我有兩個Web角色,其中一個運行由3個與net.tcp連接的WCF服務組成的服務層,每個服務都部署爲端口808,810上的網站,以及811.WCF服務的內部端點不能在Azure Web角色上工作
現在我想讓服務層只對我的其他web角色開放。
所以我試圖讓其中一個服務端點內部,併爲我的前端Web角色提供訪問權限。
像這樣:
<ServiceDefinition name="MagnusAzureCloudService" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceDefinition" schemaVersion="2015-04.2.6"> <WebRole name="Core.Services" vmsize="Small"> <Runtime executionContext="elevated" /> <Startup> <Task commandLine="Startup/startup.cmd" executionContext="elevated" taskType="background" /> </Startup> <Sites> <Site name="Core" physicalDirectory="C:\CoreServices"> <Bindings> <Binding name="Endpoint1" endpointName="Endpoint1" /> </Bindings> </Site> <Site name="Store" physicalDirectory="C:\StoreServices"> <Bindings> <Binding name="Endpoint3" endpointName="Endpoint3" /> </Bindings> </Site> <Site name="Users" physicalDirectory="C:\UserServices"> <Bindings> <Binding name="Endpoint4" endpointName="Endpoint4" /> </Bindings> </Site> </Sites> <ConfigurationSettings> <Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" /> </ConfigurationSettings> <Endpoints> <InputEndpoint name="Endpoint1" protocol="http" port="8282" /> <InputEndpoint name="Endpoint3" protocol="http" port="81" /> <InputEndpoint name="Endpoint4" protocol="http" port="8181" /> <InputEndpoint name="Endpoint2" protocol="tcp" port="808" localPort="808" /> <InputEndpoint name="Endpoint5" protocol="tcp" port="810" localPort="810" /> <InternalEndpoint name="Endpoint6" protocol="tcp" port="811" /> </Endpoints> <Certificates> </Certificates> <Imports> <Import moduleName="RemoteAccess" /> <Import moduleName="RemoteForwarder" /> </Imports> </WebRole> <WebRole name="UIWeb" vmsize="Small"> <Runtime executionContext="elevated" /> <Startup> <Task commandLine="Startup/startup.cmd" executionContext="elevated" taskType="background" /> </Startup> <Sites> <Site name="Web"> <Bindings> <Binding name="Endpoint1" endpointName="Endpoint1" /> </Bindings> </Site> </Sites> <ConfigurationSettings> <Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" /> </ConfigurationSettings> <Endpoints> <InputEndpoint name="Endpoint1" protocol="http" port="80" /> </Endpoints> <Imports> <Import moduleName="RemoteAccess" /> </Imports> </WebRole> <NetworkTrafficRules> <OnlyAllowTrafficTo> <Destinations> <RoleEndpoint endpointName="Endpoint6" roleName="Core.Services" /> </Destinations> <WhenSource matches="AnyRule"> <FromRole roleName="UIWeb"/> </WhenSource> </OnlyAllowTrafficTo> </NetworkTrafficRules> </ServiceDefinition>
但當UserService試圖似乎超時。
'/'應用程序中的服務器錯誤。
連接到via net.tcp://myservicename.cloudapp.net:811/ UserTypeService.svc在00:00:00後超時 。連接嘗試次數爲0(共1個) addresses()。檢查您的頻道的RemoteAddress並驗證此端點的DNS記錄是否與有效的IP地址相對應。 分配給此操作的時間可能是 較長超時的一部分。
我也嘗試設置<AllowAllTraffic/>
而不是<WhenSource ...>
但這沒有效果。
第二次嘗試: 一些反饋後,我嘗試過的一些變化來設置FixedPort
和PortRange
811和角色聽port="*"
。
<InternalEndpoint name="Endpoint6" protocol="tcp" port="*" >
<FixedPortRange min="811" max="811"></FixedPortRange>
</InternalEndpoint>
我保留了NetworkTrafficRules作爲以前的嘗試。
我還添加了下面的代碼,以確保有一個動態端口偵聽器。在我WebRole.cs文件:
public class WebRole : RoleEntryPoint
{
/// <summary>
///
/// </summary>
/// <returns></returns>
public override bool OnStart()
{
Trace.TraceInformation("OnStart method called. Updating information on IIS.");
try
{
// Initialize method-wide variables
