For example, to allow 10% of nodes to be unhealthy, this value would be 10.

The percentage represents the maximum tolerated percentage of nodes that can be unhealthy before the cluster is considered in error.
If the percentage is respected but there is at least one unhealthy node, the health is evaluated as Warning.
The percentage is calculated by dividing the number of unhealthy nodes over the total number of nodes in the cluster.
The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero.

In large clusters, some nodes will always be down or out for repairs, so this percentage should be configured to tolerate that.
int

Constraints:
Min value = 0
Max value = 100

ApplicationHealthPolicyMap

Name Description Value
{customized property} ApplicationHealthPolicy

ApplicationHealthPolicy

Name Description Value
defaultServiceTypeHealthPolicy The health policy used by default to evaluate the health of a service type. ServiceTypeHealthPolicy
serviceTypeHealthPolicies The map with service type health policy per service type name. The map is empty by default. ServiceTypeHealthPolicyMap

ServiceTypeHealthPolicy

Name Description Value
maxPercentUnhealthyServices The maximum percentage of services allowed to be unhealthy before your application is considered in error. int

Constraints:
Min value = 0
Max value = 100

ServiceTypeHealthPolicyMap

Name Description Value
{customized property} ServiceTypeHealthPolicy

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Deploy a 5 Node Ubuntu Service Fabric Cluster

Deploy to Azure
This template allows you to deploy a secure 5 node Service Fabric Cluster running Ubuntu on a Standard_D2_V2 Size VMSS.
Deploy a 5 Node Secure Cluster

Deploy to Azure
This template allows you to deploy a secure 5 node Service Fabric Cluster running Windows Server 2019 Datacenter on a Standard_D2_v2 Size VMSS.
Deploy a 3 Nodetype Secure Cluster with NSGs enabled

Deploy to Azure
This template allows you to deploy a secure 3 nodetype Service fabric Cluster running Windows server 2016 Data center on a Standard_D2 Size VMs. Use this template allows you ro control the inbound and outbound network traffic using Network Security Groups.

ARM template resource definition

The clusters resource type can be deployed with operations that target:

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.ServiceFabric/clusters resource, add the following JSON to your template.

{
  "type": "Microsoft.ServiceFabric/clusters",
  "apiVersion": "2020-12-01-preview",
  "name": "string",
  "location": "string",
  "tags": {
    "tagName1": "tagValue1",
    "tagName2": "tagValue2"
  },
  "properties": {
    "addOnFeatures": [ "string" ],
    "applicationTypeVersionsCleanupPolicy": {
      "maxUnusedVersionsToKeep": "int"
    },
    "azureActiveDirectory": {
      "clientApplication": "string",
      "clusterApplication": "string",
      "tenantId": "string"
    },
    "certificate": {
      "thumbprint": "string",
      "thumbprintSecondary": "string",
      "x509StoreName": "string"
    },
    "certificateCommonNames": {
      "commonNames": [
        {
          "certificateCommonName": "string",
          "certificateIssuerThumbprint": "string"
        }
      ],
      "x509StoreName": "string"
    },
    "clientCertificateCommonNames": [
      {
        "certificateCommonName": "string",
        "certificateIssuerThumbprint": "string",
        "isAdmin": "bool"
      }
    ],
    "clientCertificateThumbprints": [
      {
        "certificateThumbprint": "string",
        "isAdmin": "bool"
      }
    ],
    "clusterCodeVersion": "string",
    "diagnosticsStorageAccountConfig": {
      "blobEndpoint": "string",
      "protectedAccountKeyName": "string",
      "protectedAccountKeyName2": "string",
      "queueEndpoint": "string",
      "storageAccountName": "string",
      "tableEndpoint": "string"
    },
    "eventStoreServiceEnabled": "bool",
    "fabricSettings": [
      {
        "name": "string",
        "parameters": [
          {
            "name": "string",
            "value": "string"
          }
        ]
      }
    ],
    "managementEndpoint": "string",
    "nodeTypes": [
      {
        "applicationPorts": {
          "endPort": "int",
          "startPort": "int"
        },
        "capacities": {
          "{customized property}": "string"
        },
        "clientConnectionEndpointPort": "int",
        "durabilityLevel": "string",
        "ephemeralPorts": {
          "endPort": "int",
          "startPort": "int"
        },
        "httpGatewayEndpointPort": "int",
        "isPrimary": "bool",
        "name": "string",
        "placementProperties": {
          "{customized property}": "string"
        },
        "reverseProxyEndpointPort": "int",
        "vmInstanceCount": "int"
      }
    ],
    "reliabilityLevel": "string",
    "reverseProxyCertificate": {
      "thumbprint": "string",
      "thumbprintSecondary": "string",
      "x509StoreName": "string"
    },
    "reverseProxyCertificateCommonNames": {
      "commonNames": [
        {
          "certificateCommonName": "string",
          "certificateIssuerThumbprint": "string"
        }
      ],
      "x509StoreName": "string"
    },
    "upgradeDescription": {
      "deltaHealthPolicy": {
        "applicationDeltaHealthPolicies": {
          "{customized property}": {
            "defaultServiceTypeDeltaHealthPolicy": {
              "maxPercentDeltaUnhealthyServices": "int"
            },
            "serviceTypeDeltaHealthPolicies": {
              "{customized property}": {
                "maxPercentDeltaUnhealthyServices": "int"
              }
            }
          }
        },
        "maxPercentDeltaUnhealthyApplications": "int",
        "maxPercentDeltaUnhealthyNodes": "int",
        "maxPercentUpgradeDomainDeltaUnhealthyNodes": "int"
      },
      "forceRestart": "bool",
      "healthCheckRetryTimeout": "string",
      "healthCheckStableDuration": "string",
      "healthCheckWaitDuration": "string",
      "healthPolicy": {
        "applicationHealthPolicies": {
          "{customized property}": {
            "defaultServiceTypeHealthPolicy": {
              "maxPercentUnhealthyServices": "int"
            },
            "serviceTypeHealthPolicies": {
              "{customized property}": {
                "maxPercentUnhealthyServices": "int"
              }
            }
          }
        },
        "maxPercentUnhealthyApplications": "int",
        "maxPercentUnhealthyNodes": "int"
      },
      "upgradeDomainTimeout": "string",
      "upgradeReplicaSetCheckTimeout": "string",
      "upgradeTimeout": "string"
    },
    "upgradeMode": "string",
    "vmImage": "string"
  }
}

