Azure IoT Edge

Topics about the Software of Revolution Pi
Post Reply
cmor
Posts: 1
Joined: 09 Feb 2021, 19:19
Answers: 0

Azure IoT Edge

Post by cmor »

Hello,

I have tried to install the Azure IoT Edge Runtime on my RevPi Connect+.
Using these instructions: https://docs.microsoft.com/de-de/azure/ ... l-iot-edge

When I check the kernel modules I get the following result:

info: reading kernel config from /proc/config.gz ...

Generally Necessary:
- cgroup hierarchy: properly mounted [/sys/fs/cgroup]
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled (as module)
- CONFIG_BRIDGE: enabled (as module)
- CONFIG_BRIDGE_NETFILTER: enabled (as module)
- CONFIG_IP_NF_FILTER: enabled (as module)
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module)
- CONFIG_IP_NF_NAT: enabled (as module)
- CONFIG_NF_NAT: enabled (as module)
- CONFIG_POSIX_MQUEUE: enabled
- CONFIG_NF_NAT_IPV4: enabled (as module)
- CONFIG_NF_NAT_NEEDED: enabled

Optional Features:
- CONFIG_USER_NS: enabled
- CONFIG_SECCOMP: enabled
- CONFIG_CGROUP_PIDS: enabled
- CONFIG_MEMCG_SWAP: missing
- CONFIG_MEMCG_SWAP_ENABLED: missing
- CONFIG_IOSCHED_CFQ: enabled
- CONFIG_CFQ_GROUP_IOSCHED: enabled
- CONFIG_BLK_CGROUP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: missing
- CONFIG_CGROUP_HUGETLB: missing
- CONFIG_NET_CLS_CGROUP: enabled (as module)
- CONFIG_CGROUP_NET_PRIO: missing
- CONFIG_CFS_BANDWIDTH: missing
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_RT_GROUP_SCHED: missing
- CONFIG_IP_NF_TARGET_REDIRECT: enabled (as module)
- CONFIG_IP_VS: enabled (as module)
- CONFIG_IP_VS_NFCT: enabled
- CONFIG_IP_VS_PROTO_TCP: enabled
- CONFIG_IP_VS_PROTO_UDP: enabled
- CONFIG_IP_VS_RR: enabled (as module)
- CONFIG_EXT4_FS: enabled
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Network Drivers:
- "overlay":
- CONFIG_VXLAN: enabled (as module)
- CONFIG_BRIDGE_VLAN_FILTERING: missing
Optional (for encrypted networks):
- CONFIG_CRYPTO: enabled
- CONFIG_CRYPTO_AEAD: enabled (as module)
- CONFIG_CRYPTO_GCM: enabled (as module)
- CONFIG_CRYPTO_SEQIV: enabled (as module)
- CONFIG_CRYPTO_GHASH: enabled (as module)
- CONFIG_XFRM: enabled
- CONFIG_XFRM_USER: enabled
- CONFIG_XFRM_ALGO: enabled
- CONFIG_INET_ESP: enabled (as module)
- CONFIG_INET_XFRM_MODE_TRANSPORT: enabled (as module)
- "ipvlan":
- CONFIG_IPVLAN: enabled (as module)
- "macvlan":
- CONFIG_MACVLAN: enabled (as module)
- CONFIG_DUMMY: enabled (as module)
- "ftp,tftp client in container":
- CONFIG_NF_NAT_FTP: enabled (as module)
- CONFIG_NF_CONNTRACK_FTP: enabled (as module)
- CONFIG_NF_NAT_TFTP: enabled (as module)
- CONFIG_NF_CONNTRACK_TFTP: enabled (as module)
- Storage Drivers:
- "aufs":
- CONFIG_AUFS_FS: missing
- "btrfs":
- CONFIG_BTRFS_FS: enabled (as module)
- CONFIG_BTRFS_FS_POSIX_ACL: enabled
- "devicemapper":
- CONFIG_BLK_DEV_DM: enabled (as module)
- CONFIG_DM_THIN_PROVISIONING: enabled (as module)
- "overlay":
- CONFIG_OVERLAY_FS: enabled (as module)
- "zfs":
- /dev/zfs: missing
- zfs command: missing
- zpool command: missing

Limits:
- /proc/sys/kernel/keys/root_maxkeys: 1000000

When checking if iot edge is running I get the following error:

× container engine is installed and functional - Error
Could not communicate with container engine at unix:///var/run/docker.sock.
Please check your moby-engine installation and ensure the service is running.

