如何解决如何在 .NET Framework 4.7.1 中使用 Azure KeyVault 覆盖 Web.config 值
如何在 ASP.NET Framework 4.7.1 WebForms 应用程序中实现 Microsoft 的 Azure keyvault,以使用 keyvault 中的值覆盖 [2021-06-22 18:43:19,272] {{EmrDag.py:92}} INFO - querying http://ip-10-192-21-17.us-east-2.compute.internal:8998/sessions
[2021-06-22 18:45:29,709] {{taskinstance.py:1482}} ERROR - Task Failed with exception
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/urllib3/connection.py",line 160,in _new_conn
(self._dns_host,self.port),self.timeout,**extra_kw
File "/usr/local/lib/python3.7/site-packages/urllib3/util/connection.py",line 84,in create_connection
raise err
File "/usr/local/lib/python3.7/site-packages/urllib3/util/connection.py",line 74,in create_connection
sock.connect(sa)
TimeoutError: [Errno 110] Connection timed out
During handling of the above exception,another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py",line 677,in urlopen
chunked=chunked,File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py",line 392,in _make_request
conn.request(method,url,**httplib_request_kw)
File "/usr/lib64/python3.7/http/client.py",line 1277,in request
self._send_request(method,body,headers,encode_chunked)
File "/usr/lib64/python3.7/http/client.py",line 1323,in _send_request
self.endheaders(body,encode_chunked=encode_chunked)
File "/usr/lib64/python3.7/http/client.py",line 1272,in endheaders
self._send_output(message_body,line 1032,in _send_output
self.send(msg)
File "/usr/lib64/python3.7/http/client.py",line 972,in send
self.connect()
File "/usr/local/lib/python3.7/site-packages/urllib3/connection.py",line 187,in connect
conn = self._new_conn()
File "/usr/local/lib/python3.7/site-packages/urllib3/connection.py",line 172,in _new_conn
self,"Failed to establish a new connection: %s" % e
urllib3.exceptions.NewConnectionError: <urllib3.connection.httpconnection object at 0x7f19a79a6350>: Failed to establish a new connection: [Errno 110] Connection timed out
During handling of the above exception,another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/requests/adapters.py",line 449,in send
timeout=timeout
File "/usr/local/lib/python3.7/site-packages/urllib3/connectionpool.py",line 727,in urlopen
method,error=e,_pool=self,_stacktrace=sys.exc_info()[2]
File "/usr/local/lib/python3.7/site-packages/urllib3/util/retry.py",line 446,in increment
raise MaxRetryError(_pool,error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: httpconnectionPool(host='ip-10-192-21-17.us-east-2.compute.internal',port=8998): Max retries exceeded with url: /sessions (Caused by NewConnectionError('<urllib3.connection.httpconnection object at 0x7f19a79a6350>: Failed to establish a new connection: [Errno 110] Connection timed out'))
During handling of the above exception,another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/airflow/models/taskinstance.py",line 1138,in _run_raw_task
self._prepare_and_execute_task_with_callbacks(context,task)
File "/usr/local/lib/python3.7/site-packages/airflow/models/taskinstance.py",line 1311,in _prepare_and_execute_task_with_callbacks
result = self._execute_task(context,task_copy)
File "/usr/local/lib/python3.7/site-packages/airflow/models/taskinstance.py",line 1341,in _execute_task
result = task_copy.execute(context=context)
File "/usr/local/lib/python3.7/site-packages/airflow/operators/python.py",line 117,in execute
return_value = self.execute_callable()
File "/usr/local/lib/python3.7/site-packages/airflow/operators/python.py",line 128,in execute_callable
return self.python_callable(*self.op_args,**self.op_kwargs)
File "/usr/local/airflow/dags/EmrDag.py",line 164,in submit_pi
headers = create_spark_session(cluster_dns,'spark')
File "/usr/local/airflow/dags/EmrDag.py",line 93,in create_spark_session
response = requests.post(host + '/sessions',data=json.dumps(data),headers=headers)
