The azure-native:servicefabric:NodeType resource, part of the Pulumi Azure Native provider, defines a node type within a Service Fabric managed cluster: the VM configuration, scaling behavior, and placement constraints for a subset of cluster nodes. This guide focuses on four capabilities: basic node type creation with required properties, auto-scaling with placement constraints, stateless configurations with temporary disk, and advanced networking and security features.
Node types belong to a Service Fabric managed cluster and reference VNets, subnets, load balancers, Key Vaults, and managed identities. The examples are intentionally small. Combine them with your own cluster infrastructure and networking resources.
Create a basic node type with required properties
Most Service Fabric deployments start by defining a node type with the essential properties: VM image, instance count, disk size, and whether it hosts system services.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const nodeType = new azure_native.servicefabric.NodeType("nodeType", {
clusterName: "myCluster",
dataDiskSizeGB: 200,
isPrimary: false,
nodeTypeName: "BE",
resourceGroupName: "resRg",
vmImageOffer: "WindowsServer",
vmImagePublisher: "MicrosoftWindowsServer",
vmImageSku: "2016-Datacenter-Server-Core",
vmImageVersion: "latest",
vmInstanceCount: 10,
vmSize: "Standard_D3",
});
import pulumi
import pulumi_azure_native as azure_native
node_type = azure_native.servicefabric.NodeType("nodeType",
cluster_name="myCluster",
data_disk_size_gb=200,
is_primary=False,
node_type_name="BE",
resource_group_name="resRg",
vm_image_offer="WindowsServer",
vm_image_publisher="MicrosoftWindowsServer",
vm_image_sku="2016-Datacenter-Server-Core",
vm_image_version="latest",
vm_instance_count=10,
vm_size="Standard_D3")
package main
import (
servicefabric "github.com/pulumi/pulumi-azure-native-sdk/servicefabric/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := servicefabric.NewNodeType(ctx, "nodeType", &servicefabric.NodeTypeArgs{
ClusterName: pulumi.String("myCluster"),
DataDiskSizeGB: pulumi.Int(200),
IsPrimary: pulumi.Bool(false),
NodeTypeName: pulumi.String("BE"),
ResourceGroupName: pulumi.String("resRg"),
VmImageOffer: pulumi.String("WindowsServer"),
VmImagePublisher: pulumi.String("MicrosoftWindowsServer"),
VmImageSku: pulumi.String("2016-Datacenter-Server-Core"),
VmImageVersion: pulumi.String("latest"),
VmInstanceCount: pulumi.Int(10),
VmSize: pulumi.String("Standard_D3"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var nodeType = new AzureNative.ServiceFabric.NodeType("nodeType", new()
{
ClusterName = "myCluster",
DataDiskSizeGB = 200,
IsPrimary = false,
NodeTypeName = "BE",
ResourceGroupName = "resRg",
VmImageOffer = "WindowsServer",
VmImagePublisher = "MicrosoftWindowsServer",
VmImageSku = "2016-Datacenter-Server-Core",
VmImageVersion = "latest",
VmInstanceCount = 10,
VmSize = "Standard_D3",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.servicefabric.NodeType;
import com.pulumi.azurenative.servicefabric.NodeTypeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var nodeType = new NodeType("nodeType", NodeTypeArgs.builder()
.clusterName("myCluster")
.dataDiskSizeGB(200)
.isPrimary(false)
.nodeTypeName("BE")
.resourceGroupName("resRg")
.vmImageOffer("WindowsServer")
.vmImagePublisher("MicrosoftWindowsServer")
.vmImageSku("2016-Datacenter-Server-Core")
.vmImageVersion("latest")
.vmInstanceCount(10)
.vmSize("Standard_D3")
.build());
}
}
resources:
nodeType:
type: azure-native:servicefabric:NodeType
properties:
clusterName: myCluster
dataDiskSizeGB: 200
isPrimary: false
nodeTypeName: BE
resourceGroupName: resRg
vmImageOffer: WindowsServer
vmImagePublisher: MicrosoftWindowsServer
vmImageSku: 2016-Datacenter-Server-Core
vmImageVersion: latest
vmInstanceCount: 10
vmSize: Standard_D3
The vmImagePublisher, vmImageOffer, vmImageSku, and vmImageVersion properties specify the Azure Marketplace image. The vmInstanceCount sets the number of VMs (values greater than 0 enable manual scaling). The isPrimary property determines whether this node type hosts Service Fabric system services; secondary node types (isPrimary: false) run application workloads. The dataDiskSizeGB configures the managed disk size attached to each VM.
Configure auto-scaling with placement properties and extensions
Production clusters often need auto-scaling capabilities combined with placement constraints to control where workloads run based on node characteristics.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const nodeType = new azure_native.servicefabric.NodeType("nodeType", {
capacities: {
ClientConnections: "65536",
},
clusterName: "myCluster",
dataDiskSizeGB: 200,
dataDiskType: azure_native.servicefabric.DiskType.Premium_LRS,
isPrimary: false,
isStateless: true,
multiplePlacementGroups: true,
nodeTypeName: "BE",
placementProperties: {
HasSSD: "true",
NodeColor: "green",
SomeProperty: "5",
},
resourceGroupName: "resRg",
vmExtensions: [{
autoUpgradeMinorVersion: true,
name: "Microsoft.Azure.Geneva.GenevaMonitoring",
publisher: "Microsoft.Azure.Geneva",
settings: {},
type: "GenevaMonitoring",
typeHandlerVersion: "2.0",
}],
vmImageOffer: "WindowsServer",
vmImagePublisher: "MicrosoftWindowsServer",
vmImageSku: "2016-Datacenter-Server-Core",
vmImageVersion: "latest",
vmInstanceCount: -1,
vmManagedIdentity: {
userAssignedIdentities: [
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity",
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2",
],
},
vmSecrets: [{
sourceVault: {
id: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault",
},
vaultCertificates: [{
certificateStore: "My",
certificateUrl: "https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c",
}],
}],
vmSize: "Standard_DS3",
});
import pulumi
import pulumi_azure_native as azure_native
node_type = azure_native.servicefabric.NodeType("nodeType",
capacities={
"ClientConnections": "65536",
},
cluster_name="myCluster",
data_disk_size_gb=200,
data_disk_type=azure_native.servicefabric.DiskType.PREMIUM_LRS,
is_primary=False,
is_stateless=True,
multiple_placement_groups=True,
node_type_name="BE",
placement_properties={
"HasSSD": "true",
"NodeColor": "green",
"SomeProperty": "5",
},
resource_group_name="resRg",
vm_extensions=[{
"auto_upgrade_minor_version": True,
"name": "Microsoft.Azure.Geneva.GenevaMonitoring",
"publisher": "Microsoft.Azure.Geneva",
"settings": {},
"type": "GenevaMonitoring",
"type_handler_version": "2.0",
}],
vm_image_offer="WindowsServer",
vm_image_publisher="MicrosoftWindowsServer",
vm_image_sku="2016-Datacenter-Server-Core",
vm_image_version="latest",
vm_instance_count=-1,
vm_managed_identity={
"user_assigned_identities": [
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity",
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2",
],
},
vm_secrets=[{
"source_vault": {
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault",
},
"vault_certificates": [{
"certificate_store": "My",
"certificate_url": "https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c",
}],
}],
vm_size="Standard_DS3")
package main
import (
