Welcome to lab six micro services and as your fabric so in this video we will be seeing how to deploy micro services application on as your fabric in case you're new to micro services I would suggest to please go and watch the microservices video which is that in design pattern section now this video is a very very long video it is a one and a half hour of video so and the video is not only long but it is also very complicated in terms of technology. So my suggestion here is that you know please watch this video in 2020 minutes of gap so watch for 20 minutes have tea cup and coffee again watch for 20 minutes have a nice sleep out be okay if you watch this video in two days, you know in two days, if relax and just watch this video, I'm sure after you watch this video your concept of as your fabric would be crystal clear.
So in this video my goal is firstly to discuss about the issues with Microsoft micro services deployment then we will Talk about why do we need as your fabric and how as your fabric addresses the complicated deployments of microservices, we will talk about what kind of tools do we need for creating micro services application on fabric. We'll talk about stateful and stateless micro services. We'll talk about security and fabric using Active Directory and certificates will also get introduced to as your vault you know, as your vault is there for security purpose because you're in a car, we will also talk about how to go and publish using Visual Studio. And also while we are doing all this, we'll talk about LTS C and SSE model of the several products. So this is a long video, as I've said, watching 2020 minutes each, and I'm sure that you would be after the video you'd be well versed with as your fabric.
So now let us first try to understand that what exactly is the need of as your fabric Why does as your fabric exist at all? So there are three prime reasons you know why as your fabric exist. The first one is micro services. The second one is micro services. And the third one is micro services. micro services is the main reason you know why as your fabric is in existence.
So I would suggest that please first go and see the video of micro services, which is in the design pattern section, where I've talked about what is microservices, what is how it is different from service oriented architecture, and so on. Right. So in that video, I said that microservices is nothing but it is an architectural pattern in a wherein you create self contained modules independent modules, which run in their own process, they have their own database and they talk with other modules you know, using HTTP or some protocol. So you can see here you know, let us say that if you have an E RP system, so in an E RP system, you can have accounting, you can have inventory, you can have payroll, you can have HR and so on. So we can host these micro services in different process. So in order to host them in different processes, Probably you will have different physical boxes or probably you will host them in the same physical box and you will separate them by using containers right.
But now, with so many boxes, so many hardwares with So, many processes, you have ended up into a complicated infrastructure or I would rather say you have ended up into a clustered environment environment, a cluster of computers right. So, now, at one point, you know, the development is complex, you know, because we are developing micro services, so, we have to develop them in a standalone manner, we have to add a communication layer like HTTP, so that both the modules can communicate, and on the other side, your deployment will also become complex, right. So, the complexity has just become exponential. So, now remember, microservices should, should and must have automated deployment if it does not Have an automated deployment then it is like you know driving, you know some kind of Lamborghini in a traffic jam road, right. So, you will actually be spending more time in managing the infrastructure rather than addressing the core issues of your of your customer.
So now with all this, let us go more in depth into what exactly are the problems for managing these clusters for managing microservices and clusters. The first big problem with the cluster environment is security. Now, this cluster environment will be used by a lot of stakeholders, we will be having developers we will be having administrators, we will be having end users, right. So, for example, the first thing is the developer. Now, we do not want any unknown developer coming and deploying on the cluster his code will only developers who have the access enough should be able to deploy so we want a secure deployment second while deploying as well. I want the following So, I would like to say okay, there should be some kind of a check which says that okay this cluster is healthy.
So, deploy the application on it, this cluster is not healthy, so do not deploy on it right. So, I want such such kind of an automation as well. The second thing is, I would like to also monitor the whole cluster saying that which cluster is working well, which cluster is having a health problem. So, I want some kind of a monitoring environment, you know, where the admins can go and monitor, you know, how my clusters are working. And again, this one monitoring also should have security involved into it also between the cloud between the nodes, so, these are the nodes for example, the HR is hosted on a separate box, the accounting and inventory are hosted on a separate box and they are talking Why are some HTTP channel right. So, each one of these nodes or the application should talk via a sick sick old channel.
I do not want like somebody should plug in His own microservices and start calling my accounting application right, it should be a trusted cluster. So again, when each one of these nodes talk with each other, there should be a secured channel. Also, I would like to have failover. So I can keep one node which is just empty. And let us say the payroll system, node comes down, it should deploy the payroll into this box and start working. Right.
So if you see, when we say managing this cluster for microservices, it involves a lot of things. It involves a secure deploy deployment, it involves monitoring this whole system, it involves the nodes should talk your secured manner. It involves, you know, the failover should happen automatically and so on. And that's what exactly as your fabric does, as your fabric is that management layer. It is a management layer, you know, which handles all this thing for us. So as a developer now, I don't have to worry.
What is that at the back end I will take my C sharp Or I'll take my MVC core, whatever it is. And I just said deploy. And the as your fabric goes ahead, he looks at the best node, the healthy nodes, and he goes ahead and deploys it. So you can think about that this as your fabric is a management layer between the stakeholders, you know, who are deploying micro services, we're monitoring, micro services, and your cluster. So now that we understand the concept of as your fabric Now it's time time to go ahead and start doing some demos start seeing that how other fabric development looks like. Now definitely, if you want to do as your fabric development, you need to have an Azure account, you need to go and deploy it online and so on.
But think about it a fabric athlete needs two or three nodes. So you will be actually be creating two three nodes. In other words, you will be creating two three virtual machines. So that would really cost you a lot, right. So what Microsoft has done, you know, they have given you an environment you know, where you can go and deploy your clusters. Look So you can create your clusters locally, you can test your components, you can test your micro services, and then you can go ahead online to the online OCR, right.
So for that for for as your fabric development unit two things. One is you need the as your fabric SDK. So you can go and search for as your fabric SDK. So somewhere on the Microsoft site, you can see this small installation here saying install as your fabric SDK. So what does this as your fabric SDK, do this as your fabric SDK gives you a wonderful template in Visual Studio. So if you open Visual Studio, it will actually give you a very wonderful template by which you can go and create as your fabric projects, right.
So my Visual Studio is opening I'm sorry for this. So until that open, so this is the first thing we want. We want the Azure fabric SDK. The second thing what we need is we need the as your fabric Explorer, this as your fabric Explorer is actually Enter a small application in which actually creates local clusters for you. So, once you install the as your fabric Explorer, you will get such kind of setup or such kind of installation you can see. And if you start this installation, you can see the saying over here, welcome to Service Fabric local cluster manager.
So, you can see here there is a small icon here. And I can I can decide that I want a five node local cluster I want a one node local cluster. When I say a five node local cluster means there will be five instances of five separate processes inside which I can deploy my application. one node means just one single node, right. So, I can go and switch to these these kind of configurations. And if I click on this manage local cluster, you can see that it actually opens up a window and it shows me over here that these are your clusters.
So you can see at this moment I have selected five node cluster. So that's why it has given me five nodes for me, right? We will come into this thing later on. But the whole point here is that by using the as your fabric Explorer, the local cluster, you can create your Azure fabric application locally, you can deploy them locally, you can check everything and then go online right. And the second thing is we have also installed the SDK. So by installing the SDK now, we get a small template here.
So if you click on new project, we will get a template for the as your fabric development is opening. So remember, we need two things one is we need as your fabric SDK and one is we need as your fabric Explorer. So we can see here, this is this project template and this project template has come because we have installed as your fabric SDK, right. So by using this, we will be doing the deployment. So these are the two things You need in order to do as your fabric development. Now, before we move ahead with the demo, I would like to inform you that there are two flavors of as your fabric projects.
