基于 Azure Stack Hub 的应用服务 2020 Q3 发行说明App Service on Azure Stack Hub 2020 Q3 release notes
这些发行说明介绍了基于 Azure Stack Hub 的 Azure 应用服务 2020 Q3 中的改进和修复,以及任何已知问题。These release notes describe the improvements and fixes in Azure App Service on Azure Stack Hub 2020 Q3 and any known issues. 已知问题分为与部署、更新过程直接相关的问题,以及内部版本(安装后)的问题。Known issues are divided into issues directly related to the deployment, update process, and issues with the build (post-installation).
重要
在部署或更新应用服务资源提供程序 (RP) 之前,如有必要,请将 Azure Stack Hub 更新到支持的版本(或部署最新的 Azure Stack 开发工具包)。Update Azure Stack Hub to a supported version (or deploy the latest Azure Stack Development Kit) if necessary, before deploying or updating the App Service resource provider (RP). 请务必阅读 RP 发行说明,了解新功能、修补程序以及可能影响部署的任何已知问题。Be sure to read the RP release notes to learn about new functionality, fixes, and any known issues that could affect your deployment.
支持的 Azure Stack Hub 版本Supported Azure Stack Hub version | 应用服务 RP 版本App Service RP version |
---|---|
20082008 | 2020.Q3 安装程序(发行说明)2020.Q3 Installer (release notes) |
20052005 | 2020.Q2 安装程序(发行说明)2020.Q2 Installer (release notes) |
20022002 | 2020.Q2 安装程序(发行说明)2020.Q2 Installer (release notes) |
内部版本参考Build reference
基于 Azure Stack Hub 的应用服务 2020 Q3 的内部版本号为 89.0.2.15The App Service on Azure Stack Hub 2020 Q3 build number is 89.0.2.15
先决条件Prerequisites
在开始部署之前,请参阅准备工作文档。Refer to the Before You Get Started documentation before beginning deployment.
开始将基于 Azure Stack 的 Azure 应用服务升级到 2020 Q3 之前,请满足以下先决条件:Before you begin the upgrade of Azure App Service on Azure Stack to 2020 Q3:
确保所有角色在 Azure Stack Hub 管理门户的 Azure应用服务管理中处于“就绪”状态Ensure all roles are Ready in the Azure App Service Administration in the Azure Stack Hub Admin Portal
在 Azure Stack Hub 管理员门户中使用“应用服务管理”来备份应用服务机密Backup App Service Secrets using the App Service Administration in the Azure Stack Hub Admin Portal
备份应用服务和 Master 数据库:Back up the App Service and Master Databases:
- AppService_Hosting;AppService_Hosting;
- AppService_Metering;AppService_Metering;
- MasterMaster
备份租户应用内容文件共享Back up the Tenant App content file share
重要
云操作员负责文件服务器和 SQL Server 的维护和操作。Cloud operators are responsible for the maintenance and operation of the File Server and SQL Server. 资源提供程序不管理这些资源。The resource provider does not manage these resources. 云操作员负责备份应用服务数据库和租户内容文件共享。The cloud operator is responsible for backing up the App Service databases and tenant content file share.
同步发布市场的 自定义脚本扩展 版本 1.9.3Syndicate the Custom Script Extension version 1.9.3 from the Marketplace
更新Updates
基于 Azure Stack 的 Azure 应用服务 Update Q3 包含以下改进和修复:Azure App Service on Azure Stack Update Q3 includes the following improvements and fixes:
针对 应用服务租户、管理员、函数门户和 Kudu 工具 的更新。Updates to App Service Tenant, Admin, Functions portals and Kudu tools. 与 Azure Stack 门户 SDK 版本一致。Consistent with Azure Stack Portal SDK version.
为 Web 应用和函数应用添加了全屏创建体验Addition of Full Screen Create experience for Web and Function Apps
新增了与 Web 应用一致的 Azure Functions 门户体验New Azure Functions Portal Experience to be consistent with Web Apps
将 Azure Functions 运行时更新到 v1.0.13154 。Updates Azure Functions runtime to v1.0.13154.
针对核心服务的更新,用于提高可靠性和错误消息传递,以便更轻松地诊断常见问题。Updates to core service to improve reliability and error messaging enabling easier diagnosis of common issues.