Property values

clusters

Name Description Value
type The resource type 'Microsoft.ServiceFabric/clusters'
apiVersion The resource api version '2020-12-01-preview'
name The resource name string (required)

Character limit: 4-23

Valid characters:
Lowercase letters, numbers, and hyphens.

Start with lowercase letter. End with lowercase letter or number.
location Azure resource location. string (required)
tags Azure resource tags. Dictionary of tag names and values. See Tags in templates
properties The cluster resource properties ClusterProperties

ClusterProperties

Name Description Value
addOnFeatures The list of add-on features to enable in the cluster. String array containing any of:
'BackupRestoreService'
'DnsService'
'RepairManager'
'ResourceMonitorService'
applicationTypeVersionsCleanupPolicy The policy used to clean up unused versions. ApplicationTypeVersionsCleanupPolicy
azureActiveDirectory The AAD authentication settings of the cluster. AzureActiveDirectory
certificate The certificate to use for securing the cluster. The certificate provided will be used for node to node security within the cluster, SSL certificate for cluster management endpoint and default admin client. CertificateDescription
certificateCommonNames Describes a list of server certificates referenced by common name that are used to secure the cluster. ServerCertificateCommonNames
clientCertificateCommonNames The list of client certificates referenced by common name that are allowed to manage the cluster. ClientCertificateCommonName[]
clientCertificateThumbprints The list of client certificates referenced by thumbprint that are allowed to manage the cluster. ClientCertificateThumbprint[]
clusterCodeVersion The Service Fabric runtime version of the cluster. This property can only by set the user when upgradeMode is set to 'Manual'. To get list of available Service Fabric versions for new clusters use ClusterVersion API. To get the list of available version for existing clusters use availableClusterVersions. string
diagnosticsStorageAccountConfig The storage account information for storing Service Fabric diagnostic logs. DiagnosticsStorageAccountConfig
eventStoreServiceEnabled Indicates if the event store service is enabled. bool
fabricSettings The list of custom fabric settings to configure the cluster. SettingsSectionDescription[]
managementEndpoint The http management endpoint of the cluster. string (required)
nodeTypes The list of node types in the cluster. NodeTypeDescription[] (required)
reliabilityLevel The reliability level sets the replica set size of system services. Learn about ReliabilityLevel.

- None - Run the System services with a target replica set count of 1. This should only be used for test clusters.
- Bronze - Run the System services with a target replica set count of 3. This should only be used for test clusters.
- Silver - Run the System services with a target replica set count of 5.
- Gold - Run the System services with a target replica set count of 7.
- Platinum - Run the System services with a target replica set count of 9.
'Bronze'
'Gold'
'None'
'Platinum'
'Silver'
reverseProxyCertificate The server certificate used by reverse proxy. CertificateDescription
reverseProxyCertificateCommonNames Describes a list of server certificates referenced by common name that are used to secure the cluster. ServerCertificateCommonNames
upgradeDescription The policy to use when upgrading the cluster. ClusterUpgradePolicy
upgradeMode The upgrade mode of the cluster when new Service Fabric runtime version is available.

