IIS Cold Start / State Issues After 10 Minutes
I'm having "cold start/state" issues with my IIS (& ASP.NET Core API). After around 10 minutes of idleness, if I make a request to my IIS, I get issue "curl: (6) Could not resolve host: curl. curl: (56) Recv failure: Connection was reset" OR on Fiddler "HTTP/1.1 504 Fiddler - Receive Failure". After making that request, if I make more requests, it works fine. It's just the first request that doesn't work.
I have tried everything I have found: StartMode to AlwaysRunning, doAppInitAfterRestart (preload) with a non authenticated controller/endpoint, setting application pool idle timeout to 0 (and process suspended instead of terminated), disabling application pool recycling (set to 0)
Extra context in case it helps:
- I am using BasicAuthentication (configured in code) - https://raw.githubusercontent.com/cornflourblue/aspnet-core-basic-authentication-api/master/Helpers/BasicAuthenticationHandler.cs
- I am using Entity Framework Core & SQL Server (injected into the controller from the endpoint I am calling)
- I am using IIS on Win Server 2022. Jenkins for CI/CD. Don't use linux because I have unit tests with Selenium/Chrome automations, which I want to be able to see in action. Don't use Kestrel since I have found it really hard to integrate with Jenkins (for start/stop), and since I like hosting my Angular app in the same "context/program"
Since using IIS I have had nothing but headaches. I have worked with Python/Flask, Gunicorn, Jenkins and its been a breeze, but I really wanted to make .NET work for my startup, so I've pushed on and on through headache and headache. I cannot for the life of me sort this last issue out.
Any help would be incredibly appreciated
41 Replies
IIS is bad
the problem is likely that it's shutting the site down after not receiving requests for a while
you can configure it to not do that, i don't remember how off the top of my head
i think all i ever had to do was set it to always running, so idk :PepeHmmm:
if you don't have a reason to use IIS i just wouldn't, you can run ASP.NET Core apps standalone (as a windows service if you want a nicer interface for jenkins to start/stop with)
besides that, are you seeing anything in the app logs that would indicate another problem?
is that a good idea? like just execute the .exe generated by
dotnet publish
? im sure i can code that into my jenkins pipeline using powershell commands, but it seems like a bad practice for production maybe?
my main worry would be the handling of worker processes and many requests at a time etc
also, being able to access the API from outside the server. can that be done with standalone?kestrel is a production web server
yes, it's no different than running it through IIS
checked HTTPERR logs (C:\Windows\System32\LogFiles\HTTPERR\httperr1.log) and nothing there
checked IIS logs (C:\inetpub\logs\LogFiles\W3SVC1\u_ex240319.log) and nothing there
checked event log, nothing there
what about your app logs?
hmm, let me check again, but i don't think i saw anything there
thing is, its also nice to run the angular app at the same time as the .net core api
you can host static files from an ASP.NET Core application or use a reverse proxy in front of both
my jenkins is configured to restart everything if my git commit contains "$$", and i love this method of shipping production code fast, it works perfect for me. the issue is, if I add too many steps to my jenkins pipeline, it ends up taking way longer, which is why having API + Angular both in IIS makes it convenient
YARP is the built-in reverse proxy module (but need to be configured though).
this seems a little odd to me, do you not have a production branch that just CI/CDs every change?
No, I'm not entirely sure what common practices are best for CI/CD, but this is a super small app and only I am working on it, therefore every change goes to master.
Here is my current pipeline:
i work on lots of apps myself too and they all have multiple branches 😛
I recall having tonnes of issues trying Kestrel + Jenkins. How would you guys approach it with the above pipeline in mind ?
it depends how you were trying to do it before
if you set up a service to run the app you can use that to stop, deploy files, then restart
You still didn't verify why the first response is slow (and timed out). If your web app can live peacefully with IIS code start, then no much else to pursue.
also that
i'm running ASP.NET Core apps in-process in IIS and don't see anything like what you're describing
That's what I tried to figure out
I am happy with IIS, I just can't for the life of me figure it out. I tried absolutely every config I found on the internet
Hmm, that's so weird. Could it be due to basic authentication perhaps?
504 is a gateway timeout which suggests the site just isn't running when you make those requests
Maybe IIS is pinging my app to keep it alive, but its doing it without basic auth and getting rejected?
that's not how that works
if it's set to always running it just shouldn't stop
and an incorrectly authenticated request is still a request 😛
you aren't running auth through IIS itself are you? it's part of your actual app?
Blindly trying settings won't do any good. A performance profiler to learn what your app is doing during housewarming is more important.
exactly, https://raw.githubusercontent.com/cornflourblue/aspnet-core-basic-authentication-api/master/Helpers/BasicAuthenticationHandler.cs
i agree fully, but i had to go trial and error mode since IIS is so poorly documented
can you elaborate on perfromance profiler? which one should I download?
That's rather an interesting statement, as I believe it is over documented in certain ways, and I am working with IIS Docs to delete unnecessary ones.
i'm gonna try to recreate the app pool, maybe the config got corrupted
perhaps over documented, but i believe its not easy to follow through as a begginer
Personally I am more used to WinDbg + application level logging. You might evaluate some other tools, MiniProfiler or another, as most work for ASP.NET Core.
i like .net and the windows ecosystem, but i believe it should be more plug and play than it is, especially hosting stuff on windows servers
"stuff" is too generic to be plug and play
The learning curve, though, is steep. Most web developers don't understand the actual IIS/ASP.NET/ASP.NET Core processing pipelines, so when something is slow they jump to settings that can be totally irrelevant.
the thing is, i don't think the average web developer needs to know about processing pipelines
the average web developer isn't deploying applications
that's devops/sysadmin territory
that information is irrelevant to him, he wants to ship and build stuff. especially at a startup level. we want efficiency not more configuration
In most previous cases I know, developers put too many things into the initialization and force their web apps to start slow, which isn't necessary. They should delay something to a later time, and make the web app start fast.
But of course, that becomes a design challenge, not easy for beginners either.
i personally wouldn't choose windows just because you want to see your UI tests run
unless you're debugging them you aren't looking at them anyway, and if you are you can do that locally
i'm using IIS at work because legacy™️, if i had a choice i'd be deploying on a linux server with some flavor of containerization
it was necessary to choose windows
for this project
other than wanting to see the tests run?
yeah, because i am hosting other apps on the servers that i need and that are reliant on windows
and also, being able to see the tests run is a massive bonus since i am always launching them and they need to be perfect. i like to step into the chrome dev tools at certain points etc
i get that but why does that affect your production server?
1) Use IIS Basic authentication and let ASP.NET Core module to pass the token to your web app. Any unnecessary third party code can lead to more trouble. 2) Use the profiler to carefully analyze your data layer initialization, and find rooms to speed it up/delay part of it.
Using Basic authentication is a red flag. Modern web apps should be free of such.
i'm gonna try this now, thanks a lot.
i am using basic auth as a very simple/quick way of securing my app against public usage
i know it's not good, but it does the job i'd say, i don't want to overengineer that part
idk, i just like my setup right now
it makes me efficient for the setup i have. i would rather use linux though.
Unknown User•10mo ago
Message Not Public
Sign In & Join Server To View