var epName = "Endpoint6";
var roleInstance = RoleEnvironment.CurrentRoleInstance;
// Identify direct communication port
var myPublicEp = roleInstance.InstanceEndpoints[epName].PublicIPEndpoint;
Trace.TraceInformation("IP:{0}, Port:{1}", myPublicEp.Address, myPublicEp.Port);
// Identify public endpoint
var myInternalEp = roleInstance.InstanceEndpoints[epName].IPEndpoint;
// Create socket listener
var listener = new Socket(
myInternalEp.AddressFamily, SocketType.Stream, ProtocolType.Tcp);
// Bind socket listener to internal endpoint and listen
listener.Bind(myInternalEp);
listener.Listen(10);
Trace.TraceInformation("Listening on IP:{0},Port: {1}",
myInternalEp.Address, myInternalEp.Port);
while (true)
{
// Block the thread and wait for a client request
Socket handler = listener.Accept();
Trace.TraceInformation("Client request received.");
// Define body of socket handler
var handlerThread = new Thread(
new ParameterizedThreadStart(h =>
{
var socket = h as Socket;
Trace.TraceInformation("Local:{0} Remote{1}",
socket.LocalEndPoint, socket.RemoteEndPoint);
// Shut down and close socket
socket.Shutdown(SocketShutdown.Both);
socket.Close();
}
));
// Start socket handler on new thread
handlerThread.Start(handler);
}
}
catch (Exception e)
{
Trace.TraceError("Caught exception in run. Details: {0}", e);
}
// Set the maximum number of concurrent connections
ServicePointManager.DefaultConnectionLimit = 12;
return base.OnStart();
}
}
另外一個需要注意的是,電話服務使用端口811來找到合適的服務,因爲該服務運行三種不同的WCF項目點。而且我打電話的服務也使用了一個指定的端口號,如果突然間應該是動態的,我認爲這可能是一個問題。呼叫服務如下所示:
<endpoint address="net.tcp://myservicename.cloudapp.net:811/UserTypeService.svc"
behaviorConfiguration="ClientContextEndpointBehavior" binding="netTcpBinding"
bindingConfiguration="NetTcpBinding_FrameworkService" contract="Users.Services.IPersonTypeService"
name="Tcp">
<identity>
<dns value="The Certificate Name" />
</identity>
</endpoint>
而在接收(內部)WebRole網站上,我有以下類型的配置。
<service name="Core.Services.Logging.LoggingService" behaviorConfiguration="coreServiceBehavior">
<endpoint address="net.tcp://localhost:808/LoggingService.svc"
behaviorConfiguration="ContextEndpointBehavior"
binding="netTcpBinding"
bindingConfiguration="NetTcpBinding1"
contract="Core.Logging.ILoggingService">
<identity>
<dns value="The Certificate Name" />
</identity>
</endpoint>
而在端口811的其他WCF網站:
<service name="Users.Services.PersonTypeService">
<endpoint address="net.tcp://localhost:811/UserTypeService.svc" binding="netTcpBinding" bindingConfiguration="NetTcpServiceBinding1" behaviorConfiguration="ServerContextEndpointBehavior" contract="Users.Services.IUserTypeService">
<identity>
<dns value="The Certificate Name" />
</identity>
</endpoint>
<endpoint address="mex" binding="mexTcpBinding" kind="mexEndpoint">
<identity>
<dns value="localhost" />
</identity>
</endpoint>
我不確定我在追隨?你建議我做什麼,爲什麼? –
@MagnusKarlsson您正在嘗試使用* external *地址myservicename.cloudapp.net將_internal_端點連接到您的服務,_Input端點_用於與來自Azure外*的角色實例進行通信。 _Internal endpoints_用於* internal *角色通信,然後您需要內部IP範圍的IP地址,這是我的編碼示例的作用,有關詳細信息,請參閱此信息https://msdn.microsoft.com/en-us/library /azure/hh180158.aspx –
我認爲Azure內部DNS將處理我的雲服務地址並將其解析爲正確的IP地址。既然這兩個角色在同一個雲服務中,他們應該能夠在沒有工作的情況下彼此交談?我剛剛添加了一個固定端口作爲這個例子,現在就試試看。或者我錯過了什麼? https://msdn.microsoft.com/en-us/library/azure/hh180158.aspx –