- Automatic - The cluster will be automatically upgraded to the latest Service Fabric runtime version as soon as it is available.
- Manual - The cluster will not be automatically upgraded to the latest Service Fabric runtime version. The cluster is upgraded by setting the clusterCodeVersion property in the cluster resource.
'Automatic'
'Manual'
vmImage The VM image VMSS has been configured with. Generic names such as Windows or Linux can be used. string

ApplicationTypeVersionsCleanupPolicy

Name Description Value
maxUnusedVersionsToKeep Number of unused versions per application type to keep. int (required)

Constraints:
Min value = 0

AzureActiveDirectory

Name Description Value
clientApplication Azure active directory client application id. string
clusterApplication Azure active directory cluster application id. string
tenantId Azure active directory tenant id. string

CertificateDescription

Name Description Value
thumbprint Thumbprint of the primary certificate. string (required)
thumbprintSecondary Thumbprint of the secondary certificate. string
x509StoreName The local certificate store location. 'AddressBook'
'AuthRoot'
'CertificateAuthority'
'Disallowed'
'My'
'Root'
'TrustedPeople'
'TrustedPublisher'

ServerCertificateCommonNames

Name Description Value
commonNames The list of server certificates referenced by common name that are used to secure the cluster. ServerCertificateCommonName[]
x509StoreName The local certificate store location. 'AddressBook'
'AuthRoot'
'CertificateAuthority'
'Disallowed'
'My'
'Root'
'TrustedPeople'
'TrustedPublisher'

ServerCertificateCommonName

Name Description Value
certificateCommonName The common name of the server certificate. string (required)
certificateIssuerThumbprint The issuer thumbprint of the server certificate. string (required)

ClientCertificateCommonName

Name Description Value
certificateCommonName The common name of the client certificate. string (required)
certificateIssuerThumbprint The issuer thumbprint of the client certificate. string (required)
isAdmin Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. bool (required)

ClientCertificateThumbprint

Name Description Value
certificateThumbprint The thumbprint of the client certificate. string (required)
isAdmin Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. bool (required)

DiagnosticsStorageAccountConfig

Name Description Value
blobEndpoint The blob endpoint of the azure storage account. string (required)
protectedAccountKeyName The protected diagnostics storage key name. string (required)
protectedAccountKeyName2 The secondary protected diagnostics storage key name. If one of the storage account keys is rotated the cluster will fallback to using the other. string
queueEndpoint The queue endpoint of the azure storage account. string (required)
storageAccountName The Azure storage account name. string (required)
tableEndpoint The table endpoint of the azure storage account. string (required)

SettingsSectionDescription

Name Description Value
name The section name of the fabric settings. string (required)
parameters The collection of parameters in the section. SettingsParameterDescription[] (required)

SettingsParameterDescription

Name Description Value
name The parameter name of fabric setting. string (required)
value The parameter value of fabric setting. string (required)

NodeTypeDescription

Name Description Value
applicationPorts The range of ports from which cluster assigned port to Service Fabric applications. EndpointRangeDescription
capacities The capacity tags applied to the nodes in the node type, the cluster resource manager uses these tags to understand how much resource a node has. NodeTypeDescriptionCapacities
clientConnectionEndpointPort The TCP cluster management endpoint port. int (required)
durabilityLevel The durability level of the node type. Learn about DurabilityLevel.

- Bronze - No privileges. This is the default.
- Silver - The infrastructure jobs can be paused for a duration of 10 minutes per UD.
- Gold - The infrastructure jobs can be paused for a duration of 2 hours per UD. Gold durability can be enabled only on full node VM skus like D15_V2, G5 etc.
'Bronze'
'Gold'
'Silver'
ephemeralPorts The range of ephemeral ports that nodes in this node type should be configured with. EndpointRangeDescription
httpGatewayEndpointPort The HTTP cluster management endpoint port. int (required)
isPrimary The node type on which system services will run. Only one node type should be marked as primary. Primary node type cannot be deleted or changed for existing clusters. bool (required)
name The name of the node type. string (required)
placementProperties The placement tags applied to nodes in the node type, which can be used to indicate where certain services (workload) should run. NodeTypeDescriptionPlacementProperties
reverseProxyEndpointPort The endpoint used by reverse proxy. int
vmInstanceCount The number of nodes in the node type. This count should match the capacity property in the corresponding VirtualMachineScaleSet resource. int (required)

Constraints:
Min value = 1
Max value = 2147483647

EndpointRangeDescription

Name Description Value
endPort End port of a range of ports int (required)
startPort Starting port of a range of ports int (required)

