ASP.NET Core 中的網頁伺服器實作Web server implementations in ASP.NET Core

Tom DykstraSteve SmithStephen HalterChris Ross 提供By Tom Dykstra, Steve Smith, Stephen Halter, and Chris Ross

ASP.NET Core 應用程式執行時,需使用內含式 HTTP 伺服器實作。An ASP.NET Core app runs with an in-process HTTP server implementation. 伺服器實作會接聽 HTTP 要求,並以組成 HttpContext 的一組要求功能形式向應用程式呈現。The server implementation listens for HTTP requests and surfaces them to the app as a set of request features composed into an HttpContext.

ASP.NET Core 隨附下列項目:ASP.NET Core ships with the following:

使用 IISIIS Express 時,應用程式可能會執行於:When using IIS or IIS Express, the app either runs:

ASP.NET Core 模組是一種原生 IIS 模組,可處理 IIS 與同處理序 IIS HTTP 伺服器或 Kestrel 之間的原生 IIS 要求。The ASP.NET Core Module is a native IIS module that handles native IIS requests between IIS and the in-process IIS HTTP Server or Kestrel. 如需詳細資訊,請參閱ASP.NET Core 模組For more information, see ASP.NET Core 模組.

Kestrel 與 HTTP.sysKestrel vs. HTTP.sys

Kestrel 具有下列優於 HTTP.sys 的優點:Kestrel has the following advantages over HTTP.sys:

  • 更佳的效能和記憶體使用率。Better performance and memory utilization.
  • 跨平台Cross platform
  • 彈性,它是與作業系統無關的開發和修補。Agility, it's developed and patched independent of the OS.
  • 程式設計埠和 TLS 設定Programmatic port and TLS configuration
  • 允許 PPv2 和替代傳輸等通訊協定的擴充性。Extensibility that allows for protocols like PPv2 and alternate transports.

Http.Sys 會以共用核心模式元件的形式運作,kestrel 沒有下列功能:Http.Sys operates as a shared kernel mode component with the following features that kestrel does not have:

裝載模型Hosting models

使用同處理序裝載,ASP.NET Core 應用程式會在與其 IIS 工作者處理序相同的處理序中執行。Using in-process hosting, an ASP.NET Core app runs in the same process as its IIS worker process. 因為要求未透過回送介面卡 (將連出網路流量傳回同一部電腦的網路介面) 進行 proxy 處理,所以同處理序裝載會提供優於跨處理序裝載的效能。In-process hosting provides improved performance over out-of-process hosting because requests aren't proxied over the loopback adapter, a network interface that returns outgoing network traffic back to the same machine. IIS 透過 Windows 處理序啟用服務 (WAS) 來執行處理程序管理。IIS handles process management with the Windows Process Activation Service (WAS).

使用非同處理序代管,ASP.NET Core 應用程式可執行於與 IIS 背景工作處理序不同的處理序中,且此模組會進行處理序的管理。Using out-of-process hosting, ASP.NET Core apps run in a process separate from the IIS worker process, and the module handles process management. 此模組會在第一個要求到達時啟動 ASP.NET Core 應用程式的處理序,並在應用程式關閉或損毀時將它重新啟動。The module starts the process for the ASP.NET Core app when the first request arrives and restarts the app if it shuts down or crashes. 此行為基本上與執行同處理序,並由 Windows 處理序啟用服務 (WAS) 所管理的應用程式相同。This is essentially the same behavior as seen with apps that run in-process that are managed by the Windows Process Activation Service (WAS).

如需詳細資訊與組態指南,請參閱下列主題:For more information and configuration guidance, see the following topics:

KestrelKestrel

Kestrel 伺服器是預設、跨平台的 HTTP 伺服器實作。Kestrel server is the default, cross-platform HTTP server implementation. Kestrel 可提供最佳的效能和記憶體使用率,但 HTTP.sys 中並沒有一些先進的功能。Kestrel provides the best performance and memory utilization, but it doesn't have some of the advanced features in HTTP.sys. 如需詳細資訊,請參閱本檔中的 Kestrel 與 HTTP.sysFor more information, see Kestrel vs. HTTP.sys in this document.