One is you can create a stateful fabric project and the other one is you can create a stateless fabric project. So, what's the difference between both of them? So, as we discussed that we have a cluster of nodes and in these nodes actually our application gets deployed. Please note whenever I use the word node node means a computer or virtual machine or box right. So, let us say you have node one in node one you have some account application running it has his own database, it has his own source code its own process right. And you also kept the standby nodes so that in case if this node goes down, this application starts running inside node two.
So now let us say the accounting application is running in node one and there is some problem in node one, so automatically as your fabric will Switch to node two, it will deploy to node two and your application starts running on node two right. Now, when this switch happens if you want to maintain the state of the application, then you have to create a stateful as your fabric application and if you say no not like you're not interested to meet in the state, then you can make it stateless. Because remember in node one must be some users are interacting with our application at that time, they have their own session variables, they must be having their own you know, cookies and etc which are which are there for that request and response right. So, in case you want to maintain that in the note two, then you have to create a stateful as your fabric application or as you can create a stateless as your fabric application.
So let us go ahead and create a as your fabric project. So you can see that this is the Service Fabric application, which has been installed because of the SDK which we have installed. So I will go and create your something like you know app, my app right. And as we have said that we have two two kinds of two flavors of microservices one is stateless service you can make a stateful service also you can have service with ASP dotnet core stateless service with ASP dotnet core and you can have stateful ASP dotnet core. So, these are the four important templates you know which probably you will be using. There are three other templates we'll talk about that later on.
So at this moment, let us not discuss about them. When I discuss about the actor pattern, I will talk about the other three things right for now just keep it aside. So let us go ahead and create a simple stateless service this does not have MVC does not have anything right. And let us say Okay, so what our goal is to install this service the stateless service in our local cluster Remember we have a local cluster of five node, right? So this local cluster is can be browsed on this 19080 port. And over here you can see these clusters, right?
So, we want to go and deploy our application which we have just created into these clusters, right. So now, if you see the application which has been created, there is a C sharp project. You can see here there is a C sharp project. And there is some other project here called as my app. Now, this first project, what you see out here has a lot of configuration of how to go and deploy your project into the cluster. So you can see this, my project has a lot of XML files, and these XML files, have, you know, all the detail of how to go and deploy this app into the cluster environment out here, right.
So one part of the project you know, talks about how to deploy into the cluster and the other part is where you actually write your code and your logic which you want to execute on the cluster. So, first, let us go ahead and try to understand what is present in this configuration project. So, as I've said this is the configuration project and this is where your source code is right. So, in the configuration project, you know, there are a couple of XML files let us start from this manifest XML. So, in this manifest XML, we provide the service name, we provide that should it be deployed on a singleton partition right or should it be deployed on a session wise partition? You also provide here you know the the number of instance count.
So let us say if you have five nodes, then do you want five instance count right away? Or do you want you know that it should be depend it should be created on demand, you know, so if one node goes down, then only create another instance and put it on the healthy node, right? So how do you want it now, when you go for deployment, you know, so if you If you look at this current moment, we have the local cluster and in the local cluster we are given two three options. One is that I can create a single node cluster or I can create a five node cluster right. So, you can see there is a local one node XML in a way you can provide parameters for the single node cluster, the local firewall, you can provide parameters for the five node cluster, in case you want to deploy online, which I will show later on, you know, you can use the cloud dot XML.
So this is for as your online real as your and these two are for your local clusters. So in this again, we can provide parameters, which can help us to configure the clusters, I will come into what kind of parameters can be provided over here. Then we have the public profiles, because at this moment, we have five environments. We can publish on local one, we can publish on local five or we can publish online. In this published profiles, you know, the most important part is the security so you can see or when you're publishing on a car, then You need to go and provide the certificates you need to say that what kind of security are looking forward like you know, so like do you want to use the as your Active Directory and so on. And finally, the final folder is where we have the scripts.
So this script is nothing but a PowerShell script. So very quickly, I will not going to PowerShell now, but PowerShell is a is a is a is a scripting language provided by Microsoft for doing admin activities. For example, you want to backup a file, you want to backup a database, you want to restart the server, right, and, and so on. So you're at this moment, this script is a standard script, which comes with the project. And this will help us to deploy our source code. So our source code is stateless one this project into our local cluster.
So that's what the goal of this PowerShell script is. So now, let us go to the stateless project here. So in the stateless project, you can see that there are a lot of class files out here. Now, the program.cs is where actually the main where everything starts actually right. So, you can see it first goes and it actually starts the service right and this service is actually this stateless one which will actually start right. The second one is it also goes and starts the even sources you know.
So, whenever there is there are messages which you want to send you want to send error messages, you want to send informational messages. So, this event sources where there are some configuration saying that okay it should be sent to you know, a Visual Studio event source it should be sent to an event viewer, it should be sent to an loc file and so on right. So, I would say that do not pay attention too much on these two files at this moment, they are pretty much standard, but the most important one variable put your code is this stateless one.cs. So, let us go through that. So in the stateless one.cs You know, there is a run a sync method, and in this is where you will go and you will put your code Now, remember This is a micro service and a micro service will get installed into one of the nodes right.
And you can see what I'm doing what we are doing is you know we are we are looping there is a there is an infinite loop over here and this infinite loop is actually counting iteration the number of iteration that has been completed and it is writing it to an event source right and this event source can be anything at this moment, this event source is configured with Visual Studio. So, when I run this program, I will see it in my you know, in my output window, okay. So, you can see there is a loop here, this loop waits for one seconds, one second, it keeps counting and it writes that counter into the event source okay. So let us go ahead and run this. Now remember that the whole goal of this project is to make you understand what is the difference between a stateless micro service and a stateful micro service when you're seeing actual micro services right real time micro services cannot B loops like this, you know, they are going to be MVC applications, they are going to be web applications, right.
So there will be some useful applications. So at this moment this demo is to make you understand how micro services are deployed, how they look in a cluster? And you know, what is the difference between stateful and stateless? So, this is just a demo, but after like you know, 1015 minutes, you know, we will come to the real demo, where we will deploy MVC application, right. So, at this moment, do not try to focus too much on these two templates because I doubt in real projects, you know, people are using any one of these templates, okay, so, let me go and start deploying this. So, when I start running this, I would like to run this in the local cluster, right.
So, when I run this, it will actually go to my local cluster. So, let us go ahead and open our local cluster management UI. So, you can see here I've right clicked on the taskbar, and I've clicked on Manage local cluster When you click on Manage local cluster, it opens up the browser. So we can see this task requires the application to have elevated elevated permissions. In other words, you know it is saying that please run your Visual Studio as in admin mode. So I'm going to go and run my visual studio in a run as admin mode.
So I will go and say run as administrator. And it is again open the project and let us again try to deploy the project so that my visual studio has opened I will click on my app. So again, I have opened my project in the admin administrator mode here. Now one of the very important thing to remember is that the project which should be the first project to start is your project of configuration right so you can see our ad did not say that said this as start a project. I've said that said this has started project because all my configuration where is a cluster, everything is in this project, right? So that's I've given this a startup.
So I'm going to go and run now. So there my application is running. And my expectation is that this my app should get deployed onto this cluster out here, right. So, let us see what is what, what will happen. So we can see that the first thing is he is running the PowerShell script. Can you see this ps1, so it has ran the PowerShell script very quickly.
Okay, that just went off. So, and you can see now it is creating the application, it is deploying it to the fabric, and so on right? Now, if you remember, there was a counter value and that counter value was displayed onto an event source, right? So this event source at this moment is configured to the Visual Studio. You can also see it says that there are no HTTP URLs because this is not an MVC application. It's a simple stateless service right?