NodeTypeDescriptionCapacities

Name Description Value
{customized property} string

NodeTypeDescriptionPlacementProperties

Name Description Value
{customized property} string

ClusterUpgradePolicy

Name Description Value
deltaHealthPolicy The cluster delta health policy used when upgrading the cluster. ClusterUpgradeDeltaHealthPolicy
forceRestart If true, then processes are forcefully restarted during upgrade even when the code version has not changed (the upgrade only changes configuration or data). bool
healthCheckRetryTimeout The amount of time to retry health evaluation when the application or cluster is unhealthy before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
healthCheckStableDuration The amount of time that the application or cluster must remain healthy before the upgrade proceeds to the next upgrade domain. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
healthCheckWaitDuration The length of time to wait after completing an upgrade domain before performing health checks. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
healthPolicy The cluster health policy used when upgrading the cluster. ClusterHealthPolicy (required)
upgradeDomainTimeout The amount of time each upgrade domain has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
upgradeReplicaSetCheckTimeout The maximum amount of time to block processing of an upgrade domain and prevent loss of availability when there are unexpected issues. When this timeout expires, processing of the upgrade domain will proceed regardless of availability loss issues. The timeout is reset at the start of each upgrade domain. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
upgradeTimeout The amount of time the overall upgrade has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)

ClusterUpgradeDeltaHealthPolicy

Name Description Value
applicationDeltaHealthPolicies Defines the application delta health policy map used to evaluate the health of an application or one of its child entities when upgrading the cluster. ApplicationDeltaHealthPolicyMap
maxPercentDeltaUnhealthyApplications The maximum allowed percentage of applications health degradation allowed during cluster upgrades.
The delta is measured between the state of the applications at the beginning of upgrade and the state of the applications at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. System services are not included in this.
int (required)

Constraints:
Min value = 0
Max value = 100
maxPercentDeltaUnhealthyNodes The maximum allowed percentage of nodes health degradation allowed during cluster upgrades.
The delta is measured between the state of the nodes at the beginning of upgrade and the state of the nodes at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits.
int (required)

Constraints:
Min value = 0
Max value = 100
maxPercentUpgradeDomainDeltaUnhealthyNodes The maximum allowed percentage of upgrade domain nodes health degradation allowed during cluster upgrades.
The delta is measured between the state of the upgrade domain nodes at the beginning of upgrade and the state of the upgrade domain nodes at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion for all completed upgrade domains to make sure the state of the upgrade domains is within tolerated limits.
int (required)

Constraints:
Min value = 0
Max value = 100

ApplicationDeltaHealthPolicyMap

Name Description Value
{customized property} ApplicationDeltaHealthPolicy

ApplicationDeltaHealthPolicy

Name Description Value
defaultServiceTypeDeltaHealthPolicy The delta health policy used by default to evaluate the health of a service type when upgrading the cluster. ServiceTypeDeltaHealthPolicy
serviceTypeDeltaHealthPolicies The map with service type delta health policy per service type name. The map is empty by default. ServiceTypeDeltaHealthPolicyMap

ServiceTypeDeltaHealthPolicy

Name Description Value
maxPercentDeltaUnhealthyServices The maximum allowed percentage of services health degradation allowed during cluster upgrades.
The delta is measured between the state of the services at the beginning of upgrade and the state of the services at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits.
int

Constraints:
Min value = 0
Max value = 100

ServiceTypeDeltaHealthPolicyMap

Name Description Value
{customized property} ServiceTypeDeltaHealthPolicy

ClusterHealthPolicy

Name Description Value
applicationHealthPolicies Defines the application health policy map used to evaluate the health of an application or one of its children entities. ApplicationHealthPolicyMap
maxPercentUnhealthyApplications The maximum allowed percentage of unhealthy applications before reporting an error. For example, to allow 10% of applications to be unhealthy, this value would be 10.

The percentage represents the maximum tolerated percentage of applications that can be unhealthy before the cluster is considered in error.
If the percentage is respected but there is at least one unhealthy application, the health is evaluated as Warning.
This is calculated by dividing the number of unhealthy applications over the total number of application instances in the cluster, excluding applications of application types that are included in the ApplicationTypeHealthPolicyMap.
The computation rounds up to tolerate one failure on small numbers of applications. Default percentage is zero.
int

Constraints:
Min value = 0
Max value = 100
maxPercentUnhealthyNodes The maximum allowed percentage of unhealthy nodes before reporting an error. For example, to allow 10% of nodes to be unhealthy, this value would be 10.

The percentage represents the maximum tolerated percentage of nodes that can be unhealthy before the cluster is considered in error.
If the percentage is respected but there is at least one unhealthy node, the health is evaluated as Warning.
The percentage is calculated by dividing the number of unhealthy nodes over the total number of nodes in the cluster.
The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero.

