ASP.NET Core 中的 Web 服务器实现Web server implementations in ASP.NET Core

作者:Tom DykstraSteve SmithStephen HalterChris RossBy Tom Dykstra, Steve Smith, Stephen Halter, and Chris Ross

ASP.NET Core 应用与进程内 HTTP 服务器实现一起运行。An ASP.NET Core app runs with an in-process HTTP server implementation. 该服务器实现侦听 HTTP 请求,并以组成 HttpContext请求功能集形式,将它们呈现给应用。The server implementation listens for HTTP requests and surfaces them to the app as a set of request features composed into an HttpContext.

KestrelKestrel

Kestrel 是 ASP.NET Core 项目模板中包括的默认 Web 服务器。Kestrel is the default web server included in ASP.NET Core project templates.

使用 Kestrel:Use Kestrel:

  • 本身作为边缘服务器,处理直接来自网络(包括 Internet)的请求。By itself as an edge server processing requests directly from a network, including the Internet.

    Kestrel 直接与 Internet 通信,不使用反向代理服务器

  • 与反向代理服务器(如 Internet Information Services (IIS)NginxApache)结合使用。With a reverse proxy server, such as Internet Information Services (IIS), Nginx, or Apache. 反向代理服务器接收来自 Internet 的 HTTP 请求,并将这些请求转发到 Kestrel。A reverse proxy server receives HTTP requests from the Internet and forwards them to Kestrel.

    Kestrel 通过反向代理服务器(如 IIS、Nginx 或 Apache)间接与 Internet 进行通信

使用或不使用反向代理服务器对 ASP.NET Core 2.1 或更高版本的应用来说都是受支持的托管配置。Either hosting configuration—with or without a reverse proxy server—is supported for ASP.NET Core 2.1 or later apps.

有关 Kestrel 配置指南和何时在反向代理配置中使用 Kestrel 的信息,请参阅 ASP.NET Core 中的 Kestrel Web 服务器实现For Kestrel configuration guidance and information on when to use Kestrel in a reverse proxy configuration, see ASP.NET Core 中的 Kestrel Web 服务器实现.

ASP.NET Core 随附以下组件:ASP.NET Core ships with the following:

使用 IISIIS Express 时,应用会在以下其中一个进程中运行:When using IIS or IIS Express, the app either runs:

ASP.NET Core 模块是本机 IIS 模块,用于处理 IIS 和进程内 IIS HTTP 服务器或 Kestrel 之间的本机 IIS 请求。The ASP.NET Core Module is a native IIS module that handles native IIS requests between IIS and the in-process IIS HTTP Server or Kestrel. 有关更多信息,请参见ASP.NET Core 模块For more information, see ASP.NET Core 模块.

托管模型Hosting models

使用进程内托管,ASP.NET Core 在与其 IIS 工作进程相同的进程中运行。Using in-process hosting, an ASP.NET Core app runs in the same process as its IIS worker process. 进程内承载相较进程外承载提供更优的性能,因为请求并不通过环回适配器进行代理,环回适配器是一个网络接口,用于将传出的网络流量返回给同一计算机。In-process hosting provides improved performance over out-of-process hosting because requests aren't proxied over the loopback adapter, a network interface that returns outgoing network traffic back to the same machine. IIS 使用 Windows 进程激活服务 (WAS) 处理进程管理。IIS handles process management with the Windows Process Activation Service (WAS).

通过进程外托管,ASP.NET Core 应用在独立于 IIS 工作进程的进程中运行,而由模块来处理进程管理。Using out-of-process hosting, ASP.NET Core apps run in a process separate from the IIS worker process, and the module handles process management. 该模块在第一个请求到达时启动 ASP.NET Core 应用的进程,并在应用关闭或崩溃时重新启动该应用。The module starts the process for the ASP.NET Core app when the first request arrives and restarts the app if it shuts down or crashes. 这基本上与在 Windows 进程激活服务 (WAS) 托管的进程内运行的应用中出现的行为相同。This is essentially the same behavior as seen with apps that run in-process that are managed by the Windows Process Activation Service (WAS).

