【asp.net core】Publish to a Linux-Ubuntu 14.04 Server Production Environment

Submary

又升级了,目录结构有变化了 。

project.json and Visual Studio 2015 with .NET Core

On March 7, 2017, the .NET Core and ASP.NET Core documentation was updated for the release of Visual Studio 2017. The previous version of the documentation used Visual Studio 2015 and pre-release tooling based on the project.json file.

project.json 和 csproj 属性之间的映射

2017-3-13 4 分钟阅读时长 作者

.NET Core 工具的开发过程中实施了一项重要的设计更改,即不再支持 project.json 文件,而是将 .NET Core 项目转移到 MSBuild/csproj 格式

来自微软官方的文档:https://docs.microsoft.com/zh-cn/dotnet/core/tools/project-json-to-csproj

看来确实没了.........

这个project.json  是对以前1.0版本的。到1.1 消失了.........

.NET Core计划弃用project.json

Microsoft最终宣布project.json实验失败,将转回使用.csproj文件。但是转变不会马上发生,最近发布的.NET Core RC2(又称tooling preview 1)将继续使用.xproj 以及project.json。

从.NET Core RTM/tooling preview 2开始,Visual Studio将自动重命名.xproj文件为.csproj。但是project.json的功能暂时还不会改变。

从preview 2之后,Microsoft将持续移动project.json的功能到.csproj中去。只需要升级Visual Studio就可以完成部分更新。比如说,尽管Visual Studio坚持一个一个添加源文件,.csproj现在已经支持通配符。project.json的其他功能整合到.csproj中去可能需要完成更多的工作。

在完成迁移之后,project.json可能只作为Nuget包的替代方案存在,那时project.json将被重命名为nuget.json。

MSBuild

你们可能不知道,.csproj文件确实只是.msbuild脚本的专业版本。这就意味着,当.NET Core运行的时候,MSBuild 必须可用。

长期以来,Microsoft 一直在想办法将NuGet的功能直接添加到MSBuild中。(现在MSBuild依靠扩展访问NuGet。)

Asp.NetCore1.1版本去掉了project.json后如何打包生成跨平台包, 为了更好跟进AspNetCore的发展,把之前用来做netcore开发的vs2015卸载后并安装了vs2017,这给我带来的直接好处是把我报红的C盘腾出10GB左右的空间,从这里直接能感受到vs2017体积如此之小;之前有写过一篇开源netcore服务的文章开源一个跨平台运行的服务插件 - TaskCore.MainForm,里面有讲述netcore项目生成和部署在win7和ubuntu16.04系统上的例子,感兴趣的朋友可以去看看;下面开始本文的内容,希望大家能够喜欢,也希望各位多多"扫码支持"和"推荐"谢谢!

Publish to a Linux Production Environment

By Sourabh Shirhatti

In this guide, we will cover setting up a production-ready ASP.NET environment on an Ubuntu 14.04 Server.

We will take an existing ASP.NET Core application and place it behind a reverse-proxy server. We will then setup the reverse-proxy server to forward requests to our Kestrel web server.

Additionally we will ensure our web application runs on startup as a daemon and configure a process management tool to help restart our web application in the event of a crash to guarantee high availability.

Prerequisites

  1. Access to an Ubuntu 14.04 Server with a standard user account with sudo privilege.
  2. An existing ASP.NET Core application.

Copy over your app

Run dotnet publish from your dev environment to package your application into a self-contained directory that can run on your server.

Before we proceed, copy your ASP.NET Core application to your server using whatever tool (SCP, FTP, etc) integrates into your workflow. Try and run the app and navigate to http://<serveraddress>:<port> in your browser to see if the application runs fine on Linux. I recommend you have a working app before proceeding.

[!NOTE] You can use Yeoman to create a new ASP.NET Core application for a new project.

Configure a reverse proxy server

A reverse proxy is a common setup for serving dynamic web applications. The reverse proxy terminates the HTTP request and forwards it to the ASP.NET application.

