Run ASP.NET Core 3.1 Apps in Docker with HTTPS.

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

so getting your.net core apps up and running with docker is quite straightforward but getting your.net core apps running in docker with https is a little bit more involved so if you want to learn how to do that it's coming up next [Music] well hello wherever you are whenever you are where am i locked down again in melbourne australia and when is it it's july 2020 well i hope wherever i find you and whenever i find you that you're happy safe and well so yes we've been locked down again here in melbourne nonetheless i think it's the right thing to do we need to try and get on top of this thing don't we so hopefully we can all move on with our lives anyway in today's video yesterday we talk about packaging your asp.net core apps in docker but with https being available um not difficult but there's a few steps involved and there's a few little gotchas along the way and so you know hopefully if you come with me now we can go on that journey together and you can get your apps up and running in docker with https so let's get started so welcome to episode five of season three in which we look at how you can package an asp.net core 3.1 app in docker and ensure that you have https available as part of that so let's just go through what you're going to what we're going to cover today so tutorial overview which is what this is what you're watching now uh what i'll take you through what we're going to build by way of a small demo in a second and then i'll go through the ingredients and tooling we'll do a quick docker overview just clarify what images and containers are and a little bit about why we're using docker compose that's fairly brief we then move into the practical part of the tutorial and we'll scaffold scaffold up our api uh we'll package it in docker and we'll attempt to make a https call to it uh you can probably tell there from the three dots that um all will not be well and it won't work oh dear but don't worry we're going to rectify that and we're going to configure it for https we will create a certificate we will use user secrets in combination with our certificate password to read that into kestrel we need to pass over some additional environment variables to our container at runtime and and we'll yes we'll run all that at the docker cli uh using the run command now that's a very lengthy horrible looking cumbersome command line prompt so that's why we then move into the final section and we adopt docker compose to end up running our container in a much simpler easier reusable way and then final thoughts and support our credits so let's take you through just very quickly what you'll end up with today so this is the code you will ultimately end up with now we start off with scaffolding the api as i've said we will introduce a docker file which is here we package this using this docker file we package this app into an image and then if i still have it available we use this horrific command line prompt along with some other config that we have to do to run that up to ensure that we have https available to us i don't know about you but that's not something i want to type in whenever i want to run a container so that's why we then start using docker compose and we basically take this stuff and we put it into a docker compose file which means that we can simply run docker compose up or as you saw there are docker compose build if you want to build the image again and that will run up our container and you'll see it's listening on port 443 and port 80 and if we move over to a web browser which i already have running and we run that you can see that yes we have a https endpoint coming from our docker container and you will see that we are using localhost and the self-signed local host development certificate as part of that just quickly show you the redirect to from should i say from standard http as well that works too believe in the https redirect stuff that i so cheekily removed from my original video so yeah you'll end up with app in docker with https support with a nice self-signed local development certificate all right so let's just go through the ingredients you'll need if you want to follow along today text editor i recommend vs code you can use visual studio as well or any other text editor if you like dot net core sdk we're using version 3.1 today web browser's fine just to test the https features of what we're doing and of course you'll need some instance of docker so if you're a windows 10 pro user or a mac user that will be docker desktop more than likely and if you're a linux user that will be docker i think it's community edition i'll put links below to download now if you're a windows 10 home user and i suspect there's quite a few of you unfortunately you can't install docker desktop on windows 10 home but what you can do is install this thing called wsl which is the windows subsystem for linux and you can then install docker on top of that and there's a very detailed article on the docker website i will link to it below and you can follow that now i've not personally installed docker using wsl i have installed wsl so i have a version of ubuntu running and it was really easy to set up not installed docker though so i'd be interested to see how easy or or not that is i suspect it's pretty straightforward and if you want to make a video on that i'm happy to do that all right so let's just move back to what we're talking about today and let's talk a bit about docker actually just to refresh us on what it is and why are we using it in the first place so docker is a containerization platform and that means you can package or build your applications into something called images and you run those images as containers on any platform that can run docker so lots of uses and one of the main uses is that um it avoids this whole situation where you build code on your own machine and you give it to somebody else to run and it doesn't run because there are missing dependencies and all that kind of stuff if you package something using docker intent image it contains everything it needs to run and so long as you're then using docker or running docker you can take that image and run out use all the time to spin up things that postgres really quickly or sql server even great platform um highly recommended and it's of course used in microservices landscape you run microservices by and large as containers they're self-contained or isolated you can scale them out do all sorts of cool stuff