我有3个服务,一个是我的本地身份服务(IS),另外两个是常规.netcore 2.2 webapis。我使用IS作为身份验证中间件,这两个服务需要针对IS进行身份验证。例如,当我在IIS上托管我的应用程序时,一切运行顺利。当我尝试对docker做同样的事情,而docker compose不再起作用时,出现以下错误。
无法从以下位置获取配置:“ [PII被隐藏]”。 ---> System.IO.IOException:IDX20804:无法从“ [PII隐藏]”中检索文档。 ---> System.Net.Http.HttpRequestException:无法分配请求的地址---> System.Net.Sockets.SocketException:无法分配请求的地址
我在这里粘贴码头工人组成:
services:
management:
image: ${DOCKER_REGISTRY-}management
build:
context: .
dockerfile: src/Management/Dockerfile
depends_on:
- auth.service
auth.service:
image: ${DOCKER_REGISTRY-}authservice
build:
context: .
dockerfile: src/Authorization/Auth.Service/Dockerfile
volumes:
- ${APPDATA}/Microsoft/UserSecrets:/root/.microsoft/usersecrets:ro
management2:
image: ${DOCKER_REGISTRY-}management2
build:
context: .
dockerfile: src/Management2/Dockerfile
depends_on:
- auth.service
和docker-compose.override.yml
version: "3.4"
services:
management:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- auth.service=http://auth.service:80
- ASPNETCORE_URLS=http://0.0.0.0:80
ports:
- "58101:80"
auth.service:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443;http://0.0.0.0:80
- ASPNETCORE_HTTPS_PORT=5000
ports:
- "5001:80"
- "5000:443"
volumes:
- ${APPDATA}/ASP.NET/Https:/root/.aspnet/https:ro
- ${APPDATA}/Microsoft/UserSecrets:/root/.microsoft/usersecrets:ro
management2:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- auth.service=http://auth.service:80
- ASPNETCORE_URLS=http://0.0.0.0:80
ports:
- "58102:80"
我尝试执行this并在身份验证承载选项中指定权限为环境变量auth.service。不工作。
FROM microsoft/dotnet:2.2-aspnetcore-runtime AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443
FROM microsoft/dotnet:2.2-sdk AS build
WORKDIR /src
COPY Infrastructure Infrastructure
COPY Authorization Authorization
COPY Users Users
RUN dotnet restore "Authorization/Auth.Service/Auth.Service.csproj"
WORKDIR /src/Authorization/Auth.Service
RUN dotnet build -c Release -o /app
FROM build AS publish
RUN dotnet publish "Auth.Service.csproj" -c Release -o /app
FROM base AS final
WORKDIR /app
COPY --from=publish /app .
RUN ls -ltr /app
ENTRYPOINT ["dotnet", "Auth.Service.dll"]
其余的都非常相似。只有名称不同。问题是它无法到达内部知名的docker。如果在浏览器上请求一个知名的,都很好。服务间不起作用,但只能在开发中的本地计算机上使用。
[在docker上使用IdentityServer时,您应该了解https证书,您的服务无法验证https证书。
无法从以下位置获取配置:“ [PII被隐藏]”。 ---> System.IO.IOException:IDX20804:
如果尝试获取IdentityServer配置,将无法执行。呼叫此地址并查看结果:https://auth.service/.well-known/openid-configuration