Open nareshkhatri81 opened 6 years ago
Yes you can configure this. https://docs.microsoft.com/en-us/azure/service-fabric/service-fabric-cluster-security#client-to-node-security
@linggengmsft @dragav Team. is it possible to user service account for authentication ? Connect-ServiceFabricCluster can take service account as input parameter or runs under context of machine account. Thanks, naresh Khatri
We are looking for client to nodes security using machine account.
Our client will be octopus which would be running with some service account.
Octopus would be using service fabric powershell cmdlets to do deployment.
@nareshkhatri81 The doc describes how to configure Windows security for client to node security. What Octopus is doing is out of scope. Is there anything in the doc that is not clear enough?
Hi Team,
we are using octopus for doing deployment to SF Cluster octopus has support for SF. In Octopus, we see only option of connecting to cluster using AAD, Client certificate.
https://octopus.com/docs/deployment-examples/azure-deployments/deploying-to-service-fabric/connecting-securely-with-azure-active-directory/ https://octopus.com/docs/deployment-examples/azure-deployments/deploying-to-service-fabric/connecting-securely-with-client-certificates/ https://octopus.com/docs/deployment-examples/azure-deployments/service-fabric/packaging
There is no option of connecting to cluster using machine account.
As per below link of Service Fabric its possible to connect to cluster using machine account/SPN.
https://docs.microsoft.com/en-us/powershell/module/servicefabric/connect-servicefabriccluster?view=azureservicefabricps
There are scripts which are created by octopus team for connecting to SF cluster.
https://github.com/OctopusDeploy/Calamari/blob/master/source/Calamari.Azure/Scripts/AzureServiceFabricContext.ps1
question is does Connect-ServiceFabricCluster works with machine account ? so we can modify/customize/raise feature request to octopus to use those feature of SF to do auth ?
Thanks, Naresh Khatri