search

Azure-Samples / iot-edge-for-iiot

Learn how to use a hierarchy of Azure IoT Edge devices in a manufacturing environment to extract data from industrial assets and upload it to the Cloud while meeting the strict requirements of the Purdue network model.
MIT License
48 stars 49 forks source link

edgeAgent failing with demo setup on L4-edge #2

Closed katriendg closed 3 years ago

katriendg commented 3 years ago

Ran the install.sh script and all resources were created correctly, including edge devices and their deployments in my IoT Hub. Level 5 Edge has the right modules running (iotedgeApiProxy and dockerContainerRegistry), however notice L4 and L3 report no runtime response. Checking the logs for L4, I have the snippet below (can send more details), but wonder if there is anything known that I could update to get the TLS auth working to the higher level Edge?

[...]

<6> 2020-12-10 14:47:16.261 +00:00 [INF] - Edge agent attempting to connect to IoT Hub via Amqp_Tcp_Only... <6> 2020-12-10 14:47:16.295 +00:00 [INF] - Edge agent attempting to connect to IoT Hub via Amqp_WebSocket_Only... <4> 2020-12-10 14:47:16.309 +00:00 [WRN] - Error creating a device-to-cloud connection System.AggregateException: One or more errors occurred. (TLS authentication error.) (TLS authentication error.) ---> System.Security.Authentication.AuthenticationException: TLS authentication error. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. at System.Net.Security.SslStream.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, ExceptionDispatchInfo exception) at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslStream.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest) .... [...] Thanks, Katrien
emmanuel-bv commented 3 years ago

Hi Katrien, Thanks for reporting this issue. It was due to a race condition between the script that installs the certificates and the script that configures the IoT Edge runtime. In some cases, the script that installs the IoT Edge runtime was starting before the end of the script that install the certificates and leading to the error that you experienced. This is now fixed with today's commit (on top of now using ACR instead of MCR so that you can customize the deployments including with modules that are not from MCR). Thanks, Emmanuel