如何解决Ubuntu IoT边缘EdgeHub模块失败,并显示错误139拒绝访问路径'/ tmp / edgeHub / edgeHub'
我正在为IoT Edge部署一个正常工作的OPcpublisher模块的生产版本,这意味着我在开发中拥有一个完全正常的解决方案。
但是,当我尝试在生产服务器中部署相同的东西时,edgeHub模块出现了错误。
该服务器是Ubuntu Server 18.04,我使用了官方文档来安装edge:https://docs.microsoft.com/en-us/azure/iot-edge/how-to-install-iot-edge-linux#uninstall-iot-edge
由于对互联网的访问权限非常紧密,现在在安装过程中出现了很多问题,但是所有这些问题都已解决,边缘已成功安装,然后链接到在MS azure IoT中心中运行的OPcpublisher模块。
此时,Linux上的边缘下载了OPcpublisher,edgeAgent和edgeHub的docker映像。 Publihser和代理顺利通过(很久以后,我与docker image repos拥有更多访问权限进行了斗争),但是edgeHub失败,代码为139:
如果我查看中心的日志,他们会说:
Unhandled Exception: System.AggregateException: One or more errors occurred. (Access to the path '/tmp/edgeHub/edgeHub' is denied.) ---> System.UnauthorizedAccessException: Access to the path '/tmp/edgeHub/edgeHub' is denied. ---> System.IO.IOException: Permission denied
--- End of inner exception stack trace ---
at System.IO.FileSystem.CreateDirectory(String fullPath)
at System.IO.Directory.CreateDirectory(String path)
at Microsoft.Azure.Devices.Edge.Hub.Service.DependencyManager.GetStoragePath() in /home/vsts/work/1/s/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Service/DependencyManager.cs:line 282
at Microsoft.Azure.Devices.Edge.Hub.Service.DependencyManager.GetStoreAndForwardConfiguration() in /home/vsts/work/1/s/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Service/DependencyManager.cs:line 245
at Microsoft.Azure.Devices.Edge.Hub.Service.DependencyManager.Register(ContainerBuilder builder) in /home/vsts/work/1/s/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Service/DependencyManager.cs:line 79
at Microsoft.Azure.Devices.Edge.Hub.Service.Startup.BuildContainer(IServiceCollection services) in /home/vsts/work/1/s/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Service/Startup.cs:line 85
at Microsoft.Azure.Devices.Edge.Hub.Service.Startup.ConfigureServices(IServiceCollection services) in /home/vsts/work/1/s/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Service/Startup.cs:line 39
at Microsoft.AspNetCore.Hosting.Internal.WebHost.Ensureapplicationservices()
at Microsoft.AspNetCore.Hosting.Internal.WebHost.Initialize()
at Microsoft.AspNetCore.Hosting.WebHostBuilder.Build()
at Microsoft.Azure.Devices.Edge.Hub.Service.Hosting.Initialize(IConfigurationRoot configuration,X509Certificate2 serverCertificate,IDependencyManager dependencyManager,Boolean clientCertAuthEnabled) in /home/vsts/work/1/s/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Service/Hosting.cs:line 34
at Microsoft.Azure.Devices.Edge.Hub.Service.Program.MainAsync(IConfigurationRoot configuration) in /home/vsts/work/1/s/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Service/Program.cs:line 53
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at Microsoft.Azure.Devices.Edge.Hub.Service.Program.Main() in /home/vsts/work/1/s/edge-hub/src/Microsoft.Azure.Devices.Edge.Hub.Service/Program.cs:line 30
2020-09-15 14:48:09 Starting Edge Hub
2020-09-15 14:48:09.764 +00:00 Edge Hub Main()
<7> 2020-09-15 14:48:10.014 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Edged.WorkloadClient] - Making a Http call to unix:///var/run/iotedge/workload.sock to CreateServerCertificateAsync