servicefabric "github.com/pulumi/pulumi-azure-native-sdk/servicefabric/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := servicefabric.NewNodeType(ctx, "nodeType", &servicefabric.NodeTypeArgs{
Capacities: pulumi.StringMap{
"ClientConnections": pulumi.String("65536"),
},
ClusterName: pulumi.String("myCluster"),
DataDiskSizeGB: pulumi.Int(200),
DataDiskType: pulumi.String(servicefabric.DiskType_Premium_LRS),
IsPrimary: pulumi.Bool(false),
IsStateless: pulumi.Bool(true),
MultiplePlacementGroups: pulumi.Bool(true),
NodeTypeName: pulumi.String("BE"),
PlacementProperties: pulumi.StringMap{
"HasSSD": pulumi.String("true"),
"NodeColor": pulumi.String("green"),
"SomeProperty": pulumi.String("5"),
},
ResourceGroupName: pulumi.String("resRg"),
VmExtensions: servicefabric.VMSSExtensionArray{
&servicefabric.VMSSExtensionArgs{
AutoUpgradeMinorVersion: pulumi.Bool(true),
Name: pulumi.String("Microsoft.Azure.Geneva.GenevaMonitoring"),
Publisher: pulumi.String("Microsoft.Azure.Geneva"),
Settings: pulumi.Any(map[string]interface{}{}),
Type: pulumi.String("GenevaMonitoring"),
TypeHandlerVersion: pulumi.String("2.0"),
},
},
VmImageOffer: pulumi.String("WindowsServer"),
VmImagePublisher: pulumi.String("MicrosoftWindowsServer"),
VmImageSku: pulumi.String("2016-Datacenter-Server-Core"),
VmImageVersion: pulumi.String("latest"),
VmInstanceCount: pulumi.Int(-1),
VmManagedIdentity: &servicefabric.VmManagedIdentityArgs{
UserAssignedIdentities: pulumi.StringArray{
pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity"),
pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2"),
},
},
VmSecrets: servicefabric.VaultSecretGroupArray{
&servicefabric.VaultSecretGroupArgs{
SourceVault: &servicefabric.SubResourceArgs{
Id: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault"),
},
VaultCertificates: servicefabric.VaultCertificateArray{
&servicefabric.VaultCertificateArgs{
CertificateStore: pulumi.String("My"),
CertificateUrl: pulumi.String("https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c"),
},
},
},
},
VmSize: pulumi.String("Standard_DS3"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var nodeType = new AzureNative.ServiceFabric.NodeType("nodeType", new()
{
Capacities =
{
{ "ClientConnections", "65536" },
},
ClusterName = "myCluster",
DataDiskSizeGB = 200,
DataDiskType = AzureNative.ServiceFabric.DiskType.Premium_LRS,
IsPrimary = false,
IsStateless = true,
MultiplePlacementGroups = true,
NodeTypeName = "BE",
PlacementProperties =
{
{ "HasSSD", "true" },
{ "NodeColor", "green" },
{ "SomeProperty", "5" },
},
ResourceGroupName = "resRg",
VmExtensions = new[]
{
new AzureNative.ServiceFabric.Inputs.VMSSExtensionArgs
{
AutoUpgradeMinorVersion = true,
Name = "Microsoft.Azure.Geneva.GenevaMonitoring",
Publisher = "Microsoft.Azure.Geneva",
Settings = null,
Type = "GenevaMonitoring",
TypeHandlerVersion = "2.0",
},
},
VmImageOffer = "WindowsServer",
VmImagePublisher = "MicrosoftWindowsServer",
VmImageSku = "2016-Datacenter-Server-Core",
VmImageVersion = "latest",
VmInstanceCount = -1,
VmManagedIdentity = new AzureNative.ServiceFabric.Inputs.VmManagedIdentityArgs
{
UserAssignedIdentities = new[]
{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity",
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2",
},
},
VmSecrets = new[]
{
new AzureNative.ServiceFabric.Inputs.VaultSecretGroupArgs
{
SourceVault = new AzureNative.ServiceFabric.Inputs.SubResourceArgs
{
Id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault",
},
VaultCertificates = new[]
{
new AzureNative.ServiceFabric.Inputs.VaultCertificateArgs
{
CertificateStore = "My",
CertificateUrl = "https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c",
},
},
},
},
VmSize = "Standard_DS3",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.servicefabric.NodeType;
import com.pulumi.azurenative.servicefabric.NodeTypeArgs;
import com.pulumi.azurenative.servicefabric.inputs.VMSSExtensionArgs;
import com.pulumi.azurenative.servicefabric.inputs.VmManagedIdentityArgs;
import com.pulumi.azurenative.servicefabric.inputs.VaultSecretGroupArgs;
import com.pulumi.azurenative.servicefabric.inputs.SubResourceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var nodeType = new NodeType("nodeType", NodeTypeArgs.builder()
.capacities(Map.of("ClientConnections", "65536"))
.clusterName("myCluster")
.dataDiskSizeGB(200)
.dataDiskType("Premium_LRS")
.isPrimary(false)
.isStateless(true)
.multiplePlacementGroups(true)
.nodeTypeName("BE")
.placementProperties(Map.ofEntries(
Map.entry("HasSSD", "true"),
Map.entry("NodeColor", "green"),
Map.entry("SomeProperty", "5")
))
.resourceGroupName("resRg")
.vmExtensions(VMSSExtensionArgs.builder()
.autoUpgradeMinorVersion(true)
.name("Microsoft.Azure.Geneva.GenevaMonitoring")
.publisher("Microsoft.Azure.Geneva")
.settings(Map.ofEntries(
))
.type("GenevaMonitoring")
.typeHandlerVersion("2.0")
.build())
.vmImageOffer("WindowsServer")
.vmImagePublisher("MicrosoftWindowsServer")
.vmImageSku("2016-Datacenter-Server-Core")
.vmImageVersion("latest")
.vmInstanceCount(-1)
.vmManagedIdentity(VmManagedIdentityArgs.builder()
.userAssignedIdentities(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity",
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2")
.build())
.vmSecrets(VaultSecretGroupArgs.builder()
.sourceVault(SubResourceArgs.builder()
.id("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault")
.build())
.vaultCertificates(VaultCertificateArgs.builder()
.certificateStore("My")
.certificateUrl("https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c")
.build())
.build())
.vmSize("Standard_DS3")
.build());
}
}
resources:
nodeType:
type: azure-native:servicefabric:NodeType
properties:
capacities:
ClientConnections: '65536'
clusterName: myCluster
dataDiskSizeGB: 200
dataDiskType: Premium_LRS
isPrimary: false
isStateless: true
multiplePlacementGroups: true
nodeTypeName: BE
placementProperties:
HasSSD: 'true'
NodeColor: green
SomeProperty: '5'
resourceGroupName: resRg
vmExtensions:
- autoUpgradeMinorVersion: true
name: Microsoft.Azure.Geneva.GenevaMonitoring
publisher: Microsoft.Azure.Geneva
settings: {}
type: GenevaMonitoring
typeHandlerVersion: '2.0'
vmImageOffer: WindowsServer
vmImagePublisher: MicrosoftWindowsServer
vmImageSku: 2016-Datacenter-Server-Core
vmImageVersion: latest
vmInstanceCount: -1
vmManagedIdentity:
userAssignedIdentities:
- /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity
- /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2
vmSecrets:
- sourceVault:
id: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault
vaultCertificates:
- certificateStore: My
certificateUrl: https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c
vmSize: Standard_DS3
Setting vmInstanceCount to -1 signals that auto-scaling is configured externally (via Azure Monitor or other mechanisms). The capacities property defines resource limits that Service Fabric’s cluster resource manager uses for placement decisions. The placementProperties map lets you tag nodes with custom attributes (like “HasSSD” or “NodeColor”) that services can reference in their placement constraints. The isStateless property indicates this node type only hosts stateless workloads, and multiplePlacementGroups allows the underlying scale set to span multiple placement groups for higher scale.