with them so definitely something you should be familiar with so how does it work well we're going to write some app code in this case.net core c sharp code to write an api and then we will introduce a docker file into our project and all the docker file does is tell docker how to package our app into an image so you will then feed or run this docker file through the docker engine performing a build effectively and you will build a docker image that's what you'll end up at the end of this you'll then take that image and then you can run that image as a container and in order to run it as you can see here on screen you'll need as i've already said your os whatever that happens to be with docker running on it and you will run up an image as a container and as i said you can run multiple containers of the same image or different images or whatever it's all good but you in your mind the main thing you need to make a distinction between is an image which in my way of thinking about it is like a template or a blueprint if you're thinking about it in terms of object oriented programming i'd almost think about it like a class and then when you come to running that class you run it as an object or you instantiate it as an object similar concept so dockers are an image a blueprint of your code and then you run it as a container now what we're going to be doing today by way of configuring stuff for https is we're going to be at the point where we run up our image as a container we're going to be passing in some environment variables and we're also going to be configuring some volumes and we will do that at the point which we run up the container now that will get really um not complex but it'll get really long and verbose and it's not something you would type out at your command line every time you wanted to run up a container it will do it once but that's enough so in order to simplify that we're going to use something called docker compose and what that will do is basically simplify what we need to run at the command line in order to spin up multiple containers or even just one container in this instance so we're going to be using docker compose as well and another benefit as i've kind of denoted there docker compose will allow for inter container networking which you don't get out the box out the box containers are isolated by design you want them to be isolated so if they fail they fail and they don't typically they're not able to talk to each other you need to use some other mechanism to get them to to talk to each other there are various ways of doing that docker compose on your desktop is by far the easiest and best way of doing that so you get that networking as well by using docker compose and there will be a docker compose file that we will use as part of that so just quickly some benefits of docker compose it reduces reliance and simplifies the use of the docker cli which you will see allows you to run up multiple containers really quickly and as i said it allows you to provide networking between containers i think with that though let's start building all right so let's start with our build for api we're just going to scaffold up a very simple out-of-the-box web api that you get with the templates that come with.net core so just started visual studio code i'll open up a command line that was control apostrophe and i'll move into my working directory so season three see episode five there shouldn't be anything in there and there's not so let's do a quick.net version just to check that we've got the sdk installed if you don't get that you get an error just google.net core sdk download and follow the instructions for your operating system it's quite straightforward so we then just want to do a net new if you do net new you can see you get a list of all the different templates we can use we are going to use web api which just gives us a web api no surprises there so up key web api we'll give it a name call it weather api with my cursor out of the way and hit enter and that will go away and scaffold this up for us cool so a quick directory listing it's created a folder with all our project collateral in it to open it in code from our command line we type code dash r and then just specify the name of the folder and that will open that up in code for us cool we'll probably get a little pop up here wait for that to happen yes cool so we now have our web api up and running now before we even run any anything what i want to do is just draw your attention i'm going to open up our certificate so in windows type search and you can see it's brought up the managers or certificates plugin and this is kind of like when a magician's on stage and he's showing you there's nothing up his sleeve i'm kind of doing that same thing here what i'm showing you that i don't have which is a bit counter-intuitive is that i don't have a local self-signed certificate for localhost for our development environment i don't have that here so there's nothing in personal certificates and more importantly there's nothing in the trusted root certification authorities don't be fooled there's one called local shop that's something separate that i'm working on but there's nothing for localhost just making sure there's nothing there now the previous video i did i'll put a link up there if you want a bit more of a deep dive discussion in that go and check that out but we're going to be using certificates a bit here as well so we'll cover off as when you need to so before we run this up i just want to draw your attention to the launch settings json file in our project and there's a number of profiles here now depending on how you're running up your application will depend on which one will be used because we're using the.net cli to do a dotnet run this is the profile that will be used and most more importantly what i want to draw your attention to is this application url here and you can see we have two https localhost on port 5001 and there's any colon and then http http on port 5000 okay so that's telling kestrel listen on these two addresses for http and https traffic excellent now the other thing i will draw your attention to before we move on is in our startup class over in our configure method and as it says here this method gets called by the runtime and it's used to configure the request pipeline you will see the use of this https redirection stick a pin in that for the moment but as the name suggests it redirects stuff to https fairly obvious what it does but just bear in mind uh it's there okay now we don't have a