在 Web 场中托管 ASP.NET CoreHost ASP.NET Core in a web farm

作者:Luke LathamChris RossBy Luke Latham and Chris Ross

Web 场包含两个或多个 Web 服务器(亦称为“节点”),用于托管应用的多个实例。A web farm is a group of two or more web servers (or nodes) that host multiple instances of an app. 若有用户请求到达 Web 场,负载均衡器会将请求分发到 Web 场中的各个节点。When requests from users arrive to a web farm, a load balancer distributes the requests to the web farm's nodes. Web 场提高了:Web farms improve:

  • 可靠性/可用性 – 如果一个或多个节点失败,负载均衡器可以将请求路由到其他正常运行的节点,以继续处理请求。Reliability/availability – When one or more nodes fail, the load balancer can route requests to other functioning nodes to continue processing requests.
  • 容量/性能 – 多个节点可以处理的请求数多于一个服务器。Capacity/performance – Multiple nodes can process more requests than a single server. 负载均衡器均衡工作负载的方式是,将请求分发到各个节点。The load balancer balances the workload by distributing requests to the nodes.
  • 可伸缩性 – 如果需要更多或更少容量,可以增加或减少活动节点数,与工作负载保持一致。Scalability – When more or less capacity is required, the number of active nodes can be increased or decreased to match the workload. Azure 应用服务等 Web 场平台技术可以应系统管理员的请求自动添加或删除节点,也可以自动开始,而无需人为干预。Web farm platform technologies, such as Azure App Service, can automatically add or remove nodes at the request of the system administrator or automatically without human intervention.
  • 可维护性 – Web 场节点可以依赖一组共享服务,这就简化了系统管理。Maintainability – Nodes of a web farm can rely on a set of shared services, which results in easier system management. 例如,Web 场中的节点可以依赖单一数据库服务器,以及静态资源(如图像和可下载文件)的公用网络位置。For example, the nodes of a web farm can rely upon a single database server and a common network location for static resources, such as images and downloadable files.

本主题介绍了在 Web 场中托管且依赖共享资源的 ASP.NET Core 应用的配置和依赖项。This topic describes configuration and dependencies for ASP.NET core apps hosted in a web farm that rely upon shared resources.

常规配置General configuration

托管和部署 ASP.NET Core
了解如何设置托管环境和部署 ASP.NET Core 应用。Learn how to set up hosting environments and deploy ASP.NET Core apps. 对 Web 场中的每个节点配置进程管理器,以自动启动和重启应用。Configure a process manager on each node of the web farm to automate app starts and restarts. 每个节点都需要 ASP.NET Core 运行时。Each node requires the ASP.NET Core runtime. 有关详细信息,请参阅文档的托管和部署区域中的主题。For more information, see the topics in the Host and deploy area of the documentation.

配置 ASP.NET Core 以使用代理服务器和负载均衡器
了解在代理服务器和负载均衡器后方托管的应用程序的配置,这通常会隐藏重要的请求信息。Learn about configuration for apps hosted behind proxy servers and load balancers, which often obscure important request information.

将 ASP.NET Core 应用部署到 Azure 应用服务
Azure 应用服务是一个用于托管 Web 应用(包括 ASP.NET Core)的 Microsoft 云计算平台服务Azure App Service is a Microsoft cloud computing platform service for hosting web apps, including ASP.NET Core. 应用服务是提供自动缩放、负载均衡、修补和持续部署的完全托管平台。App Service is a fully managed platform that provides automatic scaling, load balancing, patching, and continuous deployment.

应用数据App data

如果应用已缩放为多个实例,可能会有需要跨节点共享的应用状态。When an app is scaled to multiple instances, there might be app state that requires sharing across nodes. 若为暂时状态,建议共享 IDistributedCacheIf the state is transient, consider sharing an IDistributedCache. 如果需要暂留共享状态,建议在数据库中存储共享状态。If the shared state requires persistence, consider storing the shared state in a database.

必需配置Required configuration

必需为部署到 Web 场的应用配置数据保护和缓存。Data Protection and Caching require configuration for apps deployed to a web farm.

数据保护Data Protection

应用使用 ASP.NET Core 数据保护系统来保护数据。The ASP.NET Core Data Protection system is used by apps to protect data. 数据保护系统依赖一组在密钥环中存储的加密密钥。Data Protection relies upon a set of cryptographic keys stored in a key ring. 初始化后,数据保护系统会应用在本地存储密钥环的默认设置When the Data Protection system is initialized, it applies default settings that store the key ring locally. 根据默认配置,唯一密钥环存储在 Web 场的各个节点上。Under the default configuration, a unique key ring is stored on each node of the web farm. 因此,Web 场中的每个节点都无法解密应用在其他任何节点上加密的数据。Consequently, each web farm node can't decrypt data that's encrypted by an app on any other node. 默认配置通常不适合在 Web 场中托管应用。The default configuration isn't generally appropriate for hosting apps in a web farm. 若要实现共享密钥环,可以改为始终将用户请求路由到相同的节点。An alternative to implementing a shared key ring is to always route user requests to the same node. 若要详细了解与 Web 场部署有关的数据保护系统配置,请参阅配置 ASP.NET Core 数据保护For more information on Data Protection system configuration for web farm deployments, see 配置 ASP.NET Core 数据保护.


