首页 \ 问答 \ 使用实体框架C＃限制与数据库的连接(Limit Connections to Database with Entity Framework C#)

使用实体框架C＃限制与数据库的连接(Limit Connections to Database with Entity Framework C#)

 我有一个Azure数据库，限制为60个并发连接。 我的问题是我有几个爬虫填充这个数据库，供我们的网站使用Entity Framework使用。  
 多个爬虫不需要很长时间就可以耗尽所有连接并排除错误。 我已尝试在连接字符串中设置最大池大小值，但这似乎不会对实际数据库连接强制实施任何限制。  
 我可以将DbContext包装成单例，但是我会将整个爬虫限制为单个连接。  
 有没有其他方法可以实现这一目标？ 

I have an Azure database that is limited to 60 concurrent connections. My issue is that I have several crawlers that populate this database to be consumed by our website using Entity Framework.  
It does not take long for multiple crawlers to exhaust all of the connections and error out. I have tried setting the max pool size value in the connection string, but this does not seem to enforce any restrictions on the actual database connections.  
I could wrap the DbContext in a singleton, but then I would be limiting the entire crawler to a single connection.  
Are there any other ways to achieve this?

原文：https://stackoverflow.com/questions/38745658

更新时间：2023-08-08 22:08

最满意答案

 安全警告  
 ServiceControl没有内置的安全层，因此如果您将API URL暴露给Internet，那么任何可以连接到端口33333的人都可以访问ServiceControl中存储的所有消息。这就是默认情况下它仅限于localhost的原因。  
 我不能强调它不应该在生产系统上完成  
 对于Azure，更安全的方法是使用点到站点VPN连接之类的东西。 （请参阅： https ： //msdn.microsoft.com/en-us/library/azure/jj156206.aspx ）但这可能需要进行一些重新配置。  
 如果您仍然希望以不安全的方式公开URL，那么您将如何处理它：  
 1.将App.config中的主机名设置为通配符：  
 <add key="ServiceControl/HostName" value="*" />  
 2.更新URLACL以响应通配符。  
 您可以通过在cmd提示符下发出以下命令来查看URLACL设置：  
netsh http show urlacl 
 
 如果您有端口http：// localhost：33333 / api /或http://serviceins.cloudapp.net:33333/api/的现有设置，请使用以下命令将其删除：  
netsh http delete urlacl URL=http://localhost:33333/api/
netsh http delete urlacl URL=http://serviceins.cloudapp.net:33333/api/
 
 添加通配符URLACL  
netsh http add urlacl URL=http://*:33333/api/ User=Users
 
 通过show命令检查它，它应该有这样的条目  
Reserved URL            : http://*:33333/api/
User: BUILTIN\Users
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;BU)
 
 3. Windows防火墙  
 将入站规则添加到Windows防火墙。 默认情况下，端口33333将被阻止传入连接。 您可以使用以下命令通过Admin Powershell执行此操作（我假设您的VM是Win2012）  
New-NetFirewallRule -Name ServiceControl -Direction Inbound -Protocol TCP -LocalPort 33333  -Action Allow -Enabled True
 
 4.添加Azure端点  
 您还需要打开Azure端点连接以允许连接到端口33333.这实际上是另一个防火墙。 而不是记录下来，我会在这里向您推荐微软自己的doco： http ： //azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/  
 作为端点配置的一部分，您可以通过限制允许连接到端口的IP范围来添加一些安全性。 这只有在你拥有静态IP时才有用。 

Security Warning 
ServiceControl has no built in security layer so if you exposing the API URL to the Internet then all of the messages stored in ServiceControl will be accessible by anyone who can connect to port 33333. This is why it's restricted to localhost by default. 
I can't stress enough that it should not be done on a production system 
For Azure a more secure method would be to use something like a point to site VPN connection. (See: https://msdn.microsoft.com/en-us/library/azure/jj156206.aspx) but this may require a bit of reconfiguration.  
If you are still keen to expose the URL in an insecure way here is how you would go about it:  
1. Set the hostname in the App.config to a wildcard: 
<add key="ServiceControl/HostName" value="*" /> 
2. Update the URLACL to respond to the wildcard. 
You can view the URLACL settings by issuing this command at cmd prompt: 
netsh http show urlacl 
 
If you have an existing setting for port http://localhost:33333/api/ or http://serviceins.cloudapp.net:33333/api/ remove them using: 
netsh http delete urlacl URL=http://localhost:33333/api/
netsh http delete urlacl URL=http://serviceins.cloudapp.net:33333/api/
 
Add the wildcard URLACL 
netsh http add urlacl URL=http://*:33333/api/ User=Users
 
Check it via the show command and it should have an entry like this 
Reserved URL            : http://*:33333/api/
User: BUILTIN\Users
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;BU)
 
3. Windows Firewall 
Add an inbound rule to the Windows Firewall. By default the port 33333 will be blocked for incoming connections. You can do this via an Admin Powershell using the following command (I'm assuming you're VM is Win2012) 
New-NetFirewallRule -Name ServiceControl -Direction Inbound -Protocol TCP -LocalPort 33333  -Action Allow -Enabled True
 
4. Add an Azure Endpoint 
You'll also need to open up an Azure Endpoint connection to allow connection to port 33333. This is essentially another firewall. Rather than document this I'll refer you to Microsoft's own doco here: http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/ 
As part of the endpoint configuration you can add some security by limiting the IP range that is allowed to connect to the port. This is really only useful if you've got a static IP.

使用实体框架C＃限制与数据库的连接(Limit Connections to Database with Entity Framework C#)

最满意答案

安全警告

1.将App.config中的主机名设置为通配符：

2.更新URLACL以响应通配符。

3. Windows防火墙

4.添加Azure端点

Security Warning

1. Set the hostname in the App.config to a wildcard:

2. Update the URLACL to respond to the wildcard.

3. Windows Firewall

4. Add an Azure Endpoint

相关问答

无法连接到Azure VM上存储在Nexus 3 Preview上的Docker注册表(Trouble connecting to Docker registry stored on Nexus 3 Preview on Azure VM)[2023-09-30]

当从Azure网站连接VM角色中的DB时，“证书链由不信任的权限颁发”(“The certificate chain was issued by an authority that is not trusted” when connecting DB in VM Role from Azure website)[2022-03-15]

无法连接到Azure上的Linux VM(Cant connect to Linux VM on Azure)[2022-06-19]

无法在Azure VM上以RDP连接(Can't connect in RDP on an Azure VM)[2022-01-16]

如何RDP连接到Azure VM(How to RDP connect to an Azure VM)[2023-12-20]

无法通过PowerShell在Azure VM连接中建立SSL连接错误(SSL Connection cannot be established error in Azure VM Connection via powershell)[2022-08-12]

在不同区域连接Azure VM和HDInsight群集有什么问题(What are the problems in connecting Azure VM and HDInsight Cluster in different regions)[2022-08-11]

在连接的Azure虚拟网络上的VM之间进行通信(Communicate between VMs on connected Azure Virtual Networks)[2022-04-04]

ServiceInsight Azure连接到VM(ServiceInsight Azure Connecting to VM)[2023-10-22]

从Azure VM打开活动FTP连接(Open Active FTP Connection From Azure VM)[2023-06-12]

相关文章

最新问答