In large clusters, some nodes will always be down or out for repairs, so this percentage should be configured to tolerate that.
int

Constraints:
Min value = 0
Max value = 100

ApplicationHealthPolicyMap

Name Description Value
{customized property} ApplicationHealthPolicy

ApplicationHealthPolicy

Name Description Value
defaultServiceTypeHealthPolicy The health policy used by default to evaluate the health of a service type. ServiceTypeHealthPolicy
serviceTypeHealthPolicies The map with service type health policy per service type name. The map is empty by default. ServiceTypeHealthPolicyMap

ServiceTypeHealthPolicy

Name Description Value
maxPercentUnhealthyServices The maximum percentage of services allowed to be unhealthy before your application is considered in error. int

Constraints:
Min value = 0
Max value = 100

ServiceTypeHealthPolicyMap

Name Description Value
{customized property} ServiceTypeHealthPolicy

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Deploy a 5 Node Ubuntu Service Fabric Cluster

Deploy to Azure
This template allows you to deploy a secure 5 node Service Fabric Cluster running Ubuntu on a Standard_D2_V2 Size VMSS.
Deploy a 5 Node Secure Cluster

Deploy to Azure
This template allows you to deploy a secure 5 node Service Fabric Cluster running Windows Server 2019 Datacenter on a Standard_D2_v2 Size VMSS.
Deploy a 3 Nodetype Secure Cluster with NSGs enabled

Deploy to Azure
This template allows you to deploy a secure 3 nodetype Service fabric Cluster running Windows server 2016 Data center on a Standard_D2 Size VMs. Use this template allows you ro control the inbound and outbound network traffic using Network Security Groups.

Terraform (AzAPI provider) resource definition

The clusters resource type can be deployed with operations that target:

  • Resource groups

For a list of changed properties in each API version, see change log.

Resource format

To create a Microsoft.ServiceFabric/clusters resource, add the following Terraform to your template.

resource "azapi_resource" "symbolicname" {
  type = "Microsoft.ServiceFabric/clusters@2020-12-01-preview"
  name = "string"
  location = "string"
  parent_id = "string"
  tags = {
    tagName1 = "tagValue1"
    tagName2 = "tagValue2"
  }
  body = jsonencode({
    properties = {
      addOnFeatures = [
        "string"
      ]
      applicationTypeVersionsCleanupPolicy = {
        maxUnusedVersionsToKeep = int
      }
      azureActiveDirectory = {
        clientApplication = "string"
        clusterApplication = "string"
        tenantId = "string"
      }
      certificate = {
        thumbprint = "string"
        thumbprintSecondary = "string"
        x509StoreName = "string"
      }
      certificateCommonNames = {
        commonNames = [
          {
            certificateCommonName = "string"
            certificateIssuerThumbprint = "string"
          }
        ]
        x509StoreName = "string"
      }
      clientCertificateCommonNames = [
        {
          certificateCommonName = "string"
          certificateIssuerThumbprint = "string"
          isAdmin = bool
        }
      ]
      clientCertificateThumbprints = [
        {
          certificateThumbprint = "string"
          isAdmin = bool
        }
      ]
      clusterCodeVersion = "string"
      diagnosticsStorageAccountConfig = {
        blobEndpoint = "string"
        protectedAccountKeyName = "string"
        protectedAccountKeyName2 = "string"
        queueEndpoint = "string"
        storageAccountName = "string"
        tableEndpoint = "string"
      }
      eventStoreServiceEnabled = bool
      fabricSettings = [
        {
          name = "string"
          parameters = [
            {
              name = "string"
              value = "string"
            }
          ]
        }
      ]
      managementEndpoint = "string"
      nodeTypes = [
        {
          applicationPorts = {
            endPort = int
            startPort = int
          }
          capacities = {
            {customized property} = "string"
          }
          clientConnectionEndpointPort = int
          durabilityLevel = "string"
          ephemeralPorts = {
            endPort = int
            startPort = int
          }
          httpGatewayEndpointPort = int
          isPrimary = bool
          name = "string"
          placementProperties = {
            {customized property} = "string"
          }
          reverseProxyEndpointPort = int
          vmInstanceCount = int
        }
      ]
      reliabilityLevel = "string"
      reverseProxyCertificate = {
        thumbprint = "string"
        thumbprintSecondary = "string"
        x509StoreName = "string"
      }
      reverseProxyCertificateCommonNames = {
        commonNames = [
          {
            certificateCommonName = "string"
            certificateIssuerThumbprint = "string"
          }
        ]
        x509StoreName = "string"
      }
      upgradeDescription = {
        deltaHealthPolicy = {
          applicationDeltaHealthPolicies = {
            {customized property} = {
              defaultServiceTypeDeltaHealthPolicy = {
                maxPercentDeltaUnhealthyServices = int
              }
              serviceTypeDeltaHealthPolicies = {
                {customized property} = {
                  maxPercentDeltaUnhealthyServices = int
                }
              }
            }
          }
          maxPercentDeltaUnhealthyApplications = int
          maxPercentDeltaUnhealthyNodes = int
          maxPercentUpgradeDomainDeltaUnhealthyNodes = int
        }
        forceRestart = bool
        healthCheckRetryTimeout = "string"
        healthCheckStableDuration = "string"
        healthCheckWaitDuration = "string"
        healthPolicy = {
          applicationHealthPolicies = {
            {customized property} = {
              defaultServiceTypeHealthPolicy = {
                maxPercentUnhealthyServices = int
              }
              serviceTypeHealthPolicies = {
                {customized property} = {
                  maxPercentUnhealthyServices = int
                }
              }
            }
          }
          maxPercentUnhealthyApplications = int
          maxPercentUnhealthyNodes = int
        }
        upgradeDomainTimeout = "string"
        upgradeReplicaSetCheckTimeout = "string"
        upgradeTimeout = "string"
      }
      upgradeMode = "string"
      vmImage = "string"
    }
  })
}