Can this be related to a missing kernel module?
e.g. with CONFIG_BRIDGE_VLAN_FILTERING: missing ???

Maybe someone can give me a hint here.

Thanks a lot!
Best Answerby crismancich » 09 Dec 2021, 06:38
Hi,

we're currently replicating the issue.

The topic geebinge pointed out is correct.

See if you need IoT EdgeHub listen on port 443. (check here https://docs.microsoft.com/de-de/azure/ ... tion-rules)
By default Apache2 (Webserver for RevPi’s Admin Interface via HTTPS) is listening on 443. You can to deactivate it or change the port.

Deactivation:

Edit ports.conf

Code: Select all

sudo nano /etc/apache2/ports.conf
Comment out the parts for port 443 like this

Code: Select all

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 80

#<IfModule ssl_module>
#       Listen 443
#</IfModule>
#
#<IfModule mod_gnutls.c>
#       Listen 443
#</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Save by typing CTRL + x

Restart the apache web server to apply the changed conf file:

Code: Select all

sudo systemctl restart apache2
Go to full post
dpfeil
Posts: 6
Joined: 13 Apr 2021, 13:32
Answers: 0

Re: Azure IoT Edge

Post by dpfeil »

Hello,

I have the same problem. Does anybody has a solution for this?

BR Daniel
gur
Posts: 1
Joined: 10 Jun 2021, 14:25
Answers: 0

Re: Azure IoT Edge

Post by gur »

Were you able to solve this problem? Does Microsoft Azure IoT Runtime works now?
geebinge
Posts: 1
Joined: 17 Jun 2021, 09:47
Answers: 0

Re: Azure IoT Edge

Post by geebinge »

I not sure how this is now but in the past, the problem was, that a Revolution PI has preinstalled an Apache who is listening on 443. But we use 443 for the communication of our internal services like $edgeHub. Based on this the OS von Kunbus is not compatible with IoT Edge. You can buy the same HW from Cloudrail. In that case, the HW comes from Kunbus and the OS comes from Cloudrail. This OS is compatible. But you can stop Apache, and I think then it will work.

Depending also, what kind of HW you use, you maybe must free also some space. Attached, what I have installed and what kind of services are running on the RevPI.
BTW: the "iot-ssh-client.service" is devices streams. You maybe not needed.
Attachments
RevPI.zip
apt list and services list
(11.44 KiB) Downloaded 250 times
Daniel RFAG
Posts: 6
Joined: 08 Oct 2021, 12:18
Answers: 0

Re: Azure IoT Edge

Post by Daniel RFAG »

In case someone finds this and has the same problem: I made a more detailed description of how I managed to install Azure IoT Edge and provision my device using the built-in TPM of my Revolution Pi Flat with Azure DPS here.
User avatar
crismancich
KUNBUS
Posts: 39
Joined: 05 Jan 2021, 11:25
Answers: 1
Location: Hamburg
Contact:

Re: Azure IoT Edge

Post by crismancich »

Hi,

we're currently replicating the issue.

The topic geebinge pointed out is correct.

See if you need IoT EdgeHub listen on port 443. (check here https://docs.microsoft.com/de-de/azure/ ... tion-rules)
By default Apache2 (Webserver for RevPi’s Admin Interface via HTTPS) is listening on 443. You can to deactivate it or change the port.

Deactivation:

Edit ports.conf

Code: Select all

sudo nano /etc/apache2/ports.conf
Comment out the parts for port 443 like this

Code: Select all

# If you just change the port or add more ports here, you will likely also
# have to change the VirtualHost statement in
# /etc/apache2/sites-enabled/000-default.conf

Listen 80

#<IfModule ssl_module>
#       Listen 443
#</IfModule>
#
#<IfModule mod_gnutls.c>
#       Listen 443
#</IfModule>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Save by typing CTRL + x

Restart the apache web server to apply the changed conf file:

Code: Select all

sudo systemctl restart apache2
Viele Grüße / Kind regards / Quapla’ / 此致敬意
Boris Crismancich
Post Reply