self-signed certificate and we're using https redirection we have both of those things in mind and also we're expecting to listen on https so let's see how that manifests also bear in mind we're not even touch docker yet i just want to take you through this step by step so you kind of get how things fit together so let's open up another command line within vs code again control apostrophe correct directory listing we're inside our project now and let's do a net run see what we get and we get a horrible looking error now what this error is by and large is basically saying we're unable to configure https no certificate was specified and the default developer certificate could not be found and that's the certificate i was practicing on about earlier on so we can create one now before we do that though i just want to label the point and show you something so let's take out this end point here the https endpoint let's take it out to control x and then ctrl s to save so we're now only telling kestrel forget https just use http and let's see what we get so we're not created the certificate yet or anything like that upkey.net run and our application runs up fine and you can see it's just listening on localhost so let's do a control uh click to open that up and it's opened on my other screen let me pull that over and you can see here let me just minimize that a little bit there you go um you can see it can't be found because we do need to specify the name of our controller which is weather forecast if we hit enter it brings back that on http and you can see if we click on this it's not secured but we do get the data back now what i want to draw your attention to is here we get this warning okay it's saying failed to determine the https port for redirect and that comes from when we attempted to do the https redirection what we specified here was a http point i need to be really careful i use the right term we requested http plain old http.net core then tried to redirect us to https and that's what that warning is okay so let's do a couple of things let's oh this is still running yes we'll do a control c to kill that and let's go back to launch settings json and this if we do a control z to undo it puts back our https endpoint make sure you save it now if we run that up again it's going to fail let's do that just to get that error message again because in the error message actually tells you how you can resolve it and you can run this.net dev search http trust command so let me just copy it from here i do have to put in the dot net bit as well let me copy that clear that down dot net and then paste the rest of it and so this is the command you need to create a localhost self-signed certificate dotnet dev search https dash trust hit enter you get a warning saying do you want usually want to self sign and trust this certificate yeah we do and we can see it's successfully added now how that manifests if we go back down here and we go back up to our personal certificates and refresh we get a local host self-signed certificate and back in trusted root certificates if we refresh we get localhost as well cool so that's there now we've put back our https endpoint let's do a net run and everything should be wonderful we'll get two end points now 5001 and 5000 for https and http respectively and if we go back over here and refresh it just keep an eye on this port number here you can see that it's gone to http we've successfully done a redirect back to 5001 https and we click on the padlock everything is secure so still not come to docker but we have set everything up https local development certificate on localhost trusted running great so that's all good done with that now let's package this into docker and see what we get all right so the next thing we want to do is come on to creating or dockerizing or containerizing our app using a docker and a docker file now i'm actually just following along this article here the on the docker website that basically tells you how to dockerize an asp.net core application and they even kindly provide for us a docker file that we're going to use now this doesn't go into what we need to do for https but it does give us a good starting point so i'll put the links to that below for your own reference but we're going to cover it here as well so let's just kill a running web server and let's close down these files now the first thing it suggests you do and it's not really mandatory but let's follow that along is create something called the dots docker ignore file and if you've used git before it's very similar to a git ignore file and we just copy over a couple of things that they suggest we do again this just excludes stuff from our image at the end of the day so probably worth doing it makes our image a little bit more lightweight and then we need a docker file so new file docker file and you can see the s code knows it's a docker file it puts little wheel next to it which is rather nice now just before we move on i've actually also installed this docker plug-in for vs code and it basically just allows us to see our images and our running containers and it's really useful i use it a lot so just search for docker in your list of extensions and it's the one by microsoft five million downloads highly recommended cool so we got an empty docker file um and so all i'm going to do actually is i'm just going to copy over the docker file from that article again i'll put the link below and let's let's take a excuse me a bit of a step through what it's doing so save it off first so i have done other videos on this where i'd deep dive i'll put a link up here but by and large all this is doing is building our image it's a multi-stage build though and there's really two main stages this first stage here which is you can see here it's using this dot net core sdk image which is an image that contains everything we need to build and you know develop applications so it's copying that image down and it's using that to basically take our project collateral and build a first part image for stage image and that's basically what these steps here are all doing so you can see it's copying the cs proj file over it's doing a dot net restore to restore dependencies and then it's doing a net publish to kind of create our first image build but we don't want to use that as our runtime image because it's too big too weighty so that's what this next stage is this these three lines here it uses the plainvanillaruntime.net core image again uses a different working directory to do the building and it then