I have a large package that I'm trying to deploy to a test cluster in Azure. I get an OperationTimeout when I'm trying to register the application type, so I figured I could send in the TimeoutSec parameter to Register-ServiceFabricApplicationType, but I'm getting an error back saying my value (1 hour) is greater than the MaxOperationTimeout configured on the cluster. Where would I configure this value, I can't find it anywhere? The package works locally.
Copying application to image store...
Copy application package succeeded
Registering application type...
Register-ServiceFabricApplicationType : Client timeout must be less than or equal to the cluster configuration forMaxOperationTimeout. Requested value and timeout limit: (59:59.999, 10:00.000)
At D:\sf\Publish-NewServiceFabricApplication2.psm1:220 char:9
+ Register-ServiceFabricApplicationType -ApplicationPathInImageStore $appl ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (Microsoft.Servi...usterConnection:ClusterConnection) [Register-ServiceFabricApplicationType], FabricException
+ FullyQualifiedErrorId : RegisterApplicationTypeErrorId,Microsoft.ServiceFabric.Powershell.RegisterApplicationType
You can't change the cluster manifest for an Azure cluster. As stated here: Is it possible to update the Service Fabric Cluster Manifest?
Related
We run our domains via Google. We have those domains verified in Azure for various purposes.
What I'd like to accomplish is to allow my user that use O365 to be able sign in with their Google Credentials. As I understand it, this is done through federation, SAML, and SSO. I've followed Google's instruction on setting this up and have hit a snag.
Using PowerShell's Set-MsolDomainAuthentication command I get an error every time I try to change the Authentication method from Managed to Federated. I can confirm that I can see the domains and their managed status via PowerShell commands, so I am at least connected to our Azure.
Set-MsolDomainAuthentication : Unable to complete this action. Try again later.
At line:1 char:1
+ Set-MsolDomainAuthentication
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [Set-MsolDomainAuthentication], MicrosoftOnlineException
+ FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.InternalServiceException,Microsoft.Online.Adm
inistration.Automation.SetDomainAuthentication
Azure logs show the attempt as
DirectoryManagement
Set domain authentication
Failure
Microsoft.Online.Workflows.ValidationException
Any help and direction is welcome. I've been searching high and low for solutions.
Side note: I have tried the convert command as well, with no luck.
Found a solution using this method rather than googles prescribed method.
https://medium.com/#james.winegar/how-to-single-sign-on-sso-between-g-suite-and-office-365-with-g-suite-as-identity-provider-idp-5bf5031835a0
IMPORTANT SIDE NOTE: For some reason or another, you cannot federate multiple domains with the same entityID in Azure. The workaround is to add spaces to the end of the entityID and Location URLs.
In my instance, I edited the metadata.xml and added the space within the quotes. There are two Location URLs in the XML, make the same change in both of them.
IE entityID="https://accounts.google.com/o/saml2?idpid=yourGoogleId "
And Location="https://accounts.google.com/o/saml2/idp?idpid=yourGoogleId "
Repeat this process for each additional domain from the same entityID. Keep in mind this is NOT a supported workaround, so use with caution.
Solution:
Run the following command:
Set-MsolDomainAuthentication -Name <domainName> -Authentication Managed -ActiveLogOnUri <ActiveLogOnUri> -FederationBrandName <FederationBrandName> -PassiveLogOnUri <PassiveLogOnUri> -SigningCertificate <SigningCertificate> -IssuerUri <IssuerUri> -LogOffUri <LogOffUri> -MetadataExchangeUri <MetadataExchangeUri> -PreferredAuthenticationProtocol <PreferredAuthenticationProtocol>
I'm starting with Service Fabric. I have created a very simple console application that runs the following code:
class Program
{
static void Main(string[] args)
{
Console.WriteLine("Hello world!");
File.AppendAllText("c:\\temp\\hello.txt", "Hello world!" + DateTime.Now.ToString() + "\r\n");
Console.ReadLine();
}
}
Then I create a guest executable project with Visual Studio and point it to the exe application. It gets installed in Service Fabric, I can see that the file is created, but then service fabric throws an error:
Error event: SourceId='System.FM', Property='State'.
Partition is below target replica or instance count.
fabric:/Test3/Test3Service -1 1 5ef5a0eb-5621-4821-95cb-4c1920ab7f0c
(Showing 0 out of 0 replicas. Total available replicas: 0.)
Is this approach correct? Can I have exe applications hosted in Service Fabric or do I need to implement/inherit from something?
EDIT
When the application is deployed it enters in a Warning state, showing the following messages:
Soon afterwards it transitions to an error state:
Yes you can host a simple Console Application in Service Fabric as a Guest Executable, that should not be a problem.
