Windows container fails to reach Azure File Storag

2019-08-18 04:12发布

问题:

I have a c# web application running on IIS in a windows server core container. In the dockerfile I create a new user 'myUser' without password. I add the credentials to my Azure File store in the Dockerfile as well:

USER myUser
RUN powershell "cmdkey /add:mystore.file.core.windows.net /user:AZURE\mystore /pass:XXXXXXXXXXXXXXXXXXXXXXXXXXXXX=="

I add a new application pool Identity using 'myUser', and use that application pool for my application. When I start the container and connect using 'docker exec', I am logged on as the new user. I can access the path with 'ls \mystore.file.core.windows.net\dockerstore\' The credentials are listed okay with 'cmdkey /list'.

However, my application which runs under the same user complaints it cannot reach the store. System.IO.IOException reported on Directory.Exists().

I have done this execise on my local box as well, and the application runs without issues. I have tried using a user with password as well, to no avail. The application use the full UNC-path to the store.

Tried the same thing on a windows service application. Same thing: Can list files in a powershell session, but my application cannot access it.

Am I missing something?

Edit: Here's what I did:

NET USER myAzureFilesUser myAzureFilesPasswordXXXXXXXXXXX== /add /y
NET LOCALGROUP Administrators /add myAzureFilesUser 

Import-Module WebAdministration
$processModelProperties = @{userName='myAzureFilesUser ';password='myAzureFilesPasswordXXXXXXXXXXX==';identitytype=3}
Set-ItemProperty (Join-Path 'IIS:\AppPools\' 'My AppPool Name') -name processModel -value $processModelProperties

回答1:

You need to create local user account with the same username and password as Azure File storage account and perform some additional tasks as described here. https://blogs.iis.net/davidso/azurefile