Why use a reverse-proxy server?

Kestrel is great for serving dynamic content from ASP.NET, however the web serving parts aren’t as feature rich as full-featured servers like IIS, Apache or Nginx. A reverse proxy-server can allow you to offload work like serving static content, caching requests, compressing requests, and SSL termination from the HTTP server. The reverse proxy server may reside on a dedicated machine or may be deployed alongside an HTTP server.

For the purposes of this guide, we are going to use a single instance of Nginx that runs on the same server alongside your HTTP server. However, based on your requirements you may choose a different setup.

Install Nginx

sudo apt-get install nginx

[!NOTE] If you plan to install optional Nginx modules you may be required to build Nginx from source.

We are going to apt-get to install Nginx. The installer also creates a System V init script that runs Nginx as daemon on system startup. Since we just installed Nginx for the first time, we can explicitly start it by running

sudo service nginx start

At this point you should be able to navigate to your browser and see the default landing page for Nginx.

Configure Nginx

We will now configure Nginx as a reverse proxy to forward requests to our ASP.NET application

We will be modifying the /etc/nginx/sites-available/default, so open it up in your favorite text editor and replace the contents with the following.

server {
    listen 80;
    location / {
        proxy_pass http://localhost:5000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection keep-alive;
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

This is one of the simplest configuration files for Nginx that forwards incoming public traffic on your port 80 to a port 5000that your web application will listen on.

Once you have completed making changes to your nginx configuration you can run sudo nginx -t to verify the syntax of your configuration files. If the configuration file test is successful you can ask nginx to pick up the changes by running sudo nginx -s reload.

Monitoring our Web Application

Nginx will forward requests to your Kestrel server, however unlike IIS on Windows, it does not mangage your Kestrel process. In this tutorial, we will use supervisor to start our application on system boot and restart our process in the event of a failure.

Installing supervisor

sudo apt-get install supervisor

[!NOTE] supervisor is a python based tool and you can acquire it through pip or easy_install instead.

Configuring supervisor

Supervisor works by creating child processes based on data in its configuration file. When a child process dies, supervisor is notified via the SIGCHILD signal and supervisor can react accordingly and restart your web application.

To have supervisor monitor our application, we will add a file to the /etc/supervisor/conf.d/ directory.

/etc/supervisor/conf.d/hellomvc.conf

[program:hellomvc]
command=/usr/bin/dotnet /var/aspnetcore/HelloMVC/HelloMVC.dll
directory=/var/aspnetcore/HelloMVC/
autostart=true
autorestart=true
stderr_logfile=/var/log/hellomvc.err.log
stdout_logfile=/var/log/hellomvc.out.log
environment=HOME=/var/www/,ASPNETCORE_ENVIRONMENT=Production
user=www-data
stopsignal=INT
stopasgroup=true
killasgroup=true

Once you are done editing the configuration file, restart the supervisord process to change the set of programs controlled by supervisord.

sudo service supervisor stop
sudo service supervisor start

Start our web application on startup

In our case, since we are using supervisor to manage our application, the application will be automatically started by supervisor. Supervisor uses a System V Init script to run as a daemon on system boot and will susbsequently launch your application. If you chose not to use supervisor or an equivalent tool, you will need to write a systemd or upstart or SysVinit script to start your application on startup.

Viewing logs

Supervisord logs messages about its own health and its subprocess‘ state changes to the activity log. The path to the activity log is configured via the logfile parameter in the configuration file.

sudo tail -f /var/log/supervisor/supervisord.log

You can redirect application logs (STDOUT and STERR) in the program section of your configuration file.

tail -f /var/log/hellomvc.out.log

Securing our application

Enable AppArmor

Linux Security Modules (LSM) is a framework that is part of the Linux kernel since Linux 2.6 that supports different implementations of security modules. AppArmor is a LSM that implements a Mandatory Access Control system which allows you to confine the program to a limited set of resources. Ensure AppArmor is enabled and properly configured.