just copies what we did up here into a folder called out and that is basically our um image that's ready to be used and then the last thing is this entry point which specifies the name of the assembly or the dll that's to be run using the dot net command now this is the one thing we do need to change in here if we go to the bin folder up here you'll see that not surprisingly our assembly or our dll is going to be called weather api so we just need to update that in here now if you want a bit more of a deeper dive that's all i'm going to go through today check out my other video and i go through this in a lot more detail but that's all you really need to know for today and at the end of this we'll have a docker image so let's just minimize that now i'm just going to clear the screen and we're going to now build our image so docker build i'm going to give it a name and we'll call it a weather api and don't forget what we call the build context which is basically just the current directory now maybe before we do that if we actually do a directory listing just make sure that you're in the same directory as your docker file okay so docker build give it a tag which is basically a name and this is this name is important so i would make this the name the same as the name of our assembly okay and you cannot tag it with capitalization in the docker command line you have to keep it lowercase and don't forget yes to put the build context so if we move over to the extension you should see some things happening now basically docker's now going to run the file through docker and make sure docker is running i've got docker desktop running down here and you can see here it just starts stepping through the steps in the docker file now because i have no images locally on my machine what it's doing is it's finding this first image here and it's basically bringing it down for use to perform the rest of the build steps and what you'll see here over time is these two images will eventually appear the sdk image and the runtime image and also our our image that we are building will appear here so we should end up with three images you may also see some stuff happening in the container section because basically what docker does when it runs through the docker file actually spins up a container to perform the the build actions as well so at the moment it's still just pulling this down and but you may see some activity here like so so the first image is down you can see it's running a container to do the first part of the build and you can even see that it you know has little icons to denote whether it's running or stopped and you can see it's now cleared that one down it's gone now it's used that container for this part the build and it's now pulling down the second container which is the runtime image and you'll see that appear here so yeah we may as well just wait for it to finish and there we go so we've got um our sdk image a runtime image and our weather api image that we have created for ourselves which is good so we'll clear the screen and now what we want to do is basically run up our weather api image now to do that it's docker again at the command line run and we specify the name of the image in this case weather api now for those of you who've maybe done some docker before you may be screaming at the screen right now but just bear with me i do well i sort of know what i'm doing so what you'll see is it's running up and you can see that it's listening on port 80 on all ip addresses and you can see we have a running container up here now the reason i stepped through earlier on the launch settings json file and i went through you know listening on port 5001 and port 5000 and the environments development i just want to draw your attention down here that you see none of that now you did see that when we ran up natively and locally within our you know local environment but when we run it and as a docker image this this is basically bypassed okay so i just wanted to kind of make that clear this stuff is gone now and you can even see that by the fact that our hosting environment is coming up as production but nonetheless it's now supposedly listening on port 80 so let's try and access that pull this over and we go to local host and let's try port 80 and do not forget to put in the controller name whether for cast so localhost just http port 80 weather forecast can't find it so that is to be expected and i did that deliberately because we do have to do one more thing at the docker one command and i wanted to do it this way just to label the point it said it was running on port 80 which it absolutely is but we cannot access that port 80 from our local desktop environment we have to map an external port into that internal port 80. so the way we do that is again back at the run command so docker run and we use this p switch and then we can give it anything we like as an external port i'm going to use 8080 and then whatever the internal port we want to map to is try that again so this looks exactly the same but if we go back here and we try port 8080 [Applause] we get our results back fantastic but again we're still just using http nothing about https that's not being configured now where is https where's it gone why isn't it working well that's what we're going to basically take care of next now actually just before we move on it's probably worth taking a quick look at what's happening in docker so we actually have as you've seen already we've got our images and our weather api image but we now have two running containers now you can probably guess where they came from they came from the first time we did our first docker run without any port mappings and then the second one with port mappings all right now you can see certainly on windows anyway as far as i'm aware when you do a control c it doesn't actually kill the running containers um you have to do that manually yourself so within this plug-in you can just simply right click and do a stop which we can do here or at the command line you can do docker ps and that will uh ps maybe it's not a ps there we go there's no dash dash so you can see the running containers here so now we have two containers but we only have one running container this one here so to stop it at the command line docker stop and then just use the container id here paste that in keep your eye on what's happening up here and it will stop it now if you want to restart the same container it would be docker start we can just paste that id in and what that will do is it will restart the same