Use temporary disk for stateless workloads
Stateless node types can leverage the VM’s temporary disk instead of managed disks, reducing costs for workloads that don’t require persistent storage.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const nodeType = new azure_native.servicefabric.NodeType("nodeType", {
clusterName: "myCluster",
enableEncryptionAtHost: true,
isPrimary: false,
isStateless: true,
multiplePlacementGroups: true,
nodeTypeName: "BE",
resourceGroupName: "resRg",
useTempDataDisk: true,
vmExtensions: [{
autoUpgradeMinorVersion: true,
name: "Microsoft.Azure.Geneva.GenevaMonitoring",
publisher: "Microsoft.Azure.Geneva",
settings: {},
type: "GenevaMonitoring",
typeHandlerVersion: "2.0",
}],
vmImageOffer: "WindowsServer",
vmImagePublisher: "MicrosoftWindowsServer",
vmImageSku: "2016-Datacenter-Server-Core",
vmImageVersion: "latest",
vmInstanceCount: 10,
vmSize: "Standard_DS3",
});
import pulumi
import pulumi_azure_native as azure_native
node_type = azure_native.servicefabric.NodeType("nodeType",
cluster_name="myCluster",
enable_encryption_at_host=True,
is_primary=False,
is_stateless=True,
multiple_placement_groups=True,
node_type_name="BE",
resource_group_name="resRg",
use_temp_data_disk=True,
vm_extensions=[{
"auto_upgrade_minor_version": True,
"name": "Microsoft.Azure.Geneva.GenevaMonitoring",
"publisher": "Microsoft.Azure.Geneva",
"settings": {},
"type": "GenevaMonitoring",
"type_handler_version": "2.0",
}],
vm_image_offer="WindowsServer",
vm_image_publisher="MicrosoftWindowsServer",
vm_image_sku="2016-Datacenter-Server-Core",
vm_image_version="latest",
vm_instance_count=10,
vm_size="Standard_DS3")
package main
import (
servicefabric "github.com/pulumi/pulumi-azure-native-sdk/servicefabric/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := servicefabric.NewNodeType(ctx, "nodeType", &servicefabric.NodeTypeArgs{
ClusterName: pulumi.String("myCluster"),
EnableEncryptionAtHost: pulumi.Bool(true),
IsPrimary: pulumi.Bool(false),
IsStateless: pulumi.Bool(true),
MultiplePlacementGroups: pulumi.Bool(true),
NodeTypeName: pulumi.String("BE"),
ResourceGroupName: pulumi.String("resRg"),
UseTempDataDisk: pulumi.Bool(true),
VmExtensions: servicefabric.VMSSExtensionArray{
&servicefabric.VMSSExtensionArgs{
AutoUpgradeMinorVersion: pulumi.Bool(true),
Name: pulumi.String("Microsoft.Azure.Geneva.GenevaMonitoring"),
Publisher: pulumi.String("Microsoft.Azure.Geneva"),
Settings: pulumi.Any(map[string]interface{}{}),
Type: pulumi.String("GenevaMonitoring"),
TypeHandlerVersion: pulumi.String("2.0"),
},
},
VmImageOffer: pulumi.String("WindowsServer"),
VmImagePublisher: pulumi.String("MicrosoftWindowsServer"),
VmImageSku: pulumi.String("2016-Datacenter-Server-Core"),
VmImageVersion: pulumi.String("latest"),
VmInstanceCount: pulumi.Int(10),
VmSize: pulumi.String("Standard_DS3"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var nodeType = new AzureNative.ServiceFabric.NodeType("nodeType", new()
{
ClusterName = "myCluster",
EnableEncryptionAtHost = true,
IsPrimary = false,
IsStateless = true,
MultiplePlacementGroups = true,
NodeTypeName = "BE",
ResourceGroupName = "resRg",
UseTempDataDisk = true,
VmExtensions = new[]
{
new AzureNative.ServiceFabric.Inputs.VMSSExtensionArgs
{
AutoUpgradeMinorVersion = true,
Name = "Microsoft.Azure.Geneva.GenevaMonitoring",
Publisher = "Microsoft.Azure.Geneva",
Settings = null,
Type = "GenevaMonitoring",
TypeHandlerVersion = "2.0",
},
},
VmImageOffer = "WindowsServer",
VmImagePublisher = "MicrosoftWindowsServer",
VmImageSku = "2016-Datacenter-Server-Core",
VmImageVersion = "latest",
VmInstanceCount = 10,
VmSize = "Standard_DS3",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.servicefabric.NodeType;
import com.pulumi.azurenative.servicefabric.NodeTypeArgs;
import com.pulumi.azurenative.servicefabric.inputs.VMSSExtensionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var nodeType = new NodeType("nodeType", NodeTypeArgs.builder()
.clusterName("myCluster")
.enableEncryptionAtHost(true)
.isPrimary(false)
.isStateless(true)
.multiplePlacementGroups(true)
.nodeTypeName("BE")
.resourceGroupName("resRg")
.useTempDataDisk(true)
.vmExtensions(VMSSExtensionArgs.builder()
.autoUpgradeMinorVersion(true)
.name("Microsoft.Azure.Geneva.GenevaMonitoring")
.publisher("Microsoft.Azure.Geneva")
.settings(Map.ofEntries(
))
.type("GenevaMonitoring")
.typeHandlerVersion("2.0")
.build())
.vmImageOffer("WindowsServer")
.vmImagePublisher("MicrosoftWindowsServer")
.vmImageSku("2016-Datacenter-Server-Core")
.vmImageVersion("latest")
.vmInstanceCount(10)
.vmSize("Standard_DS3")
.build());
}
}
resources:
nodeType:
type: azure-native:servicefabric:NodeType
properties:
clusterName: myCluster
enableEncryptionAtHost: true
isPrimary: false
isStateless: true
multiplePlacementGroups: true
nodeTypeName: BE
resourceGroupName: resRg
useTempDataDisk: true
vmExtensions:
- autoUpgradeMinorVersion: true
name: Microsoft.Azure.Geneva.GenevaMonitoring
publisher: Microsoft.Azure.Geneva
settings: {}
type: GenevaMonitoring
typeHandlerVersion: '2.0'
vmImageOffer: WindowsServer
vmImagePublisher: MicrosoftWindowsServer
vmImageSku: 2016-Datacenter-Server-Core
vmImageVersion: latest
vmInstanceCount: 10
vmSize: Standard_DS3
The useTempDataDisk property directs Service Fabric to use the VM’s temporary disk for its data root, eliminating the need for a managed data disk. This is only allowed when isStateless is true, since stateless services don’t persist data locally. The enableEncryptionAtHost property encrypts all disks (including the temporary disk) at the host level. This configuration reduces storage costs while maintaining encryption for compliance.