在 Web 场环境中,缓存机制必须跨 Web 场中的节点共享缓存项。In a web farm environment, the caching mechanism must share cached items across the web farm's nodes. 缓存必须依赖公用 Redis 缓存、共享 SQL Server 数据库,或跨 Web 场共享缓存项的自定义缓存实现。Caching must either rely upon a common Redis cache, a shared SQL Server database, or a custom caching implementation that shares cached items across the web farm. 有关更多信息,请参见ASP.NET Core 中的分布式缓存For more information, see ASP.NET Core 中的分布式缓存.

依赖组件Dependent components

下面的方案无需其他配置,但依赖需要配置 Web 场的技术。The following scenarios don't require additional configuration, but they depend on technologies that require configuration for web farms.

方案Scenario 依赖…Depends on …
身份验证Authentication 数据保护(请参阅配置 ASP.NET Core 数据保护)。Data Protection (see 配置 ASP.NET Core 数据保护).

有关详细信息,请参阅 使用 cookie 而无需 ASP.NET Core 标识的身份验证在 ASP.NET 应用中共享身份验证 cookieFor more information, see 使用 cookie 而无需 ASP.NET Core 标识的身份验证 and 在 ASP.NET 应用中共享身份验证 cookie.
标识Identity 身份验证和数据库配置。Authentication and database configuration.

有关更多信息,请参见ASP.NET Core 上的标识简介For more information, see ASP.NET Core 上的标识简介.
会话Session 数据保护(加密 Cookie)(请参阅配置 ASP.NET Core 数据保护)和缓存(请参阅ASP.NET Core 中的分布式缓存)。Data Protection (encrypted cookies) (see 配置 ASP.NET Core 数据保护) and Caching (see ASP.NET Core 中的分布式缓存).

有关详细信息,请参阅会话和应用状态:会话状态For more information, see Session and app state: Session state.
TempDataTempData 数据保护(加密 Cookie)(请参阅配置 ASP.NET Core 数据保护)或会话(请参阅会话和应用状态:会话状态)。Data Protection (encrypted cookies) (see 配置 ASP.NET Core 数据保护) or Session (see Session and app state: Session state).

有关详细信息,请参阅会话和应用状态:TempDataFor more information, see Session and app state: TempData.
防伪造Anti-forgery 数据保护(请参阅配置 ASP.NET Core 数据保护)。Data Protection (see 配置 ASP.NET Core 数据保护).

有关更多信息,请参见在 ASP.NET Core 防止跨站点请求伪造 (XSRF/CSRF) 攻击For more information, see 在 ASP.NET Core 防止跨站点请求伪造 (XSRF/CSRF) 攻击.


数据保护和缓存Data Protection and caching

如果未为 Web 场环境配置数据保护或缓存,就会在处理请求时发生间歇性错误。When Data Protection or caching isn't configured for a web farm environment, intermittent errors occur when requests are processed. 之所以会发生这种情况是因为,节点不共享相同的资源,并且用户请求并不总是路由回同一节点。This occurs because nodes don't share the same resources and user requests aren't always routed back to the same node.

假设用户通过 Cookie 身份验证来登录应用。Consider a user who signs into the app using cookie authentication. 用户在 Web 场中的一个节点上登录应用。The user signs into the app on one web farm node. 如果用户的下一个请求到达登录应用时所用的同一节点,应用便能解密身份验证 Cookie,并允许用户访问应用资源。If their next request arrives at the same node where they signed in, the app is able to decrypt the authentication cookie and allows access to the app's resource. 如果用户的下一个请求到达其他节点,应用便无法从用户登录时所用的节点解密身份验证 Cookie,并且无法授权用户请求获取的资源。If their next request arrives at a different node, the app can't decrypt the authentication cookie from the node where the user signed in, and authorization for the requested resource fails.

如果以下任一症状间歇性出现,问题原因通常是为 Web 场环境配置的数据保护或缓存不正确:When any of the following symptoms occur intermittently, the problem is usually traced to improper Data Protection or caching configuration for a web farm environment:

  • 身份验证中断 – 身份验证 Cookie 配置不正确或无法解密。Authentication breaks – The authentication cookie is misconfigured or can't be decrypted. OAuth(Facebook、Microsoft、Twitter)或 OpenIdConnect 登录失败,出现错误“关联失败”。OAuth (Facebook, Microsoft, Twitter) or OpenIdConnect logins fail with the error "Correlation failed."
  • 授权中断 – 标识丢失。Authorization breaks – Identity is lost.
  • 会话状态丢失数据。Session state loses data.
  • 缓存项消失。Cached items disappear.
  • TempData 失败。TempData fails.
  • POST 失败 – 防伪造检查失败。POSTs fail – The anti-forgery check fails.

若要详细了解与 Web 场部署有关的数据保护配置,请参阅配置 ASP.NET Core 数据保护For more information on Data Protection configuration for web farm deployments, see 配置 ASP.NET Core 数据保护. 若要详细了解与 Web 场部署有关的缓存配置,请参阅ASP.NET Core 中的分布式缓存For more information on caching configuration for web farm deployments, see ASP.NET Core 中的分布式缓存.

从应用中获取数据Obtain data from apps

如果 Web 场应用能够响应请求,则使用终端内联中间件从应用中获取请求、连接和其他数据。If the web farm apps are capable of responding to requests, obtain request, connection, and additional data from the apps using terminal inline middleware. 有关详细信息和示例代码,请参阅解决 ASP.NET Core 项目For more information and sample code, see 解决 ASP.NET Core 项目.