container okay if you do a let's just stop that again if you do another docker run it will spin up another container if you do it using the syntax i've used and then control c it keeps it running docker ps to see the running container and you can see it's obviously got a different id so docker stop so again just just a few commands for you and just the distinction between running and starting they are slightly different now the other thing i just wanted to take you through it would be entirely reasonable and for those of you that maybe know a little bit about https to suggest well okay we've mapped we've done a port mapping of a random external port to port 80 what would happen if we just extend that and map another port say 8081 this time to port 443 and for those of you again who knows about https 443 is the standard https port that's a very reasonable thing and in fact we actually end up doing this a bit later on but we have to do some other stuff to get https working so again you can see here it's run up okay it's fine um but it's still only listening on port 80 and of course it's spun up another running container and we could try browsing let's just do it just for uh just for completeness 881 and we'll put https in here so https to our our local port let's just make this a bit smaller so you can see that it's we're trying to hit this one here on https it doesn't find it which is not surprising so now we're going to come on to rectifying that okay so i'm just going to ctrl c that i'm going to stop this and i'm also just going to get rid of all those containers we don't really need them just now so yes we're moving on to actually enabling https within our container so we need to do a few things first thing we need to do is create a new certificate it's basically just a development certificate for localhost but we need a separate one that we read in to our container and there's a specific requirement around it which we'll cover we need to read in the password for that certificate so we need to create a user secret for that and then finally we'll run this up uh our command not finally second last thing we'll do is run this up our command line using a whole load of command line expressions and then finally we'll move on to moving that into docker compose which i think is a nicer solution so i'm going to bring up another command line because it's a bit bigger for you and you can see what's going on here and we're just going to yeah generate a certificate here so it's very similar to what you've already seen we're just going to use the dot net dev sets command https ep flag which is export path now as i'm using powershell i'm going to access my user profile environment variable this way env user pro and doing a tab will uh fill that out now big thank you i can't remember what your name was but someday my last video pointed out you can do that tab completion which is excellent thank you so much for that and then we just want to specify the path to where we're going to export this certificate to now you can i suppose put it anywhere but the standard convention will be asp.net backslash https backslash and then you give it the name of your certificate in this case we're going to call it actually we're going to call it weather api.pfx then we give that password uh pa obviously give it anything you like now this is going to be the name of our certificate and i have made it the same if i get up uh docker file i've made it exactly the same uh capitalization as our assembly name okay because that will come back later on so i suggest you do the same thing if you want an easy life so let's hit enter now you can see here it says a valid https certificate is already present that's because we've already got a local host certificate that i showed you earlier on this is just basically our same the same copy of it and almost not exported but recreated with a new uh file name or a file name we've exported as a file and to see where that is let's just go into here and so actually before we do that i'll just show you what my user profile will be let's just see users of the letters j now if you are using windows command prompt i think it's something like uh and it's just user profile surrounded by percentage signs and i have put a link below to an article that microsoft have actually written it actually takes us through this process i'm sort of following it loosely but not in its entirety and if you check that out if you're using linux or mac you'll have the command line that you'll need to run there as well but yeah just to check out where that is if we go over here to c drive users that's j asp.net https we just have this pfx file named as as we've named it with a password that protects it cool so that's basically our password that's what our certificate created all that we need to do now is actually trust it now again we probably don't need to do this on this occasion but let's just do it anyway so.net dev search https trust and it will just say yeah we've already trusting the https development certificate was requested a confirmation prompt will be displayed if the certificate was not previously trusted in this case it has been and we get the same message so we didn't really need to do that just doing it for completeness just in case you didn't have a local development certificate in your certificate store all right so that's all good so now we can move on we need to basically read in the certificate into a docker container but we need to be able to pass it through the password that we've used to protect it and the way we do that is with user secrets so what are user secrets user secrets are something that you will use within your development environment i will stress that for development environments and basically all user secrets are are a way to store or squirrel away sensitive bits of information that you use within your development environment so things like database passwords or in our case password to a certificate so when we set up user secrets we'll do that now they eventually they're stored in just plain old json file as key value pairs now they're not encrypted or anything like that but they are stored away under your user profile on your file system so only you can get access to them as a developer unless you give somebody else your login password which again i don't recommend you do that um so for development environment only you can access them via your file system uh you know profile so we'll set those up now um before we do anything on our command line we need to move back to our