场景/repro
我有多容器(这里的教程(azure网络应用程序。我为我的web应用程序分配了系统分配标识。我的码头上有两个集装箱:
- 网络核心WebApi容器
- Antivirus ClamAv容器
一切都很好(我的API正在使用防病毒软件扫描文件(,直到我添加具有Azure资源托管身份的密钥保管库配置提供程序(链接(。这与我在linux上的标准web应用程序完美配合。
// Program.cs
.ConfigureAppConfiguration((context, config) =>
{
if (context.HostingEnvironment.IsProduction())
{
var builtConfig = config.Build();
var secretClient = new SecretClient(new Uri($"https://{builtConfig["KeyVaultName"]}.vault.azure.net/"),
new DefaultAzureCredential());
config.AddAzureKeyVault(secretClient, new KeyVaultSecretManager());
}
})
问题我的API返回503状态代码。我似乎需要做一些额外的配置,使其与Docker compose一起工作。
EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
2021-06-14T11:42:46.912167603Z - ManagedIdentityCredential authentication unavailable. No Managed Identity endpoint found.
2021-06-14T11:42:46.912175503Z - Operating system Linux 5.4.0-1031-azure #32~18.04.1-Ubuntu SMP Tue Oct 6 10:03:22 UTC 2020 isn't supported.
2021-06-14T11:42:46.912183204Z - Stored credentials not found. Need to authenticate user in VSCode Azure Account.
2021-06-14T11:42:46.912190304Z - Azure CLI not installed
2021-06-14T11:42:46.912197204Z - PowerShell is not installed.
2021-06-14T11:42:46.912205004Z ---> System.AggregateException: Multiple exceptions were encountered
...
Azure.Identity.CredentialUnavailableException: EnvironmentCredential authentication unavailable. Environment variables are not fully configured.
...
Azure.Identity.CredentialUnavailableException: Operating system Linux 5.4.0-1031-azure #32~18.04.1-Ubuntu SMP Tue Oct 6 10:03:22 UTC 2020 isn't supported.
这项功能似乎没有得到完全支持。你知道在这种情况下如何使用密钥库提供程序吗?
多容器应用程序不支持托管身份。请参阅:https://learn.microsoft.com/en-us/answers/questions/118045/are-managed-identities-for-multi-container-webapps.html