Configure advanced networking and security features
Enterprise deployments often require custom networking, multiple NICs, spot VMs, and security features like Trusted Launch and secure boot.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const nodeType = new azure_native.servicefabric.NodeType("nodeType", {
additionalDataDisks: [
{
diskLetter: "F",
diskSizeGB: 256,
diskType: azure_native.servicefabric.DiskType.StandardSSD_LRS,
lun: 1,
},
{
diskLetter: "G",
diskSizeGB: 150,
diskType: azure_native.servicefabric.DiskType.Premium_LRS,
lun: 2,
},
],
additionalNetworkInterfaceConfigurations: [{
dscpConfiguration: {
id: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig",
},
enableAcceleratedNetworking: true,
ipConfigurations: [{
applicationGatewayBackendAddressPools: [{
id: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest",
}],
loadBalancerBackendAddressPools: [{
id: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool",
}],
loadBalancerInboundNatPools: [{
id: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool",
}],
name: "ipconfig-1",
privateIPAddressVersion: azure_native.servicefabric.PrivateIPAddressVersion.IPv4,
publicIPAddressConfiguration: {
ipTags: [{
ipTagType: "RoutingPreference",
tag: "Internet",
}],
name: "publicip-1",
publicIPAddressVersion: azure_native.servicefabric.PublicIPAddressVersion.IPv4,
},
subnet: {
id: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1",
},
}],
name: "nic-1",
}],
capacities: {
ClientConnections: "65536",
},
clusterName: "myCluster",
computerNamePrefix: "BE",
dataDiskLetter: "S",
dataDiskSizeGB: 200,
dataDiskType: azure_native.servicefabric.DiskType.Premium_LRS,
dscpConfigurationId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig",
enableAcceleratedNetworking: true,
enableEncryptionAtHost: true,
enableNodePublicIP: true,
enableNodePublicIPv6: true,
enableOverProvisioning: false,
evictionPolicy: azure_native.servicefabric.EvictionPolicyType.Deallocate,
frontendConfigurations: [{
applicationGatewayBackendAddressPoolId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest",
loadBalancerBackendAddressPoolId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool",
loadBalancerInboundNatPoolId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool",
}],
isPrimary: false,
isSpotVM: true,
isStateless: true,
multiplePlacementGroups: true,
natGatewayId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/natGateways/myNatGateway",
nodeTypeName: "BE-testResourceGroup-testRegion-test",
placementProperties: {
HasSSD: "true",
NodeColor: "green",
SomeProperty: "5",
},
resourceGroupName: "resRg",
secureBootEnabled: true,
securityType: azure_native.servicefabric.SecurityType.TrustedLaunch,
serviceArtifactReferenceId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Compute/galleries/myGallery/serviceArtifacts/myServiceArtifact/vmArtifactsProfiles/myVmArtifactProfile",
spotRestoreTimeout: "PT30M",
subnetId: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1",
useDefaultPublicLoadBalancer: true,
useEphemeralOSDisk: true,
vmExtensions: [{
autoUpgradeMinorVersion: true,
enableAutomaticUpgrade: true,
forceUpdateTag: "v.1.0",
name: "Microsoft.Azure.Geneva.GenevaMonitoring",
publisher: "Microsoft.Azure.Geneva",
settings: {},
setupOrder: [azure_native.servicefabric.VmssExtensionSetupOrder.BeforeSFRuntime],
type: "GenevaMonitoring",
typeHandlerVersion: "2.0",
}],
vmImageOffer: "WindowsServer",
vmImagePublisher: "MicrosoftWindowsServer",
vmImageSku: "2016-Datacenter-Server-Core",
vmImageVersion: "latest",
vmInstanceCount: 10,
vmManagedIdentity: {
userAssignedIdentities: [
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity",
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2",
],
},
vmSecrets: [{
sourceVault: {
id: "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault",
},
vaultCertificates: [{
certificateStore: "My",
certificateUrl: "https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c",
}],
}],
vmSetupActions: [
azure_native.servicefabric.VmSetupAction.EnableContainers,
azure_native.servicefabric.VmSetupAction.EnableHyperV,
],
vmSize: "Standard_DS3",
});
import pulumi
import pulumi_azure_native as azure_native
node_type = azure_native.servicefabric.NodeType("nodeType",
additional_data_disks=[
{
"disk_letter": "F",
"disk_size_gb": 256,
"disk_type": azure_native.servicefabric.DiskType.STANDARD_SS_D_LRS,
"lun": 1,
},
{
"disk_letter": "G",
"disk_size_gb": 150,
"disk_type": azure_native.servicefabric.DiskType.PREMIUM_LRS,
"lun": 2,
},
],
additional_network_interface_configurations=[{
"dscp_configuration": {
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig",
},
"enable_accelerated_networking": True,
"ip_configurations": [{
"application_gateway_backend_address_pools": [{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest",
}],
"load_balancer_backend_address_pools": [{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool",
}],
"load_balancer_inbound_nat_pools": [{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool",
}],
"name": "ipconfig-1",
"private_ip_address_version": azure_native.servicefabric.PrivateIPAddressVersion.I_PV4,
"public_ip_address_configuration": {
"ip_tags": [{
"ip_tag_type": "RoutingPreference",
"tag": "Internet",
}],
"name": "publicip-1",
"public_ip_address_version": azure_native.servicefabric.PublicIPAddressVersion.I_PV4,
},
"subnet": {
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1",
},
}],
"name": "nic-1",
}],
capacities={
"ClientConnections": "65536",
},
cluster_name="myCluster",
computer_name_prefix="BE",
data_disk_letter="S",
data_disk_size_gb=200,
data_disk_type=azure_native.servicefabric.DiskType.PREMIUM_LRS,
dscp_configuration_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig",
enable_accelerated_networking=True,
enable_encryption_at_host=True,
enable_node_public_ip=True,
enable_node_public_i_pv6=True,
enable_over_provisioning=False,
eviction_policy=azure_native.servicefabric.EvictionPolicyType.DEALLOCATE,
frontend_configurations=[{
"application_gateway_backend_address_pool_id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest",
"load_balancer_backend_address_pool_id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool",
"load_balancer_inbound_nat_pool_id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool",
}],
is_primary=False,
is_spot_vm=True,
is_stateless=True,
multiple_placement_groups=True,
nat_gateway_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/natGateways/myNatGateway",
node_type_name="BE-testResourceGroup-testRegion-test",
placement_properties={
"HasSSD": "true",