<7> 2020-09-15 14:48:10.243 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Uds.HttpUdsMessageHandler] - Connecting socket /var/run/iotedge/workload.sock
<7> 2020-09-15 14:48:10.247 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Uds.HttpUdsMessageHandler] - Connected socket /var/run/iotedge/workload.sock
<7> 2020-09-15 14:48:10.252 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Uds.HttpUdsMessageHandler] - Sending request http://workload.sock/modules/%24edgeHub/genid/637352543162943819/certificate/server?api-version=2019-01-30
<7> 2020-09-15 14:48:10.362 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Uds.HttpUdsMessageHandler] - Response received Created
<7> 2020-09-15 14:48:10.444 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Edged.WorkloadClient] - Received a valid Http response from unix:///var/run/iotedge/workload.sock for CreateServerCertificateAsync
<7> 2020-09-15 14:48:10.717 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Edged.WorkloadClient] - Making a Http call to unix:///var/run/iotedge/workload.sock to TrustBundleAsync
<7> 2020-09-15 14:48:10.726 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Uds.HttpUdsMessageHandler] - Connecting socket /var/run/iotedge/workload.sock
<7> 2020-09-15 14:48:10.726 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Uds.HttpUdsMessageHandler] - Connected socket /var/run/iotedge/workload.sock
<7> 2020-09-15 14:48:10.726 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Uds.HttpUdsMessageHandler] - Sending request http://workload.sock/trust-bundle?api-version=2019-01-30
<7> 2020-09-15 14:48:10.738 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Uds.HttpUdsMessageHandler] - Response received OK
<7> 2020-09-15 14:48:10.741 +00:00 [DBG] [Microsoft.Azure.Devices.Edge.Util.Edged.WorkloadClient] - Received a valid Http response from unix:///var/run/iotedge/workload.sock for TrustBundleAsync
<6> 2020-09-15 14:48:10.750 +00:00 [INF] [EdgeHub] - Installing certificates [CN=iotedged workload ca:12/02/2020 11:35:15],[CN=Test Edge Device CA:12/02/2020 11:35:15],[CN=Test Edge Owner CA:12/02/2020 11:35:15] to Root
<6> 2020-09-15 14:48:10.764 +00:00 [INF] [EdgeHub] - Installing certificates [CN=Test Edge Owner CA:12/02/2020 11:35:15] to Root
我对linux / ubuntu并不十分了解,但是EdgeHub显然没有“开箱即用的写入权限”,这可以解释为什么其他模块会通过。我试图授予组级别对/ tmp /文件夹(chmod g + w / tmp /)的访问权限,但没有帮助。错误(/ tmp / edgeHub / edgeHub)中的实际文件夹不存在,我认为这是因为它只是一个临时安装文件夹或类似的东西,所以我尝试自己制作并授予相同的组级别访问权限,但这也无济于事。
我还尝试了卸载edge并重新安装(认为安装过程中所有以前的问题都会使“麻烦”),但这会导致相同的问题。
查看edgeAgent日志时,它仅表明它一直在尝试启动edgeHub。
我也运行过iotEdge check,但是它没有显示错误(虽然有8条警告)。
***编辑*** 我认为我已将其范围缩小到没有权限写入边缘存储文件夹的码头工人,但到目前为止,我为授予码头工人访问权限的所有尝试都失败了。我可以找到无数的文章,告诉我如果我要创建自己的docker镜像时该怎么做,但是到目前为止,还没有一篇文章告诉我如何处理现有的文件访问。
解决方法
事实证明,MS安装文档并不十分全面。怀疑该问题是edgeHub用户的访问权限。安装说明根本没有提及,而是在IoT边缘实验室中找到的:https://microsoftlearning.github.io/AZ-220-Microsoft-Azure-IoT-Developer/Instructions/Labs/LAB_AK_14-iot-edge-device-in-restricted-network.html
但是该实验室中的命令不起作用(或者至少对我不起作用)
为了简而言之,在IoT Edge安装和配置之后,您必须运行命令
sudo chown -R 1000:1000 [your local storageFolder]
sudo chmod -R 700 [your local storageFolder]
UID 1000 = edgeHub用户和storageFolder可以在您的Azure IoTHub-> Edge模块清单中找到。这将授予edgeHub docker对配置的存储文件夹的必需访问权限,该文件夹将保存所有离线数据。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
