search

Azure / iot-edge-v1

Azure IoT Edge
http://azure.github.io/iot-edge/
Other
525 stars 257 forks source link

edgeHub cannot start - error:2006D080:BIO routines:BIO_new_file:no such file #632

Closed mitkodev closed 5 years ago

mitkodev commented 6 years ago

I think there is a discrepancy between the edgeHub and edgeAgen at the moment. When I install the iotedgectl on a linux machine, the edgeAgent is still from a preview image, while when I check the create options in the Azure portal, the image for the edgeAgent is the official one ( no preview in the name). It seems that the edgeHub image and the edgeAgent image are from different repositories also:

$ docker images | grep edge
mcr.microsoft.com/azureiotedge-hub            1.0                     1654224a8468        13 hours ago        160MB
microsoft/azureiotedge-hub                    1.0-preview             a7595473cc2a        3 months ago        289MB
microsoft/azureiotedge-hub                    <none>                  42f176e6d2b5        3 months ago        291MB
microsoft/azureiotedge-hub                    <none>                  42fcd643a160        4 months ago        289MB
microsoft/azureiotedge-agent                  1.0-preview             3631f6a85575        4 months ago        272MB

The result is that, when the edgeHub tries to start, I'm getting this error:

[2018-06-27 13:46:50 : Starting Edge Hub
[06/27/2018 01:46:50.260 PM] Edge Hub Main()

Unhandled Exception: System.AggregateException: One or more errors occurred. (error:2006D080:BIO routines:BIO_new_file:no such file) ---> Interop+Crypto+OpenSslCryptographicException: error:2006D080:BIO routines:BIO_new_file:no such file
   at Interop.Crypto.CheckValidOpenSslHandle(SafeHandle handle)
   at Internal.Cryptography.Pal.CertificatePal.FromFile(String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
   at Microsoft.Azure.Devices.Edge.Util.CertificateHelper.GetServerCertificatesFromFile(String certPath, String certName) in /opt/vsts/work/1/s/edge-util/src/Microsoft.Azure.Devices.Edge.Util/CertificateHelper.cs:line 213
   at Microsoft.Azure.Devices.Edge.Hub.Service.Program.MainAsync(IConfigurationRoot configuration) in /opt/vsts/work/1/s/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Service/Program.cs:line 65
   --- End of inner exception stack trace ---
   at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
   at Microsoft.Azure.Devices.Edge.Hub.Service.Program.Main() in /opt/vsts/work/1/s/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Service/Program.cs:line 31

I'm working on a Ubuntu 16.04, reinstalled the runtime and all dependencies and still get this issue. Tried the same thing on several devices.

dmitriyHavrilovich commented 6 years ago

Same issue on ubuntu 18.04 and 16.04

varunpuranik commented 6 years ago

Azure IoT Edge is now GA So, what you are running into - is the EdgeHub is from the GA bits (version 1.0), while the EdgeAgent is still using the preview bits (1.0-preview) - which is not a compatible deployment option. So what I suggest you do, is go through these steps to deploy the 1.0 bits of the Edge runtime - https://docs.microsoft.com/en-us/azure/iot-edge/quickstart-linux

If you wish to continue to run the preview bits for the time being, you can do so by manually changing the EdgeHub version when deploying to microsoft/azureiotedge-hub:1.0-preview. Then that will work with the preview version of the EdgeAgent.

varunpuranik commented 6 years ago

In case you want to use the 1.0 bits with iotedgectl, then you will have to set a couple of environment variables that are not being set anymore. To do that, set the following in the EdgeHub CreateOptions during the deployment - {\"HostConfig\":{\"PortBindings\":{\"8883/tcp\":[{\"HostPort\":\"8883\"}],\"443/tcp\":[{\"HostPort\":\"443\"}],\"5671/tcp\":[{\"HostPort\":\"5671\"}]}},\"Env\":[\"SSL_CERTIFICATE_PATH=/mnt/edgehub\",\"SSL_CERTIFICATE_NAME=edge-hub-server.cert.pfx\"]}

This will set environment variables for the path that the EdgeHub should use. In case you have provided your own certificate (Gateway scenario), then use that certificate name instead.

We are fixing the Edge runtime so that this should not be needed, but that will not be available till the next release. So this is a workaround till then. Note: This workaround is not needed for 1.0-preview bits.

damonbarry commented 5 years ago

The workaround @varunpuranik mentioned above should no longer be needed because of commit Azure/iotedge@cc7e142. Closing.