"NodeColor": "green",
"SomeProperty": "5",
},
resource_group_name="resRg",
secure_boot_enabled=True,
security_type=azure_native.servicefabric.SecurityType.TRUSTED_LAUNCH,
service_artifact_reference_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Compute/galleries/myGallery/serviceArtifacts/myServiceArtifact/vmArtifactsProfiles/myVmArtifactProfile",
spot_restore_timeout="PT30M",
subnet_id="/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1",
use_default_public_load_balancer=True,
use_ephemeral_os_disk=True,
vm_extensions=[{
"auto_upgrade_minor_version": True,
"enable_automatic_upgrade": True,
"force_update_tag": "v.1.0",
"name": "Microsoft.Azure.Geneva.GenevaMonitoring",
"publisher": "Microsoft.Azure.Geneva",
"settings": {},
"setup_order": [azure_native.servicefabric.VmssExtensionSetupOrder.BEFORE_SF_RUNTIME],
"type": "GenevaMonitoring",
"type_handler_version": "2.0",
}],
vm_image_offer="WindowsServer",
vm_image_publisher="MicrosoftWindowsServer",
vm_image_sku="2016-Datacenter-Server-Core",
vm_image_version="latest",
vm_instance_count=10,
vm_managed_identity={
"user_assigned_identities": [
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity",
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2",
],
},
vm_secrets=[{
"source_vault": {
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault",
},
"vault_certificates": [{
"certificate_store": "My",
"certificate_url": "https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c",
}],
}],
vm_setup_actions=[
azure_native.servicefabric.VmSetupAction.ENABLE_CONTAINERS,
azure_native.servicefabric.VmSetupAction.ENABLE_HYPER_V,
],
vm_size="Standard_DS3")
package main
import (
servicefabric "github.com/pulumi/pulumi-azure-native-sdk/servicefabric/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := servicefabric.NewNodeType(ctx, "nodeType", &servicefabric.NodeTypeArgs{
AdditionalDataDisks: servicefabric.VmssDataDiskArray{
&servicefabric.VmssDataDiskArgs{
DiskLetter: pulumi.String("F"),
DiskSizeGB: pulumi.Int(256),
DiskType: pulumi.String(servicefabric.DiskType_StandardSSD_LRS),
Lun: pulumi.Int(1),
},
&servicefabric.VmssDataDiskArgs{
DiskLetter: pulumi.String("G"),
DiskSizeGB: pulumi.Int(150),
DiskType: pulumi.String(servicefabric.DiskType_Premium_LRS),
Lun: pulumi.Int(2),
},
},
AdditionalNetworkInterfaceConfigurations: servicefabric.AdditionalNetworkInterfaceConfigurationArray{
&servicefabric.AdditionalNetworkInterfaceConfigurationArgs{
DscpConfiguration: &servicefabric.SubResourceArgs{
Id: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig"),
},
EnableAcceleratedNetworking: pulumi.Bool(true),
IpConfigurations: servicefabric.IpConfigurationArray{
&servicefabric.IpConfigurationArgs{
ApplicationGatewayBackendAddressPools: servicefabric.SubResourceArray{
&servicefabric.SubResourceArgs{
Id: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest"),
},
},
LoadBalancerBackendAddressPools: servicefabric.SubResourceArray{
&servicefabric.SubResourceArgs{
Id: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool"),
},
},
LoadBalancerInboundNatPools: servicefabric.SubResourceArray{
&servicefabric.SubResourceArgs{
Id: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool"),
},
},
Name: pulumi.String("ipconfig-1"),
PrivateIPAddressVersion: pulumi.String(servicefabric.PrivateIPAddressVersionIPv4),
PublicIPAddressConfiguration: &servicefabric.IpConfigurationPublicIPAddressConfigurationArgs{
IpTags: servicefabric.IpTagArray{
&servicefabric.IpTagArgs{
IpTagType: pulumi.String("RoutingPreference"),
Tag: pulumi.String("Internet"),
},
},
Name: pulumi.String("publicip-1"),
PublicIPAddressVersion: pulumi.String(servicefabric.PublicIPAddressVersionIPv4),
},
Subnet: &servicefabric.SubResourceArgs{
Id: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1"),
},
},
},
Name: pulumi.String("nic-1"),
},
},
Capacities: pulumi.StringMap{
"ClientConnections": pulumi.String("65536"),
},
ClusterName: pulumi.String("myCluster"),
ComputerNamePrefix: pulumi.String("BE"),
DataDiskLetter: pulumi.String("S"),
DataDiskSizeGB: pulumi.Int(200),
DataDiskType: pulumi.String(servicefabric.DiskType_Premium_LRS),
DscpConfigurationId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig"),
EnableAcceleratedNetworking: pulumi.Bool(true),
EnableEncryptionAtHost: pulumi.Bool(true),
EnableNodePublicIP: pulumi.Bool(true),
EnableNodePublicIPv6: pulumi.Bool(true),
EnableOverProvisioning: pulumi.Bool(false),
EvictionPolicy: pulumi.String(servicefabric.EvictionPolicyTypeDeallocate),
FrontendConfigurations: servicefabric.FrontendConfigurationArray{
&servicefabric.FrontendConfigurationArgs{
ApplicationGatewayBackendAddressPoolId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest"),
LoadBalancerBackendAddressPoolId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool"),
LoadBalancerInboundNatPoolId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool"),
},
},
IsPrimary: pulumi.Bool(false),
IsSpotVM: pulumi.Bool(true),
IsStateless: pulumi.Bool(true),
MultiplePlacementGroups: pulumi.Bool(true),
NatGatewayId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/natGateways/myNatGateway"),
NodeTypeName: pulumi.String("BE-testResourceGroup-testRegion-test"),
PlacementProperties: pulumi.StringMap{
"HasSSD": pulumi.String("true"),
"NodeColor": pulumi.String("green"),
"SomeProperty": pulumi.String("5"),
},
ResourceGroupName: pulumi.String("resRg"),
SecureBootEnabled: pulumi.Bool(true),
SecurityType: pulumi.String(servicefabric.SecurityTypeTrustedLaunch),
ServiceArtifactReferenceId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Compute/galleries/myGallery/serviceArtifacts/myServiceArtifact/vmArtifactsProfiles/myVmArtifactProfile"),
SpotRestoreTimeout: pulumi.String("PT30M"),
SubnetId: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1"),
UseDefaultPublicLoadBalancer: pulumi.Bool(true),
UseEphemeralOSDisk: pulumi.Bool(true),
VmExtensions: servicefabric.VMSSExtensionArray{
&servicefabric.VMSSExtensionArgs{
AutoUpgradeMinorVersion: pulumi.Bool(true),
EnableAutomaticUpgrade: pulumi.Bool(true),
ForceUpdateTag: pulumi.String("v.1.0"),
Name: pulumi.String("Microsoft.Azure.Geneva.GenevaMonitoring"),
Publisher: pulumi.String("Microsoft.Azure.Geneva"),
Settings: pulumi.Any(map[string]interface{}{}),
SetupOrder: pulumi.StringArray{
pulumi.String(servicefabric.VmssExtensionSetupOrderBeforeSFRuntime),
},
Type: pulumi.String("GenevaMonitoring"),
TypeHandlerVersion: pulumi.String("2.0"),
},
},
VmImageOffer: pulumi.String("WindowsServer"),
VmImagePublisher: pulumi.String("MicrosoftWindowsServer"),