File "/usr/local/lib/python3.7/site-packages/requests/api.py",line 119,in post
return request('post',data=data,json=json,**kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/api.py",line 61,in request
return session.request(method=method,url=url,**kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/sessions.py",line 542,in request
resp = self.send(prep,**send_kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/sessions.py",line 655,in send
r = adapter.send(request,**kwargs)
File "/usr/local/lib/python3.7/site-packages/requests/adapters.py",line 516,in send
raise ConnectionError(e,request=request)
requests.exceptions.ConnectionError: httpconnectionPool(host='ip-10-192-21-17.us-east-2.compute.internal',port=8998): Max retries exceeded with url: /sessions (Caused by NewConnectionError('<urllib3.connection.httpconnection object at 0x7f19a79a6350>: Failed to establish a new connection: [Errno 110] Connection timed out'))
[2021-06-22 18:45:29,795] {{taskinstance.py:1532}} INFO - Marking task as Failed. dag_id=EmrDag,task_id=submit_pi,execution_date=20210622T183209,start_date=20210622T184317,end_date=20210622T184529
中的值?我确实看到参考资料说我们需要最低版本的 .NET Framework 4.7.1 才能做到这一点,但 Microsoft 提供的示例是针对 .NET Core 的。我的配置是 web.config
文件而不是 web.config
。我还有 appsettings.json
文件而不是 Global.asax.cs
和 Startup.cs
。
解决方法
要在 ASP.NET Framework 4.7.1 WebForms 应用程序中实现 Microsoft 的 Azure KeyVault,首先需要创建一个 Azure Key Vault。
- 您需要提供资源组、唯一名称和位置,然后 点击“查看 + 创建”。
- 可以参考创建 Azure 密钥保管库的步骤 这里>>(https://docs.microsoft.com/en-us/azure/key-vault/quick-create-portal)
- 接下来选择 Secrets 刀片并添加您的应用设置和 可以在 web.config 文件中访问的连接字符串。你可以 单击“生成/导入”按钮并选择“上传”选项作为 手动的。然后配置您的应用程序设置和连接字符串 - Name 和 Value 选项的键和值。并保留其他选项 作为默认设置。
ASP.NET 中的配置构建器提供了一种修改和/或覆盖来自配置文件 (Web.config 在 ASP.NET 的情况下)通过使用不同的源(环境 变量、Key Vault 等)。
连接到 Azure Key Vault:
-
要从 Visual Studio 连接到 Azure Key Vault,您需要正确 单击项目并选择“添加”>“连接的服务”菜单。
-
从选项中,选择 Secure Secrets with Azure Key Vault 选项。
-
然后单击“添加”按钮将 Key Vault 引用添加到您的 应用。这将添加 NuGet 包的引用 Microsoft.Configuration.ConfigurationBuilders.Azure 到项目。
它还会在 Web.Config 文件中添加一些配置。
(或)
- 在解决方案资源管理器中,右键单击您的项目,然后选择管理 NuGet 包。在浏览选项卡中,找到并安装 Microsoft.Configuration.ConfigurationBuilders.Azure
打开您的 web.config 文件,并编写以下代码:
a) 使用您的密钥库名称添加 configSections 和 configBuilders,如下所示
<configSections>
<section
name="configBuilders"
type="System.Configuration.ConfigurationBuildersSection,System.Configuration,Version=4.0.0.0,Culture=neutral,PublicKeyToken=b03f5f7f11d50a3a"
restartOnExternalChanges="false"
requirePermission="false" />
</configSections>
<configBuilders>
<builders>
<add
name="AzureKeyVault"
vaultName="vaultname"
type="Microsoft.Configuration.ConfigurationBuilders.AzureKeyVaultConfigBuilder,Microsoft.Configuration.ConfigurationBuilders.Azure,Version=1.0.0.0,Culture=neutral"
vaultUri="https://vaultname.vault.azure.net" />
</builders>
</configBuilders>
b) 找到 appSettings 标签,添加一个属性 configBuilders="AzureKeyVault",并添加如下一行:
<appSettings configBuilders="AzureKeyVault">
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
<add key="TextAnalyticsKey" value="from key vault" />
</appSettings>
<connectionStrings configBuilders="AzureKeyVault">
<add name="DefaultConnection" connectionString="from key vault" providerName="System.Data.SqlClient" />
<add key="StorageConnectionString" value="from key vault" />
</connectionStrings>
c) 编辑 HomeController.cs 中的 About 方法,以显示确认值。
public ActionResult About()
{
ViewBag.Message = "Key vault value = " + ConfigurationManager.AppSettings["TextAnalyticsKey"];
}
通过这种方式,您可以在经典 ASP.NET MVC 应用程序中连接和使用 Azure Key Vault,如果您正在运行的应用程序使用 .NET Framework 4.7 或更高版本。
您可以参考以下文档进行详细说明:
- https://docs.microsoft.com/en-us/azure/key-vault/general/vs-key-vault-add-connected-service#added-references-for-aspnet-framework
- https://dotnetthoughts.net/azure-key-vault-in-aspnet-mvc/ 帮助您如何在 ASP.NET MVC 应用程序中连接和使用 Azure Key Vault。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。