So nothing else. So there it is. So let us go and see the diagnostic Given we can see it all the diagnostic Givens are out here. And I'll just clear everything. And you can see the counter is now saying 3233 34 you know, so you can see, when I click on the diagnostic given you can go to the diagnostic event from somewhere from Windows and diagnostic right. So we can go and click on the diagnostic event I can see it over here.
Now, once this code is running that that also means that it has been deployed on my cluster right? So you can see on my cluster my app has been deployed. So you can see that also you can see it has deployed it on node four, remember we have five nodes, it has deployed on node four, it is running on node four, it is healthy, right. Now, let us say for some reason your node four go down goes down. So let us say I'm going to go and deactivate and remove this right. If I say deactivate and remove this you know what will happen is these values which are here It is a state it's a state stateless service right.
So, these are So, what will happen here is if I go and and and deactivate this or if I go and pause all this site does this node it will try to deploy on node three or node four or node one depending on you know what kind of cluster map I have right. So, I can see that this is running on node four it will try to then go to node three must be depending on the upgrade domain upgrade domain means, what is the the sequence or what is the priority of the node where it will be deployed right. So, let us say I go ahead and I remove this deactivate, I remove everything right. So, I'm going to say yes, go ahead and deactivate this node and deactivate and remove this. So now what will happen is the first thing is as soon as this node four has been deactivated, by default, the fabric will come into action.
It will take our application and we will try to deploy inside Different node right so you can see this has been it has been disabling it got disabled and it just crashed. Right the program crashed because it said that there isn't any node existing right. So again, I'll try to run my project it's so let me try to again I you can see that it crashed and again I somehow said him please keep debugging right. And I expect that a new cluster node should be added here you can see now it is now running on node zero. Can you see that? So it has now started running on node zero.
Now when it started running on node zero, right, it did not maintain the state you can see over here, it has again started from I'll just make a pause you can see after when the service was deactivated, it had count it had counted till 138. But because this is a stateless service, right, when the know when the application was deployed from one node to another node, right, it just restarted all the value. But when you create a stateful service, this will not be the case. So Let me do like this. Let me go ahead here and create now a stateful service right, so we'll do the same thing. We'll try to run the stateful service and try to see that does it maintain the value?
So, let me go here Service Fabric application. Let me see a stateful service and say okay. So, let me go to my cluster here and remove everything which has been deployed. So, the application which has been deployed also let me go and restart this node for activated. You can see the application has been removed by by itself I did not say right click and remove it. I will come to it you know why, why this application has been removed.
We'll come to that. So there you can see my stateful service has been created. Let us go ahead and see that what is the difference of code in the stateful and stateless? So when you go to the stateful service, one of the things what you will see is that there is a state manager dictionary can See this. So he has actually created a state manager dictionary. And whenever he is adding that counter, he's adding it to this dictionary.
So this state manager out here is the person, you know, who helps you to create a stateful service. So whenever you say that, you want to create a stateful service, then you need to go and create a state manager dictionary. And you need to go and write the values in that dictionary. So that in case your service is going from one node to another node, the data is preserved for that session, right? So let's see if this works or not. Again, one more thing, which I want to point out, I said that the application was removed by itself right?
So why because there is a small setting out here. If you go to the properties, it says that if you are debugging debugging this application, and once the debugging stops, you know, what do you want to do? For example, you can see her properties so you can see her it's says, so when the debugging stops, do you want to remove the application? Can you see that? Or do you want to keep the application? So in case if I've kept this application then the application would have been running or there.
But what I've done here is I've said that once the debugging has stopped, you know, please remove the application right. If you want to go and deploy the application fully then you can use the build and deploy or publish by by doing publish it will actually go and deploy properly in a release mode right. So now let us again go ahead and run this and let us see that does our stateful service works or not. So again, you can see here it is running the PowerShell script. Okay, so you can see like, it is running the PowerShell script for deployment. It is uploading the image to the image store image means your binary files right, and all that.
And again, I should see all the values in the diagnostics over here. So my diagnostics should start running. So you can see creating, and so on. And over here as well, we should see that the application is getting deployed right slowly okay. So, that is the application, the application at this moment is running on. This is very interesting you can see here it is not running on one node but it is actually running on multiple nodes right because the time is saved is stateful.
That means that he needs to now ensure that your state is maintained and synchronized, right so you can see it he's saying that on the primary node at this moment it is running on the primary node that is node two, but in case there is something problem, I will switch him to node zero on node three. If you remember when it was stateful it just deployed it on one node because it does not have to worry about The data preservation right but here now he has to worry about data preservation. So, what he has done is he has activated one primary node in which actually it will be running. And at the same time he will sync up the data using that state manager with the secondary nodes. And in case there is any problem, he will switch to the secondary nodes, right. So, now, let us go back to Visual Studio, I'm not sure why I'm not seeing, okay, I just stopped it.
So you can see here so I'm sorry, I had paused over there the diagnostic event, you can see now the counters are getting incremented right. So let us go ahead and bring down node two. So at this moment it is running on node two, I'm going to go and bring that note two down. I will just say deactivate this deactivate and let's not say remove data that said deactivate and pause it. So I'm going to go and deactivate node two and two score mode on score two and the activated. Now definitely Once this happens, right it will try to switch to node zero or two Or three, right?
So we can see this is disabled. And we can also do a refresh very quickly. If you see at the right hand side there is a refresh date of 15 seconds, right? So it actually doesn't auto refresh as you know. But in case if you want, you can just go and refresh the browser or you can refresh by clicking on this thing over here, okay. So we can see that is disabled.
Now let us see what has happened. So if I go and see over here, let us look at the primary node can see it's still two. That's fine. I don't know why it is still two. Let's look at my diagnostic events. This ones are the old ones, isn't it?
Let me do like this. Let me not only disable it, let me do let me let me restart. It must be let me try to restart. I don't know why. It did not switch the node still. The title of the start Trying to restart my node.
And once I try to restart my node, yeah, that's good. You can see here the node two is getting restarted. But look at the counter values it is it has still maintained it 162 163 so even if one one of the node restarts it did not forget the data, right? Let me try to do something more horrific, you know, let me deactivate and remove the data I'm not sure what will happen now. So deactivate remove everything you know, like I'm just bringing down node two completely not even disabling it. I'm just just removing it right.
Let us see now if we if you maintain the data. So I should get a message first out here saying that the node has got deactivated. Okay, there it is. The node has got deactivated, but you can see still the counter has been counter has been retained. And you can see these red signs out here. I can just quickly do a refresh.
You can see now he's trying To switch from this primary node to another node, so you can see that has become idle. And it is now trying to switch to node two. But while it is doing that switching, you know it did not change the value, right. So there you can see the node two is now down and the primary node is now node three. And just quickly if I go to my Visual Studio, if I go to my Visual Studio, you can see the countdown is still maintained, right. So, remember that in a stateful service, you know, it retains a state while in stateless service, it does not retain the state.
So this is great. But now, when you talk about creating serious microservices, it cannot be this kind of counters right? It will be like a MVC application or a web application or some kind of a process right. So let us now go ahead and create an MVC project. So I'm going to go and create a file new project And let's create service application and we will say that this is application 12 Yes. Now we can see again for MVC project it's supporting at this moment ASP dotnet core.
