We are getting warnings in our production logs for .Net Core Web API services that are running in Kubernetes.
Storing keys in a directory '{path}' that may not be persisted outside of the container. Protected data will be unavailable when container is destroyed.","@l":"Warning","path":"/root/.aspnet/DataProtection-Keys",SourceContext:"Microsoft.AspNetCore.DataProtection.Repositories.FileSystemXmlRepository"
We do not explicitly call services.AddDataProtection() in StartUp, but it seems that we are getting the warnings for services that are using .Net Core 3.1 and .Net 5.(not for .Net Core 2.1) ,that also have in StartUp
services.AddAuthentication Or
services.AddMvc()
(May be there are other conditions that I am missing).
I am not able to identify exactly, where it's called but locally I can see related DLLs that are loaded before the access to DataProtection-Keys from XmlKeyManager
Loaded 'C:\Program Files\dotnet\shared\Microsoft.NETCore.App\3.1.19\Microsoft.Win32.Registry.dll'.
Loaded 'C:\Program Files\dotnet\shared\Microsoft.NETCore.App\3.1.19\System.Xml.XDocument.dll'.
Loaded 'C:\Program Files\dotnet\shared\Microsoft.NETCore.App\3.1.19\System.Private.Xml.Linq.dll'.
Loaded 'C:\Program Files\dotnet\shared\Microsoft.NETCore.App\3.1.19\System.Private.Xml.dll'.
Loaded 'C:\Program Files\dotnet\shared\Microsoft.NETCore.App\3.1.19\System.Resources.ResourceManager.dll'.
Microsoft.AspNetCore.DataProtection.KeyManagement.XmlKeyManager:
Using 'C:\Users\..\AppData\Local\ASP.NET\DataProtection-Keys' as key repository and Windows DPAPI to encrypt keys at rest.
Is it safe to ignore such warnings, considering that we do not use DataProtection explicitly, do not use authentication encryption for long periods and during testing we haven't seen any issues?
Or the error means that if different pods will be involved for the same client, authentication may fail and it will be better to do something that is suggested in https://stackoverflow.com/questions/61452280/how-to-store-data-protection-keys-outside-of-the-docker-container?
After analysis how our applications are using protected data(authentication cookies, CSRF tokens etc) our team decided , that “Protected data will be unavailable when container is destroyed." is just a warning and would have no customer impact, so we ignore it.
But YMMV.