project and move into our project file or cs proj file now the only thing we need to do here is actually create a couple of tags within the property group called user secret secrets id okay so let me just copy that over so we have a pair of tags and do not forget to terminate otherwise you'll get a an error so use our secrets pluralized capital u capital s capital i and all you need to do in between these two tags is just provide a unique id and that's just used when we eventually a secret json file will be created you get one for each project so we just need a unique id to put it in a unique folder you'll see how that looks in a second so i just use a little plugin extension for vs code called insert good if you want to see what that looks like over here yeah insert good i only ever use it for user secrets but it saves a couple of seconds of time so just place your cursor in between the two tags hit f1 if you have this installed type insert good click it and it just provides you with some randomly generated goods it's cool i'm just going to also prefix it with uh season 0 season 03 episode 05 again you don't need to do this this just needs to be unique i'm just doing that so it makes a bit more readable for me when well you'll see in a minute what what benefit that gives you save that off and that's all you need to do by way of user secrets within our um or application all right so next thing we need to do is over our command line we need to create a user secret now in order to do that you need to actually be in the project directory so i'm just going to change change into my d drive oh my goodness uh season 3 episode 5 uh weather forecast it's really cold today uh and my fingers are freezing up my excuse all right so we're in our uh project directory and here's our weather api cs proj file so you need to be in that directory for this to work and we just use the dotnet user secrets command [Applause] with set flag and then we just set the key and the value in this case we want to set up a password for our certificate now you can do this in a number of ways and the way i would have typically done it in the past was just to give the name something like say our password and when i was talking about you know that's the only um programming about coding we need to do over here if i was using this method to set up a user secret for our certificate password we would have to do more coding over in our application to actually find that key and load it in but there is a bit of a shortcut where you don't actually need to do any further coding here which is really nice and the way that works is by actually giving the key value a specific path and if you give it a specific path then the way it's read in by the dot net core uh configuration api means that it knows in this case kestrel knows exactly what that value is for so it saves you having to do any coding which is a really nice feature now there's a whole topic area on its own how you configure kestrel i've put a link to a really good article by microsoft below if you want to read a bit more about the ways you can configure kestrel i'm going to use this method because it's actually really really nice and saves a lot of time so the key is castrol let me make sure i get this correct colon certificates i'm just making sure i'm typing this correctly development and then you can probably guess the last one password so again using this kind of i guess unique pathway key definition that will then just automatically be loaded into kestrel without having to do any specific config work in in your code and it all works well it works fine so password make sure you get the right password so let me just look at this.net user secrets set kestrel certificates development password okay cool so key value in this case the key is a kind of a longer string that specifies exactly what it is we're passing in and we don't need to do any further coding so hit enter that's just going to work anyway unless you've set something else up wrong um it's just a very simple process and the way or where that's stored as we go back to our c drive into users under your specific user profile under app data under roaming under microsoft and then under user secrets so again only you can get access to this now you can see here i've got a few projects the reason i tagged this particular one is so i can identify it without having to refer back to the project file and you can see we have a secret.json file let me just open that up and a very very simple json file uh key value pair as we've already stated cool so that's our user secrets set up hopefully that made sense now all we need to do is actually run this up at our command line passing in quite a few command line parameters that will take in our certificate we'll take in our password and a few other bits and pieces as well but we're almost there all right now just before we move on actually we do need to rebuild our image because we've added this user secret uh it's not yet included in our image and it will be required for by our image to understand and you'll see this in a bit where the user secrets file is located so let's just come back over to our images i'm just going to just be paranoid i'm just going to delete remove this image you don't have to do this absolutely do not have to do it but i just want to double make sure that we build a new image and it includes our user secrets as part of that so net.net keep doing that docker build and we just tag it a weather api and don't forget the build context and because we've already got our base images here it should just be really really quick and it should just build our uh yeah builds our weather api really quickly and it's updated a few seconds ago so cool so that's a really important step and it actually caught me out um because i kind of did things making this video i kind of jump about making it and if you do things in the wrong order and you don't have the user secrets in the image then when you come to doing what we're going to do now it doesn't work so glad i remembered that all right so that's all good now we can move on to doing the second to last part which is running up our new our container sorry running up our image as a container with https now before we do that i just want to take you through what we're going to do we'll do a docker run and we're going to specify port mapping you've seen this before obviously now we did try this before just on the off chance that it may or may not that it may be worked and of course it didn't now it's relying on the next parameters