So we can see you can you can say that Okay, so do we want to stateless ASP dotnet core or do we want to state fully SP dotnet core. Now remember here the stateless and stateful is not from the perspective of the session variables please note please note on guys, this is from the perspective of the application state. So for now, I'll just select stateless so remember I have already explained you stateless and stateful now this one is with ASP dotnet template right? So I'm gonna go and press OK. And let us see that how can we deploy now ASP dotnet applications uh, once you say okay it starts up the ASP dotnet core. So your I will just say no authentication and so on. So now in this case, what will happen is we will get one project which is of the fabric univer all the parameters are and the second project we will get to know of the end MVC application, okay.
So you can see here in the Solution Explorer there are two projects. One is of the fabric so you can see that slow. So we can see a one application is of the fabric which has all the parameters. And the other application is the MVC core application. I know where there are controllers that are viewed that are models, in case you're new to MVC core, please go and see the Learn MVC core step by step video series, you know, better explain MVC core. And you can see over here that this is the configuration.
Always remember your fabric project should be set as startup, right? Because that's the person who will actually go and deploy things. It will it knows which is the cluster and so on. Do not make this as your startup project, you know, it will just run a simple MVC application. Okay, great. So I'm going to go and rebuild the solution.
Now please note that web applications actually run on a port. So if you say you want to host this a web one MVC project, it should run somewhere on HTTP, localhost, someone like 81 28120 something right. And also, what we want is we do not want web applications. Now to run standalone, we want that this web application should run from inside as your fabric from one of the node. So in other words, we have the fabric on the top. And this application is deployed into one of the nodes, right, that's what the goal is.
So the first thing we need to go and provide that where we want to run our web application, right, on which port we want. So you can see here we can go and specify any port here like 999191 I have specified right. So now I will go and I will deploy this application so I'll just say publish. You can see now you get two options here in the Publish box. One is a local cluster other one is in case there is also Land cluster, I will say it's a local cluster and the local cluster is of five node and I will say publish. So, once I say publish, it will actually start publishing on my local cluster.
So, let us go ahead and browse to our manage local cluster. And let us see that our web application is getting deployed. So, you can see now, I think still working. So, we can see this getting deployed out here, it will take a minute or something. So, once that happens, you know, we should be able to we should be able to see our application over here the web application right. Okay.
So you can see the spring application succeeded publish succeeded good now, let us go back to our browser and see what we have here So, you can see our application is laid out there. I'll just go and do a refresh so you can see our web application running. And it's running on node three at this moment, right. So if I want to go and browse that application, I can just go and use this URL, which I've given here. Now remember that you can see here my web server is not running outside. You can see in my icon, our personal Visual Studio web server is not running.
But I should be able to browse the application from yours. So if I click on enter here, oh, nine one Why isn't it 9191 vote on that slide. Did you take any other port? Let's check it for some reason. 9191 is not running. That's a bad locally 9191 Okay.
Also what it does is you know, when we actually deploy our application it also gives you a message at the last thing that your application is running on this port. So I'm not sure if it has given that and it is always good to have errors if you don't have errors then there is a problem remember, especially when I when I was working with as your fabric for past one one and a half months, what I have noticed is there are so many small small settings inside it it is it is difficult to know you know when the arrows can come in. When I start doing the demo online, you can you will see that the arrows are really really very weird, right. At the last it also gives you somebody at the last you can see it seeing me that you can open the application on so it saved me launching the browser on 8638 why And and what is this then?
So for some reason, it's not showing me my application, it is not showing it out here. You can see there is other URL here. It's saying, I don't know what from whether you are less coming. If I go over here Oh, it's it's published on 8638 board that is very strange. So I'll tell you what is the reason here? Well, there are some couple of things out here, which we need to do.
Now. There is one more setting, which we need to provide here if I'm not wrong. So you can see it in your web project. You have this service manifest dot XML, right in this service manifest dot XML. Somewhere there is a port here you can see 98638 that's what is taken. So we need to go and change this right.
Now. Let me go and deploy. So that my application is now hosted and the deploy is successful. So now let me go back to my browser here. And you can see now in the 9191 port it is working. And previously that eight ports should not work anymore.
So this should not work actually. All right, great. So you can see now my application is running it's, it's right out here the cluster right, it is running on whatever node, right node three, right. And remember again, all those things if your node three goes down, right, if I just say deactivate and remove data, some other node will come up. And as your fabric will ensure that your application does not go down. So if you see I brought this thing down, and if I try to reload the application can go down for some moment must be you can see like my application has gone on for some moment.
Right But once this note three deploys an application into some other node, you can see it started to deploy on node one. And my application should again come up again. Right? That's the beauty of as your fabric. You know, as I've said, it is a management layer. So you have this cluster of computers so that it is node one is up, and my application should be up, right.
So that's what I was saying, like, you know, this as your fabric is a wonderful management thing, you know, it sits on the top of your nodes. It sits on the top of your clusters, and it says, Okay, go ahead, deploy it, right, deploy whatever code you want to deploy, I will figure out which is the best node, which is the healthy node, which is the unhealthy node and so on. So this was the whole demo of as your fabric on the local cluster, please note, you know, doing something locally and doing something online on as your cloud is very, very different, right? Yes, you would get such kind of fabric explorer to see but things are very different. As soon as you Go online, right? So first thing is go ahead, take your time and deploy it on local cluster, test your application.
And once you're ready, it is time to now go ahead and lock go to the Azure portal and to deploy this right. So, let us start now. And let us see that how to deploy our code into the real as your fabric right. So let me log into the portal first thing. So let it let us click on new. And remember, if you're not able to locate any of those, your services, click on new and start searching it.
So I'll search for fabric. So that is the Service Fabric cluster. So let us click on it. Let us see create. So you can see there are a couple of configurations here at the left hand side 1234 and we need to start one by one. So let us first go ahead and give a unique name to our cluster like so I'll give a name here saying shift cluster.
Okay, some some name. This can be any name here. Then Is that okay? So what kind of operating system you want to select, you can see or you can create a cluster of Linux as well, right? So you can see it's Windows Server Data Center or you want Windows Server semiannual, or you want Windows Server, with containers and so on. Let me not concentrate on Linux at this moment, let us talk about the windows thing.
And I would like to point out this over here, specifically, I would like to point out here, one is there is a Windows 2016 data center. One is there is a Windows 2016 data center with containers. Now your things are clear that this is just a simple data center server. And this is with containers right? So we will actually go and create containers inside which you can go and deploy your micro service right. But what is the basic difference between this Windows Server here and the Windows Server semi annual 1709 this is very important to understand.
So let me go back again to my theoretical PowerPoint presentation. And let me talk about what is the difference between this semi annual and the normal data center with containers right it is very important because if you select one of them it makes a lot of difference on how your online as our account will work. So, let me go back to my theory board. Now before I make you understand this word semi annual right, we need to understand also the word long term right so this long term and semi annual both of them are very important words which comes from the Microsoft product dictionary. And in order to understand all of this, you know, you need to understand three important things mainstream, extended and premium. Okay.
Now, from Microsoft when any product goes live, for example, it can be ASP dotnet core, it can be SQL Server, it can be Windows Server, right or IIS or anything which goes live from the Microsoft company as such, right. Once it is live, it is before the public people are using it. They give you know, they tell you that What is the warranty period of this product? You know, for example, when you buy something like Owen, or a car or something like you have a warranty period, right? So here also we have a warranty period, and the warranty period is, is something like this. So one is there is mainstream, that is extended, and there's premium.
This mainstream is, you know, it in this mainstream you know, Microsoft will provide you new versions, it will provide you new features for that product. So, for example, let us say it will he launches SQL Server 2016, let us say, so, he will say, Okay, I'm going to give you a full support of giving you new versions, I will give you new features in the five years of mainstream support. So every two, three years, I will keep updating the new versions, right? After that, after five years or whatever is the mainstream period right? for that product, Microsoft will say OK, now I will not give any more new versions. But yes, I will keep giving you security updates.
