I have deployd an Asp.Net MVC application to an app service in azure and scaled it out to 2 instances.
Sometimes I need to restart an instance, but I only find a way to restart the whole web app. Is there a way to restart one instance only? Even removing the instance and then creating a new one would work for me.
There is no super clean way to do this, but it is still possible to achieve with the following steps:
Go to the Web App in the portal
Choose Process Explorer from Tools menu
You'll see processes for all instances. You can right click on specific w3wp's and kill them, which effectively restarts the site. You don't have to kill the Kudu process (the one with the K icon) if you only want to restart the site. For WebJobs, kill Kudu as well.
You can now restart an instance of an App Service Plan from the App Service Plans - Reboot Worker page in the Azure docs. You can restart the instance directly from that page using the 'Try it' feature.
Visit the Reboot Worker page
Login using an account from the Azure tenant containing the App Service Plan
Click 'Try it'
In the right hand pane enter the Name of the App Service plan and the resource group which contains the plan
Select the Azure subscription which contains the App Service plan
Enter the name of the work machine (instance) you wish to restart. This value typically starts with RD and may be found using the metric and diagnostic tools for the Web App in the Azure Portal.
Click the green Run button at the below the request preview.
If you are using App Services then, unfortunately, this is not possible. You can only update the no. of instances.
But as an alternative, you can decrease the number of instances and then increase back again. Or if you want more granular control, for any reason, then you can deploy the web app in IaaS Virtual Machine workloads and setup instances manually.
At the time of this posting, there is a Health Check (Preview) feature mentioned in the Azure Portal under the "Diagnose and solve problems -> Best Practices" blade for an App Service.
Health Check feature automatically removes a faulty instance from rotation, thus improving availability.
This feature will ping the specified health check path on all instances of your webapp every 2 minutes. If an instance does not respond within 10 minutes (5 pings), the instance is determined to be unhealthy and our service will stop routing requests to it.
It is highly recommended for production apps to utilize this feature and minimize any potential downtime caused due to a faulty instance.
Note : Health Check feature only works for applications that are hosted on more than one instance. For more information check the documentation below.
You can restart individual instances using "Advanced Application Restart", which you can find under diagnostic tools for your App Service in the Azure Portal.
Related
I am building a ASP.Net Core Web App which I am trying to host in the Azure portal. We have requirement that these Applications can be accessed only certain times in a week, those times are stored in the Azure Database. Is it possible to make the App Available/Accessible to the users upon looking at database
Here the Setting is that the application should be available only between 14:00 - 16:30 on TUESDAY. When I tried to research we can schedule tasks/workflows in the portal but couldnt find what I am looking for. All I wanted to know is this requirement possible, if so please share the idea.. I am new Web App development and Azure deployment, any help is greatly appreciated
This feature is not available in Azure out of the box. This is something you will have to handle yourself.
One obvious way to implement this would be to check if the application should be available on every request. If the request day and time falls between the available times set in the database, you show your users the website content otherwise show them some kind of not available message.
A more complicated way would be to make use of App_offline.htm file to make your site unavailable. You can dynamically add/delete App_offline.htm file to your WebApp based on the day/time when you want your site to be offline/online.
However please note that while your site is offline, you will still be charged for the WebApp as the resources keep remain provisioned.
You can use Azure Automation Service to orchestrate processes like this. You will have to create a runbook (script in python or powershell) that will query the DB and figure out the times when the Azure Website hosting your webapplication should be started or stopped.
I'm working on an ASP.net MVC project and I noticed that when the web app gets published, IIS doesn't build a cache or anything for the views until a controller has been hit. So in other words it can take a very long time for a visitor to get the page loaded if they happen to be the first person to visit the page after the whole project gets republished.
To counter this, I'd have to manually hit every endpoint with a view in the project once. When the project first started this was a simple task but as you can imagine right now this is not maintainable.
My question is how do I execute a batch of curl commands to the endpoints with views in the project? I'm not sure where to start. Is there a programmatic way to create the batch command and append it to the AfterPublish event?
The behaviour you're encountering is due to Application Pool Start Mode in IIS. Instead of implementing AfterPublish events, you're probably better off configuring your Application Pool to do what you want it to do.
Start Mode
A few web applications take a significant amount of time to start up. IIS by default only launches a worker process when the first request for the web application is received. So for the web applications that require a longer time to initialize, users might see slow responses.
For such applications it is a good idea to launch the worker process as soon as IIS is started. The application pools have a startMode setting which when set to AlwaysRunning launches the worker process for the application pool as soon as IIS is started.
IIS 8 provides you this setting in the Application Pool Settings UI.