Configuring our firewall

Close off all external ports that are not in use. Uncomplicated firewall (ufw) provides a frontend for iptables by providing a command-line interface for configuring the firewall. Verify that ufw is configured to allow traffic on any ports you need.

sudo apt-get install ufw
sudo ufw enable

sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

Securing Nginx

The default distribution of Nginx doesn‘t enable SSL. To enable all the security features we require, we will build from source.

Download the source and install the build dependencies

# Install the build dependencies
sudo apt-get update
sudo apt-get install build-essential zlib1g-dev libpcre3-dev libssl-dev libxslt1-dev libxml2-dev libgd2-xpm-dev libgeoip-dev libgoogle-perftools-dev libperl-dev

# Download nginx 1.10.0 or latest
wget http://www.nginx.org/download/nginx-1.10.0.tar.gz
tar zxf nginx-1.10.0.tar.gz

Change the Nginx response name

Edit src/http/ngx_http_header_filter_module.c

static char ngx_http_server_string[] = "Server: Your Web Server" CRLF;
static char ngx_http_server_full_string[] = "Server: Your Web Server" CRLF;

Configure the options and build

The PCRE library is required for regular expressions. Regular expressions are used in the location directive for the ngx_http_rewrite_module. The http_ssl_module adds HTTPS protocol support.

Consider using a web application firewall like ModSecurity to harden your application.

./configure
--with-pcre=../pcre-8.38
--with-zlib=../zlib-1.2.8
--with-http_ssl_module
--with-stream
--with-mail=dynamic

Configure SSL

  • Configure your server to listen to HTTPS traffic on port 443 by specifying a valid certificate issued by a trusted Certificate Authority (CA).
  • Harden your security by employing some of the practices suggested below like choosing a stronger cipher and redirecting all traffic over HTTP to HTTPS.
  • Adding an HTTP Strict-Transport-Security (HSTS) header ensures all subsequent requests made by the client are over HTTPS only.
  • Do not add the Strict-Transport-Security header or chose an appropriate max-age if you plan to disable SSL in the future.

Add /etc/nginx/proxy.conf configuration file.

[!code-nginxMain]

Edit /etc/nginx/nginx.conf configuration file. The example contains both http and server sections in one configuration file.

[!code-nginxMain]

时间: 2024-11-06 09:58:07

【asp.net core】Publish to a Linux-Ubuntu 14.04 Server Production Environment的相关文章

【原生态跨平台:ASP.NET Core 1.0(非Mono)在 Ubuntu 14.04 服务器上一对一的配置实现-篇幅2】

在 [原生态跨平台:ASP.NET Core 1.0(非Mono)在 Ubuntu 14.04 服务器上一对一的配置实现-篇幅1] 环境:Ubuntu 14.04 服务器版 虚拟机:Vmware 10 工具 :XShell 开发工具:VS2015企业版+ASP.NET Update1 反向代理:Nginx 是否用到了Docker?没,墙太高了,镜像拉不过来,秒懂!???!?!?! 已经都讲了,小编,你懂滴~~~

【ASP.NET Core】运行原理(1):创建WebHost

本系列将分析ASP.NET Core运行原理 [ASP.NET Core]运行原理[1]:创建WebHost [ASP.NET Core]运行原理[2]:启动WebHost [ASP.NET Core]运行原理[3]:认证 本节将分析WebHost.CreateDefaultBuilder(args).UseStartup<Startup>().Build();代码. 源代码参考.NET Core 2.0.0 WebHostBuilder WebHost Kestrel 问题概要 Hostin