In case there are some issues I can give you Some patches right. So, that is termed as an extended period in the extended period, he will not give out any new features, he will try to maintain the existing features. And after the extended period, the product life cycle expires. And it's a premium period where in case you are one of those customers who are using that any legacy software, you need to pay heavy money from my pockets right. So, Microsoft after the product is live, give such kind of a warranty period of mainstream extended and premium. Now, Microsoft has two kinds of products at this moment.
One is a traditional product like Windows Server, you know Excel MS Office, you know which people used to buy from DVD they used to buy from online days to get a key right and nowadays the new one which is the newer one, where I go and I can buy something on demand right. So for this you know, they have done to classification for the long term cost long term. Production products you know, they have their name the name thing as long term service channel in the long term. Service channel, you will get a five years of mainstream support and a must be five years or six years of extended support. In this five years, they will release within two or three years they will release new versions right. So they will release the version slowly in the SSC semi annual channel kind of products, you know, here they will have a mainstream support only 18 months and they will give you quick updates of six six months right.
And as such you know, there is no extended support for SSE So, they you know, they tell you that please in case you're using let us say, let us Service Fabric you know Service Fabric, they will say that okay, the extended support is of 18 months after that if they change the version of Service Fabric, you have to upgrade yourself. So in case you are a customer who says that no, I want quick changes. I want to be with the new technology. I want to go shoulder and shoulder with him what Microsoft is doing, then you should select SSE but in case you're looking at long term stability, you will say that no like I will take this out. I will buy this product and then I will you know have return of investment of four or five years after that will be I will migrate then you are from this one okay.
So, let us again go back to our as your screen now. So, then we will understand that what those things are. So, in LTS C, you have the mainstream and extended support have long years. And the new versions come in again very long periods, while in SSE or semiannual channels product, you know, the updates are very quick, so that you can be in par with the market. So now over here, this windows 2016 bit containers is the LTS C, and this one is the semi annual means here. In this case, the windows server will keep upgrading with new versions and only the guarantee they can give you is of 18 months after 18 months.
Either you migrate or either, you know you have issues right. So I'll take this one for now. Now, once the cluster is created inside the cluster, you can have four virtual machines or five virtual machines depending on the node, right? So there'll be five VMs. So we say okay for these five VMs, what is the username and password, so I'll just give some username and password here. And the subscription is pay as you go, I would like to add this into something called as resource cluster group.
So, all my servers will belong to this resource group, remember, resource group we have covered in the first lecture and press OK. Now, the next thing is that, so how many nodes you have. Now please note that this is one note here does not mean one virtual machine, one node can have five virtual machine, or six virtual machine or 10 virtual machines. So if I say let's say one node has five virtual machine, if I select two, then I will have 10 virtual machines. Please note, right. So like in our case, you know, when we were looking at the local cluster, every node was about Virtual Machine by itself, but here it is more of like a node set. And inside that node said you can have more virtual machines, right?
So I'll say, Okay, I just want one node for now, I don't want to spend too much money from my credit card. I'll give this node as node one, right? Let me select the least one bronze, I don't want to get charged too much. You can see over here, he's saying over here, so how many virtual machines you want in this node. So this is basically the virtual machine. So remember, at the top, you have a node and then inside that you have virtual machines, right?
And these are custom end points. I will talk about this later on, and we'll just say okay, okay, he also says that Okay, so every virtual machine is of is it is of what size, so I'll just select this one in a simple one. 3.5 gb the most cheapest one, I will use the most cheapest one. It's loading the pricing slow. Oh, gosh, that is like six 7000 per month. Okay.
Look From the personal perspective, it is costly, but if you look from the organizational perspective, you know, it is it is a great feature right? Of cluster So, I'll say okay. Now, this is the most important part security. Remember I said previously that one is that deploying in a cluster is a different thing, but security is the most prime thing. Okay. So, let me go again, go back to my board, and let me explain you that what kind of security features we need to implement over here and how as your will help us so let me go back to my PowerPoint presentation.
So here, we need to provide security from two angles. One is we have the nodes or we have the cluster of computers and these cluster of computers talk with each other, right? We want that they should be talking via some kind of a secured channel. Right? Remember when I first talked about the security aspect you know, on the start of the video, I said that each one of these virtual machines cannot talk with each other Directly they have to be secured, it should be secured cluster, it should not happen that I go and I plug my own virtual machine unknown virtual machine and it starts communicating to your MVC application or to your accounting micro service, right. So for that we need to go and create a certificate, a certificate, you know, it just tells you that this node is a proper node.
So, so whenever node three wants to connect to node one, he will show him that certificate, right and the certificate. Once no one sees it, he will say, okay, you are a right guy, and I'll talk to you. So one is that I want the security between these nodes. And second you know, remember there are two important stakeholders. One is the developer who is deploying the code. And the other one is the admin who is seeing that explorer seeing the nodes which are healthy, unhealthy and so on.
I want both of these stakeholders should be only be allowed if they are valid stakeholders if they have proper credentials, right. So over here, again, I would like to give them some kind of certificate. So one is that I can give them a certain difficut file so, they can come with a certificate file I can allow them to come to my cluster or must be I can give them some kind of a Windows Active Directory username and password and then they can validate in my cluster right. So, what we will do for now is we will create a certificate which will well which will be which will validate the nodes between themselves and second for these two guys, I will go and I will create an Active Directory user in as your now all these certificates this passwords you know the all the things right for that you know what as your has done is given you something called lesson vault.
This vault is like a like a wallet, you know where you can go and you can put all of your security things and you can pick it from the wall right so I'm gonna go and create a wallet here. Remember I can always create this wall separately as well. So inside this vault I'll say create a new wallet with the name as she vault because this is a shift cluster so she vault And I'll put it into a different resource altogether resource vault so that I know that one is for the server one is for the vault right? I will select the standard pricing whatever it is I'll say create. So, we can see this deploying the world resource world. Once this vault is created, the next thing would be to go inside the vault and create a certificate right.
So we can see it is validating slow by deployment succeeded very good. You can see it is validating once this validating finishes. I can apply this wall to my cluster. So there it is. Okay, great. Now, so you can see again, he's saying that, you know, this world is not allowing access policies to be Inside the cluster, so you can go and you can edit the access policies.
And I will say that please enable access to the Azure virtual machine for this fault, right. So I'll just save this. So the access is given. Great. So the first thing, as I've said, I need one certificate between all the clusters. And I need one Active Directory user so that the stakeholders can log in, right.
So I'll create a certificate cluster, right a certificate cluster. And the certificate cluster will be used between the nodes. So you can see the certificate has been created. Remember, now this world is a different thing altogether, guys, so like if you really go here to all resources, let me open this in a new tab. If you go here, the vault is a different resource altogether at this moment inside the vault, there is a certificate which has been created. So if you really see here, if you go to all resources, remember I have the ship vault right so in this vault at this moment I have.
You can see at this vault, as I've said, it has keys. It has secret passwords. It has certificates, right? So remember this certificate cluster, which is over here is created automatically. So you can create this vault separately. Please note that guys, I have created it via the result of cluster, but I can always go and create it separately.
So this is a certificate cluster. What is what is out here? Right? So let me go back here now. And I'll say, Yes, everything has been done. Okay.
But there is one more thing, which I need. So let me go back to my security. If you remember I said yes. One is that we need the certificate between the clusters. Also, we need one windows Active Directory user. Right?