使用 Kestrel:Use Kestrel:

  • 供本身當作直接從網路 (包括網際網路) 處理要求的邊緣伺服器。By itself as an edge server processing requests directly from a network, including the Internet.

    Kestrel 不使用反向 Proxy 伺服器直接與網際網路通訊

  • 搭配「反向 Proxy 伺服器」使用,例如 Internet Information Services (IIS)NginxApacheWith a reverse proxy server, such as Internet Information Services (IIS), Nginx, or Apache. 反向 Proxy 伺服器會從網際網路接收 HTTP 要求,然後轉送到 Kestrel。A reverse proxy server receives HTTP requests from the Internet and forwards them to Kestrel.

    Kestrel 透過 IIS、Nginx 或 Apache 等反向 Proxy 伺服器間接與網際網路通訊

支援裝載設定 — ,不論是否使用反向 proxy 伺服器 — 。Either hosting configuration—with or without a reverse proxy server—is supported.

如需 Kestrel 設定指南及資訊,以了解在反向 Proxy 設定中使用 Kestrel 的時機,請參閱 ASP.NET Core 中的 Kestrel 網頁伺服器實作For Kestrel configuration guidance and information on when to use Kestrel in a reverse proxy configuration, see ASP.NET Core 中的 Kestrel 網頁伺服器實作.

ASP.NET Core 隨附下列項目:ASP.NET Core ships with the following:

在使用 IISIIS Express 時,應用程式會執行於從 IIS 背景工作處理序中分離出的處理序 (跨處理序),並搭配 Kestrel 伺服器When using IIS or IIS Express, the app runs in a process separate from the IIS worker process (out-of-process) with the Kestrel server.

因為 ASP.NET Core 應用程式執行所在的處理序會與 IIS 工作者處理序分開,所以此模組會執行處理程序管理。Because ASP.NET Core apps run in a process separate from the IIS worker process, the module handles process management. 此模組會在第一個要求到達時啟動 ASP.NET Core 應用程式的處理序,並在應用程式關閉或損毀時將它重新啟動。The module starts the process for the ASP.NET Core app when the first request arrives and restarts the app if it shuts down or crashes. 此行為基本上與執行同處理序,並由 Windows 處理序啟用服務 (WAS) 所管理的應用程式相同。This is essentially the same behavior as seen with apps that run in-process that are managed by the Windows Process Activation Service (WAS).

下圖說明 IIS、ASP.NET Core 模組和跨處理序裝載應用程式之間的關聯性:The following diagram illustrates the relationship between IIS, the ASP.NET Core Module, and an app hosted out-of-process:

ASP.NET Core 模組

要求會從 Web 到達核心模式的 HTTP.sys 驅動程式。Requests arrive from the web to the kernel-mode HTTP.sys driver. 驅動程式會在網站設定的通訊埠上將要求路由至 IIS,此通訊埠通常是 80 (HTTP) 或 443 (HTTPS)。The driver routes the requests to IIS on the website's configured port, usually 80 (HTTP) or 443 (HTTPS). 此模組會在應用程式的隨機通訊埠上將要求轉送至 Kestrel,而且不會是通訊埠 80 或 443。The module forwards the requests to Kestrel on a random port for the app, which isn't port 80 or 443.

模組會在啟動時透過環境變數指定埠,而 IIS 整合中介軟體 會設定要接聽的伺服器 http://localhost:{port}The module specifies the port via an environment variable at startup, and the IIS Integration Middleware configures the server to listen on http://localhost:{port}. 將會執行額外檢查,不是源自模組的要求都會遭到拒絕。Additional checks are performed, and requests that don't originate from the module are rejected. 此模組不支援 HTTPS 轉送,因此即使由 IIS 透過 HTTPS 接收,要求還是會透過 HTTP 轉送。The module doesn't support HTTPS forwarding, so requests are forwarded over HTTP even if received by IIS over HTTPS.

