Giters

Azure / Azurite

A lightweight server clone of Azure Storage that simulates most of the commands supported by it with minimal dependencies

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

VS Code "azurite.blobHost" config doesn't seem to work

juliusl opened this issue · comments

commented

Which service(blob, file, queue, table) does this issue concern?

blob

Which version of the Azurite was used?

3.30 (VS Code)

Where do you get Azurite? (npm, DockerHub, NuGet, Visual Studio Code Extension)

VS Code

What's the Node.js version?

What problem was encountered?

Tried setting 'azurite.blobHost' to 'localhost' instead of 127.0.0.1 so that TLS works.

Steps to reproduce the issue?

VS Code Settings

{
    "azurite.cert": "D:\\storage-test\\cert.pfx",
    "azurite.pwd": "<redacted>",
    "azurite.oauth": "basic",
    "azurite.blobHost": "localhost"
}

Logs

2024-05-16T21:06:20.364Z 	 info AccountDataStore:init() Refresh accounts from environment variable AZURITE_ACCOUNTS with value undefined
2024-05-16T21:06:20.364Z 	 info AccountDataStore:init() Fallback to default emulator account devstoreaccount1.
2024-05-16T21:06:20.390Z 	 info BlobGCManager:start() Starting BlobGCManager. Set status to Initializing.
2024-05-16T21:06:20.390Z 	 info BlobGCManager:start() Trigger mark and sweep loop. Set status to Running.
2024-05-16T21:06:20.390Z 	 info BlobGCManager:markSweepLoop() Start next mark and sweep.
2024-05-16T21:06:20.390Z 	 info BlobGCManager:markSweep() Get all extents.
2024-05-16T21:06:20.391Z 	 info BlobGCManager:start() BlobGCManager successfully started.
2024-05-16T21:06:20.391Z 	 info BlobGCManager:markSweep() Got 1 extents.
2024-05-16T21:06:20.391Z 	 info BlobGCManager:markSweep() Get referred extents.
2024-05-16T21:06:20.391Z 	 info BlobGCManager:markSweep() Got referred extents, unreferenced extents count is 0.
2024-05-16T21:06:20.391Z 	 info BlobGCManager:markSweepLoop() Mark and sweep finished, taken 1ms.
2024-05-16T21:06:20.391Z 	 info BlobGCManager:markSweepLoop() Sleep for 600000ms.
2024-05-16T21:06:20.392Z 	 info Azurite Blob service successfully listens on https://127.0.0.1:10000

Error on Client side:

System.AggregateException: 'Retry failed after 6 tries. Retry settings can be adjusted in ClientOptions.Retry or by configuring a custom retry policy in ClientOptions.RetryPolicy. (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.) (The SSL connection could not be established, see inner exception.)'

If possible, please provide the debug log using the -d parameter, replacing <pathtodebuglog> with an appropriate path for your OS, or review the instructions for docker containers:

-d "<pathtodebuglog>"

Please be sure to remove any PII or sensitive information before sharing!
The debug log will log raw request headers and bodies, so that we can replay these against Azurite using REST and create tests to validate resolution.

Have you found a mitigation/solution?

No

commented

@juliusl

In my testing, listen on "localhost" or "127.0.0.1" in blobHost both works when client send request to localhost Uri with https. I would suggest you using the default value "127.0.0.1".

Please note, the cert need be aligned with the client request Uri, so if your client send request to "localhost" Uri with https, please make sure you start Azurite with cert signed for "localhost". (If the request send to "127.0.0.1" Uri with https, the cert need be signed for "127.0.0.1")

commented

@blueww I followed the readme instructions which says to use localhost if you use dotnet tool dev-certs

If you used dotnet dev-certs to generate your self-signed certificate, then you need to use the following connection string, because that only generates a cert for localhost, not 127.0.0.1.

I also followed the readme to configure the cert

PFX

Generate PFX Certificate

You first need to generate a PFX file to use with Azurite.

You can use the following command to generate a PFX file with dotnet dev-certs, which is installed with the .NET Core SDK.

dotnet dev-certs https --trust -ep cert.pfx -p
Storage Explorer does not currently work with certificates produced by dotnet dev-certs. While you can use them for Azurite and Azure SDKs, you won't be able to access the Azurite endpoints with Storage Explorer if you are using the certs created with dotnet dev-certs. We are tracking this issue on GitHub here: microsoft/AzureStorageExplorer#2859

Is the readme no longer accurate?

commented

@juliusl
I have no problem to setup Azurite with the above configuration, and client use the above connection string can connect to Azurite correctly.

Cert gen with:
"dotnet dev-certs https --trust -ep cert.pfx -p "

Connection string: DefaultEndpointsProtocol=https;AccountName=devstoreaccount1;AccountKey=Eby8vdM02xNOcqFlqUwJPLlmEtlCDXJ1OUzFT50uSRZ6IFsuFq2UVErCz4I6tq/K1SZFPTOtr/KBHBeksoGMGw==;BlobEndpoint=https://localhost:10000/devstoreaccount1;QueueEndpoint=https://localhost:10001/devstoreaccount1;

Not sure why you meet the error.
From the error log, it looks client not connected to Azurite. Azurite has never received the client request.

This should not related with blobhost setting (in my testing both "localhost" and default "127.0.0.1" works fine).

Could you please check, if you just start Azurite with no cert (so only support http), can the http request send from client on same machine be received by Azurite? If not, it might be related with some of your client network/proxy setting. Do you run client/Azurite on same machine? Or is there any setting on your machine can block request send to 127.0.0.1:10000 be received?
If http works, it should be the cert issue. Please make sure you generate cert in the correct way: the cert.pfx has root cert in you machine's trusted root; the cert.pfx should for localhost.