or environment variables that we're going to pass over in order for that to work now the first environment variable we're going to pass over is this asp.net core urls and we're specifying that we want to listen on https as well as http they're just stepping back we come back over to one settings json as i said you know when we ran this stuff locally this profile was used it's been completely bypassed when you package in docker but you can probably see there'll be some similarities between what we requested to happen in here compared to what we're actually doing now at our command line when we run up our container so let's go back to that so just wanted to make that point so yes docker run port mapping what urls we want to listen on we're going to pass over the https port that we want to listen on now the only thing you need to make sure is that this port matches the external port mapping we're also going to specify that we want it to be a development environment not production as you've maybe seen before because we are working specifically within a development environment today we then want to map to volumes volume in docker is just a physical mapping through from a container to somewhere on your local hard disk you know file system so first volume is to our user secrets now again um you will see that nowhere in here do we specify that long guide or unique id that is contained within our application and it needs to then and we have to rebuild our image in order for it to be in there otherwise this step would fail and it wouldn't find our user secrets for a password which of course is critical and then the second volume we need is to pass in the actual certificate that we had created which would work in this instance and then finally we specify the name of our image all right so i'm going to come back over to this large command prompt here let's just clear the screen it's a bit bigger for you now we don't need to specifically be in any directory we can be anywhere because we have access to the docker image by by virtue of the fact that it's in docker okay it's just available to docker and if we run a docker run command it just knows that we have that image locally available to us so we don't need to be in our project directory all right now i hope you don't mind but i am going to copy across the command line argument so i'll do it stage by stage and um yeah rather than watch me typing it which i'm sure you didn't want to see me do so i will do the docker run component that's fine and then i'll copy over the other bits and pieces which you've already just seen from the powerpoint so first thing is port mapping next one is the urls we want to listen on the next one is the https port now again just make sure that the these match eight that's unfortunate it's rolled onto the next line but 8081 matches whatever you put here and it doesn't really matter what you put there by much as long as it's not being used by something else then we want to specify the environment and that's just development and then finally we want to come on and specify our volumes now i am using powershell here so oh okay i also didn't copy that over or i copied the wrong thing over there we go watching me paste it in is painful uh yeah what i was saying is because i'm using powershell i'm using this uh variable to get to my app data area if you just have a look at what that is end uh app data let's just see user's letter j app data roaming and then microsoft user secrets which you've seen before now the article that i've put in the description below has all the different command line arguments you would supply for os x or linux or even windows command prompt okay and then the last volume we want to pass over is our path to our certificate and then finally weather api okay which is the name of our image hit enter all things being well it runs up now you can see a few things here you can see it's listening on https port 443 which is looking pretty good we've already seen it's run on port 80 before which is fine and we can see our environment is now development fantastic and if we pop over to uh yes code may take a look at our running containers we should see a running container here and then all we need to do is just pop over here and we did have this from before when we tried to get https working magically within our container of course it didn't if we hit enter now it should work fantastic so we are now using https within a docker container and it's using localhost certificate okay that we've read in all right so that says done at the command line now i don't know about you but i wouldn't want to be typing every time i was wanting to run up container running https so the final section of today's video we're going to move all that into a docker compose file all right so in this last section we're going to now move that horrible lengthy command line into a docker compose file so within our project just click anywhere new file and docker dash compose dash ammo and uh dot yaml okay and you can see again docker knows it's our compose file it puts a little pink whale next to it which is nice now in this instance we've got our docker compose file actually in our project fine nothing wrong with it makes sense in this context because we've just got one project but given the nature of docker compose it's usually working with multiple containers multiple projects so you usually lift your file docker compose file to you know up one level of your directory structure it makes more logical sense in my mind so it can then you know reference those other projects of course you can put it anywhere and just reference the projects from within your file but logically speaking i think it makes more sense to do that but for today it's fine we're just putting it with everything else now docker compose basically yeah it specifies uh what we call services now the closest approximation to service is really just a container so it basically looks for either an image or a docker file and then using that image or docker file it will spin up a service which is basically a running container easiest way to think about it so it's a yaml file not my favorite thing nonetheless that's what we're stuck with so you have to specify a version uh version and you put that in single quotes i think typically so we'll just specify version three i i've not done the research i don't think it makes too much difference what you put in there to be really honest but anyway maybe it's a bit of homework for you and then as i said we just specify a number of services that