Kestrel 收取來自模組的要求之後,要求會被推送至 ASP.NET Core 中介軟體管線。After Kestrel picks up the request from the module, the request is pushed into the ASP.NET Core middleware pipeline. 中介軟體管線會處理要求,並將其作為 HttpContext 執行個體傳遞至應用程式的邏輯。The middleware pipeline handles the request and passes it on as an HttpContext instance to the app's logic. IIS Integration 新增的中介軟體會更新配置、遠端 IP 和帳戶路徑基底,以將要求轉送至 Kestrel。Middleware added by IIS Integration updates the scheme, remote IP, and pathbase to account for forwarding the request to Kestrel. 應用程式的回應會傳回 IIS,而 IIS 會將其推送回起始要求的 HTTP 用戶端。The app's response is passed back to IIS, which pushes it back out to the HTTP client that initiated the request.

如需 IIS 和 ASP.NET Core 模組的設定指南,請參閱下列主題:For IIS and ASP.NET Core Module configuration guidance, see the following topics:

Nginx 與 KestrelNginx with Kestrel

如需如何在 Linux 上使用 Nginx 作為 Kestrel 反向 Proxy 伺服器的資訊,請參閱 在 Linux 上使用 Nginx 裝載 ASP.NET CoreFor information on how to use Nginx on Linux as a reverse proxy server for Kestrel, see 在 Linux 上使用 Nginx 裝載 ASP.NET Core.

Apache 與 KestrelApache with Kestrel

如需如何在 Linux 上使用 Apache 作為 Kestrel 反向 Proxy 伺服器的資訊,請參閱 在 Linux 上使用 Apache 裝載 ASP.NET CoreFor information on how to use Apache on Linux as a reverse proxy server for Kestrel, see 在 Linux 上使用 Apache 裝載 ASP.NET Core.

HTTP.sysHTTP.sys

如果您在 Windows 上執行 ASP.NET Core 應用程式,則 HTTP.sys 是 Kestrel 的替代方案。If ASP.NET Core apps are run on Windows, HTTP.sys is an alternative to Kestrel. 除非應用程式需要 Kestrel 中未提供的功能,否則建議使用 Kestrel 來進行 HTTP.sys。Kestrel is recommended over HTTP.sys unless the app requires features not available in Kestrel. 如需詳細資訊,請參閱ASP.NET Core 中的 HTTP.sys 網頁伺服器實作For more information, see ASP.NET Core 中的 HTTP.sys 網頁伺服器實作.

HTTP.sys 直接與網際網路通訊

HTTP.sys 也可用於只公開到內部網路的應用程式。HTTP.sys can also be used for apps that are only exposed to an internal network.

HTTP.sys 直接與內部網路通訊

如需 HTTP.sys 設定指南,請參閱 ASP.NET Core 中的 HTTP.sys 網頁伺服器實作For HTTP.sys configuration guidance, see ASP.NET Core 中的 HTTP.sys 網頁伺服器實作.

ASP.NET Core 伺服器基礎結構ASP.NET Core server infrastructure

Startup.Configure 方法提供的 IApplicationBuilder 會公開類型IFeatureCollectionServerFeatures 屬性。The IApplicationBuilder available in the Startup.Configure method exposes the ServerFeatures property of type IFeatureCollection. Kestrel 與 HTTP.sys 只會公開 IServerAddressesFeature 功能,但不同的伺服器實作則可能會公開更多的功能。Kestrel and HTTP.sys only expose a single feature each, IServerAddressesFeature, but different server implementations may expose additional functionality.

IServerAddressesFeature 可用來找出伺服器實作在執行階段已繫結的連接埠。IServerAddressesFeature can be used to find out which port the server implementation has bound at runtime.

自訂伺服器Custom servers

如果內建伺服器不符合應用程式的需求,則可以建立自訂伺服器實作。If the built-in servers don't meet the app's requirements, a custom server implementation can be created. Open Web Interface for .NET (OWIN) 指南示範如何撰寫採用 NowinIServer 實作。The Open Web Interface for .NET (OWIN) guide demonstrates how to write a Nowin-based IServer implementation. 只有該應用程式使用的功能介面才需要實作,但至少須支援 IHttpRequestFeatureIHttpResponseFeatureOnly the feature interfaces that the app uses require implementation, though at a minimum IHttpRequestFeature and IHttpResponseFeature must be supported.