有关详细信息和配置指南,请参阅以下主题:For more information and configuration guidance, see the following topics:

ASP.NET Core 随附以下组件:ASP.NET Core ships with the following:

使用 IISIIS Express 时,应用在独立于 IIS 工作进程(进程外)和 Kestrel 服务器的进程中运行。When using IIS or IIS Express, the app runs in a process separate from the IIS worker process (out-of-process) with the Kestrel server.

由于 ASP.NET Core 应用在独立于 IIS 工作进程的进程中运行,因此该模块会处理进程管理。Because ASP.NET Core apps run in a process separate from the IIS worker process, the module handles process management. 该模块在第一个请求到达时启动 ASP.NET Core 应用的进程,并在应用关闭或崩溃时重新启动该应用。The module starts the process for the ASP.NET Core app when the first request arrives and restarts the app if it shuts down or crashes. 这基本上与在 Windows 进程激活服务 (WAS) 托管的进程内运行的应用中出现的行为相同。This is essentially the same behavior as seen with apps that run in-process that are managed by the Windows Process Activation Service (WAS).

下图说明了 IIS、ASP.NET Core 模块和进程外托管的应用之间的关系:The following diagram illustrates the relationship between IIS, the ASP.NET Core Module, and an app hosted out-of-process:

ASP.NET Core 模块

请求从 Web 到达内核模式 HTTP.sys 驱动程序。Requests arrive from the web to the kernel-mode HTTP.sys driver. 驱动程序将请求路由到网站的配置端口上的 IIS,通常为 80 (HTTP) 或 443 (HTTPS)。The driver routes the requests to IIS on the website's configured port, usually 80 (HTTP) or 443 (HTTPS). 该模块将该请求转发到应用的随机端口(非端口 80/443)上的 Kestrel。The module forwards the requests to Kestrel on a random port for the app, which isn't port 80 or 443.

该模块在启动时通过环境变量指定端口,IIS 集成中间件将服务器配置为侦听 http://localhost:{port}The module specifies the port via an environment variable at startup, and the IIS Integration Middleware configures the server to listen on http://localhost:{port}. 执行其他检查,拒绝不是来自该模块的请求。Additional checks are performed, and requests that don't originate from the module are rejected. 该模块不支持 HTTPS 转发,因此即使请求由 IIS 通过 HTTPS 接收,它们还是通过 HTTP 转发。The module doesn't support HTTPS forwarding, so requests are forwarded over HTTP even if received by IIS over HTTPS.

Kestrel 从模块获取请求后,请求会被推送到 ASP.NET Core 中间件管道中。After Kestrel picks up the request from the module, the request is pushed into the ASP.NET Core middleware pipeline. 中间件管道处理该请求并将其作为 HttpContext 实例传递给应用的逻辑。The middleware pipeline handles the request and passes it on as an HttpContext instance to the app's logic. IIS 集成添加的中间件会将方案、远程 IP 和 pathbase 更新到帐户以将请求转发到 Kestrel。Middleware added by IIS Integration updates the scheme, remote IP, and pathbase to account for forwarding the request to Kestrel. 应用的响应传递回 IIS,IIS 将响应推送回发起请求的 HTTP 客户端。The app's response is passed back to IIS, which pushes it back out to the HTTP client that initiated the request.

有关 IIS 和 ASP.NET Core 模块的配置指南,请参阅以下主题:For IIS and ASP.NET Core Module configuration guidance, see the following topics:

Nginx 与 KestrelNginx with Kestrel

若要了解如何在 Linux 上使用 Nginx 作为 Kestrel 的反向代理服务器,请参阅 使用 Nginx 在 Linux 上托管 ASP.NET CoreFor information on how to use Nginx on Linux as a reverse proxy server for Kestrel, see 使用 Nginx 在 Linux 上托管 ASP.NET Core.

