Service Fabric (continued)
Part 2 compared Paxos and Raft. Part 3 discussed SF-Ring, Part 4 discussed its architecture and Part 5
described compute planning and scaling. This article describes Service
Fabric security best practices.
Azure Service Fabric makes it easy to package deploy and
manage scalable and reliable microservices. It helps with developing and
managing cloud applications. These applications and services can be stateless
or stateful. They are run with high efficiency and load balancing. It supports
real-time data analysis, in-memory computation, parallel transactions, and
event processing in the applications.
The security best practices are described at various levels.
At the level of an instance of Service Fabric, the Azure Resource Manager
templates and the Service Fabric PowerShell modules create secure clusters.
X.509 certificates must be used to secure the instance. Security policies must
be configured and the Reliable Actors security configuration must be
implemented. The TLS must be configured so that all communications are
encrypted. Users must be assigned to roles and Role based Access Control must
be used to secure all control plane access.
At the level of a cluster, certificates continue to secure
the cluster and client access – both read-only and admin access are secured by
Azure Active Directory. Automated deployments use scripts to generate, deploy
and roll over the secrets. The secrets are stored in the Azure Key Vault and
the Azure AD is used for all other client access. Authentication is required
from all users. The cluster must be configured to create perimeter networks by
using Azure Network Security Groups. Cluster virtual machines must be accessed
via jump servers with Remote Desktop Connection.
Within the cluster, there are three scenarios for
implementing cluster security by various technologies.
Node-to-node security: This scenario secures communication
between the VMs and the computers in the cluster. Only computers that are
authorized to join the cluster can host applications and services in the
cluster.
Client-to-node security: This scenario secures communication
between a Service Fabric client and the individual nodes in the cluster.
Service Fabric role-based access control: This scenario uses
separate identities for each administrator and user client role that accesses
the cluster. The role identities are specified when the cluster is created.
A detailed checklist for security and compliance is also
included for reference: https://1drv.ms/b/s!Ashlm-Nw-wnWzR4MPnriBWYTlMY6