问题描述
尝试在Azure中设置API Web App并将其所有秘密保存在keyvault中时遇到问题。
尝试访问它时,我得到HTTP Error 500.30 - ANCM In-Process Start Failure
我尝试使用Kudu在cmd行中运行它,错误是:
Unhandled exception. System.Net.Http.HttpRequestException: A connection attempt Failed because the connected party did not properly respond after a period of time,or established connection Failed because connected host has Failed to respond.
---> System.Net.sockets.socketException (10060): A connection attempt Failed because the connected party did not properly respond after a period of time,or established connection Failed because connected host has Failed to respond.
at System.Net.Http.ConnectHelper.ConnectAsync(String host,Int32 port,CancellationToken cancellationToken)
--- End of inner exception stack trace ---
at System.Net.Http.ConnectHelper.ConnectAsync(String host,CancellationToken cancellationToken)
at System.Net.Http.httpconnectionPool.ConnectAsync(HttpRequestMessage request,Boolean allowHttp2,CancellationToken cancellationToken)
at System.Net.Http.httpconnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request,CancellationToken cancellationToken)
at System.Net.Http.httpconnectionPool.GethttpconnectionAsync(HttpRequestMessage request,CancellationToken cancellationToken)
at System.Net.Http.httpconnectionPool.SendWithRetryAsync(HttpRequestMessage request,Boolean doRequestAuth,CancellationToken cancellationToken)
at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request,CancellationToken cancellationToken)
at Microsoft.Rest.RetryDelegatingHandler.<>c__displayClass11_0.<<SendAsync>b__1>d.MoveNext()
--- End of stack trace from prevIoUs location where exception was thrown ---
at Microsoft.Rest.RetryDelegatingHandler.SendAsync(HttpRequestMessage request,CancellationToken cancellationToken)
at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask,HttpRequestMessage request,CancellationTokenSource cts,Boolean disposeCts)
at Microsoft.Azure.keyvault.keyvaultClient.GetSecretWithHttpMessagesAsync(String vaultBaseUrl,String secretName,String secretVersion,Dictionary`2 customHeaders,CancellationToken cancellationToken)
at Microsoft.Azure.keyvault.keyvaultClientExtensions.GetSecretAsync(IkeyvaultClient operations,String secretIdentifier,CancellationToken cancellationToken)
at Microsoft.Extensions.Configuration.Azurekeyvault.AzurekeyvaultConfigurationProvider.LoadAsync()
at Microsoft.Extensions.Configuration.Azurekeyvault.AzurekeyvaultConfigurationProvider.Load()
at Microsoft.Extensions.Configuration.ConfigurationRoot..ctor(IList`1 providers)
at Microsoft.Extensions.Configuration.ConfigurationBuilder.Build()
at Microsoft.Extensions.Hosting.HostBuilder.BuildAppConfiguration()
at Microsoft.Extensions.Hosting.HostBuilder.Build()
at Api.Program.Main(String[] args) in Api\Program.cs:line 15
这是功能:
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup<Startup>();
})
.ConfigureAppConfiguration((h,c) =>
{
c.AddEnvironmentvariables();
c.AddAzurekeyvault(Environment.GetEnvironmentvariable("VaultUrl",EnvironmentvariableTarget.Process));
});
错误由行c.AddAzurekeyvault(Environment.GetEnvironmentvariable("VaultUrl",EnvironmentvariableTarget.Process));
我为该应用定义了保险柜访问策略,但是该错误似乎不是基于身份验证的,它似乎是超时的-这很奇怪,因为它们在同一资源组/区域内。
此外,它有时似乎确实可以正常运行,但大多数时候都失败了。
从本地计算机运行时,它工作正常。
解决方法
我遇到了同样的问题。一年来一直在使用来自Web和控制台应用程序以及Webjobs的密钥库,但是从7月开始随机但频繁地使用它。将Microsoft.Extensions.Configuration.AzureKeyVault的NuGet版本更新为最新版本(3.1.7),但仍然存在此错误。
[09/04/2020 17:34:47 > 200de2: ERR ] ---> System.IO.IOException: Unable to read data from the transport connection: A connection attempt failed because the connected party did not properly respond after a period of time,or established connection failed because connected host has failed to respond..
[09/04/2020 17:34:47 > 200de2: ERR ] ---> System.Net.Sockets.SocketException (10060): A connection attempt failed because the connected party did not properly respond after a period of time,or established connection failed because connected host has failed to respond.
[09/04/2020 17:34:47 > 200de2: ERR ] --- End of inner exception stack trace ---
[09/04/2020 17:34:47 > 200de2: ERR ] at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error,CancellationToken cancellationToken)
[09/04/2020 17:34:47 > 200de2: ERR ] at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.GetResult(Int16 token)
[09/04/2020 17:34:47 > 200de2: ERR ] at System.Net.Security.SslStream.<FillBufferAsync>g__InternalFillBufferAsync|215_0[TReadAdapter](TReadAdapter adap,ValueTask`1 task,Int32 min,Int32 initial)
[09/04/2020 17:34:47 > 200de2: ERR ] at System.Net.Security.SslStream.ReadAsyncInternal[TReadAdapter](TReadAdapter adapter,Memory`1 buffer)
[09/04/2020 17:34:47 > 200de2: ERR ] at System.Net.Http.HttpConnection.FillAsync()
[09/04/2020 17:34:47 > 200de2: ERR ] at System.Net.Http.HttpConnection.ReadNextResponseHeaderLineAsync(Boolean foldedHeadersAllowed)
[09/04/2020 17:34:47 > 200de2: ERR ] at System.Net.Http.HttpConnection.SendAsyncCore(HttpRequestMessage request,CancellationToken cancellationToken)
[09/04/2020 17:34:47 > 200de2: ERR ] --- End of inner exception stack trace ---
[09/04/2020 17:34:47 > 200de2: ERR ] at Microsoft.Rest.RetryDelegatingHandler.SendAsync(HttpRequestMessage request,CancellationToken cancellationToken)
[09/04/2020 17:34:47 > 200de2: ERR ] at System.Net.Http.HttpClient.FinishSendAsyncBuffered(Task`1 sendTask,HttpRequestMessage request,CancellationTokenSource cts,Boolean disposeCts)
[09/04/2020 17:34:47 > 200de2: ERR ] at Microsoft.Azure.KeyVault.KeyVaultClient.GetSecretWithHttpMessagesAsync(String vaultBaseUrl,String secretName,String secretVersion,Dictionary`2 customHeaders,CancellationToken cancellationToken)
我们设法通过将我们的应用服务计划从基本B1升级到B2解决了该问题。
似乎它正在运行,但是由于某种原因,密钥库的加载非常耗费资源,因此无法在B1服务计划上完成。