microsoft/dotnet-aspire-dashboard
dotnet/aspire-dashboard
Official images for the .NET Aspire Dashboard
9.0
docker pull mcr.microsoft.com/dotnet/aspire-dashboard:9.0
This image contains the .NET Aspire Dashboard.
Watch discussions for Docker-related .NET announcements.
The .NET Aspire Dashboard is a browser-based app to view run-time information about your distributed application.
The dashboard shows:
The dashboard must be configured when it is started. The configuration is done via environment variables. The following environment variables are supported:
ASPNETCORE_URLS
specifies one or more HTTP endpoints through which the dashboard frontend is served. The frontend endpoint is used to view the dashboard in a browser. Defaults to http://localhost:18888
.DOTNET_DASHBOARD_OTLP_ENDPOINT_URL
specifies the OTLP/gRPC endpoint. This endpoint hosts an OTLP service and receives telemetry using gRPC. When the dashboard is launched by the .NET Aspire app host this address is secured with HTTPS. Securing the dashboard with HTTPS is recommended. Defaults to http://localhost:18889
.DOTNET_DASHBOARD_OTLP_HTTP_ENDPOINT_URL
specifies the OTLP/HTTP endpoint. This endpoint hosts an OTLP service and receives telemetry using Protobuf over HTTP. Defaults to http://localhost:18890
.DOTNET_DASHBOARD_UNSECURED_ALLOW_ANONYMOUS
specifies the dashboard doesn't use authentication and accepts anonymous access. This setting is a shortcut to configuring Dashboard:Frontend:AuthMode
and Dashboard:Otlp:AuthMode
to Unsecured
.DOTNET_DASHBOARD_CONFIG_FILE_PATH
specifies the path for an optional JSON configuration file.The dashboard's frontend supports OpenID Connect (OIDC). Set Dashboard__Frontend__AuthMode
to OpenIdConnect
, then add the following configuration:
Authentication__Schemes__OpenIdConnect__Authority
— URL to the identity provider (IdP)Authentication__Schemes__OpenIdConnect__ClientId
— Identity of the relying party (RP)Authentication__Schemes__OpenIdConnect__ClientSecret
— A secret that only the real RP would knowOpenIdConnectOptions
specified in configuration container Authentication__Schemes__OpenIdConnect__*
It may also be run unsecured. Set Dashboard__Frontend__AuthMode
to Unsecured
. The frontend endpoint will allow anonymous access. This setting is used during local development, but is not recommended if you attempt to host the dashboard in other settings.
The OTLP endpoint can be secured with client certificate or API key authentication.
For client certification authentication, set Dashboard__Otlp__AuthMode
to Certificate
.
For API key authentication, set Dashboard__Otlp__AuthMode
to ApiKey
, then add the following configuration:
Dashboard__Otlp__PrimaryApiKey
specifies the primary API key. (required, string)Dashboard__Otlp__SecondaryApiKey
specifies the secondary API key. (optional, string)It may also be run unsecured. Set Dashboard__Otlp__AuthMode
to Unsecured
. The OTLP endpoint will allow anonymous access. This setting is used during local development, but is not recommended if you attempt to host the dashboard in other settings.
Dashboard__ResourceServiceClient__Url
specifies the gRPC endpoint to which the dashboard connects for its data. There's no default. If this variable is unspecified, the dashboard shows OTEL data but no resource list or console logs.The resource service client supports certificates. Set Dashboard__ResourceServiceClient__AuthMode
to Certificate
, then add the following configuration:
Dashboard__ResourceServiceClient__ClientCertificate__Source
(required) one of:
File
to load the cert from a file path, configured with:
Dashboard__ResourceServiceClient__ClientCertificate__FilePath
(required, string)Dashboard__ResourceServiceClient__ClientCertificate__Password
(optional, string)KeyStore
to load the cert from a key store, configured with:
Dashboard__ResourceServiceClient__ClientCertificate__Subject
(required, string)Dashboard__ResourceServiceClient__ClientCertificate__Store
(optional, StoreName
, defaults to My
)Dashboard__ResourceServiceClient__ClientCertificate__Location
(optional, StoreLocation
, defaults to CurrentUser
)To opt-out of authentication, set Dashboard__ResourceServiceClient__AuthMode
to Unsecured
. This completely disables all security for the resource service client. This setting is used during local development, but is not recommended if you attempt to host the dashboard in other settings.
Telemetry is stored in-memory. To avoid excessive memory usage, the dashboard has limits on the count and size of stored telemetry. When a count limit is reached, new telemetry is added, and the oldest telemetry is removed. When a size limit is reached, data is truncated to the limit.
Dashboard__TelemetryLimits__MaxLogCount
specifies the maximum number of log entries. Defaults to 10,000.Dashboard__TelemetryLimits__MaxTraceCount
specifies the maximum number of traces. Defaults to 10,000.Dashboard__TelemetryLimits__MaxMetricsCount
specifies the maximum number of metric data points. Defaults to 50,000.Dashboard__TelemetryLimits__MaxAttributeCount
specifies the maximum number of attributes on telemetry. Defaults to 128.Dashboard__TelemetryLimits__MaxAttributeLength
specifies the maximum length of attributes. Defaults to unlimited.Dashboard__TelemetryLimits__MaxSpanEventCount
specifies the maximum number of events on span attributes. Defaults to unlimited.Limits are per-resource. For example, a MaxLogCount
value of 10,000 configures the dashboard to store up to 10,000 log entries per-resource.
Dashboard__ApplicationName
specifies the application name to be displayed in the UI. This applies only when no resource service URL is specified. When a resource service exists, the service specifies the application name..NET:
.NET Framework:
View the current tags at the Microsoft Artifact Registry portal or on GitHub.
.NET container images are regularly monitored for the presence of CVEs. A given image will be rebuilt to pick up fixes for a CVE when:
Please refer to the Security Policy and Container Vulnerability Workflow for more detail about what to do when a CVE is encountered in a .NET image.
docker pull mcr.microsoft.com/dotnet/aspire-dashboard