伺服器啟動Server startup

伺服器會在整合式開發環境 (IDE) 或編輯器啟動應用程式時啟動:The server is launched when the Integrated Development Environment (IDE) or editor starts the app:

當您在專案資料夾中使用命令提示字元啟動應用程式時,dotnet run 會啟動應用程式和伺服器 (僅限 Kestrel 和 HTTP.sys)。When launching the app from a command prompt in the project's folder, dotnet run launches the app and server (Kestrel and HTTP.sys only). 組態是由 -c|--configuration 選項指定,會設為 Debug (預設值) 或 ReleaseThe configuration is specified by the -c|--configuration option, which is set to either Debug (default) or Release.

當使用或工具內建的偵錯工具(例如 Visual Studio)來啟動應用程式時,檔案 上的launchSettings.js 會提供設定 dotnet runA launchSettings.json file provides configuration when launching an app with dotnet run or with a debugger built into tooling, such as Visual Studio. 如果啟動設定檔存在於檔案的 launchSettings.js 中,請使用 --launch-profile {PROFILE NAME} 選項搭配 dotnet run 命令或選取 Visual Studio 中的設定檔。If launch profiles are present in a launchSettings.json file, use the --launch-profile {PROFILE NAME} option with the dotnet run command or select the profile in Visual Studio. 如需詳細資訊,請參閱 dotnet run.NET Core 發佈封裝For more information, see dotnet run and .NET Core distribution packaging.

HTTP/2 支援HTTP/2 support

在下列部署案例中,ASP.NET Core 支援 HTTP/2HTTP/2 is supported with ASP.NET Core in the following deployment scenarios:

  • KestrelKestrel
    • 作業系統Operating system
      • Windows Server 2016/Windows 10 或更新版本†Windows Server 2016/Windows 10 or later†
      • Linux 含 OpenSSL 1.0.2 或更新版本 (例如 Ubuntu 16.04 或更新版本)Linux with OpenSSL 1.0.2 or later (for example, Ubuntu 16.04 or later)
      • 未來版本的 macOS 將會支援 HTTP/2。HTTP/2 will be supported on macOS in a future release.
    • 目標 Framework:.NET Core 2.2 或更新版本Target framework: .NET Core 2.2 or later
  • HTTP.sysHTTP.sys
    • Windows Server 2016/Windows 10 或更新版本Windows Server 2016/Windows 10 or later
    • 目標 Framework:不適用於 HTTP.sys 部署。Target framework: Not applicable to HTTP.sys deployments.
  • IIS (同處理序)IIS (in-process)
    • Windows Server 2016/Windows 10 或更新版本;IIS 10 或更新版本Windows Server 2016/Windows 10 or later; IIS 10 or later
    • 目標 Framework:.NET Core 2.2 或更新版本Target framework: .NET Core 2.2 or later
  • IIS (跨處理序)IIS (out-of-process)
    • Windows Server 2016/Windows 10 或更新版本;IIS 10 或更新版本Windows Server 2016/Windows 10 or later; IIS 10 or later
    • 公眾對應 Edge Server 連線使用 HTTP/2,但是對 Kestrel 的反向 Proxy 連線使用 HTTP/1.1。Public-facing edge server connections use HTTP/2, but the reverse proxy connection to Kestrel uses HTTP/1.1.
    • 目標 Framework:不適用於 IIS 跨處理序部署。Target framework: Not applicable to IIS out-of-process deployments.