针对以下应用程序框架和工具的更新:Updates to the following application frameworks and tools:
- ASP.NET Core 2.1.22ASP.NET Core 2.1.22
- ASP.NET Core 2.2.14ASP.NET Core 2.2.14
- ASP.NET Core 3.1.8ASP.NET Core 3.1.8
- ASP.NET Core 模块 v2 13.1.19331.0ASP.NET Core Module v2 13.1.19331.0
- Azul OpenJDKAzul OpenJDK
- 8.42.0.238.42.0.23
- 8.44.0.118.44.0.11
- 11.35.1511.35.15
- 11.37.1711.37.17
- Curl 7.55.1Curl 7.55.1
- Git for Windows 2.28.0.1Git for Windows 2.28.0.1
- MSDeploy 3.5.90702.36MSDeploy 3.5.90702.36
- NodeJSNodeJS
- 14.10.114.10.1
- NPMNPM
- 6.14.86.14.8
- PHP 7.4.5PHP 7.4.5
- TomcatTomcat
- 8.5.478.5.47
- 8.5.518.5.51
- 9.0.2739.0.273
- 9.0.319.0.31
- 已将 Kudu 更新到 90.21005.4823Updated Kudu to 90.21005.4823
对所有角色的基础操作系统的更新:Updates to underlying operating system of all roles:
- 适用于基于 x64 的系统的 Windows Server 2016 的 2020-10 累积更新 (KB4580346)2020-10 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4580346)
- 适用于基于 x64 的系统的 Windows Server 2016 的 2020-09 服务堆栈更新 (KB4576750)2020-09 Servicing Stack Update for Windows Server 2016 for x64-based Systems (KB4576750)
- Defender 定义 1.325.755.0Defender Definition 1.325.755.0
Windows Server 的累积更新现在会在部署和升级过程中应用到控制器角色Cumulative Updates for Windows Server are now applied to Controller roles as part of deployment and upgrade
此版本中已修复的问题Issues fixed in this release
租户现在可使用租户门户中“应用服务计划”视图上的“新建”创建应用服务计划Tenants can now create App Service Plan using new on App Service Plan view in tenant portal
租户可在租户门户中管理其应用程序的证书Tenants can manage certificates for their applications in the tenant portal
Functions 监视现在可以从强制执行 TLS 1.2 的存储终结点中检索数据Functions monitoring can now retrieve data from storage endpoints enforcing TLS 1.2
将“等待管理服务器”步骤移出了安装期间的“部署云”步骤,以提高部署和升级的可靠性Moved wait for Management Servers step outside of Deploy Cloud step during installation to improve reliability of deployment and upgrade
在清理逻辑出错后,由于辅助角色运行时日志文件文件夹大小违反了配额限制,导致辅助角色无法完成运行状况检查操作的问题。Issue whereby workers fail to complete the health check exercise due to worker runtime log file folder size violating quota limit after error in clean-up logic. 此更新已修复了清理逻辑。Clean-up logic has been fixed in this update.
更新前步骤Pre-Update steps
查看更新的已知问题,并采取规定的操作。Review the known issues for update and take any action prescribed.
部署后步骤Post-deployment steps
重要
如果已经为应用服务资源提供程序提供 SQL Always On 实例,则必须将 appservice_hosting 和 appservice_metering 数据库添加到可用性组并同步数据库,以免在进行数据库故障转移时丢失服务。If you have provided the App Service resource provider with a SQL Always On Instance you MUST add the appservice_hosting and appservice_metering databases to an availability group and synchronize the databases to prevent any loss of service in the event of a database failover.
已知问题(更新)Known issues (update)
- 在客户已将 appservice_hosting 和 appservice_metering 数据库转换为包含的数据库的情况下,如果未将登录名成功迁移到包含的用户,则升级可能会失败In situations where a customer has converted the appservice_hosting and appservice_metering databases to contained database, upgrade may fail if logins have not been successfully migrated to contained users
如果在部署后客户已将 appservice_hosting 和 appservice_metering 数据库转换为包含的数据库,但尚未将数据库登录名成功迁移到包含的用户,则可能会遇到升级失败的情况。Customers that have converted the appservice_hosting and appservice_metering databases to contained database post deployment, and have not successfully migrated the database logins to contained users, may experience upgrade failures.
在将基于 Azure Stack Hub 的 Azure 应用服务安装升级到 2020 Q3 之前,客户必须对托管 appservice_hosting 和 appservice_metering 的 SQL Server 执行以下脚本。Customers must execute the following script against the SQL Server hosting appservice_hosting and appservice_metering before upgrading your Azure App Service on Azure Stack Hub installation to 2020 Q3. 此脚本是非破坏性的,不会导致停机。This script is non-destructive and will not cause downtime.