Apache 与 KestrelApache with Kestrel

若要了解如何在 Linux 上使用 Apache 作为 Kestrel 的反向代理服务器,请参阅 使用 Apache 在 Linux 上托管 ASP.NET CoreFor information on how to use Apache on Linux as a reverse proxy server for Kestrel, see 使用 Apache 在 Linux 上托管 ASP.NET Core.

HTTP.sysHTTP.sys

如果 ASP.NET Core 应用在 Windows 上运行,则 HTTP.sys 是 Kestrel 的替代选项。If ASP.NET Core apps are run on Windows, HTTP.sys is an alternative to Kestrel. 为了获得最佳性能,通常建议使用 Kestrel。Kestrel is generally recommended for best performance. 在应用向 Internet 公开且所需功能受 HTTP.sys(而不是 Kestrel)支持的方案中,可以使用 HTTP.sys。HTTP.sys can be used in scenarios where the app is exposed to the Internet and required capabilities are supported by HTTP.sys but not Kestrel. 有关更多信息,请参见ASP.NET Core 中的 HTTP.sys Web 服务器实现For more information, see ASP.NET Core 中的 HTTP.sys Web 服务器实现.

HTTP.sys 直接与 Internet 进行通信

对于仅向内部网络公开的应用,HTTP.sys 同样适用。HTTP.sys can also be used for apps that are only exposed to an internal network.

HTTP.sys 直接与内部网络进行通信

有关 HTTP.sys 的配置指南,请参阅 ASP.NET Core 中的 HTTP.sys Web 服务器实现For HTTP.sys configuration guidance, see ASP.NET Core 中的 HTTP.sys Web 服务器实现.

ASP.NET Core 服务器基础结构ASP.NET Core server infrastructure

Startup.Configure 方法中提供的 IApplicationBuilder 公开了类型 IFeatureCollectionServerFeatures 属性。The IApplicationBuilder available in the Startup.Configure method exposes the ServerFeatures property of type IFeatureCollection. Kestrel 和 HTTP.sys 各自仅公开单个功能,即 IServerAddressesFeature,但是不同的服务器实现可能公开其他功能。Kestrel and HTTP.sys only expose a single feature each, IServerAddressesFeature, but different server implementations may expose additional functionality.

IServerAddressesFeature 可用于查找服务器实现在运行时绑定的端口。IServerAddressesFeature can be used to find out which port the server implementation has bound at runtime.

自定义服务器Custom servers

如果内置服务器无法满足应用需求,可以创建一个自定义服务器实现。If the built-in servers don't meet the app's requirements, a custom server implementation can be created. .NET 的开放 Web 接口 (OWIN) 指南 演示了如何编写基于 NowinIServer 实现。The Open Web Interface for .NET (OWIN) guide demonstrates how to write a Nowin-based IServer implementation. 只有应用使用的功能接口需要实现,但至少必须支持 IHttpRequestFeatureIHttpResponseFeatureOnly the feature interfaces that the app uses require implementation, though at a minimum IHttpRequestFeature and IHttpResponseFeature must be supported.

服务器启动Server startup

集成开发环境 (IDE) 或编辑器启动以下应用时,会启动服务器:The server is launched when the Integrated Development Environment (IDE) or editor starts the app:

从项目文件夹中的命令提示符启动应用时,dotnet run 会启动该应用和服务器(仅 Kestrel 和 HTTP.sys)。When launching the app from a command prompt in the project's folder, dotnet run launches the app and server (Kestrel and HTTP.sys only). 可通过 -c|--configuration 选项指定此配置,该选项设置为 Debug(默认值)或 ReleaseThe configuration is specified by the -c|--configuration option, which is set to either Debug (default) or Release. 如果启动配置文件位于 launchSettings.json 文件中,请使用 --launch-profile <NAME> 选项设置启动配置文件(例如 DevelopmentProduction)。If launch profiles are present in a launchSettings.json file, use the --launch-profile <NAME> option to set the launch profile (for example, Development or Production). 有关详细信息,请参阅 dotnet run.NET Core 分发打包For more information, see dotnet run and .NET Core distribution packaging.