we want and you will give them an aim obviously so this is where you have to indent you know tab or white space i think works well and you can call it anything you like but i'm just going to call it weather api makes sense keep it consistent and that will end up being the name of our service okay and then again in this case we are going to specify the build path now what i mean by build path is where can we find the docker file to build our image you can do that or you can just specify the name of your image if you don't want to have docker compose rebuild or anything like that if you're just using a more static image but i do want to pass it our docker file and you'll see why in a second so we're doing it that way we specify a build path and in this case don't forget the colon it's just a period just to see the build path is here docker file is in the same place all right and then we want to specify some ports now again this is really just mirroring um the kind of stuff that we have up here we're basically lifting this config out of here and we're basically putting it into compose and then we can save that file off and then run that file in a much simpler easier way so to specify some ports we come onto new line and dash in yaml is sort of denoting an array so the first one we want to specify is 8080 being mapped to port 80. the next one we want to specify is 8081 being that to port 443 and that's us then want to set up some environment variables virulence make sure we spell it correctly and you can do this another number of ways you can use the array notation i personally prefer to do it this other way but you copy the let's just copy the whole thing actually and paste it in here and then we take out the equal sign and do it like that okay i think that looks nicer especially because vs code kind of color codes it for you next one is our port now obviously you don't have to specify the e flag that's just for docker command line you've got this environment tag up here that does the same job for us in this context cool and we do actually have to put that in quotes though all right and then the final one from our environment variable perspective is just saying uh and we'll copy that over as such as well and um yeah let's put it in quotes as well all right and then the last thing you can probably guess is volumes okay now i'm actually going to copy that over here and again we're going to use the array notation now this looks a little bit different the way we specify is using this dollar sign and then curly brackets and then the environment variable so this will actually work in this case for both uh powershell type variables and command line variables so it's really just using this bit here or this bit here in which in case for both powershell and command line it's exactly the same and the same for user profile okay so again should be familiar to you just slightly different syntax we'll save that off all good now what we can do then is we can use docker compose to run our container in a secure way or using https in a much more simple way so if we come back over here let's just bring this up and we'll see what it looks like when we use docker compose so you just do docker dash compose up and then just dash that we'll just do a rebuild of the image and it's basically going to find a dockerfile and rebuild the image it does work okay cool fantastic it appears to work anyway so yes you can see here it looks slightly different because docker compose um can be working with multiple containers it will give it this automatic you know prefix color coded so you'll have you'll see multiple uh containers running it looks quite nice so um yeah running on 443 running on 80 that all looks good we've got a running container up here you can see it has built this other image down here because we specified it as a build building our command line so we come back over here though should be exactly the same result and indeed it is if you hit control c in docker compose it will actually stop the container which is quite nice you that doesn't happen with the command line certainly in windows when you're just running it using the docker command line and if you want to just run it up rather than having to build it you just do docker compose up and it will rerun the same container you're not getting duplicates all works nicely now i actually thought actually yes one one last point one last point that's important here um for docker compose and that's why i was saying i'm wondering is it will it work it will work because we've got it configured correctly what is important if you come back to our docker file we specified this is the entry point and also when you look at the dll itself um within the bin folder that's actually where we got this name from it is capital w capital a capital p capital i now if we come back over to our certificate that we created users as j asp.net https you've got to make sure when you're running this in docker compose anyway you've got to make sure that the capitalization is exactly the same so you can see that's all working it's all cool if we change this to a lowercase w same certificate no difference is this running or is it not running it's not running and we do docker compose up which you've seen had worked perfectly well before we'll get an error and it'll be that same error that you've seen before which is basically saying we can't find the certificate it's case sensitive so just be aware of that it doesn't appear to be case sensitive when you run it using the docker command line using the lengthy command line syntax from within compose it seems to be it seems to really pay attention to to this here so just be aware of that and it's just for completeness run it back up again it's all working well well that's it for yet another video parting is such sweet sorrow but if nothing else i hope you enjoyed today's video and that you can use it going forward in your own stuff now if you liked the video maybe think about giving it a like if you've not done so already maybe think about subscribing but if you don't want to do any of that stuff that's okay so until the next time stay safe stay well and to my wonderful patreon supporters your names are coming up now [Music] [Music] [Music] [Music] you

Info

Channel: Les Jackson

Views: 35,043

Rating: 5 out of 5

Keywords: dotnet playbook, .net, .net core, 3.1, c#, https, kestrel, docker, docker compose, les jackson, step by step, tutorial

Id: lcaDDxJv260

Channel Id: undefined

Length: 61min 33sec (3693 seconds)

Published: Mon Aug 03 2020