Windows容器无法访问Azure文件存储 [英] Windows container fails to reach Azure File Storage
问题描述
我有一个Windows服务器核心容器中的IIS上运行的c#Web应用程序. 在dockerfile中,我创建一个没有密码的新用户'myUser'. 我也将凭据添加到Dockerfile中的Azure文件存储中:
I have a c# web application running on IIS in a windows server core container. In the dockerfile I create a new user 'myUser' without password. I add the credentials to my Azure File store in the Dockerfile as well:
USER myUser
RUN powershell "cmdkey /add:mystore.file.core.windows.net /user:AZURE\mystore /pass:XXXXXXXXXXXXXXXXXXXXXXXXXXXXX=="
我使用"myUser"添加了一个新的应用程序池标识,并将该应用程序池用于我的应用程序. 当我启动容器并使用'docker exec'连接时,我以新用户身份登录. 我可以使用"ls \ mystore.file.core.windows.net \ dockerstore \"访问路径 可以使用"cmdkey/list"列出凭据.
I add a new application pool Identity using 'myUser', and use that application pool for my application. When I start the container and connect using 'docker exec', I am logged on as the new user. I can access the path with 'ls \mystore.file.core.windows.net\dockerstore\' The credentials are listed okay with 'cmdkey /list'.
但是,在同一用户下运行的我的应用程序抱怨它无法到达商店.在Directory.Exists()上报告了System.IO.IOException.
However, my application which runs under the same user complaints it cannot reach the store. System.IO.IOException reported on Directory.Exists().
我也在本地机器上执行了该执行,该应用程序运行没有问题. 我也尝试过使用具有密码的用户,但无济于事. 该应用程序使用商店的完整UNC路径.
I have done this execise on my local box as well, and the application runs without issues. I have tried using a user with password as well, to no avail. The application use the full UNC-path to the store.
在Windows服务应用程序上尝试了相同的操作.同样的事情:可以在Powershell会话中列出文件,但我的应用程序无法访问它.
Tried the same thing on a windows service application. Same thing: Can list files in a powershell session, but my application cannot access it.
我想念什么吗?
这是我所做的:
NET USER myAzureFilesUser myAzureFilesPasswordXXXXXXXXXXX== /add /y
NET LOCALGROUP Administrators /add myAzureFilesUser
Import-Module WebAdministration
$processModelProperties = @{userName='myAzureFilesUser ';password='myAzureFilesPasswordXXXXXXXXXXX==';identitytype=3}
Set-ItemProperty (Join-Path 'IIS:\AppPools\' 'My AppPool Name') -name processModel -value $processModelProperties
推荐答案
您需要使用与Azure File存储帐户相同的用户名和密码创建本地用户帐户,并执行此处所述的一些其他任务. https://blogs.iis.net/davidso/azurefile
You need to create local user account with the same username and password as Azure File storage account and perform some additional tasks as described here. https://blogs.iis.net/davidso/azurefile
这篇关于Windows容器无法访问Azure文件存储的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!