我的 ASP.NET Core 7.0 应用程序在 AWS Elastic Container Service 中运行,使用使用以下 Docker 文件从 alpine 映像构建的容器。
ASP.NET Core 7.0 Docker 文件:
FROM mcr.microsoft.com/dotnet/aspnet:7.0-alpine AS base
WORKDIR /app
ENV DOTNET_RUNNING_IN_CONTAINER=true
RUN apk add --no-cache icu-libs krb5-libs libgcc libintl libssl1.1 libstdc++ zlib
ENV DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=false
EXPOSE 443
FROM mcr.microsoft.com/dotnet/sdk:7.0-alpine AS build
WORKDIR /src
COPY ["IDP/IDP.csproj", "IDP/"]
COPY ["Infrastructure/Infrastructure.csproj", "Infrastructure/"]
COPY ["Domain/Domain.csproj", "Domain/"]
COPY ["Shared/Shared.csproj", "Shared/"]
RUN dotnet restore "IDP/IDP.csproj"
COPY . .
WORKDIR "/src/IDP"
RUN dotnet build "IDP.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "IDP.csproj" -c Release -o /app/publish /p:UseAppHost=false
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ARG ENVIRONMENT
ENV ASPNETCORE_ENVIRONMENT $ENVIRONMENT
ENTRYPOINT ["dotnet", "IDP.dll"]
现在,更新到 .NET 8 后,我可以看到容器仍在运行,但无法从我的应用程序访问任何端点。
然后在谷歌搜索后,我发现了以下重大更改文档。
默认端口映射更改: https://learn.microsoft.com/en-us/dotnet/core/compatibility/containers/8.0/aspnet-port
所以我在 Docker 文件中添加了以下内容:
FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine AS base
WORKDIR /app
ENV DOTNET_RUNNING_IN_CONTAINER=true
RUN apk add --no-cache icu-libs krb5-libs libgcc libintl libssl1.1 libstdc++ zlib
ENV DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=false
ENV ASPNETCORE_HTTP_PORTS=80 #<---- Newly added
ENV ASPNETCORE_HTTPS_PORTS=443 #<---- Newly added
EXPOSE 80 #<---- Newly added
EXPOSE 443
然后我开始收到以下错误:
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found or is out of date.
现在容器没有运行并开始抛出证书错误。
再次发现另一个与重大更改相关的证书文档,如下链接: https ://learn.microsoft.com/en-us/dotnet/core/compatibility/containers/8.0/krb5-libs-package
泊坞窗文件:
RUN apk add --no-cache icu-libs krb5-libs libgcc libintl libssl1.1 libstdc++ zlib ca-certificates #<---- Newly added ca-certificates
仍然面临同样的错误。
这是我的最终 ASP.NET Core 8 Docker 文件
FROM mcr.microsoft.com/dotnet/aspnet:8.0-alpine AS base
WORKDIR /app
ENV DOTNET_RUNNING_IN_CONTAINER=true
RUN apk add --no-cache icu-libs krb5-libs libgcc libintl libssl1.1 libstdc++ zlib ca-certificates
ENV DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=false
ENV ASPNETCORE_HTTP_PORTS=80
ENV ASPNETCORE_HTTPS_PORTS=443
EXPOSE 80
EXPOSE 443
FROM mcr.microsoft.com/dotnet/sdk:8.0-alpine AS build
WORKDIR /src
COPY ["IDP/IDP.csproj", "IDP/"]
COPY ["Infrastructure/Infrastructure.csproj", "Infrastructure/"]
COPY ["Domain/Domain.csproj", "Domain/"]
COPY ["Shared/Shared.csproj", "Shared/"]
RUN dotnet restore "IDP/IDP.csproj"
COPY . .
WORKDIR "/src/IDP"
RUN dotnet build "IDP.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "IDP.csproj" -c Release -o /app/publish /p:UseAppHost=false
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ARG ENVIRONMENT
ENV ASPNETCORE_ENVIRONMENT $ENVIRONMENT
ENTRYPOINT ["dotnet", "IDP.dll"]
请问有人可以帮助我解决我所缺少的吗?
在版本 8 之前,您的容器侦听端口 80。
要让它恢复这样做,添加就足够了
到你的 Dockerfile。
当您添加
ASPNETCORE_HTTPS_PORTS时,您的应用程序想要侦听 HTTPS 流量。它以前没有这样做,即使你EXPOSE端口 443。EXPOSE 主要是文档和你的情况,它是不正确的。当您的应用程序开始侦听 HTTPS 流量时,它需要您尚未提供的证书。这就是它失败的原因。尝试将其作为您的 Dockerfile
这应该会使您的应用程序表现得像以前一样。