Share via

Request Guidance for Local Service Fabric Setup with Cosmos DB (Non-Prod)

Ashish Suman 0 Reputation points Microsoft Employee
2025-12-12T06:39:25.61+00:00

We have a C# microservices-based project running on Azure Service Fabric. Our services use Azure Cosmos DB and Redis. For local development and troubleshooting, we want to run Service Fabric locally and connect it to our non-production Cosmos DB instance.

However, because our services use MSI (Managed Identity) for authentication, we’re unable to directly connect to Cosmos DB when running locally.
Additionally, for SFI we have disabled the connection-string option to connect to Azure resources, which further restricts us from using traditional connection strings for local debugging.

We are looking for a solution or recommended approach that allows us to:

  1. Run Service Fabric locally

Connect local microservices to Cosmos DB (non-prod)

Work around MSI authentication so we can debug and troubleshoot issues locally

Configure our project in a way that aligns with recommended best practices for Service Fabric + Cosmos DB local development

Request:

  • Please share any documentation, guidance, or sample implementations for enabling local Service Fabric services to connect to Azure Cosmos DB (non-prod), preferably without disabling MSI.
  • If a recommended approach is to use alternate credentials, emulator, or configuration overrides, please provide details.
  • We are also available to walk you through our complete setup and use case on a call if needed.

Thank you! Let us know if any additional details are required.

Azure Service Fabric
Azure Service Fabric
An Azure service that is used to develop microservices and orchestrate containers on Windows and Linux.

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2025-12-12T06:39:37.8166667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To run your Azure Service Fabric microservices locally while connecting to a non-production Azure Cosmos DB instance, especially when using Managed Identity (MSI) for authentication, you can consider the following approaches:

    1. Use Azure Cosmos DB Emulator: The Azure Cosmos DB emulator provides a local environment that emulates the Azure Cosmos DB service. This allows you to develop and test your application locally without needing an Azure subscription or incurring costs. However, please note that the emulator is not recommended for production workloads. You can transition to using an Azure Cosmos DB account once you are satisfied with your local development.
    2. Local Authentication: Since you have disabled the connection-string option for Azure resources, you might need to configure your local development environment to authenticate using alternate credentials. This could involve using a local account or a service principal that has access to your non-production Cosmos DB instance.
    3. Configuration Overrides: Consider implementing configuration overrides in your local environment. This could involve using environment variables or a local configuration file that specifies the credentials necessary to connect to the Cosmos DB instance without relying on MSI.
    4. Testing with Alternate Credentials: If MSI is not feasible for local development, you can create a service principal in Azure Active Directory and use its credentials for local testing. This allows you to authenticate against Azure resources without needing to disable MSI entirely.
    5. Documentation and Samples: While specific documentation for Service Fabric with Cosmos DB using MSI locally may not be available, you can refer to the Azure Cosmos DB emulator documentation for guidance on setting up the emulator and connecting your application to it. Additionally, reviewing best practices for Azure Service Fabric and Cosmos DB can provide insights into configuring your project effectively.

    For detailed guidance, you may want to explore the Azure Cosmos DB emulator documentation and consider reaching out to Azure support for tailored assistance based on your specific setup and requirements.

    References:

    0 comments
  2. Shraddha Pandey 540 Reputation points Microsoft External Staff Moderator
    2025-12-12T09:08:18.86+00:00

    Hi Ashish Suman ,

    It looks like you're trying to set up a local Azure Service Fabric environment while connecting it to your non-production Cosmos DB instance, and you're facing some challenges with Managed Identity (MSI) authentication. Here's a brief rundown of how you might tackle this:

    Steps to Connect Local Service Fabric to Cosmos DB with MSI Authentication:

    1. Run Service Fabric Locally: You can run the Service Fabric SDK locally by following the How to create Standalone Service Fabric Cluster documentation. This will set up a development cluster on your local machine.
    2. Use the Azure Cosmos DB Emulator: If feasible, consider using the Azure Cosmos DB Emulator for local development. The emulator supports a subset of the Cosmos DB features and allows you to test your services without needing to connect to an actual Azure Cosmos DB instance.
    3. Alternate Authentication Method: Since you're using MSI and want to avoid connection strings, you could leverage Azure AD app registrations. Create an Azure AD application with the necessary permissions to your Cosmos DB instance, and use client ID and client secret in your application configuration to authenticate when running locally.
    4. Configuration Overrides: You can set up configuration overrides in your Service Fabric application to differentiate between local and production settings. This might include swapping from MSI to app-specific credentials when running locally.
    5. Best Practices Alignment: To ensure that your local setup aligns with best practices, refer to the Azure Service Fabric application design best practices and ensure you have your services discoverable using reliable services and partitioning them correctly.

    Here are some resources that might help you further:

    If the above suggestions don't fully address your issue or if you have any specific configurations in mind, here are a few follow-up questions to consider:

    1. Have you tried using the Azure Cosmos DB Emulator to eliminate the dependency on the actual Cosmos DB deployment?
    2. Are there specific error messages you’re encountering while attempting to connect to Cosmos DB locally?
    3. Can you provide more details about your local development environment (e.g., OS, Service Fabric version)?
    4. Would you be open to using app registrations as an alternative authentication method when developing locally?

    I hope this helps! Let me know if you need any more information.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.