VmImageSku: pulumi.String("2016-Datacenter-Server-Core"),
VmImageVersion: pulumi.String("latest"),
VmInstanceCount: pulumi.Int(10),
VmManagedIdentity: &servicefabric.VmManagedIdentityArgs{
UserAssignedIdentities: pulumi.StringArray{
pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity"),
pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2"),
},
},
VmSecrets: servicefabric.VaultSecretGroupArray{
&servicefabric.VaultSecretGroupArgs{
SourceVault: &servicefabric.SubResourceArgs{
Id: pulumi.String("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault"),
},
VaultCertificates: servicefabric.VaultCertificateArray{
&servicefabric.VaultCertificateArgs{
CertificateStore: pulumi.String("My"),
CertificateUrl: pulumi.String("https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c"),
},
},
},
},
VmSetupActions: pulumi.StringArray{
pulumi.String(servicefabric.VmSetupActionEnableContainers),
pulumi.String(servicefabric.VmSetupActionEnableHyperV),
},
VmSize: pulumi.String("Standard_DS3"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var nodeType = new AzureNative.ServiceFabric.NodeType("nodeType", new()
{
AdditionalDataDisks = new[]
{
new AzureNative.ServiceFabric.Inputs.VmssDataDiskArgs
{
DiskLetter = "F",
DiskSizeGB = 256,
DiskType = AzureNative.ServiceFabric.DiskType.StandardSSD_LRS,
Lun = 1,
},
new AzureNative.ServiceFabric.Inputs.VmssDataDiskArgs
{
DiskLetter = "G",
DiskSizeGB = 150,
DiskType = AzureNative.ServiceFabric.DiskType.Premium_LRS,
Lun = 2,
},
},
AdditionalNetworkInterfaceConfigurations = new[]
{
new AzureNative.ServiceFabric.Inputs.AdditionalNetworkInterfaceConfigurationArgs
{
DscpConfiguration = new AzureNative.ServiceFabric.Inputs.SubResourceArgs
{
Id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig",
},
EnableAcceleratedNetworking = true,
IpConfigurations = new[]
{
new AzureNative.ServiceFabric.Inputs.IpConfigurationArgs
{
ApplicationGatewayBackendAddressPools = new[]
{
new AzureNative.ServiceFabric.Inputs.SubResourceArgs
{
Id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest",
},
},
LoadBalancerBackendAddressPools = new[]
{
new AzureNative.ServiceFabric.Inputs.SubResourceArgs
{
Id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool",
},
},
LoadBalancerInboundNatPools = new[]
{
new AzureNative.ServiceFabric.Inputs.SubResourceArgs
{
Id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool",
},
},
Name = "ipconfig-1",
PrivateIPAddressVersion = AzureNative.ServiceFabric.PrivateIPAddressVersion.IPv4,
PublicIPAddressConfiguration = new AzureNative.ServiceFabric.Inputs.IpConfigurationPublicIPAddressConfigurationArgs
{
IpTags = new[]
{
new AzureNative.ServiceFabric.Inputs.IpTagArgs
{
IpTagType = "RoutingPreference",
Tag = "Internet",
},
},
Name = "publicip-1",
PublicIPAddressVersion = AzureNative.ServiceFabric.PublicIPAddressVersion.IPv4,
},
Subnet = new AzureNative.ServiceFabric.Inputs.SubResourceArgs
{
Id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1",
},
},
},
Name = "nic-1",
},
},
Capacities =
{
{ "ClientConnections", "65536" },
},
ClusterName = "myCluster",
ComputerNamePrefix = "BE",
DataDiskLetter = "S",
DataDiskSizeGB = 200,
DataDiskType = AzureNative.ServiceFabric.DiskType.Premium_LRS,
DscpConfigurationId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig",
EnableAcceleratedNetworking = true,
EnableEncryptionAtHost = true,
EnableNodePublicIP = true,
EnableNodePublicIPv6 = true,
EnableOverProvisioning = false,
EvictionPolicy = AzureNative.ServiceFabric.EvictionPolicyType.Deallocate,
FrontendConfigurations = new[]
{
new AzureNative.ServiceFabric.Inputs.FrontendConfigurationArgs
{
ApplicationGatewayBackendAddressPoolId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest",
LoadBalancerBackendAddressPoolId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool",
LoadBalancerInboundNatPoolId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool",
},
},
IsPrimary = false,
IsSpotVM = true,
IsStateless = true,
MultiplePlacementGroups = true,
NatGatewayId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/natGateways/myNatGateway",
NodeTypeName = "BE-testResourceGroup-testRegion-test",
PlacementProperties =
{
{ "HasSSD", "true" },
{ "NodeColor", "green" },
{ "SomeProperty", "5" },
},
ResourceGroupName = "resRg",
SecureBootEnabled = true,
SecurityType = AzureNative.ServiceFabric.SecurityType.TrustedLaunch,
ServiceArtifactReferenceId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Compute/galleries/myGallery/serviceArtifacts/myServiceArtifact/vmArtifactsProfiles/myVmArtifactProfile",
SpotRestoreTimeout = "PT30M",
SubnetId = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1",
UseDefaultPublicLoadBalancer = true,
UseEphemeralOSDisk = true,
VmExtensions = new[]
{
new AzureNative.ServiceFabric.Inputs.VMSSExtensionArgs
{
AutoUpgradeMinorVersion = true,
EnableAutomaticUpgrade = true,
ForceUpdateTag = "v.1.0",
Name = "Microsoft.Azure.Geneva.GenevaMonitoring",
Publisher = "Microsoft.Azure.Geneva",
Settings = null,
SetupOrder = new[]
{
AzureNative.ServiceFabric.VmssExtensionSetupOrder.BeforeSFRuntime,
},
Type = "GenevaMonitoring",
TypeHandlerVersion = "2.0",
},
},
VmImageOffer = "WindowsServer",
VmImagePublisher = "MicrosoftWindowsServer",
VmImageSku = "2016-Datacenter-Server-Core",
VmImageVersion = "latest",
VmInstanceCount = 10,
VmManagedIdentity = new AzureNative.ServiceFabric.Inputs.VmManagedIdentityArgs
{
UserAssignedIdentities = new[]
{
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity",
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2",
},
},
VmSecrets = new[]
{
new AzureNative.ServiceFabric.Inputs.VaultSecretGroupArgs
{
SourceVault = new AzureNative.ServiceFabric.Inputs.SubResourceArgs
{
Id = "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault",
},
VaultCertificates = new[]
{
new AzureNative.ServiceFabric.Inputs.VaultCertificateArgs
{
CertificateStore = "My",
CertificateUrl = "https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c",
},
},
},
},
VmSetupActions = new[]
{
AzureNative.ServiceFabric.VmSetupAction.EnableContainers,
AzureNative.ServiceFabric.VmSetupAction.EnableHyperV,
},
VmSize = "Standard_DS3",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.servicefabric.NodeType;
import com.pulumi.azurenative.servicefabric.NodeTypeArgs;
import com.pulumi.azurenative.servicefabric.inputs.VmssDataDiskArgs;
import com.pulumi.azurenative.servicefabric.inputs.AdditionalNetworkInterfaceConfigurationArgs;
import com.pulumi.azurenative.servicefabric.inputs.SubResourceArgs;
import com.pulumi.azurenative.servicefabric.inputs.FrontendConfigurationArgs;
