Azure Service Fabric is used to deploy and manage micro-service based Applications in Azure and on-premise environments.

It uses virtual machine scale sets in the background to scale up the availability of the micro services incase of an increased demand.

Azure Service Fabric has node types which are used to define your workload types for example one node type for back end services and another for front end services.

Many of the services in Azure use Azure Service Fabric in the background for their operations. An example some of them can be see in the graphic below.

A good illustration of this can be the Azure SQL Database that is running a multitude of virtual machines, in turn those virtual machines running a multitude of containers and those containers serving up a big number of databases to the customers.

In comparison to Kubernetes or Azure kubernetes service, Service Fabric is Microsoft's container orchestrator and it hosts micro services developed and deployed using the Service Fabric Programming model.

Okay, enough with the introduction. To get started, Search for an Azure Service Fabric resource in the portal.

We click create and then give our Service Fabric Cluster a name and the administrator username and password.

We then select our initial virtual machine scale set capacity. For production environments, It's recommended to have at least 5. When that is done, click on the last option which is for setting the key vault  primary certificate. Notes on how to create a key vault are available here in one of my previous articles.

Select your preferred key vault and click create new certificate.

The self-signed certificate is used to enable secure node to node communication (cluster authentication) within an Azure Service Fabric cluster and also allows authentication of management endpoints (server authentication) to a client endpoint which in our case is the browser. Note that the subject common name to the certificate should be the fully qualified domain name of your cluster.

After creating and selecting our new certificate, we should then be able to go to the next page and create our node types as shown below. My first node type is the front end with 2 virtual machines and the back end with 3 virtual machines.

We shall then leave all of the settings to their defaults in the next tabs which are Security and Advanced and then we create our cluster.

Cluster creation takes about 10-15 minutes.

When it's done, the next step is import the self-signed certificate (.pfx) format to our client computer so that we can access the Azure Service Fabric through the fabric explorer. To do that, you'll need to go to the Azure key vault and then access the certificates section.

We then import the downloaded certificate to the personal store of the current user account.

When that is done, we head to our browser and try to access the cluster. This will present us with the screen shown below.

Select the previously imported certificate to authenticate to the cluster.