1. 首頁
  2. 問答
  3. 2個暴露HTTPS端點和不同的端口

2個暴露HTTPS端點和不同的端口

2017-04-07 328 views
0

服務織物簇我創建2無國籍服務結構服務,我需要兩個暴露,並從通過HTTPS Web訪問:2個暴露HTTPS端點和不同的端口

  • 引擎,(ASP達網絡核心API)通過HTTP暴露在端口1212和HTTPS端口8465
  • 網站(Asp.net核心Web應用程序)經由HTTPS暴露在端口443上

我現在是本地專用,使用網絡監聽器

ServiceManifest.XML ENGINE

<?xml version="1.0" encoding="utf-8"?> 
<ServiceManifest Name="EnginePkg" 
       Version="1.0.0" 
       xmlns="http://schemas.microsoft.com/2011/01/fabric" 
       xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> 
    <ServiceTypes> 
    <StatelessServiceType ServiceTypeName="EngineType" /> 
    </ServiceTypes> 

<CodePackage Name="Code" Version="1.0.0"> 
    <EntryPoint> 
     <ExeHost> 
     <Program>Engine.exe</Program> 
     <WorkingFolder>CodePackage</WorkingFolder> 
     </ExeHost> 
    </EntryPoint> 
    </CodePackage> 

<ConfigPackage Name="Config" Version="1.0.0" /> 

    <Resources> 
    <Endpoints> 
     <Endpoint Protocol="http" Name="EngineEndpoint" Type="Input" Port="1212" /> 
     <Endpoint Protocol="https" Name="EngineEndpointSecure" Type="Input" Port="8465" /> 
    </Endpoints> 
    </Resources> 
</ServiceManifest>

ServiceManifest.XML網站

<?xml version="1.0" encoding="utf-8"?> 
<ServiceManifest Name="WebsitePkg" 
       Version="1.0.0" 
       xmlns="http://schemas.microsoft.com/2011/01/fabric" 
       xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> 
    <ServiceTypes> 
    <StatelessServiceType ServiceTypeName="WebsiteType" /> 
    </ServiceTypes> 

    <CodePackage Name="Code" Version="1.0.0"> 
    <EntryPoint> 
     <ExeHost> 
     <Program>Website.exe</Program> 
     <WorkingFolder>CodePackage</WorkingFolder> 
     </ExeHost> 
    </EntryPoint> 
    </CodePackage> 

    <ConfigPackage Name="Config" Version="1.0.0" /> 

    <Resources> 
    <Endpoints> 
    <Endpoint Protocol="https" Name="WebsiteEndpoint" Type="Input" Port="443" /> 
    </Endpoints> 
    </Resources> 
</ServiceManifest>

ENGINE.CS

internal sealed class Engine : StatelessService 
    { 
     public Engine(StatelessServiceContext context) 
      : base(context) 
     { } 

     /// <summary> 
     /// Optional override to create listeners (like tcp, http) for this service instance. 
     /// </summary> 
     /// <returns>The collection of listeners.</returns> 
     protected override IEnumerable<ServiceInstanceListener> CreateServiceInstanceListeners() 
     { 
      return new ServiceInstanceListener[] 
      { 
       new ServiceInstanceListener(serviceContext => 
        new WebListenerCommunicationListener(serviceContext, "EngineEndpoint", (url, listener) => 
        { 
         ServiceEventSource.Current.ServiceMessage(serviceContext, $"Starting WebListener on {url}"); 

         return new WebHostBuilder().UseWebListener() 
            .ConfigureServices(
             services => services 
              .AddSingleton(serviceContext)) 
            .UseContentRoot(Directory.GetCurrentDirectory()) 
            .UseStartup<Startup>() 
            .UseApplicationInsights() 
            .UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None) 
            .UseUrls(url) 
            .Build(); 
        }), "EngineEndpoint"),//Name is important for multiple endpoints 

       new ServiceInstanceListener(serviceContext => 
        new WebListenerCommunicationListener(serviceContext, "EngineEndpointSecure", (url, listener) => 
        { 
         ServiceEventSource.Current.ServiceMessage(serviceContext, $"Starting Secure WebListener on {url}"); 

         return new WebHostBuilder().UseWebListener() 
            .ConfigureServices(
             services => services 
              .AddSingleton(serviceContext)) 
            .UseContentRoot(Directory.GetCurrentDirectory()) 
            .UseStartup<Startup>() 
            .UseApplicationInsights() 
            .UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None) 
            .UseUrls(url) 
            .Build(); 
        }), "EngineEndpointSecure") 
      }; 
     } 
    }