We also need a Windows Active Directory users, isn't it? So for that Now when you so you can see there is as your Active Directory out here. So this as your Active Directory is nothing but it is an online Active Directory, the way we have Windows Server Active Directory offline. So this is an online product, you know, they have taken the Azure directory from offline to online out here. So by default, I already have an Active Directory user here called as questpond. Interview Questions by which I've logged in.
So you can see this logged in user is there. So I already have a user here and this user, so if you go to all users, you can see that there is a user here with this I know that the name is very big one but that's what the name is right? The user name is quest one interview questions@gmail.com and this is what it is right? So we need to go and provide. In this advanced settings, I need to go and add one here called as the as your Active Directory. Please note, this is the certificate.
And this is the Azure Active Directory. Now remember I said, the stakeholders can either log in through a client certificate, so if you want, you can also go and add a client certificate. Or if you want, you can go and add an Azure Active Directory user. So I'm going to go and add an Azure Active Directory user here, which is actually this person right out here, right? So this one, which is here, now, in order to go and add this user right to in order to go and add this user, you need to go and get the tenant name of the ad. Okay, what is the tenant name?
So if you go to the properties out here, you can see I am on the properties and there is something called as a directory ID. let me paste this directory ID out here. I'll go step by step. Don't worry guys, I know that from your things are very confusing. This is the tenant ID. Okay.
Now what is a tenant ID now remember that in an Active Directory, I can have one company like example, I have a company or colors corresponding to the questions, right. And in that I can go and create any number of users I want, I can go and add your new users, right? So the tenant is nothing but the main main account inside which all the users have been created. So at this moment, inside this tenant corresponding to your question, I have one user which is created by default, which is corresponding to the questions right, so I've taken the tenant ID from here. Okay, and keeping this in a notepad. Right, we will need this I'll tell you what I'm doing.
So we need to create the Azure Active Directory user that is one thing right at this moment, just keep it as it is. For now. We will just go ahead and say okay, I'll this as your Active Directory, I will add once my cluster is created, I'll tell you why I'm going in this way. I'll explain the steps again, afterwards later on. So at this moment, I have Just given the certificate between the clusters are provided, you can see the certificate URL, the certificate thumbprint is all coming from the key wallet. Remember, this thumbprint is your EDS is 60.
A, the same one has come here, right. And as your Active Directory I will provide later on right? At this moment, I'm not demonstrating this demo by using client certificates. Please note, this demo is by using Active Directory user and certificate server right? So I'll just say okay, and let us first go ahead and create this cluster. So I'm going to go and create this cluster here.
Now one thing which I want to tell you here is that when you go and you create the cluster, it takes a lot of time, you know, you can see here it is submitting for deployment, but it actually takes a lot of time to go ahead and deploy and show you the cluster and so on right? So please be patient over here. You know, give it like 1015 minutes, have tea, coffee, and come back, it takes a lot of time to create this. Okay. So that was a part, we have created the cluster we have specified the virtual machines, we have specified the certificates what we want between the clusters, but the only thing what is pending is adding that Active Directory user so that we can go and we can use our, in our portal to go and see the cluster nodes and so on right.
So that my fabric is now created it is ready. So, if we click on this, you can see that it has added the five nodes, you can also see that there is a Service Fabric explorer the way we had for local but now remember that if you try to click on the Service Fabric Explorer, it will give you an error saying that, hey, you cannot go and connect to this you know you need to have proper certificate you need to have proper things. So you can see here he says Access denied. Please create either a Windows Active Directory user or you either create a certificate Now here is a sad news. The sad news is that at this moment, because fabric is just recently launched, they do not have from the portal, a very clean way of going and adding an Active Directory user or the client certificate into the fabric.
Right again, I repeat, at this moment, the portal as your does not have a proper mechanism of adding the windows Active Directory or the client certificate to a fabric. So if you see are in the security, you can see that I have added this cluster certificate. Remember, the cluster certificate is for negotiating between the cluster. But you can see there is a client certificate as well there is as your Active Directory. Now, to add this thing over here, you know, the process is very tedious. That's the first thing.
The second problem is you know, it does not work through the portal very cleanly, right. So for that we need to go and use some PowerShell scripts now. This is where it gets weird. So I'm going to go to the Azure portal here. So you can see here, this is creating an Azure fabric cluster by using the Azure Resource Manager. So, you can see here he says, We need one cluster authentication for node to node communication, this thing we have already done.
And he says for the server authentication, we either need, you know, one certificate or we either need Active Directory right now for the certificate right in case you are validating to the certificate, then I can see there is a clear cut thing written saying that for certificates subject name, it should match the domain. Please note, that means I need to actually go and create some domain or reserve some domain collars questpond.com and then use it. And you can also see that he says that you cannot obtain an SSL certificate for cloud.zero.com. That means that at this moment, if I try to create a certificate on the name of cloud app.zero.com, it won't work. So that's why I'm Using this Active Directory right. So, let us go ahead here below and let us try to see that how we can use this Active Directory user right activated thing.
So you can see, let me go down. Our first thing is, let us go to PowerShell. And let us log in into our as your account. So, I'm going to go and log in into the as your account so, you can see that my PowerShell is running, I have installed the PowerShell application. So you can see this is PowerShell, Windows ISC, right so I've installed this. So let me go here and say that log in into the as your account now the time I say logging into the as your account, you know what he does is he opens up the box out here and he says okay, so you want to run some PowerShell commands on as your right, please validate yourself.
So I'm going to go and validate respond interview questions whatever@gmail.com. That's a very absurd user name. I'm sorry for that. And let me try to put the password as well. And let me sign in. So the first thing is he says that okay, you you go ahead you can log in into as your RM account, but then first validate yourself so you can see it as validating me so that I can go and execute the PowerShell command and you can see it he says, Okay, so here is your subscription ID, and here is your tenant ID.
And if you remember this tenant ID is this tenant ID remember. So you can see I can clearly cross check that so that tenant ID is proper right? tenant ID is nothing but the main as your default Active Directory user, okay. Active Directory actually, okay. So there it is. Now, let us go back to the notes of Microsoft to see so I have logged in with the as your account I can see a lot of PowerShell commands out here.
But I am more interested not in the certificates at this point. Because I said that for certificates, I need the domain name, right? So I can't do this right at this moment. So I will try to use the windows Active Directory user, I want to add a windows so that it is set up Active Directory for the client authentication. Right. So for this, you know what he has said, as you know, please go ahead and download these scripts to your computer.
Right? So you can see there are some ready made scripts given right? And so I'm going to go and download these scripts right out here. And let me go and unzip the scripts. Okay. So in the scripts, he says that there is a setup application dot ps1 script, go ahead and run that.
So let us go ahead and unzip this. So I already have unzipped in my computer out here. So here it is. That's the script, right? And in that he's saying that please go and execute this setup application dot ps1. So setup applications dot ps1, that script right.
So I'll go Do my PowerShell here and let us first go to that directory, you know where those scripts are. And we'll go and paste here. Right? Great. So in this folder, he's saying please go ahead and do the following. So you can see the following command out here it says, run the PowerShell command with the tenant ID.
So our tenant ID at this moment, which we have got is this, right? So this is our tenant ID. I'll be putting this tenant ID right here. Then we also need the cluster name. So our cluster name at this moment is in the dashboard, shift cluster. Okay?
So I'm going to go here and say that this is a shift cluster, right? shift cluster. Okay, and the URL is right out here. So this is the URL which the Service Fabric Explorer, which we want to browse Later on, right? So I'm going to go and put this URL right out here and please note it is HTTPS right. So that it is so this is the command I need to fire in the PowerShell right.