Property values

clusters

Name Description Value
type The resource type "Microsoft.ServiceFabric/clusters@2020-12-01-preview"
name The resource name string (required)

Character limit: 4-23

Valid characters:
Lowercase letters, numbers, and hyphens.

Start with lowercase letter. End with lowercase letter or number.
location Azure resource location. string (required)
parent_id To deploy to a resource group, use the ID of that resource group. string (required)
tags Azure resource tags. Dictionary of tag names and values.
properties The cluster resource properties ClusterProperties

ClusterProperties

Name Description Value
addOnFeatures The list of add-on features to enable in the cluster. String array containing any of:
"BackupRestoreService"
"DnsService"
"RepairManager"
"ResourceMonitorService"
applicationTypeVersionsCleanupPolicy The policy used to clean up unused versions. ApplicationTypeVersionsCleanupPolicy
azureActiveDirectory The AAD authentication settings of the cluster. AzureActiveDirectory
certificate The certificate to use for securing the cluster. The certificate provided will be used for node to node security within the cluster, SSL certificate for cluster management endpoint and default admin client. CertificateDescription
certificateCommonNames Describes a list of server certificates referenced by common name that are used to secure the cluster. ServerCertificateCommonNames
clientCertificateCommonNames The list of client certificates referenced by common name that are allowed to manage the cluster. ClientCertificateCommonName[]
clientCertificateThumbprints The list of client certificates referenced by thumbprint that are allowed to manage the cluster. ClientCertificateThumbprint[]
clusterCodeVersion The Service Fabric runtime version of the cluster. This property can only by set the user when upgradeMode is set to 'Manual'. To get list of available Service Fabric versions for new clusters use ClusterVersion API. To get the list of available version for existing clusters use availableClusterVersions. string
diagnosticsStorageAccountConfig The storage account information for storing Service Fabric diagnostic logs. DiagnosticsStorageAccountConfig
eventStoreServiceEnabled Indicates if the event store service is enabled. bool
fabricSettings The list of custom fabric settings to configure the cluster. SettingsSectionDescription[]
managementEndpoint The http management endpoint of the cluster. string (required)
nodeTypes The list of node types in the cluster. NodeTypeDescription[] (required)
reliabilityLevel The reliability level sets the replica set size of system services. Learn about ReliabilityLevel.

- None - Run the System services with a target replica set count of 1. This should only be used for test clusters.
- Bronze - Run the System services with a target replica set count of 3. This should only be used for test clusters.
- Silver - Run the System services with a target replica set count of 5.
- Gold - Run the System services with a target replica set count of 7.
- Platinum - Run the System services with a target replica set count of 9.
"Bronze"
"Gold"
"None"
"Platinum"
"Silver"
reverseProxyCertificate The server certificate used by reverse proxy. CertificateDescription
reverseProxyCertificateCommonNames Describes a list of server certificates referenced by common name that are used to secure the cluster. ServerCertificateCommonNames
upgradeDescription The policy to use when upgrading the cluster. ClusterUpgradePolicy
upgradeMode The upgrade mode of the cluster when new Service Fabric runtime version is available.

- Automatic - The cluster will be automatically upgraded to the latest Service Fabric runtime version as soon as it is available.
- Manual - The cluster will not be automatically upgraded to the latest Service Fabric runtime version. The cluster is upgraded by setting the clusterCodeVersion property in the cluster resource.
"Automatic"
"Manual"
vmImage The VM image VMSS has been configured with. Generic names such as Windows or Linux can be used. string

ApplicationTypeVersionsCleanupPolicy

Name Description Value
maxUnusedVersionsToKeep Number of unused versions per application type to keep. int (required)

Constraints:
Min value = 0

AzureActiveDirectory

Name Description Value
clientApplication Azure active directory client application id. string
clusterApplication Azure active directory cluster application id. string
tenantId Azure active directory tenant id. string

CertificateDescription

Name Description Value
thumbprint Thumbprint of the primary certificate. string (required)
thumbprintSecondary Thumbprint of the secondary certificate. string
x509StoreName The local certificate store location. "AddressBook"
"AuthRoot"
"CertificateAuthority"
"Disallowed"
"My"
"Root"
"TrustedPeople"
"TrustedPublisher"