WEBSITE.CS

internal sealed class Website : StatelessService 
{ 
    public Website(StatelessServiceContext context) 
     : base(context) 
    { } 

    /// <summary> 
    /// Optional override to create listeners (like tcp, http) for this service instance. 
    /// </summary> 
    /// <returns>The collection of listeners.</returns> 
    protected override IEnumerable<ServiceInstanceListener> CreateServiceInstanceListeners() 
    { 
     return new ServiceInstanceListener[] 
     { 
      new ServiceInstanceListener(serviceContext => 
       new WebListenerCommunicationListener(serviceContext, "WebsiteEndpoint", (url, listener) => 
       { 
        ServiceEventSource.Current.ServiceMessage(serviceContext, $"Starting WebListener on {url}"); 

        return new WebHostBuilder().UseWebListener() 
           .ConfigureServices(
            services => services 
             .AddSingleton(serviceContext)) 
           .UseContentRoot(Directory.GetCurrentDirectory()) 
           .UseStartup<Startup>() 
           .UseApplicationInsights() 
           .UseServiceFabricIntegration(listener, ServiceFabricIntegrationOptions.None)  
           .UseUrls(url) 
           .Build(); 
       }), "WebsiteEndpoint"), 
     }; 
    } 
}

APPLICATIONMANIFEST.XML

<?xml version="1.0" encoding="utf-8"?> 
<ApplicationManifest xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ApplicationTypeName="ProjectSFType" ApplicationTypeVersion="1.0.0" xmlns="http://schemas.microsoft.com/2011/01/fabric"> 
    <Parameters> 

    <!--STATELESS--> 
    <Parameter Name="Engine_InstanceCount" DefaultValue="-1" /> 
    <Parameter Name="Website_InstanceCount" DefaultValue="-1" /> 

    </Parameters> 
    <ServiceManifestImport> 
    <ConfigOverrides /> 
    <Policies> 
     <EndpointBindingPolicy EndpointRef="WebsiteEndpoint" CertificateRef="FabricFront" /> 
     <EndpointBindingPolicy EndpointRef="EngineEndpointSecure" CertificateRef="FabricFront" /> 
    </Policies> 
    </ServiceManifestImport> 
    <ServiceManifestImport> 
    <ServiceManifestRef ServiceManifestName="EnginePkg" ServiceManifestVersion="1.0.0" /> 
    <ConfigOverrides /> 
    </ServiceManifestImport> 
    <ServiceManifestImport> 
    <ServiceManifestRef ServiceManifestName="WebsitePkg" ServiceManifestVersion="1.0.0" /> 
    <ConfigOverrides /> 
    </ServiceManifestImport> 
    <DefaultServices> 
    <Service Name="Engine"> 
     <StatelessService ServiceTypeName="EngineType" InstanceCount="[Engine_InstanceCount]"> 
     <SingletonPartition /> 
     </StatelessService> 
    </Service> 
    <Service Name="Website"> 
     <StatelessService ServiceTypeName="WebsiteType" InstanceCount="[Website_InstanceCount]"> 
     <SingletonPartition /> 
     </StatelessService> 
    </Service> 
    </DefaultServices> 
    <Certificates> 
    <EndpointCertificate X509FindValue="‎0000000000000" Name="FabricFront" /> 
    </Certificates> 
</ApplicationManifest>

啓動時在本地集羣會發生什麼:在端口

  • 引擎HTTP 1212 總是工作
  • 網站HTTPS端點端口443上工作ONLY如果發動機HTTPS端點作爲終點,並從Engine.cs刪除
  • 引擎HTTPS端點永遠不會奏效即使網站被切換到HTTP而且是那麼的唯一安全的端點解決方案,瀏覽器顯示「ERR_CONNECTION RESET」錯誤。

在ServiceFabric Explorer上我看到活動和運行,輸出中沒有錯誤。 我嘗試了其他端口具有相同的結果。

enter image description here

enter image description here

我怎樣才能使這項工作?

來源

2017-04-07 Francesco C.

