How to lift WCF code to Azure Service Fabric.

When the wind of change blows, we should move on too. In my scenario, global changes come from the decision to revamp the user experience and bring it up to modern standards. In this article, I will share a general approach for migration experience and detailed one on how to quickly lift WCF code without old soap functionality.

TL;DR; Code of WCF services can be relatively easy lifted to Azure Service Fabric Stateless services. The basic approach to move code of each service to separate stateless service based on .NET Core Web API. To save some time and effort its wise to make services bigger by aggregating several WCF to one Stateless ASF service.

There is GitHub repository(used for Global Azure Bootcamp 2019) with sample Azure Service Fabric stateless service with step by step development description, feel free to use it and star it :). https://github.com/staslebedenko/bootcamp-v1

My role as a solution architect and developer is to propose a concise and actionable plan to make migration happen without extra effort and cost. So I have to start with an assessment of the current project status:

1. Consider existing “Technical debt” and the number of opened issues.
2. Check the team capacity, how many hours can be dedicated to education and the migration of a project.
3. Consider non-functional requirements i.e. reliability, maintainability, performance and so on.
4. How modular is a system? Is it possible to extract and migrate it module by module?
5. Is the team willing to innovate and learn quickly enough? Maybe someone has had experience with Azure?
6. Read about the “Lift and Shift” approach for solution migration.
7. Can I sketch a rough tech design? This activity will help to get a better idea about the scope of changes required and allow us to see a “big picture.”

Consider changes from a Customer perspective, try to prepare a list of potential benefits, solution improvements, and cost estimation. Some points that can be mention:

1. Responsive user interface for mobile devices.
2. Performance improvements, old solution versus a new one.
3. There might be features that have been postponed earlier, because of technical obstacles or expense. They might be developed faster and easier with a new solution so that they can be included as well.
4. The monthly cost of the new solution in Azure will be cheaper, mention that too.
5. Include a cost comparison of feature development with the new tech stack versus the old one.

This kind of estimation will probably end up with about 1500 hours estimate for a bright and shiny new solution, leave it alone for 2–4 days. Then revise it and find a way to make it 3–4 times smaller 😉. Rule of thumb is two developers’ hours for two months, which equates to 4 Scrum sprints.

One more thing, before we get into details, “Lift and Shift” doesn’t necessarily mean moving projects to Virtual machines. It can be a code copy-paste to new project templates.

For example, we had a classic 3-tier application with ASP.NET MVC, WCF services, and SQL Server databases. We decided to move our data storage to the cloud-first, so here are key points:

1. How many databases did we use, is there is a need for more than one DB for production?
2. Don’t forget about traffic estimation. Security, Firewall come with additional cost, as does Threat detection.
3. Plan for idle recovery instance and the need for external backups storage.
4. Prepare a separate subscription in a nearby Azure region, in case of failure.
5. Attempt to estimate server load for the future 6–12 months. The current resources consumption will not reflect the need in 6 months.
6. Ask the Customer, which is more important, money, or performance? There might be wrong assumptions made.
7. Double-check if a link is needed between local and cloud infrastructure.

Variant provided by Azure

Seems to be pretty easy :), eh? The next chapter will provide more details.

Essentially process can be split into several key steps.

• Cost estimation and architecture of Azure Service Fabric application.
• Gathering requirements, both functional and non-functional.
• Ensure that data storage is in Azure or accessible from Azure.
• A decision on security, Azure AD, Auth0, or Identity Server 4.
• Creation of Azure Service Fabric stateless service template.
• The transition of WCF service code to new templates.

Service Fabric can be pretty complicated sometimes, but I suggest to start with both Bronze tiers for Durability and Reliability. They will provide cost-effective development solutions and much-needed practice with management and operation.

The development process can be easily done in local environments, and there is a need to download Service Fabric Runtime. install it and then start with documentation. Beware though. Azure Service Fabric tools cannot be installed with Visual Studio 2019 only, the combo of 2017 and 2019 version will work.

As I mentioned in the beginning, there is a repository with a stateless service template that can be used.

THE Azure CLI code below will create a bright and shiny new cluster. Just change variable names according to needs.

export vaultResourceGroup="bootcamp2019-keyvault-group"
export vaultName="bootcamp2019DemoVault" 
export primaryLocation="northeurope"
az group create --name $vaultResourceGroup --location $primaryLocation
az keyvault create --name $vaultName --resource-group $vaultResourceGroup --location $primaryLocation
export clusterResourceGroup="bootcamp2019-fabric-cluster-group"
az group create --name $clusterResourceGroup --location $primaryLocation
export clusterName="bootcamp2019-services-demo" 
export sertificateSubject="bootcamp2019-services-demo.northeurope.cloudapp.azure.com" 
export sertificatePassword="bootcamp2019Azure"
export vmUserName="bootCampAdmin" 
export vmPassword="2019Bootcamp"
export balancerName="LB-bootcamp2019-services-demo-nt1vm"
az sf cluster create --resource-group $clusterResourceGroup --location $primaryLocation \
--certificate-output-folder . --certificate-password $sertificatePassword --certificate-subject-name $sertificateSubject \
--cluster-name $clusterName --cluster-size 1 --os WindowsServer2016Datacenter \
--vault-name $vaultName --vault-resource-group $vaultResourceGroup \
--vm-password $vmPassword --vm-user-name $vmUserName --vm-sku Standard_D1_v2
export insightsResourceGroup="bootcamp2019-telemetry-group"
export productionInsightsName="production-appinsights"
export developmentInsightsName="development-appinsights"
az group create --name $insightsResourceGroup --location $primaryLocation
az resource create  --resource-group $insightsResourceGroup --resource-type "Microsoft.Insights/components" \
--name $productionInsightsName --location  $primaryLocation --properties '{"Application_Type":"web"}'
az resource create  --resource-group $insightsResourceGroup --resource-type "Microsoft.Insights/components" \
--name $developmentInsightsName --location  $primaryLocation --properties '{"Application_Type":"web"}'
az resource show -g $insightsResourceGroup -n $productionInsightsName --resource-type "Microsoft.Insights/components" --query properties.InstrumentationKey
az resource show -g $insightsResourceGroup -n $developmentInsightsName --resource-type "Microsoft.Insights/components" --query properties.InstrumentationKey
#Save Application insights instrumentation key from latest comman
export vaultResourceGroup="bootcamp2019-keyvault-group"
export clusterResourceGroup="bootcamp2019-fabric-cluster-group" 
export vaultName="bootcamp2019DemoVault" 
export scaleSetName="nt1vm"
#command below can hang, so just ctrl+c it, in case nothing happens in 30 seconds
az vmss identity assign --resource-group $clusterResourceGroup --name $scaleSetName
az vmss show --resource-group $clusterResourceGroup --name $scaleSetName
#get your principal id from previous command and set it to variable below
export scaleSetManagedId="f2973f23-e151-42c5-8a93-82f1a13a3beb"
az keyvault set-policy --name $vaultName --resource-group $vaultResourceGroup --object-id $scaleSetManagedId \
--secret-permissions get list
az keyvault set-policy --name $vaultName --resource-group $vaultResourceGroup --object-id $scaleSetManagedId \
--certificate-permissions get list
#add test secret to KeyVault
az keyvault secret set --vault-name $vaultName --name "SuperSecret" --value "FancySecret"
#get certificate list from KeyVault and copy certificate name
az keyvault certificate list --vault-name $vaultName