The issue you are seeing is likely because the application is trying to write to a file in c:/temp where your Guest Exe by default doesnt have permissions. Try removing that part of your sample code, or change it to write to hello.txt and it will end up in the same folder your Guest Exe is running in.
You should consider file storage on a Service Fabric node as temporary however and not rely on storing data there as your service could be moved between nodes by Service Fabric as part of it's cluster maintenance.
See this answer for some more details on file system access in SF https://stackoverflow.com/a/37966158/1062217
I am trying NosDB, created database cluster on single node, and than added second node in my database cluster, but I am failing with error message, "Add-Shard : Login 'asif_mehmood' does not exist".
Steps I perforemd:
Installed NosDb OpenSource on two boxes.
Created cluster with one shard on first box, using New-DatabseCluster powershell cmmdlet.
Added another shard with second box as node, using Add-shard powershell cmdlet.
Failed with following error Message
Add-Shard : Login 'asif_mehmood' does not exist
At line:1 char:1
+ Add-Shard -Name shard2 -Server 192.168.0.15 -Port 2250
For adding other node in database cluster, both nodes should be in same domain or on same work group,
before adding second node in database cluster, add login of current box on second box using Add-Login cmmdlet with following parameters
Username: username of second box windows login
Password: Password for above
Server: IP of second box,
After adding login second node was added successfully in database cluster.
I tried removing application from service fabric using service fabric explorer.
I deleted my application using Delete Application action.
Then When I tried Unprovision application type I got error saying,
Error: Application Type of version 1.0.0 could not be unprovisioned as
it still contains active applications.
I could see that even after deleting the application , the actor service inside the application is still active in some of the nodes. Am attaching a screenshot of my service fabric explorer.
Any help regarding completely removing the applications?
This can happen if services in your application don't play nice by not shutting down when requested by the platform, for example by ignoring the cancellation token in RunAsync.
Here's a quick PowerShell script that will go through an application and force remove all replicas of all stateful services:
Connect-ServiceFabricCluster -ConnectionEndpoint localhost:19000
$nodes = Get-ServiceFabricNode
foreach($node in $nodes)
{
$replicas = Get-ServiceFabricDeployedReplica -NodeName $node.NodeName -ApplicationName "fabric:/MyApp"
foreach ($replica in $replicas)
{
Remove-ServiceFabricReplica -ForceRemove -NodeName $node.NodeName -PartitionId $replica.Partitionid -ReplicaOrInstanceId $replica.ReplicaOrInstanceId
}
}
Go to http://localhost:19080/-->Expand Cluster-->Applications-->Service
Click on the 3 dots beside service and select option "Delete service"
Similarly delete the application and then unprovision the type
I am trying to use the xWebsite resource in powershell DSC but it keeps failing to Set-TargetResource. the error is
PowerShell provider MSFT_xWebsite failed to execute Set-TargetResource functionality with error message:
+ CategoryInfo : InvalidOperation: (:) [], CimException
+ FullyQualifiedErrorId : ProviderOperationExecutionFailure
The resource looks like
WindowsFeature IIS
{
Ensure = “Present”
Name = “Web-Server”
}
xWebsite Website
{
Ensure = "Present"
Name = "Website"
PhysicalPath = "E:\www\site"
State = "Started"
BindingInfo = MSFT_xWebBindingInformation
{
Protocol = 'HTTP'
Port = 7777
HostName = '*'
}
DependsOn = "[WindowsFeature]IIS"
}
I just copied it from one of the DSC examples, and initially it did not return the above error. I do not know what changed, but now it cannot create the website on subsequent runs. There is not a lot of troubleshooting content on DSC yet either, and I am hoping that someone else has run into this problem as well.
Regarding the initial run not returning an error
This may be related to this bug.
Regarding the error itself
Let's check the obvious stuff first:
All components of the PhysicalPath must exist; the resource won't create any of those paths. So use a File resource to create them if needed then make xWebsite depend on it.
Make sure a different web site is not using the port.
You show a DependsOn but don't show the rest of your configuration. Make sure that you're actually specifying a WindowsFeature resource in your config for it to depend on.
If those don't help
Post the rest of your config (if there is more).
Check out the xDscDiagnostics module in the DSC Resource Kit. It's not a resource, it's 2 functions that help you turn on the diagnostic and debug logs for DSC and then retrieve the events related to a specific run. This should help you figure out the actual underlying error.
I ran into problems trying to use the xWebsite resource on Windows Server 2008 R2 too. Then I noticed that at the bottom of the documentation page, it says:
Verified on the following platforms
Windows Server 2012: Yes
Windows Server 2008 R2: No
I ended up debugging through the module code outside of DSC. I found that there were several bits that didn't work on 2008R2, and so had to create my own version of the module that worked on that operating system.
Sorry - no easy fix!