Windows容器无法访问Azure文件存储 [英] Windows container fails to reach Azure File Storage

问题描述

我有一个Windows服务器核心容器中的IIS上运行的c#Web应用程序. 在dockerfile中，我创建一个没有密码的新用户'myUser'. 我也将凭据添加到Dockerfile中的Azure文件存储中:

I have a c# web application running on IIS in a windows server core container. In the dockerfile I create a new user 'myUser' without password. I add the credentials to my Azure File store in the Dockerfile as well:

USER myUser
RUN powershell "cmdkey /add:mystore.file.core.windows.net /user:AZURE\mystore /pass:XXXXXXXXXXXXXXXXXXXXXXXXXXXXX=="

我使用"myUser"添加了一个新的应用程序池标识，并将该应用程序池用于我的应用程序. 当我启动容器并使用'docker exec'连接时，我以新用户身份登录. 我可以使用"ls \ mystore.file.core.windows.net \ dockerstore \"访问路径 可以使用"cmdkey/list"列出凭据.

I add a new application pool Identity using 'myUser', and use that application pool for my application. When I start the container and connect using 'docker exec', I am logged on as the new user. I can access the path with 'ls \mystore.file.core.windows.net\dockerstore\' The credentials are listed okay with 'cmdkey /list'.

但是，在同一用户下运行的我的应用程序抱怨它无法到达商店.在Directory.Exists()上报告了System.IO.IOException.

However, my application which runs under the same user complaints it cannot reach the store. System.IO.IOException reported on Directory.Exists().

我也在本地机器上执行了该执行，该应用程序运行没有问题. 我也尝试过使用具有密码的用户，但无济于事. 该应用程序使用商店的完整UNC路径.

I have done this execise on my local box as well, and the application runs without issues. I have tried using a user with password as well, to no avail. The application use the full UNC-path to the store.

在Windows服务应用程序上尝试了相同的操作.同样的事情:可以在Powershell会话中列出文件，但我的应用程序无法访问它.

Tried the same thing on a windows service application. Same thing: Can list files in a powershell session, but my application cannot access it.

我想念什么吗?

这是我所做的:

NET USER myAzureFilesUser myAzureFilesPasswordXXXXXXXXXXX== /add /y
NET LOCALGROUP Administrators /add myAzureFilesUser 

Import-Module WebAdministration
$processModelProperties = @{userName='myAzureFilesUser ';password='myAzureFilesPasswordXXXXXXXXXXX==';identitytype=3}
Set-ItemProperty (Join-Path 'IIS:\AppPools\' 'My AppPool Name') -name processModel -value $processModelProperties

推荐答案

您需要使用与Azure File存储帐户相同的用户名和密码创建本地用户帐户，并执行此处所述的一些其他任务. https://blogs.iis.net/davidso/azurefile

You need to create local user account with the same username and password as Azure File storage account and perform some additional tasks as described here. https://blogs.iis.net/davidso/azurefile

这篇关于Windows容器无法访问Azure文件存储的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！