在服务结构上托管多个公共站点 [英] host multiple public sites on service fabric

问题描述

我有一个服务架构集群，部署了一个域名为 foo.northcentralus.cloudapp.azure.com

I have a service fabric cluster deployed with a domain of foo.northcentralus.cloudapp.azure.com

它具有单个节点类型，具有单个公共IP地址/负载均衡器。

It has a single node type with a single public ip address / load balancer.

说我已经部署了以下两个应用程序：

Lets say I have the following two apps deployed:

• http：// foo。 northcentralus.cloudapp.azure.com:8101/wordcount/


• http://foo.northcentralus.cloudapp.azure.com:8102/visualobjects/

• http://foo.northcentralus.cloudapp.azure.com:8101/wordcount/
• http://foo.northcentralus.cloudapp.azure.com:8102/visualobjects/

如何设置这个，所以我可以有多个域每个托管在80端口？ （假设我显然拥有这两个域）

How can I set this up so I can have multiple domains each hosted on port 80? (assuming I own both of these domains obviously)

• http://www.wordcount.com


• http： //www.visualobjects.com

• http://www.wordcount.com
• http://www.visualobjects.com

我的群集中是否需要多个公共IP地址来支持？

Do I need more than one public ip address in my cluster to support this?

推荐答案

您应该可以通过一些http.sys魔法使用单个公共IP地址来执行此操作。

You should be able to do this with a single public IP address through some http.sys magic.

假设您正在使用Katana作为您的Web主机（参考使用Katana的字数和视觉对象样本），那么它应该就像启动服务器使用URL中的域名：

Assuming you're using Katana for your web host (the word count and visual object samples you reference use Katana), then it should be as simple as starting the server using the domain name in the URL:

WebApp.Start("http://visualobjects.com:80", appBuilder => this.startup.Invoke(appBuilder));

底层 Windows HTTP Server API 将使用该URL注册该服务器，以及使用 Host：visualobjects的任何HTTP请求.com 头将自动路由到该服务器。对具有自己的主机名的任意数量的服务器重复。这是http.sys在单个机器上进行多站点托管的主机路由，与IIS中的一样。

The underlying Windows HTTP Server API will register that server with that URL, and any HTTP request that comes in with a Host: visualobjects.com header will automatically be routed to that server. Repeat for any number of servers with their own hostname. This is the host routing that http.sys does for multi-website hosting on a single machine, same as you had in IIS.

您遇到的问题是在打开服务器之前，保留主机名，您必须在提升的用户帐户下执行此操作。 Service Fabric在ServiceManifest.xml中以Endpoint配置的形式有限的支持：

The problem you'll run into is with reserving the hostname, which you have to do under an elevated user account before you open the server. Service Fabric has limited support for this in the form of Endpoint configuration in ServiceManifest.xml:

<!-- THIS WON'T WORK FOR REGISTERING HOSTNAMES -->
<Resources>
  <Endpoints>
    <Endpoint Protocol="http" Name="ServiceEndpoint" Type="Input" Port="80" />
  </Endpoints>
</Resources>

这里的限制是无法指定主机名，因此Service Fabric将始终注册< a href =http：// +：[port] =noreferrer> http：// +：[port] 。不幸的是，如果要在特定的主机名上打开服务器，您不需要注册要使用的主机名。您必须手动使用netsh（并从ServiceManifest.xml 中删除同一端口的端点），否则将覆盖您的主机名注册。

The limitation here is that there is nowhere to specify a hostname, so Service Fabric will always register "http://+:[port]". That unfortunately doesn't work if you want to open a server on a specific hostname - you need to register just the hostname you want to use. You have to do that part manually using netsh (and remove any Endpoints for the same port from ServiceManifest.xml, otherwise it will override your hostname registration).

要使用http.sys手动注册主机名，必须为运行服务的主机名，端口和用户帐户运行netsh，默认情况下为网络服务：

To register the hostname with http.sys manually, you have to run netsh for the hostname, port, and user account under which your service runs, which by default is Network Service:

netsh http add urlacl url=http://visualobjects.com:80/ user="NT AUTHORITY\NETWORK SERVICE"

但是，您必须从服务运行的每台计算机上的高架帐户中执行此操作。幸运的是，我们有一个可以在提升的帐户权限下运行的服务设置入口点。

But you have to do this from an elevated account on each machine the service will run on. Luckily, we have service setup entry points that can run under elevated account privileges.

编辑

为了使这个工作，您需要做的一件事是在正在侦听的同一端口上打开防火墙。您可以使用以下操作：

One thing you will need to do in order for this to work is open up the firewall on the same port you are listening on. You can do that with the following:

<Resources>
   <Endpoints>
      <Endpoint Protocol="tcp" Name="ServiceEndpoint" Type="Input" Port="80" />
   </Endpoints>
</Resources>

请注意，协议是tcp而不是http。这将打开防火墙端口，但不会覆盖您使用.bat脚本设置的http.sys注册。

Note that the Protocol is tcp instead of http. This will open up the firewall port but not override the http.sys registration that you set up with the .bat script.

这篇关于在服务结构上托管多个公共站点的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！