Azure Fabric Interview Questions
What is Azure Fabric?
What is an Azure service fabric cluster?
What is difference between Kubernetes and Service Fabric?
Explain the Microservices architecture on Azure Service Fabric?
How do we deploy Microservices to Azure?
How to test your microservice in Azure?
What are the most important aspects of securing your application on Azure Service Fabric?
Q: What is Azure Fabric?
Ans:
Azure Service Fabric is a distributed systems platform that simplifies the packaging, deployment, and management of scalable and reliable microservices and containers. Service Fabric also addresses the significant challenges associated with the development and management of cloud native applications.
Q: What is an Azure service fabric cluster?
Ans:
A Service Fabric cluster is a network-connected collection of virtual or physical machines where your microservices will be deployed and managed. A cluster node is a machine or virtual machine that is part of a cluster. Clusters have the ability to scale to thousands of nodes.
Q: What is difference between Kubernetes and Service Fabric?
Ans:
Azure Service Fabric is a distributed systems platform that simplifies the packaging, deployment, and management of scalable and reliable microservices. Kubernetes, on the other hand, is defined as "managing a cluster of Linux containers as a single system to accelerate development and simplify operations".
Take a look at our suggested post :
Q: Explain the Microservices architecture on Azure Service Fabric?
Ans:
This reference architecture demonstrates a microservices architecture that has been deployed to Azure Service Fabric. It represents a basic cluster configuration that can serve as a starting point for the majority of deployments.
The architecture is composed of the following components:
Service Fabric cluster
A network-connected collection of virtual machines (VMs) where your microservices are deployed and managed.Virtual machine scale sets
You can use virtual machine scale sets to create and manage a group of identical, load-balanced, autoscaling VMs. It also includes the domains for faults and upgrades.Nodes
The nodes are the VMs in the Service Fabric cluster.Node types
A node type is a virtual machine scale set that deploys a group of nodes. There is at least one node type in a Service Fabric cluster. One node type must be assigned as the Primary node type in a cluster with multiple node types.Services
A service is a self-contained function that can be started and stopped independently of other services. Instances of services are deployed to cluster nodes. In Service Fabric, there are two types of services:Stateless service
A stateless service does not keep track of its own state. State is written to and retrieved from an external store, such as Azure Cosmos DB, if state persistence is required.Stateful service
The service state is stored within the service itself. Many other stateful services implement this using Service Fabric's Reliable Collections.
Service Fabric Explorer
The Service Fabric Explorer open-source tool is used to inspect and manage Service Fabric clusters.Azure Pipelines
Pipelines is a component of Azure DevOps Services that automates build, test, and deployment processes. Third-party CI/CD solutions, such as Jenkins, are also available.Azure Monitor
Azure Monitor gathers and stores metrics and logs, such as platform metrics for Azure services in the solution and application telemetry.Azure Key Vault
Store any application secrets which are being used by the microservices, like connection strings, in Key Vault.Azure API Management
API Management serves as an API gateway, accepting client requests and routing them to your services.
Q: How do we deploy Microservices to Azure?
Ans:
Docker, Azure Subscription, Azure CLI, and kubectl (Kubernetes command-line tool) are all needed to deploy your microservices.
Now we can follow below steps to deploy your microservices:
- To deploy your microservices, you must first create an Azure Container Registry in the same location as your services and link it to a resource group. Container instances that will be deployed to a Kubernetes cluster will be managed by your registry.
- Use the az group create command to create a resource group. Replace
[location]
with a region which is compatible with AKS and available for your subscription.az group create -l [location] -n guideGroup
- Create an Azure Container Registry using the Azure az acr command. Replace
[registry-name]
with a unique Azure container registry name which contains 5-50 alphanumeric characters. Theaz acr check-name -n [registry-name]
command can be used to see if a registry name already exists.az acr create -g guideGroup -n [registry-name] --sku Basic --admin-enabled
- You must log in to your Azure Container Registry using the Azure CLI to push Docker images
to your registry.
az acr login -n [registry-name]
- Build and Uploading images to a container registry.
Package the microservices: mvn package
- download or update to the latest Open Liberty Docker image:
docker pull openliberty/open-liberty:full-java11-openj9-ubi
- build and containerize the application:
docker build -t system:1.0-SNAPSHOT system/. docker build -t inventory:1.0-SNAPSHOT inventory/.
- tag your container images with your registry.:
docker tag system:1.0-SNAPSHOT [registry-server]/system:1.0-SNAPSHOT docker tag inventory:1.0-SNAPSHOT [registry-server]/inventory:1.0-SNAPSHOT
- push your images to the registry:
docker push [registry-server]/system:1.0-SNAPSHOT docker push [registry-server]/inventory:1.0-SNAPSHOT
- Creates an AKS cluster guideCluster with the resource group guideGroup.
az aks create -g guideGroup -n guideCluster
-
Deploy your microservices to Azure Kubernetes Service:
deploy the resources defined in the kubernetes.yaml file
check the pods status:kubectl create -f kubernetes.yaml
kubectl get pods
- Make requests to the microservices:
Explore the system service's information to determine its EXTERNAL-IP address:
kubectl get service/system-service
Q: How to test your microservice in Azure?
Ans:
To test your microservices, use the Mavenfailsafe:integration-test
, replacing
[system-EXTERNAL-IP] and [inventory-EXTERNAL-IP]
.
mvn failsafe:integration-test -Dsystem.ip=[system-EXTERNAL-IP] -Dinventory.ip=[inventory-EXTERNAL-IP]
Q: What are the most important aspects of securing your application on Azure Service Fabric?
Ans:
Below are some most important aspects of securing your application on Service Fabric:
Virtual network
To allow or reject network traffic, Network Security Groups (NSGs) can be added to subnets. While calling external Azure Services from the cluster, utilise Virtual Network service endpoints if the Azure service supports them.For example, if you're storing data with Cosmos DB, configure the Cosmos DB account with a service endpoint that only allows access from a specific subnet. See using virtual networks to access Azure Cosmos DB resources.
Endpoints and interservice communication
To keep interservice communications secure, follow these steps:- Enable HTTPS endpoints.
- Create a secure link between the reverse proxy and the services.
- You can offload authentication to an API gateway if you're utilising one.
Secrets and certificates
In Azure Key Vault, you can keep secrets like connection strings to data stores.Data at rest protection
If your services save data on data disk attached to the virtual machine scale sets of the Service Fabric cluster, you must encrypt the disk.