ServerCertificateCommonNames

Name Description Value
commonNames The list of server certificates referenced by common name that are used to secure the cluster. ServerCertificateCommonName[]
x509StoreName The local certificate store location. "AddressBook"
"AuthRoot"
"CertificateAuthority"
"Disallowed"
"My"
"Root"
"TrustedPeople"
"TrustedPublisher"

ServerCertificateCommonName

Name Description Value
certificateCommonName The common name of the server certificate. string (required)
certificateIssuerThumbprint The issuer thumbprint of the server certificate. string (required)

ClientCertificateCommonName

Name Description Value
certificateCommonName The common name of the client certificate. string (required)
certificateIssuerThumbprint The issuer thumbprint of the client certificate. string (required)
isAdmin Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. bool (required)

ClientCertificateThumbprint

Name Description Value
certificateThumbprint The thumbprint of the client certificate. string (required)
isAdmin Indicates if the client certificate has admin access to the cluster. Non admin clients can perform only read only operations on the cluster. bool (required)

DiagnosticsStorageAccountConfig

Name Description Value
blobEndpoint The blob endpoint of the azure storage account. string (required)
protectedAccountKeyName The protected diagnostics storage key name. string (required)
protectedAccountKeyName2 The secondary protected diagnostics storage key name. If one of the storage account keys is rotated the cluster will fallback to using the other. string
queueEndpoint The queue endpoint of the azure storage account. string (required)
storageAccountName The Azure storage account name. string (required)
tableEndpoint The table endpoint of the azure storage account. string (required)

SettingsSectionDescription

Name Description Value
name The section name of the fabric settings. string (required)
parameters The collection of parameters in the section. SettingsParameterDescription[] (required)

SettingsParameterDescription

Name Description Value
name The parameter name of fabric setting. string (required)
value The parameter value of fabric setting. string (required)

NodeTypeDescription

Name Description Value
applicationPorts The range of ports from which cluster assigned port to Service Fabric applications. EndpointRangeDescription
capacities The capacity tags applied to the nodes in the node type, the cluster resource manager uses these tags to understand how much resource a node has. NodeTypeDescriptionCapacities
clientConnectionEndpointPort The TCP cluster management endpoint port. int (required)
durabilityLevel The durability level of the node type. Learn about DurabilityLevel.

- Bronze - No privileges. This is the default.
- Silver - The infrastructure jobs can be paused for a duration of 10 minutes per UD.
- Gold - The infrastructure jobs can be paused for a duration of 2 hours per UD. Gold durability can be enabled only on full node VM skus like D15_V2, G5 etc.
"Bronze"
"Gold"
"Silver"
ephemeralPorts The range of ephemeral ports that nodes in this node type should be configured with. EndpointRangeDescription
httpGatewayEndpointPort The HTTP cluster management endpoint port. int (required)
isPrimary The node type on which system services will run. Only one node type should be marked as primary. Primary node type cannot be deleted or changed for existing clusters. bool (required)
name The name of the node type. string (required)
placementProperties The placement tags applied to nodes in the node type, which can be used to indicate where certain services (workload) should run. NodeTypeDescriptionPlacementProperties
reverseProxyEndpointPort The endpoint used by reverse proxy. int
vmInstanceCount The number of nodes in the node type. This count should match the capacity property in the corresponding VirtualMachineScaleSet resource. int (required)

Constraints:
Min value = 1
Max value = 2147483647

EndpointRangeDescription

Name Description Value
endPort End port of a range of ports int (required)
startPort Starting port of a range of ports int (required)

NodeTypeDescriptionCapacities

Name Description Value
{customized property} string

NodeTypeDescriptionPlacementProperties

Name Description Value
{customized property} string

ClusterUpgradePolicy

Name Description Value
deltaHealthPolicy The cluster delta health policy used when upgrading the cluster. ClusterUpgradeDeltaHealthPolicy
forceRestart If true, then processes are forcefully restarted during upgrade even when the code version has not changed (the upgrade only changes configuration or data). bool
healthCheckRetryTimeout The amount of time to retry health evaluation when the application or cluster is unhealthy before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
healthCheckStableDuration The amount of time that the application or cluster must remain healthy before the upgrade proceeds to the next upgrade domain. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
healthCheckWaitDuration The length of time to wait after completing an upgrade domain before performing health checks. The duration can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
healthPolicy The cluster health policy used when upgrading the cluster. ClusterHealthPolicy (required)
upgradeDomainTimeout The amount of time each upgrade domain has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
upgradeReplicaSetCheckTimeout The maximum amount of time to block processing of an upgrade domain and prevent loss of availability when there are unexpected issues. When this timeout expires, processing of the upgrade domain will proceed regardless of availability loss issues. The timeout is reset at the start of each upgrade domain. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)
upgradeTimeout The amount of time the overall upgrade has to complete before the upgrade rolls back. The timeout can be in either hh:mm:ss or in d.hh:mm:ss.ms format. string (required)