Source: https://blogs.msdn.microsoft.com/vijaysk/2012/10/09/iis-8-whats-new-application-pool-settings/
If you really want to run those actions after you publish the website, you'll have to learn more about the Visual Studio build process. This link can get you started: https://learn.microsoft.com/en-ca/visualstudio/msbuild/how-to-extend-the-visual-studio-build-process?view=vs-2017
So I have Windows Server 2016 TP5 and I'm playing around with the containers. I am able to do basic docker tasks fine. I'm trying to figure out how to containerize some of our IIS-hosted web applications.
Thing is, we usually use integrated authentication for the DB and use domain service accounts for the app pool. I currently don't have a test VM (that is in a domain) so I can't test if this will work inside a container.
If the host is joined to an AD domain, are its containers also part of the domain? Can I still run processes using domain accounts?
EDIT:
Also, if I specify the "USER" in the dockerfile, does this mean that my app pool will run using that (instead of the app pool identity)?
There are at least some scenarios where AD-integration in Docker container actually works:
You need to access network resources with AD credentials.
Run cmdkey /add:<network-resource-uri>[:port] /user:<ad-user> /pass:<pass> under local identity that needs this access
To apply the same trick to IIS apps without modifying AppPoolIdentity you'll need a simplest .ashx wrapper around cmdkey (Note: you'll have to call this wrapper in run-time, e.g.: during ENTRYPOINT, otherwise network credentials will be mapped to different local identity)
You need to run code under AD user
Impersonate using ADVAPI32 function LogonUser with LOGON32_LOGON_NEW_CREDENTIALS and LOGON32_PROVIDER_DEFAULT as suggested
You need transport layer network security, like when making RPC calls (e.g.: MSDTC) to an AD-based resources.
Set up gMSA by using any guide that suites you best. Note however, that gMSA requires Docker host to be in the domain.
Update: this answer is no longer relevant - was for 2016 TP5. AD support has been added in later releases
Original answer
Quick answer - no, containers are not supported as part of AD so you can't use AD accounts to run processes within a container or authenticate with it
This used to be mentioned on the MS Containers site but the original link now redirects.
Original wording (CTP 3 or 4?):
"Containers cannot join Active Directory domains, and cannot run services or applications as domain users, service accounts, or machine accounts."
I don't know if that will change in a later release.
Someone tried to hack around it but with no joy.
You can't join containers to a domain but if your app needs to authenticate then you can use managed service accounts. Saves you the hassle of having to deal with packaging passwords.
https://msdn.microsoft.com/en-us/virtualization/windowscontainers/management/manage_serviceaccounts
I am creating a utility that runs as a service and starts applications. As long as I log in as an admin and start the service it will run the applications. I log out and the service (and applications) continue to run. But, if another user logs in with different credentials they cannot access the front end GUI of the applications started by the service utility.
I was wondering if there is a built in account which I could use that may solve the issue? Or if anyone has any ideas or insight in the matter?
Windows Services can only be set to "interactive" when run in the system account. Notice the placement of the "Allow service to interact with desktop" checkbox on the Log On tab when configuring the service (via the Control Panel Services application).
Beyond that, are the other users logging in via RDP? Run mstsc with the "/admin" flag to ensure that they are going to Session 0 where the service will display its windows.
And finally, beware interactive services! You are probably on Windows XP or 2003 which is why it kind-of works, but Windows Vista, 7 and 2008 behave very differently (search for "Session 0 isolation").
I have an ASP.NET MVC web application which is hosted by an external provider, on IIS 7.
I wish to run a process every 15 minutes or so, which checks a backlog of emails that need to be sent, and actually sends them.
It seems that the normal way to do this is with Microsoft Message Queue, but since this is a hosted environment which I can't directly control, I won't be able to install or configure MSMQ.
So far I've decided to do it by appending rows to a table in my SQL Server database (same hosting).
So how should I implement the bit where I check the backlog and send the emails?
Should it be some kind of separate thread in my main web application, which restarts itself every 15 minutes?
Another option I considered was just opening an HTTP-POST interface which, when called with an appropriate admin password, runs an iteration of the email sender.
I could then create a small console app on my local PC which calls the interface every 15 minutes.
The first option is simpler, but the second might be more robust.
Any ideas?
I would recommend you taking a look at Quartz.NET. Also an important thing you should be aware is that the web server could unload the ASP.NET application from memory if it is not used meaning that all threads that have been spawned would simply die. That's one of the reasons why such tasks shouldn't be performed in ASP.NET applications but rather offloaded in Windows Services.
Jeff Atwood did a post on how he originally achieved the badge system on Stack Overflow using an expiring cache to reset the process periodically.
https://blog.stackoverflow.com/2008/07/easy-background-tasks-in-aspnet/
I have done something similar to this in the past sending emails out every day. The service was non essential, and it didn't matter if the emails missed a day or two, as they would go out eventually anyway, but the system worked quite well. It's all asp.net so works fine in the hosting environments I use, without access to service on the server or creating a local trigger from your desktop.