I am trying to mount an azure file share to a Web App for Containers (linux) service. This is a .net Core 3 web api app with an angular front end. The app container runs perfectly locally when I mount a local drive to load the exact same files as in the file share.
according to the docker docs for azure file share I should set my docker compose file to be the following:
version: '3.4'
services:
webui:
image: ${DOCKER_REGISTRY-}webui
build:
context: .
dockerfile: src/WebUI/Dockerfile
environment:
- "UseInMemoryDatabase=false"
- "ASPNETCORE_ENVIRONMENT=Production"
- "ConnectionStrings__DefaultConnection=Server="
- "ASPNETCORE_Kestrel__Certificates__Default__Path=/security/mycertfile.pfx"
- "ASPNETCORE_Kestrel__Certificates__Default__Password=Your_password123"
ports:
- "5000:5000"
- "5001:5001"
volumes:
- mcpdata:"/security:/security"
restart: always
volumes:
mcpdata:
driver: azure_file
driver_opts:
share_name: sharename
storage_account_name: storageaccountname
In the configuration for my web app I have created the following file mount:
I can confirm that the file share contains the file referenced in the environment variables: mcpdata/security/mycertfile.pfx
PROBLEM:
When the container is run by the service it gives an error:
System.InvalidOperationException: There was an error loading the certificate. The file '/security/mycert.pfx' was not found.
WHAT I TIRED:
- Because the container fails I cannot ssh into it to check for the files. So i pull the image from azure container registry locally and then do a docker export -o dump.tar . I then extract the files and the security folder is not created.
- I also tried just referencing the named file share directly in the docker compose file by removing the top level mount definition from the docker compose file. removed code shown below:
volumes:
mcpdata:
driver: azure_file
driver_opts:
share_name: sharename
storage_account_name: storageaccountname
QUESTION:
Can someone help me connect an azure file share to my container, or help me confirm where the files are mounted when the container fails.
EDIT 1:
attempt to add file share mount with azure cli. I used the following command to add the file share mount to my web app:
az webapp config storage-account add --resource-group "rgname" --name "appname" --slot development --custom-id fsmount001 --storage-type AzureFiles --share-name "sname" --account-name "aname" --access-key "key" --mount-path /
this command works and creates the file mount, however I still get the error that it cannot find the cert file in the /security/ folder
If I bash into the app via kudu and not the container itself, I can see that the file mount exists and is named security in the root of the web app.
EDIT 2: SOLUTION
set up the file mount with the following command:
az webapp config storage-account add --resource-group "rgname" --name "appname" --slot development --custom-id fsmount001 --storage-type AzureFiles --share-name "sname" --account-name "aname" --access-key "key" --mount-path /security/security/
In docker compose I use:
volumes:
- fsmount001: /security:/security
In appsettings.Production.json:
"IdentityServer": {
"Key": {
"Type": "File",
"FilePath": "/security/mycert.pfx",
"Password": "password"
}
}
This is what my file mount settings look like in the azure portal under configuration -> path mappings:
Inside the file mount is a folder called security which contains the cert file.
Thanks to Charles help and I hope this helps someone else!
- mcpdata:"/security:/security"or just- mcpdata:/security– Thanh Nguyen Van- mcpdata:"/security/securitydid not work and neither did-mcpdata:/security– J King