【ASP.NET Core】准备工作:在 Windows 10 上配置 Linux 子系统

ASP.NET Core 其实比传统的 ASP.NET 要简单很多,而且也灵活很多,并且可以跨平台独立运行. 在 Windows 平台上,我们只要在安装 Visual Studio 的时候选择跨平台的 .NET Core 开发即可,基本无需什么配置就能测试 ASP.NET Core 应用,连 IIS 你也可以不启用(当然你也可以启用的),因为使用 dotnet 命令就能直接运行.当然了,在MacOS和 Linux 上也是通过 dotnet 命令运行的. 一般来说,在 Windows 平台上,你的

【ASP.NET Core】在Win 10 的 Linux 子系统中安装 .NET Core

在上一篇文章中,老周扯了一下在 Windows 10 中开启 Linux 子系统,并且进行了一些简单的设置.本篇咱们就往上面安装 .net core . 老周假设你从来没有用过 Linux,所以,接着上一次的博文,老周先给您介绍几个可能比较常用的东东. 切换到 root 用户上下文 当你启动 Ubuntu 子系统后,你会看到,在你的用户名.机器名.路径名后有个 $ 符号.如下图. 这表示当前用户的权限是受到限制的,如果想要执行某些需要高权限的命令(这个类似于 Windows 中的以管理员身份运行

菜鸟入门【ASP.NET Core】5:命令行配置、Json文件配置、Bind读取配置到C#实例、在Core Mvc中使用Options

命令行配置 我们通过vs2017创建一个控制台项目CommandLineSample 可以看到现在项目以来的是dotnet core framework 我们需要吧asp.net core引用进来,我们可以直接添加Microsoft.AspNetCore.All 安装完成之后,我们可以通过using Microsoft.Extensions.Configuration;来进行后续的配置 static void Main(string[] args) { var builder = new Con

【ASP.NET Core】解决“The required antiforgery cookie &quot;xxx&quot; is not present”的错误

当你在页面上用 form post 内容时,可能会遇到以下异常: The required antiforgery cookie "????????" is not present. 咱们来重现一下错误.新建一个 ASP.NET Core 项目,模板选[空]就行了,这是老周最喜欢的项目模板,空 == 自由. 在项目下建一个目录,叫 Pages,用来放 Razor 页面:然后建一个 Index.cshtml 页. 之所以叫 Index.cshtml,是因为 Index 是默认页的名字,这

【ASP.NET Core】EF Core 模型与数据库的创建

大家好,欢迎收看由土星卫视直播的大型综艺节目——老周吹逼逼. 今天咱们吹一下 EF Core 有关的话题.先说说模型和数据库是怎么建起来的,说装逼一点,就是我们常说的 “code first”.就是你先创建了数据模型,然后再根据模型来创建数据库.这种做法的一个好处是让面向对象的逻辑更好地表现出来.以前,咱们通常是先创建数据库的. 像 EF 这么嗨的东西,ASP.NET Core 中自然也是少不了的,即 EF Core. 好了,以上就是理论部分,比较乏味,是吧.那好,下面咱们干点正事. 构建模型

菜鸟入门【ASP.NET Core】1:环境安装

下载.NET Core SDK 下载地址:https://www.microsoft.com/net/download/windows https://www.microsoft.com/net/learn/get-started/windows 安装vs2017,安装的时候选择安装core跨平台 在程序安装后,可以在控制台输入dotnet进行创建core应用程序 输入dotnet  --help查看命令帮助 .NET 命令行工具 (2.1.2) 使用情况: dotnet [runtime-op

【Asp.Net Core】一、Visual Studio 2015 和 .NET Core 安装

安装 Visual Studio 和 .NET Core 1.安装 Visual Studio Community 2015,选择 Community 下载并执行默认安装.Visual Studio 2015 安装程序首页 2.安装 .NET Core + Visual Studio 工具 ,windows系统的可以从百度网盘下载 创建 Web 应用程序 1.起始页 点击 新建项目(或 文件→新建→项目) 2.选择 左侧 .NET Core (如果没有安装.NET Core + Visual S