import com.pulumi.azurenative.servicefabric.inputs.VMSSExtensionArgs;
import com.pulumi.azurenative.servicefabric.inputs.VmManagedIdentityArgs;
import com.pulumi.azurenative.servicefabric.inputs.VaultSecretGroupArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var nodeType = new NodeType("nodeType", NodeTypeArgs.builder()
.additionalDataDisks(
VmssDataDiskArgs.builder()
.diskLetter("F")
.diskSizeGB(256)
.diskType("StandardSSD_LRS")
.lun(1)
.build(),
VmssDataDiskArgs.builder()
.diskLetter("G")
.diskSizeGB(150)
.diskType("Premium_LRS")
.lun(2)
.build())
.additionalNetworkInterfaceConfigurations(AdditionalNetworkInterfaceConfigurationArgs.builder()
.dscpConfiguration(SubResourceArgs.builder()
.id("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig")
.build())
.enableAcceleratedNetworking(true)
.ipConfigurations(IpConfigurationArgs.builder()
.applicationGatewayBackendAddressPools(SubResourceArgs.builder()
.id("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest")
.build())
.loadBalancerBackendAddressPools(SubResourceArgs.builder()
.id("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool")
.build())
.loadBalancerInboundNatPools(SubResourceArgs.builder()
.id("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool")
.build())
.name("ipconfig-1")
.privateIPAddressVersion("IPv4")
.publicIPAddressConfiguration(IpConfigurationPublicIPAddressConfigurationArgs.builder()
.ipTags(IpTagArgs.builder()
.ipTagType("RoutingPreference")
.tag("Internet")
.build())
.name("publicip-1")
.publicIPAddressVersion("IPv4")
.build())
.subnet(SubResourceArgs.builder()
.id("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1")
.build())
.build())
.name("nic-1")
.build())
.capacities(Map.of("ClientConnections", "65536"))
.clusterName("myCluster")
.computerNamePrefix("BE")
.dataDiskLetter("S")
.dataDiskSizeGB(200)
.dataDiskType("Premium_LRS")
.dscpConfigurationId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig")
.enableAcceleratedNetworking(true)
.enableEncryptionAtHost(true)
.enableNodePublicIP(true)
.enableNodePublicIPv6(true)
.enableOverProvisioning(false)
.evictionPolicy("Deallocate")
.frontendConfigurations(FrontendConfigurationArgs.builder()
.applicationGatewayBackendAddressPoolId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest")
.loadBalancerBackendAddressPoolId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool")
.loadBalancerInboundNatPoolId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool")
.build())
.isPrimary(false)
.isSpotVM(true)
.isStateless(true)
.multiplePlacementGroups(true)
.natGatewayId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/natGateways/myNatGateway")
.nodeTypeName("BE-testResourceGroup-testRegion-test")
.placementProperties(Map.ofEntries(
Map.entry("HasSSD", "true"),
Map.entry("NodeColor", "green"),
Map.entry("SomeProperty", "5")
))
.resourceGroupName("resRg")
.secureBootEnabled(true)
.securityType("TrustedLaunch")
.serviceArtifactReferenceId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Compute/galleries/myGallery/serviceArtifacts/myServiceArtifact/vmArtifactsProfiles/myVmArtifactProfile")
.spotRestoreTimeout("PT30M")
.subnetId("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1")
.useDefaultPublicLoadBalancer(true)
.useEphemeralOSDisk(true)
.vmExtensions(VMSSExtensionArgs.builder()
.autoUpgradeMinorVersion(true)
.enableAutomaticUpgrade(true)
.forceUpdateTag("v.1.0")
.name("Microsoft.Azure.Geneva.GenevaMonitoring")
.publisher("Microsoft.Azure.Geneva")
.settings(Map.ofEntries(
))
.setupOrder("BeforeSFRuntime")
.type("GenevaMonitoring")
.typeHandlerVersion("2.0")
.build())
.vmImageOffer("WindowsServer")
.vmImagePublisher("MicrosoftWindowsServer")
.vmImageSku("2016-Datacenter-Server-Core")
.vmImageVersion("latest")
.vmInstanceCount(10)
.vmManagedIdentity(VmManagedIdentityArgs.builder()
.userAssignedIdentities(
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity",
"/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2")
.build())
.vmSecrets(VaultSecretGroupArgs.builder()
.sourceVault(SubResourceArgs.builder()
.id("/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault")
.build())
.vaultCertificates(VaultCertificateArgs.builder()
.certificateStore("My")
.certificateUrl("https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c")
.build())
.build())
.vmSetupActions(
"EnableContainers",
"EnableHyperV")
.vmSize("Standard_DS3")
.build());
}
}
resources:
nodeType:
type: azure-native:servicefabric:NodeType
properties:
additionalDataDisks:
- diskLetter: F
diskSizeGB: 256
diskType: StandardSSD_LRS
lun: 1
- diskLetter: G
diskSizeGB: 150
diskType: Premium_LRS
lun: 2
additionalNetworkInterfaceConfigurations:
- dscpConfiguration:
id: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig
enableAcceleratedNetworking: true
ipConfigurations:
- applicationGatewayBackendAddressPools:
- id: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest
loadBalancerBackendAddressPools:
- id: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool
loadBalancerInboundNatPools:
- id: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool
name: ipconfig-1
privateIPAddressVersion: IPv4
publicIPAddressConfiguration:
ipTags:
- ipTagType: RoutingPreference
tag: Internet
name: publicip-1
publicIPAddressVersion: IPv4
subnet:
id: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1
name: nic-1
capacities:
ClientConnections: '65536'
clusterName: myCluster
computerNamePrefix: BE
dataDiskLetter: S
dataDiskSizeGB: 200
dataDiskType: Premium_LRS
dscpConfigurationId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/dscpConfigurations/myDscpConfig
enableAcceleratedNetworking: true
enableEncryptionAtHost: true
enableNodePublicIP: true
enableNodePublicIPv6: true
enableOverProvisioning: false
evictionPolicy: Deallocate
frontendConfigurations:
- applicationGatewayBackendAddressPoolId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/applicationGateways/appgw-test/backendAddressPools/appgwBepoolTest
loadBalancerBackendAddressPoolId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/backendAddressPools/LoadBalancerBEAddressPool
loadBalancerInboundNatPoolId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/loadBalancers/test-LB/inboundNatPools/LoadBalancerNATPool
isPrimary: false
isSpotVM: true
isStateless: true
multiplePlacementGroups: true
natGatewayId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/natGateways/myNatGateway
nodeTypeName: BE-testResourceGroup-testRegion-test
placementProperties:
HasSSD: 'true'
NodeColor: green
SomeProperty: '5'
resourceGroupName: resRg
secureBootEnabled: true