必须在满足以下条件的情况下运行此脚本This script must be run under the following conditions
此脚本由具有系统管理员权限的用户(例如 SQL SA 帐户)运行;By a user that has the system administrator privilege, for example the SQL SA Account;
如果使用 SQL Always On,请确保从包含了以下格式的所有应用服务登录名的 SQL 实例中运行该脚本:If using SQL Always on, ensure the script is run from the SQL instance that contains all App Service logins in the form:
- appservice_hosting_FileServerappservice_hosting_FileServer
- appservice_hosting_HostingAdminappservice_hosting_HostingAdmin
- appservice_hosting_LoadBalancerappservice_hosting_LoadBalancer
- appservice_hosting_Operationsappservice_hosting_Operations
- appservice_hosting_Publisherappservice_hosting_Publisher
- appservice_hosting_SecurePublisherappservice_hosting_SecurePublisher
- appservice_hosting_WebWorkerManagerappservice_hosting_WebWorkerManager
- appservice_metering_Commonappservice_metering_Common
- appservice_metering_Operationsappservice_metering_Operations
- 所有 WebWorker 登录名,其格式为 WebWorker_
All WebWorker logins - which are in the form WebWorker_
USE appservice_hosting
IF EXISTS(SELECT * FROM sys.databases WHERE Name=DB_NAME() AND containment = 1)
BEGIN
DECLARE @username sysname ;
DECLARE user_cursor CURSOR
FOR
SELECT dp.name
FROM sys.database_principals AS dp
JOIN sys.server_principals AS sp
ON dp.sid = sp.sid
WHERE dp.authentication_type = 1 AND dp.name NOT IN ('dbo','sys','guest','INFORMATION_SCHEMA');
OPEN user_cursor
FETCH NEXT FROM user_cursor INTO @username
WHILE @@FETCH_STATUS = 0
BEGIN
EXECUTE sp_migrate_user_to_contained
@username = @username,
@rename = N'copy_login_name',
@disablelogin = N'do_not_disable_login';
FETCH NEXT FROM user_cursor INTO @username
END
CLOSE user_cursor ;
DEALLOCATE user_cursor ;
END
GO
USE appservice_metering
IF EXISTS(SELECT * FROM sys.databases WHERE Name=DB_NAME() AND containment = 1)
BEGIN
DECLARE @username sysname ;
DECLARE user_cursor CURSOR
FOR
SELECT dp.name
FROM sys.database_principals AS dp
JOIN sys.server_principals AS sp
ON dp.sid = sp.sid
WHERE dp.authentication_type = 1 AND dp.name NOT IN ('dbo','sys','guest','INFORMATION_SCHEMA');
OPEN user_cursor
FETCH NEXT FROM user_cursor INTO @username
WHILE @@FETCH_STATUS = 0
BEGIN
EXECUTE sp_migrate_user_to_contained
@username = @username,
@rename = N'copy_login_name',
@disablelogin = N'do_not_disable_login';
FETCH NEXT FROM user_cursor INTO @username
END
CLOSE user_cursor ;
DEALLOCATE user_cursor ;
END
GO
已知问题(安装后)Known issues (post-installation)
如 Azure Stack 上的 Azure 应用服务部署文档中所述,当应用服务部署在现有虚拟网络中并且文件服务器仅在专用网络上可用时,工作人员将无法访问文件服务器。Workers are unable to reach file server when App Service is deployed in an existing virtual network and the file server is only available on the private network, as called out in the Azure App Service on Azure Stack deployment documentation.
如果选择部署到现有虚拟网络和内部 IP 地址以连接到文件服务器,则必须添加出站安全规则,以便在工作子网和文件服务器之间启用 SMB 流量。If you chose to deploy into an existing virtual network and an internal IP address to connect to your file server, you must add an outbound security rule, enabling SMB traffic between the worker subnet and the file server. 转到管理门户中的 WorkersNsg 并添加具有以下属性的出站安全规则:Go to the WorkersNsg in the Admin Portal and add an outbound security rule with the following properties:
- 源:任意Source: Any
- 源端口范围:*Source port range: *
- 目标:IP 地址Destination: IP Addresses
- 目标 IP 地址范围:文件服务器的 IP 范围Destination IP address range: Range of IPs for your file server
- 目标端口范围:445Destination port range: 445
- 协议:TCPProtocol: TCP
- 操作:允许Action: Allow
- 优先级:700Priority: 700
- 姓名:Outbound_Allow_SMB445Name: Outbound_Allow_SMB445
云管理员在操作基于 Azure Stack 的 Azure 应用服务时的已知问题Known issues for Cloud Admins operating Azure App Service on Azure Stack
- 自定义域在离线环境中不受支持Custom domains are not supported in disconnected environments
应用服务针对公共 DNS 终结点执行域所有权验证,因此,在离线场景下不支持自定义域。App Service performs domain ownership verification against public DNS endpoints, as a result custom domains are not supported in disconnected scenarios.
后续步骤Next steps
- 有关 Azure 应用服务的概述,请参阅基于 Azure Stack 的 Azure 应用服务概述。For an overview of Azure App Service, see Azure App Service on Azure Stack overview.
- 若要详细了解如何完成基于 Azure Stack 的应用服务的部署准备,请参阅基于 Azure Stack 的应用服务的准备工作。For more information about how to prepare to deploy App Service on Azure Stack, see Before you get started with App Service on Azure Stack.