Deploy WebApp to Azure with Zero downtime from VS2015

Question

I'm trying to publish my web app from VS without no downtime. If you search in Google, you find the official documentation speaking about using slots and do a swap later.

This is a good approach, but I have other problem when I do the swap, logins are lost (look this question: link).

Relevant information in the link:

Session is not linked to Authentication, you're attempting to solve it in the wrong way.

All forms authentication tickets and cookies are encrypted and signed using the data protection layer. The problem you are encountering is due to the encryption keys not being saved, and applications being isolated from each other.

How can I do that? In AWS I had rolling updates...

For more information, I'm using ASP.NET Core with Identity 3.0

Thanks!!

score 2 · Accepted Answer · answered Apr 09 '16 at 17:23

2

What you're seeing is an azure limitation right now. While Azure Web Sites will share the key ring it sees swap slots as separate applications.

There are a couple of things to try.

First, set a common application name. This will help because every application which shares the keyring is isolated by default; but if they share the application name they can share keys

public void ConfigureServices(IServiceCollection services)
{
    services.AddDataProtection();
    services.ConfigureDataProtection(configure =>
    {
        configure.SetApplicationName("my application");
    });
}

If that's not enough for azure (I am honestly unsure if hot swaps end up using Azure Web App's shared key folder) you can combine that with using Azure Data Tables for storing the encryption keys - https://github.com/GrabYourPitchforks/DataProtection.Azure/tree/dev

Between those two it should get the encryption keys used to protect identity cookies shared between your apps.

answered Apr 09 '16 at 17:23

blowdart

55,577
12
114
149

I have tested setting application name before with no results... , I have bern speaking with Microsoft Spain to tell my problem... We are migrating from AWS to Azure with Bizspark plan... Thanks for your time and answer, I will test the other option... – chemitaxis Apr 09 '16 at 17:28
1

I've emailed some folks on the web apps team to see if the key ring is shared or not – blowdart Apr 09 '16 at 17:52
Hi @blowdart I have tested it and works like a charm. Thanks again!! – chemitaxis Apr 12 '16 at 15:45
Excellent! I'll see about creating a repository provider project and nuget package for you – blowdart Apr 12 '16 at 15:47
Hi @blowdart... I have talk with support Microsoft and we have detected an error with your code, it makes that my web app down... I have made memory dumps, and the info is : As we can see later on, as threads are being added to thread pool, the Task is still not being activated thus leading to a "permanent" hang. Do you know another option to make it work? Thanks again. If you need more info I can send you all the dumps or whatever you want ;) – chemitaxis Jun 01 '16 at 20:04
More info: Code that spins up the Task is this: private async Task> GetAllElementsAsync(ICloudBlob blobRef) { AzureBlobXmlRepository.BlobData blobData = (AzureBlobXmlRepository.BlobData) await this.GetLatestDataAsync(blobRef); return blobData != null ? (IList) Enumerable.ToList(this.CreateDocumentFromBlob(blobData.BlobContents).Root.Elements()) : (IList) new XElement[0]; } – chemitaxis Jun 01 '16 at 20:11
Root of the "performance" issue here is retrieval of some keys (apparently from Azure Blob). It's being done in a Task, and as far as I can tell this Task has not been spun up yet. *Currently* there are no threads to serve that task (as threadpool is maxed out). – chemitaxis Jun 01 '16 at 21:37

score 0 · Answer 2 · answered Sep 09 '16 at 10:38

I found a fork for aspnet core 1.0, for those interested:

https://github.com/prajaybasu/DataProtection.Azure/tree/dev/DataProtection.Azure

just like the other one, it stores encryption keys on an azure storage account. It completely solved my problem.

Starting from blowdart's solution I solved my issue, so thanks.

Andrea

score -1 · Answer 3 · answered Apr 09 '16 at 10:44

-1

Are you using in-memory session state?

The problem with 'logins' being 'lost' is an architecture issue, not an issue with updating your web app.

Use something like RedisCache for session state. Not only will it persist when you update your application, but it will handle load-balancing on multiple server instances. As it sits you'll probably have this issue when you scale out to more than one server, in addition to when you update your app.

answered Apr 09 '16 at 10:44

Le-roy Staines

2,037
2
22
40

Hi, logins with identity 3.0 don't use session... Read the link attached in my question please. Thanks!! – chemitaxis Apr 09 '16 at 10:46
1

If there is important information in another post then you should include it in your post. I am not going to browse external links by statement of "look at this qustion" – Le-roy Staines Apr 09 '16 at 10:47
Sorry LeRoy, I have added that Im using Identity 3.0... I will add more information, but this is not the typical problem that session is not storing in DB or whatever, I dont use session in all my application. – chemitaxis Apr 09 '16 at 10:49
1

All good and thanks for clarifying! Without diving into it myself, I do not know. Sorry! – Le-roy Staines Apr 09 '16 at 10:50

Deploy WebApp to Azure with Zero downtime from VS2015

3 Answers3