HTTP/2 支持HTTP/2 support

以下部署方案中的 ASP.NET Core 支持 HTTP/2HTTP/2 is supported with ASP.NET Core in the following deployment scenarios:

  • KestrelKestrel
    • 操作系统Operating system
      • Windows Server 2016/Windows 10 或更高版本†Windows Server 2016/Windows 10 or later†
      • 具有 OpenSSL 1.0.2 或更高版本的 Linux(例如,Ubuntu 16.04 或更高版本)Linux with OpenSSL 1.0.2 or later (for example, Ubuntu 16.04 or later)
      • macOS 的未来版本将支持 HTTP/2。HTTP/2 will be supported on macOS in a future release.
    • 目标框架:.NET Core 2.2 或更高版本Target framework: .NET Core 2.2 or later
  • HTTP.sysHTTP.sys
    • Windows Server 2016/Windows 10 或更高版本Windows Server 2016/Windows 10 or later
    • 目标框架:不适用于 HTTP.sys 部署。Target framework: Not applicable to HTTP.sys deployments.
  • IIS(进程内)IIS (in-process)
    • Windows Server 2016/Windows 10 或更高版本;IIS 10 或更高版本Windows Server 2016/Windows 10 or later; IIS 10 or later
    • 目标框架:.NET Core 2.2 或更高版本Target framework: .NET Core 2.2 or later
  • IIS(进程外)IIS (out-of-process)
    • Windows Server 2016/Windows 10 或更高版本;IIS 10 或更高版本Windows Server 2016/Windows 10 or later; IIS 10 or later
    • 面向公众的边缘服务器连接使用 HTTP/2,但与 Kestrel 的反向代理连接使用 HTTP/1.1。Public-facing edge server connections use HTTP/2, but the reverse proxy connection to Kestrel uses HTTP/1.1.
    • 目标框架:不适用于 IIS 进程外部署。Target framework: Not applicable to IIS out-of-process deployments.

†Kestrel 在 Windows Server 2012 R2 和 Windows 8.1 上对 HTTP/2 的支持有限。†Kestrel has limited support for HTTP/2 on Windows Server 2012 R2 and Windows 8.1. 支持受限是因为可在这些操作系统上使用的受支持 TLS 密码套件列表有限。Support is limited because the list of supported TLS cipher suites available on these operating systems is limited. 可能需要使用椭圆曲线数字签名算法 (ECDSA) 生成的证书来保护 TLS 连接。A certificate generated using an Elliptic Curve Digital Signature Algorithm (ECDSA) may be required to secure TLS connections.

  • HTTP.sysHTTP.sys
    • Windows Server 2016/Windows 10 或更高版本Windows Server 2016/Windows 10 or later
    • 目标框架:不适用于 HTTP.sys 部署。Target framework: Not applicable to HTTP.sys deployments.
  • IIS(进程外)IIS (out-of-process)
    • Windows Server 2016/Windows 10 或更高版本;IIS 10 或更高版本Windows Server 2016/Windows 10 or later; IIS 10 or later
    • 面向公众的边缘服务器连接使用 HTTP/2,但与 Kestrel 的反向代理连接使用 HTTP/1.1。Public-facing edge server connections use HTTP/2, but the reverse proxy connection to Kestrel uses HTTP/1.1.
    • 目标框架:不适用于 IIS 进程外部署。Target framework: Not applicable to IIS out-of-process deployments.

HTTP/2 连接必须使用应用程序层协议协商 (ALPN) 和 TLS 1.2 或更高版本。An HTTP/2 connection must use Application-Layer Protocol Negotiation (ALPN) and TLS 1.2 or later. 有关详细信息,请参阅与服务器部署方案相关的主题。For more information, see the topics that pertain to your server deployment scenarios.

其他资源Additional resources