使用docker-compose将azure文件共享安装到linux容器的Web应用程序 [英] mount azure file share to web app for linux containers with docker-compose
问题描述
我正在尝试将 azure文件共享安装到容器Web应用程序(linux)服务。这是一个带有前端前端的.net Core 3 Web API应用。当我安装本地驱动器以加载与文件共享中完全相同的文件时,应用程序容器在本地运行完美。
根据
我可以确认文件共享包含环境变量中引用的文件:mcpdata / security / mycertfile.pfx
< h2>问题:
由服务运行容器时,它会给出错误:
System.InvalidOperationException:加载证书时出错。找不到文件 /security/mycert.pfx。
我要做什么:
- 因为容器失败,所以我无法通过ssh来检查文件。因此,我从本地azure容器注册表中提取了映像,然后执行了 docker export -o dump.tar 。然后我解压缩文件,并且未创建安全文件夹。
- 我还尝试通过从docker compose中删除顶级安装定义,直接在docker compose文件中直接引用命名文件共享。文件。删除的代码如下所示:
卷:
mcpdata:
驱动程序:azure_file
driver_opts:
share_name:共享名
storage_account_name:storageaccountname
问题:
有人可以帮助我将azure文件共享连接到我的容器,还是可以帮助我确认在容器发生故障时文件的安装位置。
编辑1:
尝试使用azure cli添加文件共享装载。我使用以下命令将文件共享挂载添加到我的Web应用程序:
az webapp配置存储帐户添加--resource-group rgname --name" appname" --slot开发--custom-id fsmount001-存储类型AzureFiles --share-name sname --account-name aname; -访问键 key; --mount-path /
此命令有效并创建文件挂载,但是我仍然收到它找不到的错误/ security /文件夹中的cert文件
如果我是通过kudu而不是容器本身通过bash进入应用程序,则可以看到该文件挂载存在,并且在
编辑2:解决方案
使用以下命令设置文件装载:
az web应用程序配置存储帐户添加--resource-group rgname --name" appname" --slot开发--custom-id fsmount001-存储类型AzureFiles --share-name sname --account-name aname; -访问键 key; --mount-path / security / security /
在docker compose中,我使用:
数量:
-fsmount001:/ security:/ security
在appsettings.Production.json中:
IdentityServer:{
Key:{
Type ;:文件,
, FilePath: / security / mycert.pfx,
Password: password
}
}
这是我的文件安装设置在配置中的azure门户中的样子->路径映射:
在文件装载内部是一个名为security的文件夹,其中包含证书文件。
感谢查尔斯的帮助,希望对其他人有帮助!
您执行的步骤适用于ACI,而不适用于
Web App。要将Azure文件共享安装到容器的Azure Web应用程序,只需按照将存储链接到您的应用。
并且您需要在卷处更改docker-compose文件:
发件人:
数量:
-mcpdata: / security:/ security;
进入:
数量:
-自定义ID:/ security / security /
自定义ID是您在CLI中使用的东西命令。
I am trying to mount an azure file share to a Web App for Containers (linux) service. This is a .net Core 3 web api app with an angular front end. The app container runs perfectly locally when I mount a local drive to load the exact same files as in the file share.
according to the docker docs for azure file share I should set my docker compose file to be the following:
version: '3.4'
services:
webui:
image: ${DOCKER_REGISTRY-}webui
build:
context: .
dockerfile: src/WebUI/Dockerfile
environment:
- "UseInMemoryDatabase=false"
- "ASPNETCORE_ENVIRONMENT=Production"
- "ConnectionStrings__DefaultConnection=Server="
- "ASPNETCORE_Kestrel__Certificates__Default__Path=/security/mycertfile.pfx"
- "ASPNETCORE_Kestrel__Certificates__Default__Password=Your_password123"
ports:
- "5000:5000"
- "5001:5001"
volumes:
- mcpdata:"/security:/security"
restart: always
volumes:
mcpdata:
driver: azure_file
driver_opts:
share_name: sharename
storage_account_name: storageaccountname
In the configuration for my web app I have created the following file mount:
I can confirm that the file share contains the file referenced in the environment variables: mcpdata/security/mycertfile.pfx
PROBLEM:
When the container is run by the service it gives an error:
System.InvalidOperationException: There was an error loading the certificate. The file '/security/mycert.pfx' was not found.
WHAT I TIRED:
- Because the container fails I cannot ssh into it to check for the files. So i pull the image from azure container registry locally and then do a docker export -o dump.tar . I then extract the files and the security folder is not created.
- I also tried just referencing the named file share directly in the docker compose file by removing the top level mount definition from the docker compose file. removed code shown below:
volumes:
mcpdata:
driver: azure_file
driver_opts:
share_name: sharename
storage_account_name: storageaccountname
QUESTION:
Can someone help me connect an azure file share to my container, or help me confirm where the files are mounted when the container fails.
EDIT 1:
attempt to add file share mount with azure cli. I used the following command to add the file share mount to my web app:
az webapp config storage-account add --resource-group "rgname" --name "appname" --slot development --custom-id fsmount001 --storage-type AzureFiles --share-name "sname" --account-name "aname" --access-key "key" --mount-path /
this command works and creates the file mount, however I still get the error that it cannot find the cert file in the /security/ folder
If I bash into the app via kudu and not the container itself, I can see that the file mount exists and is named security in the root of the web app.
EDIT 2: SOLUTION
set up the file mount with the following command:
az webapp config storage-account add --resource-group "rgname" --name "appname" --slot development --custom-id fsmount001 --storage-type AzureFiles --share-name "sname" --account-name "aname" --access-key "key" --mount-path /security/security/
In docker compose I use:
volumes:
- fsmount001: /security:/security
In appsettings.Production.json:
"IdentityServer": {
"Key": {
"Type": "File",
"FilePath": "/security/mycert.pfx",
"Password": "password"
}
}
This is what my file mount settings look like in the azure portal under configuration -> path mappings:
Inside the file mount is a folder called security which contains the cert file.
Thanks to Charles help and I hope this helps someone else!
The steps what you have followed is for the ACI, not for the Web App. To mount the Azure File Share to the Azure Web App for the container, you just need to follow the steps in Link storage to your app.
And you need to change the docker-compose file at the volumes:
From:
volumes:
- mcpdata:"/security:/security"
Into:
volumes:
- custom-id:/security/security/
The custom-id is the thing you uses in the CLI command.
这篇关于使用docker-compose将azure文件共享安装到linux容器的Web应用程序的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