†Kestrel 在 Windows Server 2012 R2 與 Windows 8.1 對 HTTP/2 的支援有限。†Kestrel has limited support for HTTP/2 on Windows Server 2012 R2 and Windows 8.1. 支援有限的原因是這些作業系統上的支援 TLS 密碼編譯套件清單有限。Support is limited because the list of supported TLS cipher suites available on these operating systems is limited. 可能需要使用橢圓曲線數位簽章演算法 (ECDSA) 產生的憑證來保護 TLS 連線。A certificate generated using an Elliptic Curve Digital Signature Algorithm (ECDSA) may be required to secure TLS connections.

  • KestrelKestrel
    • 作業系統Operating system
      • Windows Server 2016/Windows 10 或更新版本†Windows Server 2016/Windows 10 or later†
      • Linux 含 OpenSSL 1.0.2 或更新版本 (例如 Ubuntu 16.04 或更新版本)Linux with OpenSSL 1.0.2 or later (for example, Ubuntu 16.04 or later)
      • 未來版本的 macOS 將會支援 HTTP/2。HTTP/2 will be supported on macOS in a future release.
    • 目標 Framework:.NET Core 2.2 或更新版本Target framework: .NET Core 2.2 or later
  • HTTP.sysHTTP.sys
    • Windows Server 2016/Windows 10 或更新版本Windows Server 2016/Windows 10 or later
    • 目標 Framework:不適用於 HTTP.sys 部署。Target framework: Not applicable to HTTP.sys deployments.
  • IIS (同處理序)IIS (in-process)
    • Windows Server 2016/Windows 10 或更新版本;IIS 10 或更新版本Windows Server 2016/Windows 10 or later; IIS 10 or later
    • 目標 Framework:.NET Core 2.2 或更新版本Target framework: .NET Core 2.2 or later
  • IIS (跨處理序)IIS (out-of-process)
    • Windows Server 2016/Windows 10 或更新版本;IIS 10 或更新版本Windows Server 2016/Windows 10 or later; IIS 10 or later
    • 公眾對應 Edge Server 連線使用 HTTP/2,但是對 Kestrel 的反向 Proxy 連線使用 HTTP/1.1。Public-facing edge server connections use HTTP/2, but the reverse proxy connection to Kestrel uses HTTP/1.1.
    • 目標 Framework:不適用於 IIS 跨處理序部署。Target framework: Not applicable to IIS out-of-process deployments.

†Kestrel 在 Windows Server 2012 R2 與 Windows 8.1 對 HTTP/2 的支援有限。†Kestrel has limited support for HTTP/2 on Windows Server 2012 R2 and Windows 8.1. 支援有限的原因是這些作業系統上的支援 TLS 密碼編譯套件清單有限。Support is limited because the list of supported TLS cipher suites available on these operating systems is limited. 可能需要使用橢圓曲線數位簽章演算法 (ECDSA) 產生的憑證來保護 TLS 連線。A certificate generated using an Elliptic Curve Digital Signature Algorithm (ECDSA) may be required to secure TLS connections.

  • HTTP.sysHTTP.sys
    • Windows Server 2016/Windows 10 或更新版本Windows Server 2016/Windows 10 or later
    • 目標 Framework:不適用於 HTTP.sys 部署。Target framework: Not applicable to HTTP.sys deployments.
  • IIS (跨處理序)IIS (out-of-process)
    • Windows Server 2016/Windows 10 或更新版本;IIS 10 或更新版本Windows Server 2016/Windows 10 or later; IIS 10 or later
    • 公眾對應 Edge Server 連線使用 HTTP/2,但是對 Kestrel 的反向 Proxy 連線使用 HTTP/1.1。Public-facing edge server connections use HTTP/2, but the reverse proxy connection to Kestrel uses HTTP/1.1.
    • 目標 Framework:不適用於 IIS 跨處理序部署。Target framework: Not applicable to IIS out-of-process deployments.

HTTP/2 連線必須使用 Application-Layer Protocol Negotiation (ALPN) 和 TLS 1.2 或更新版本。An HTTP/2 connection must use Application-Layer Protocol Negotiation (ALPN) and TLS 1.2 or later. 如需詳細資訊,請參閱與伺服器部署案例相關的主題。For more information, see the topics that pertain to your server deployment scenarios.

其他資源Additional resources