So, let us go and fire the command and let us see that what kind of changes does it do in our as your account right? So, I'm gonna go and press enter. So there it is, it's again asking me for a signing up okay, I can do that. I'm not sure why it is asking me for signing up again and again, let us do it. So, there it is, the web application is created native client application is created and there is something out there okay. So, let me explain you what he has done from the back end.
And what this was and why this was not possible to do why the portal is your and why that step process is complex right. Remember, let me again reiterate what we have done, we created the as your fabric. Now to that as your fabric we need a user right, which can be used for deployment purpose. which can be used for admin purpose, right? And that's what we are trying to do here we are trying to add that Active Directory user to the fabric so that I can go and I can browse to my website. So I can I can go and browse to my website this one, this website is not allowed at this moment, because you know the user is not existing right.
So, let me explain you one by one. So now let us try to understand you know, what these three things you know, are over here. The first one is a tenant ID, this tenant ID is nothing but your as your directory, right, the default directory. Now, when you say that, from that as your doodle as your directory, you want to give some access of an application, you need to register that application to that tenant. Again, repeat. So you have the tenant ID.
So inside this tenant, whatever users will be there. A tenant you can think about is like an organization. For example, you can have an organization like reliance And inside lands you have a lot of users right. So, this tenant here denotes a company and organization or group or something. So, to So, if you want to give access of an application to a user of that company, you have to first go and register to that company or to the tenant right. So, if you see now for as your fabric and as your fabric we have two kinds of application, one is we have a cluster application the cluster application is the management portal you know from where we can go and we can see that if our clusters are healthy or unhealthy, what is running what is down and so on right.
And the second one is the actual application which is registered inside the node of the fabric, right like your MVC application. So now for both of these now have to be registered with the tenant first. So you can see that this cluster application unique ID denotes the access to the tenant to the management tool, right and this client application denotes the Access to the MVC application right. So, with with all these three now, now we have to take all this three and make entry into the as your fabric okay. So, let me go and start now before that so, okay the application is now registered with the tenant, but still the users of the tenant does not have access to the application means for example, I can say OK to reliance I can say okay, this is all the access I can give it to as a company, but inside reliance I will say only the admin has this access, only the accountant has this access, right.
So that step is also pending. So two steps are pending. One is registering this tenant with the fabric. Second one is registering this application to the users of this tenant right. So let us first start with registering this application to the users of the tenant. So now let us go to the Active Directory.
So now remember, this is your Active Directory, the tenant right? So remember, the tenant is active Actually the organization and you get the tenant ID by clicking on the properties out here. Inside the tenant, you have user and user groups. So remember, tenant means an organization, a group or some kind of institution, right? And inside that you have users like I have only one user at this moment, you know with the name questpond. Right.
So, you have tenant tenant, I have users and tenant have applications. So tenant have application. So you can see here we have enterprise application. And at this moment, two applications have been created. So you can see through this PowerShell, there is an application created as cluster application and client application. The cluster application gives access to the as your admin panel while the client application is for the application which will run inside does your fabric right?
Both of them have to be now given access. So at this moment, I have one user right shift quest one interview question, I'm sorry. So I'm gonna go and give access to that. So I will be Go here, I will go to all applications. So you can see, by default, he has given you a lot of applications out here, which you can go and give access to. But at this moment, there are two applications which he has created automatically.
Now remember, if you if you are heroic enough, right? I've tried this multiple times, it did not work for me. If you say that shift, can we not avoid that? PowerShell? And can we do it yourself? Yes, you can, you can see this new application out here, you can click on this new application.
And you can register your application you are developing from here as well, you can fill in the details. And you can you can, you can do it from here as well. Okay, so you can go and click on OK. And you can register your new application over here as well. But for some reason, this was not working for me for some reason, something was missing out over here. And then later on when I went to the docks of Microsoft, even I have seen that they have also not given proper steps and then later on somewhere down the line when I saw the comments I came to know that at this moment really through the portal, things are not working right. So I use the PowerShell.
So I use the PowerShell. wanly to create the applications at this moment, right. I hope that in the coming times, you know this all defects will be removed. Right. So now we have two applications created one is easy to see, that is this cluster application, you can see here, easy to see. So I'm going to go to this easy to see.
And to this, I'm going to go easy to see. All right, I'm going to go to user and groups and I'm going to go and add the user one what what I have now at this moment, that is the user corresponding to the question so that I'm going to go and add it to this application so that he gets access. And in the rule, I will say that this is admin when you say admin means basically he has access to everything he can create. The clusters you can bring them down and so on, right? If you say read only then that user does not have access to those things. So I'm gonna go and select this and assign.
So I have assigned the, you know, this application is 06 is your CD. The other one is F, F, five B one. So this one also I'm going to go and give the permissions here. So I'm going to go and say that give the permission to Okay, I can do it from here as well. So let me go to the user state forward. This is a bit complex.
So we're here. Already I have access to this application. Shift cluster. You can see there are some other applications also which have given access I can remove them later on right but for now, keep bit. I think we have access to everything. So it looks like that we have given access to both of them.
Let me quickly check as your directory enterprise application. I want to also give access to all the other applications as well remember we have two applications right? One is the cluster and the other one is the application itself. So we need to give access to both of them. So here I will go now to cluster replication is done but the replica other application is still pending. Oh, what happened?
Ignored. Looks like my net was down. Okay. Something went wrong there. enterprise application is my net up. Okay, let me just check.
My net is down. Let me just bring up my Net internet. And for the other URL, you need to go to this app registration. Remember for enterprise application when you say you want to access something which is given by a zoo or like the zoo or explorer right, which is in the fabric, then you give access from here right. So from this enterprise application, if you remember, we just did that. Now, we went ahead here, we went to all applications.
And we get give access to cluster application. So the cluster application access we get from here the cluster application is easy. 06 See, easy to see. So this easy to see is easy to see easy to see. Because the application this one easy to CD, we give it from here. So we went ahead here, we added that user over here, right Now, for the other one, the other one means this client application, we need to go from here.
So again, go back to your tenant, right and go here. And in this, you can see that application is here. This is f5, B, if I beat this one, shift cluster client, so go over here, go to Settings. And over here, go to required permissions. And say grant permissions to all of them. Right?
So this grants permission for the shift cluster client. So remember, that's where you know bit of confusion is there, you know, you need to be careful about how to give the access. So I'm done with it. Now I have given access to the tenant for both of the application. Now we need to go and add the tenant to this fabric, right? So I'm going to go here to security and you You can see it now we have the cluster certificate, we also have to go and add the admin client.
So this is the admin client, but it is it's, it's actually it's not an admin client, when you say admin client means client certificate I'm not using client certificate for now, I'm using as your Active Directory. So he wants these three things. So I'm going to go here and put these three things out here. So I'll copy this very carefully, you need to do it. This is where it is bit tedious when it comes to fabric, but I think that should be fine. And I will go and add this as well.
So I'm just copying this from here. Right and I'll say at now once you add here you can see it is actually submitting here and you can see the sync cluster is updating the user configuration. Now this is where it takes a bit of time, you know, to update the clusters because you have five six clusters, you know, they are in different boxes must be probably right So that's why it takes a bit time. So give it like, you know, 1520 minutes, do not touch it until you don't see everything is updated, right. So again, let me repeat the steps here what I've done first thing I created the cluster, right? That was very clear.