ClusterUpgradeDeltaHealthPolicy

Name Description Value
applicationDeltaHealthPolicies Defines the application delta health policy map used to evaluate the health of an application or one of its child entities when upgrading the cluster. ApplicationDeltaHealthPolicyMap
maxPercentDeltaUnhealthyApplications The maximum allowed percentage of applications health degradation allowed during cluster upgrades.
The delta is measured between the state of the applications at the beginning of upgrade and the state of the applications at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits. System services are not included in this.
int (required)

Constraints:
Min value = 0
Max value = 100
maxPercentDeltaUnhealthyNodes The maximum allowed percentage of nodes health degradation allowed during cluster upgrades.
The delta is measured between the state of the nodes at the beginning of upgrade and the state of the nodes at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits.
int (required)

Constraints:
Min value = 0
Max value = 100
maxPercentUpgradeDomainDeltaUnhealthyNodes The maximum allowed percentage of upgrade domain nodes health degradation allowed during cluster upgrades.
The delta is measured between the state of the upgrade domain nodes at the beginning of upgrade and the state of the upgrade domain nodes at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion for all completed upgrade domains to make sure the state of the upgrade domains is within tolerated limits.
int (required)

Constraints:
Min value = 0
Max value = 100

ApplicationDeltaHealthPolicyMap

Name Description Value
{customized property} ApplicationDeltaHealthPolicy

ApplicationDeltaHealthPolicy

Name Description Value
defaultServiceTypeDeltaHealthPolicy The delta health policy used by default to evaluate the health of a service type when upgrading the cluster. ServiceTypeDeltaHealthPolicy
serviceTypeDeltaHealthPolicies The map with service type delta health policy per service type name. The map is empty by default. ServiceTypeDeltaHealthPolicyMap

ServiceTypeDeltaHealthPolicy

Name Description Value
maxPercentDeltaUnhealthyServices The maximum allowed percentage of services health degradation allowed during cluster upgrades.
The delta is measured between the state of the services at the beginning of upgrade and the state of the services at the time of the health evaluation.
The check is performed after every upgrade domain upgrade completion to make sure the global state of the cluster is within tolerated limits.
int

Constraints:
Min value = 0
Max value = 100

ServiceTypeDeltaHealthPolicyMap

Name Description Value
{customized property} ServiceTypeDeltaHealthPolicy

ClusterHealthPolicy

Name Description Value
applicationHealthPolicies Defines the application health policy map used to evaluate the health of an application or one of its children entities. ApplicationHealthPolicyMap
maxPercentUnhealthyApplications The maximum allowed percentage of unhealthy applications before reporting an error. For example, to allow 10% of applications to be unhealthy, this value would be 10.

The percentage represents the maximum tolerated percentage of applications that can be unhealthy before the cluster is considered in error.
If the percentage is respected but there is at least one unhealthy application, the health is evaluated as Warning.
This is calculated by dividing the number of unhealthy applications over the total number of application instances in the cluster, excluding applications of application types that are included in the ApplicationTypeHealthPolicyMap.
The computation rounds up to tolerate one failure on small numbers of applications. Default percentage is zero.
int

Constraints:
Min value = 0
Max value = 100
maxPercentUnhealthyNodes The maximum allowed percentage of unhealthy nodes before reporting an error. For example, to allow 10% of nodes to be unhealthy, this value would be 10.

The percentage represents the maximum tolerated percentage of nodes that can be unhealthy before the cluster is considered in error.
If the percentage is respected but there is at least one unhealthy node, the health is evaluated as Warning.
The percentage is calculated by dividing the number of unhealthy nodes over the total number of nodes in the cluster.
The computation rounds up to tolerate one failure on small numbers of nodes. Default percentage is zero.

In large clusters, some nodes will always be down or out for repairs, so this percentage should be configured to tolerate that.
int

Constraints:
Min value = 0
Max value = 100

ApplicationHealthPolicyMap

Name Description Value
{customized property} ApplicationHealthPolicy

ApplicationHealthPolicy

Name Description Value
defaultServiceTypeHealthPolicy The health policy used by default to evaluate the health of a service type. ServiceTypeHealthPolicy
serviceTypeHealthPolicies The map with service type health policy per service type name. The map is empty by default. ServiceTypeHealthPolicyMap

ServiceTypeHealthPolicy

Name Description Value
maxPercentUnhealthyServices The maximum percentage of services allowed to be unhealthy before your application is considered in error. int

Constraints:
Min value = 0
Max value = 100

ServiceTypeHealthPolicyMap

Name Description Value
{customized property} ServiceTypeHealthPolicy