securityType: TrustedLaunch
serviceArtifactReferenceId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Compute/galleries/myGallery/serviceArtifacts/myServiceArtifact/vmArtifactsProfiles/myVmArtifactProfile
spotRestoreTimeout: PT30M
subnetId: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.Network/virtualNetworks/vnet1/subnets/subnet1
useDefaultPublicLoadBalancer: true
useEphemeralOSDisk: true
vmExtensions:
- autoUpgradeMinorVersion: true
enableAutomaticUpgrade: true
forceUpdateTag: v.1.0
name: Microsoft.Azure.Geneva.GenevaMonitoring
publisher: Microsoft.Azure.Geneva
settings: {}
setupOrder:
- BeforeSFRuntime
type: GenevaMonitoring
typeHandlerVersion: '2.0'
vmImageOffer: WindowsServer
vmImagePublisher: MicrosoftWindowsServer
vmImageSku: 2016-Datacenter-Server-Core
vmImageVersion: latest
vmInstanceCount: 10
vmManagedIdentity:
userAssignedIdentities:
- /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity
- /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myIdentity2
vmSecrets:
- sourceVault:
id: /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/resRg/providers/Microsoft.KeyVault/vaults/myVault
vaultCertificates:
- certificateStore: My
certificateUrl: https://myVault.vault.azure.net:443/secrets/myCert/ef1a31d39e1f46bca33def54b6cda54c
vmSetupActions:
- EnableContainers
- EnableHyperV
vmSize: Standard_DS3
The isSpotVM property enables Azure Spot VMs, which use spare capacity at reduced cost but can be evicted. The evictionPolicy (Deallocate or Delete) controls what happens when Azure reclaims the VM, and spotRestoreTimeout specifies how long Azure attempts to restore evicted instances. The securityType and secureBootEnabled properties enable Trusted Launch with secure boot for enhanced security. The additionalNetworkInterfaceConfigurations array attaches secondary NICs with custom IP configurations, load balancer pools, and DSCP settings. The frontendConfigurations property connects the node type to custom load balancer backends and NAT pools, while natGatewayId attaches a NAT gateway for outbound connectivity.
Beyond these examples
These snippets focus on specific node type features: VM image selection and custom images, auto-scaling and stateless configurations, networking (custom NICs, load balancers, NAT gateways), and security (Trusted Launch, encryption, spot VMs). They’re intentionally minimal rather than full cluster deployments.
The examples reference pre-existing infrastructure such as Service Fabric managed clusters, VNets, subnets, load balancers, NAT gateways, Key Vaults and certificates, managed identities, and custom VM images or shared galleries. They focus on configuring the node type rather than provisioning the surrounding infrastructure.
To keep things focused, common node type patterns are omitted, including:
- Availability zones (zones property)
- Application and ephemeral port ranges
- Host groups for dedicated hosts
- Service artifact references
- VM setup actions (EnableContainers, EnableHyperV)
- SKU-based capacity configuration
These omissions are intentional: the goal is to illustrate how each node type feature is wired, not provide drop-in cluster modules. See the NodeType resource reference for all available configuration options.
Let's configure Azure Service Fabric Node Types
Get started with Pulumi Cloud, then follow our quick setup guide to deploy this infrastructure.
Try Pulumi Cloud for FREEFrequently Asked Questions
Node Type Configuration & Immutability
What properties can't I change after creating a node type?
Several properties are immutable after creation:
isPrimarycannot be changed once the node type is createddataDiskLettercannot be modified after creationfrontendConfigurationscannot be added or removed after creation (non-primary node types only)clusterName,nodeTypeName,resourceGroupName, andtagsare also immutable
What's the difference between primary and non-primary node types?
Primary node types host Service Fabric system services for the cluster. Non-primary node types can use custom frontend configurations, while primary node types cannot. The
isPrimary setting is immutable after creation.Why is my computerNamePrefix limited to 9 characters?
The
computerNamePrefix property is limited to 9 characters by design. If specified, it allows for a longer name to be specified for the node type name itself.Scaling & Instance Management
What are the valid values for vmInstanceCount?
The vmInstanceCount property accepts these values:
- -1: Use when auto-scale rules are configured or
sku.capacityis defined - 0: Not supported
- >0: Use for manual scaling
How do I enable auto-scaling for my node type?
Set
vmInstanceCount to -1 when you have auto-scale rules configured or when sku.capacity is defined.Stateless Node Types
What features are only available for stateless node types?
Two features require isStateless to be true:
useTempDataDisk: Uses temporary disk for Service Fabric data root instead of managed disksenableOverProvisioning: Enables node type overprovisioning
Can I use the temporary disk instead of managed disks?
Yes, set
useTempDataDisk to true for stateless node types. This uses the VM’s temporary disk for Service Fabric data root, and no managed data disk will be attached. This is only allowed for stateless node types.Storage & Disks
Which drive letters can't I use for dataDiskLetter?
The
dataDiskLetter property cannot use the reserved letters C or D. Additionally, this setting cannot be changed after the node type is created.VM Images & Configuration
What are my options for configuring VM images?
You have three options for VM images:
- Marketplace images: Use
vmImagePublisher,vmImageOffer,vmImageSku, andvmImageVersion - Custom images: Use
vmImageResourceIdpointing to your custom image - Shared gallery images: Use
vmSharedGalleryImageIdpointing to a shared gallery image
Spot VMs & Cost Optimization
How do Spot VMs work for node types?
Set
isSpotVM to true to use Spot Virtual Machines. Azure will allocate the VMs if capacity is available, but the VMs can be evicted at any time. Configure evictionPolicy (default is Delete) and optionally spotRestoreTimeout to control eviction behavior.Security & Encryption
How do I enable encryption at the host level?
Set
enableEncryptionAtHost to true. This enables encryption for all disks including Resource/Temp disk at the host itself. Default is false.Can I use secure boot with any security type?
No,
secureBootEnabled can only be used with TrustedLaunch as the securityType. It’s not compatible with other security types.