+0

如果您可以爲兩個端點/偵聽器提供配置和代碼,那將會很好。 – masnider

+0

我添加了與案例相關的所有代碼。謝謝 –

回答

0

該錯誤是,我是放置在<Policies>上ApplicationManifest.xml的兩個<ServiceManifestImport>頂部。 每個服務在其自己的<ServiceManifestImport>內需要不同的<Policy>,正好低於<ConfigOverrides />

來源

2017-04-09 08:03:53

0

你的問題有點不清楚,但是如果你試圖在端口1601上運行一個,而在443上運行一個,只有443個成功。那麼這可能是一個特權問題?不同的港口需要不同的優惠。

另一方面,如果你試圖在端口443綁定這兩個端口,那麼它可能會因爲它們都使用相同的端口和url而發生衝突。我們有同樣的問題,我們設法通過執行以下操作來獲得過去吧:

  1. 創建HttpSetup運行PowerShell腳本是

    1. 安裝了證書,並使用其註冊申請 netsh的

      &netsh http add sslcert hostnameport="${EndpointHost}:${EndpointPort}" certhash=$CertThumbprint certstorename=$CertStore appid=$AppId

    2. 綁定證書的網址,使用Netsh:

      &netsh http add urlacl url=$ReservationUrl"

      網址示例

      https://mydnsname.com/

      https://mydnsname.com/api

      3.

  2. 在我們主要應用我們再結合我們的SERV因爲在充分的網站上沒有衝突,因此可以在完整的網址上瀏覽。我們通過環境參數將網址傳遞給羣集。

注:我們不得不分成兩個應用程序的原因是因爲我們的主要應用程序部署汽車無每次提交。當netsh同時從多個部署運行時,它鎖定並掛在節點上。

ApplicationManifest.xml 

<ServiceManifestImport> 
 
    <ServiceManifestRef ServiceManifestName="ApiPkg" ServiceManifestVersion="1.0.0" /> 
 
    <EnvironmentOverrides CodePackageRef="Code"> 
 
    <EnvironmentVariable Name="EndpointUri" Value="[Api_EndpointUri]" /> 
 
    <EnvironmentVariable Name="CertThumbprint" Value="[Api_CertThumbprint]" /> 
 
    </EnvironmentOverrides> 
 
</ServiceManifestImport> 
 
<ServiceManifestImport> 
 
    <ServiceManifestRef ServiceManifestName="UiPkg" ServiceManifestVersion="1.0.0" /> 
 
    <EnvironmentOverrides CodePackageRef="Code"> 
 
    <EnvironmentVariable Name="EndpointUri" Value="[App_EndpointUri]" /> 
 
    <EnvironmentVariable Name="CertThumbprint" Value="[App_CertThumbprint]" /> 
 
    </EnvironmentOverrides> 
 
</ServiceManifestImport>

ServiceManifest.xml(用於包)

<?xml version="1.0" encoding="utf-8"?> 
 
<ServiceManifest Name="UiPkg" 
 
       Version="1.0.0" 
 
       xmlns="http://schemas.microsoft.com/2011/01/fabric" 
 
       xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
 
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> 
 
    <ServiceTypes> 
 
    <StatelessServiceType ServiceTypeName="UiType" /> 
 
    </ServiceTypes> 
 

 
    <CodePackage Name="Code" Version="1.0.0"> 
 
    <EntryPoint> 
 
     <ExeHost> 
 
     <Program>Ui.exe</Program> 
 
     <WorkingFolder>CodePackage</WorkingFolder> 
 
     </ExeHost> 
 
    </EntryPoint> 
 
    <EnvironmentVariables> 
 
     <EnvironmentVariable Name="EndpointUri" Value="" /> 
 
     <EnvironmentVariable Name="CertThumbprint" Value="" /> 
 
    </EnvironmentVariables> 
 
    </CodePackage> 
 

 
    <!-- Config package is the contents of the Config directoy under PackageRoot that contains an 
 
     independently-updateable and versioned set of custom configuration settings for your service. --> 
 
    <ConfigPackage Name="Config" Version="1.0.0" /> 
 

 
    <Resources> 
 
    <Endpoints> 
 
     <!-- To bind to a specific hostname use netsh from a SetupEntyPoint and change Protocol to tcp here to just open the firewall 
 
     --> 
 
     <Endpoint Name="ServiceEndpoint" Protocol="tcp" Port="443" /> 
 
    </Endpoints> 
 
    </Resources> 
 
</ServiceManifest>

的Program.cs

var listeningAddress = $"{Environment.GetEnvironmentVariable("Api_EndpointUri")}:443/api/"; 
 

 
_webHost = new WebHostBuilder().UseWebListener() 
 
           .UseContentRoot(Directory.GetCurrentDirectory()) 
 
           .UseStartup<Startup>() 
 
           .UseUrls(listeningAddress) 
 
           .Build();

來源

2017-04-07 14:23:14

+0

我不需要同時綁定兩個端口,但萬一我會使用您的解決方案。 我想我的代碼可以工作,但我錯過了一些東西。爲了更好地理解發生了什麼,我添加了所有代碼。謝謝 –

相關問題

 相關問題