Set up load balancer inbound rules when using Managed Service Fabric Cluster

Hi Victor Martin,

thanks for posting your question on the Q&A portal! I totally get how frustrating it can be when things don’t work as expected, especially when you’re switching to a managed service fabric cluster. Let’s break this down step by step to get your app accessible again.

So, the error you’re seeing is about a deny assignment blocking your changes to the load balancer rules. This is actually a security feature in managed service fabric clusters to prevent accidental modifications that could mess with the cluster’s stability. The deny assignment is auto-created and, yeah, you can’t just remove it. But don’t worry, there’s a way around it ))

For managed clusters, you shouldn’t edit the load balancer rules directly. Instead, you need to use the service fabric managed cluster resource provider to configure the rules. This is done through the "loadBalancingRules" section in your cluster’s ARM template or via the service fabric managed cluster API. Here’s the official docs on how to set this up: Configure load balancer rules for managed service fabric clusters.

Basically, you’ll define your inbound rules as part of the cluster configuration, and the system will handle the rest. This way, you avoid running into those pesky permission issues. If you’re using an ARM template, make sure to include the rules in the "loadBalancingRules" property under the cluster’s network profile.

Also, just a heads-up, check your app’s ports and health probes. Sometimes timeouts happen because the probes aren’t configured correctly, so the load balancer thinks your app isn’t healthy. The docs cover that too, so give it a quick peek.

Hope this helps! Let me know if you run into any more roadblocks, and I’ll do my best to point you in the right direction.

Cheers!
Alex
P.S. If my answer help to you, please Accept my answer
PPS That is my Answer and not a Comment
https://ctrlaltdel.blog/