dotnet核心应用程序api不能在kubernetes上继续运行

Question

我正在将一个dotnet核心应用程序设置为kubernetes集群，并且出现错误“无法启动红est”。

Dockerfile在本地计算机上运行正常。

at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
Unhandled Exception: System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found.
at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context)
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions)
at Microsoft.AspNetCore.Hosting.ListenOptionsHttpsExtensions.UseHttps(ListenOptions listenOptions, Action`1 configureOptions)
For more information on configuring HTTPS see https://go.microsoft.com/fwlink/?linkid=848054.
To generate a developer certificate run 'dotnet dev-certs https'. To trust the certificate (Windows and macOS only) run 'dotnet dev-certs https --trust'.
System.InvalidOperationException: Unable to configure HTTPS endpoint. No server certificate was specified, and the default developer certificate could not be found.
Unable to start Kestrel.

我的dockerfile：

[...build step]
FROM microsoft/dotnet:2.1-aspnetcore-runtime
COPY --from=build-env /app/out ./app
ENV PORT=5000
ENV ASPNETCORE_URLS=http://+:${PORT}
WORKDIR /app
EXPOSE $PORT
ENTRYPOINT [ "dotnet", "Gateway.dll" ]

我希望应用程序成功启动，但是出现此错误“无法启动红est”。

[更新]

我已经从应用程序中删除了https端口，并在没有https的情况下再次尝试，但是现在应用程序只是启动和停止而没有任何错误或警告。容器日志如下：

使用dotnet运行本地运行或构建映像并从容器运行，一切正常。应用程序刚刚关闭到kubernetes中。

我正在使用dotnet core 2.2

[更新]

我生成了一个证书，添加到项目中，在Kestrel中设置，我得到了相同的结果。使用docker imagem的Localhost可以工作，但是在kubernetes（谷歌云）中，它只是在启动后立即关闭。

本地主机：

$ docker run --rm -it -p 5000:5000/tcp -p 5001:5001/tcp juooo:latest
warn: Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager[35]
No XML encryptor configured. Key {f7808ac5-0a0d-47d0-86cb-c605c2db84a3} may be persisted to storage in unencrypted form.
warn: Microsoft.AspNetCore.Server.Kestrel[0]
Overriding address(es) 'https://+:5001, http://+:5000'. Binding to endpoints defined in UseKestrel() instead.
Hosting environment: Production
Content root path: /app
Now listening on: https://0.0.0.0:5001
Application started. Press Ctrl+C to shut down.

Answer 1

我发现了一个带有kubernetes错误的事件日志，说kubernetes无法命中（：5000 /）。因此，我尝试创建一个针对根应用程序的控制器（因为它是一个api，因此没有像Web应用程序这样的根目录）并且可以正常工作。

Answer 2

问题似乎出在创建docker映像时未正确配置SSL证书。在开发机器上，它将使用开发者证书，但是在其他机器上，它应该存储在某个地方。选中this

Answer 3

我非常确定您需要打开防火墙规则才能在80以外的任何端口上运行，例如：

gcloud compute firewall-rules create test-node-port --allow tcp:5000

来自Kubernetes的操作方法，位于此处：https://cloud.google.com/kubernetes-engine/docs/how-to/exposing-apps