Second is I ran this PowerShell out here, and I gave him the tenant ID and I created this two applications cluster application and client application. Then I went went to the windows Active Directory, then I went to the windows Active Directory, and I gave permission to both of these applications. So I because it has been added to the tenant but not the user right. So I had this user. So to this user, I went ahead and I added the application to both of the users right. And then finally, I went to my fabric and I am I have added it out here.
Right. Once all this is done, you know, I hope that I should be able to access this thing out here. So, let us check. So, let us let us first you can see it it is updating. So let it update completely right let that happen, it takes a bit time, you can see that it is still updating over here. Still it has not done it, but you can see it is more like an information.
So, I'm not sure, let me see, I can still browse. Let me try to browse in a cognitive mode because it's possible, you know, that this is still having some background cash, right. So I'll just go in a cognitive mode and let me try to browse here through this Explorer, definitely when I'm browsing that there it is, it will ask me for the tenant user name. Remember the user to which we are located things was questpond interview questions@gmail.com that was the tenant who has the access and we also want to put the password Right. So now, let us see. So now remember I'm at this moment logging as an admin, I want to go and see the Explorer.
So there it is. You can see now that is explorer online. I can see, there are some issues out here. I'm not sure why did I put my password right? Let me start again. It's possible I have not put my password properly.
The patient is still going on. Let me type things well remember, if if you have not put in your credentials, well, it's possible that it will, he will not give you access, right. So please ensure you put your credentials properly. Remember, this is the admin This is the admin that admin who'd like to go and check, you know, if things are right, if the cluster node is proper, right? So like, we don't want anybody to go and just start browsing or clusters, right. So you can see here, like, I can see my nodes here, I know that still a lot of things are upgrading.
So you can see, he's saying, I'm still doing things out here. But I can still see my node, right. So that offline thing, you know, which we were seeing previously is right out here. Remember, our offline cluster, it's, it looks exactly like this. So this was your offline cluster. Remember?
So that's this is how your online cluster looks like. Both of them are exactly the same, right? So now that our cluster is working, now it is time to go and deploy our MVC application. Remember, we had created one MVC application out here, it is now time to go ahead and deploy this online, right. So how do we do that? So now with all that configuration, let us go ahead and deploy our MVC applique So I am taking the same application to elvina, which had deployed in the local cluster.
So the same application, I will now go and deploy it on the online as your account. Now, the first thing is, I would suggest to please go and refresh yourself. Because we have created a new windows Active Directory user, the user is now having an access and so on. So please go to the cloud Explorer, you can see that there is a cloud explorer in the menu, please ensure that you re log in and ensure everything you can see your fabric. So go ahead and do a refresh. Right?
Go ahead and do a refresh out from here or must be you can also go and log out from here as well. So you can go and click on this sign here. And just say Apply so that the current credentials, you know by which you are logged in, of your Active Directory is applied and you should be able to view your Service Fabric cluster if you're not able to view your Service Fabric cluster. That means your Visual Studio does not have rights to actually go online and see things To just ensure that you can see everything. So you can see here I've just fetched things out here let me see my internet connection is there I'm not sure the items so you can see now my notes are seen. So I can read from my notes I can see everything right.
So please ensure that first thing you will go to the cloud Explorer, you will click on this small sign in account management and you will just say Apply to ensure that you are your current active directory user is in sync with everything online right. So with all that now I can go ahead and first thing I would like to we have to configure here that we want to go and run our MVC application on lesson 9191 port remember this is very important. And also, you should ensure that in your settings dot XML, or I'll say service manifest dot XML. This is also 9191 right so this is good. So now let us click on build here. Let us click on publish and This time we will not be selecting the local five node, we will not be selecting the local one node XML, but we will be selecting the cloud XML, right.
So right click and say publish. There it is. So you can see the first thing is ensure that you are logged in with the account, you know by which you can access your cluster. So I'm going to go and click on this. And then we should see her. So you can see the look, I don't want to not deploy to local cluster, but I want to deploy to an online cluster.
So I've clicked on it. And I hope that this gets connected. You can see the green sign here. This is very good. Right in the advanced configuration, it shows me the server thumbprint. It also says that you have to validate by Active Directory.
Yes, absolutely. Right. So I'm going to go and click on Publish here. So there it is. It is now publishing online. And once it publishes online, I should be able to see this application running on this On the fabric ltr, right.
So I can just refresh. And let us see that if our application start getting getting loaded out here, it will take some time, it's still deploying, let us give it a minute or so. So you can now see that the application has got deployed, right. And you can, you can also see that the application has been deployed in all the instances. So you can see that all these instances out here, the application has been deployed in all the instances right, and then you can go and browse your MVC application on this 19,000 port or whatever port you have given. Now, in case you don't want to use the ad, if you don't want to use ad to connect and you want to use unplanned certificate, then you need to do the following steps right you need to go to the vault first.
Remember, we had created a secured wallet in that vault, we need to first go Create a client certificate. So we need to go here and say that I want to go ahead and add a client certificate. So I'll go here, I'll add a certificate. And I will add a client certificate, right. So I'm going to go on, and this certificate I can generate by mining. So I can go and add this is as your client or I can say fabric client, whatever name you want to give, right?
It's a self signed certificate, you can give the domain name here at this moment, we can just put questpond.com please note this, this needs a valid domain. And you can then go and see create the certificate. Now there are two things first is you need to go and add the certificate to your cluster. So we can see here, this is the thumbprint. So I'll just refresh. So the certificate is getting created.
Creating certificate, right? So that it is not this client certificate has a thumbprint So the first thing is you will go and you will add this certificate to your cluster, right. And then second is you need to go and download this certificate, you can see it's x 509 certificate and install it in your local store. Right, so I'll come to that later on. But the first thing, what you will do is, you will go here to your shift cluster, and you will add this certificate to the client. So you are to the fabric, right?
So you will go and you will say that I want to add a client certificate. And this is the thumbprint you can see an added. And as usual, remember, it takes a lot of time to apply the credentials, right. And then also what you can do is you can go and you can install the certificate locally. So you need to go and install the certificate locally. And the best place to put such kind of certificate is your trusted root or personal that's the person is the best one, install it.
Right and that's it. Now with that what will happen is rather than giving As your ID and password, you can now connect via the certificate. So remember, one is you have three security channels here. One is a cluster certificate, the cluster certificate is to ensure that you do not have any illegal node talking with each other, right? That's what this cluster certificate is. The other one is when admins and developers connect to your cluster, they can either use the Azure Active Directory user, so you can go and you can put the username and password like from here, right, and then he can do the deployment.
He can do the administration, or he can use a client certificate. So you can go and you can create a client certificate, attach it to the cluster, and then give that pf x file. So whoever goes and whoever installs this in certificate, he can access your site. So there are two ways of accessing the cluster either you can use certificate or either you can use the as your Active Directory. So this was almost a One and a half hour video I know that this video became bit long normally our videos are 20 minutes to 30 minutes but like one and a half hours is like three times more but i think you know the way as your fabric is it needed special attention. So that's why we focus on that topic a lot.
Now also we would like to get your feedback so you know because we have a lot of courses you know we have as your we have design pattern, we have Angular, we have SharePoint, you know, so many courses we have out there and viewed like to ensure that we record more on those courses you know, which you are seeing right? So if you can go to our Facebook page and say that you are on lap six as your fabric right and you're looking forward for more videos, we will come to know that yes, many people are watching as your as your videos right. So I hope that you have liked this video. And as usual after every video, we put the revision notes. So let us go through the revision and we will Continue with lab seven, lab eight, right we continue with our as your tutor as usual.
Thank you very much