iotedge: IoT Edge Runtime 1.4.2 check error on container time and when trying to reach iot hub

Expected Behavior

sudo iotedge check should not fail

Current Behavior

When running sudo iotedge checkwe get this:

Configuration checks (aziot-identity-service)
---------------------------------------------
√ keyd configuration is well-formed - OK
√ certd configuration is well-formed - OK
√ tpmd configuration is well-formed - OK
√ identityd configuration is well-formed - OK
‼ daemon configurations up-to-date with config.toml - Warning
    /etc/aziot/config.toml was modified after keyd's config
    You must run 'aziotctl config apply' to update keyd's config with the latest config.toml
√ identityd config toml file specifies a valid hostname - OK
√ aziot-identity-service package is up-to-date - OK
√ host time is close to reference time - OK
√ preloaded certificates are valid - OK
√ keyd is running - OK
√ certd is running - OK
√ identityd is running - OK
√ read all preloaded certificates from the Certificates Service - OK
√ read all preloaded key pairs from the Keys Service - OK
√ check all EST server URLs utilize HTTPS - OK
√ ensure all preloaded certificates match preloaded private keys with the same ID - OK

Connectivity checks (aziot-identity-service)
--------------------------------------------
√ host can connect to and perform TLS handshake with iothub AMQP port - OK
√ host can connect to and perform TLS handshake with iothub HTTPS / WebSockets port - OK
√ host can connect to and perform TLS handshake with iothub MQTT port - OK

Configuration checks
--------------------
√ aziot-edged configuration is well-formed - OK
‼ configuration up-to-date with config.toml - Warning
    /etc/aziot/config.toml was modified after edged's config
    You must run 'iotedge config apply' to update edged's config with the latest config.toml
√ container engine is installed and functional - OK
× configuration has correct URIs for daemon mgmt endpoint - Error
√ aziot-edge package is up-to-date - OK
× container time is close to host time - Error
    Could not query local time inside container
√ DNS server - OK
√ production readiness: logs policy - OK
√ production readiness: Edge Agent's storage directory is persisted on the host filesystem - OK
× production readiness: Edge Hub's storage directory is persisted on the host filesystem - Error
    Could not check current state of edgeHub container
√ Agent image is valid and can be pulled from upstream - OK
√ proxy settings are consistent in aziot-edged, aziot-identityd, moby daemon and config.toml - OK

Connectivity checks
-------------------
× container on the default network can connect to upstream AMQP port - Error
    Container on the default network could not connect to iothub.azure-devices.net:5671
× container on the default network can connect to upstream HTTPS / WebSockets port - Error
    Container on the default network could not connect to iothub.azure-devices.net:443
× container on the IoT Edge module network can connect to upstream AMQP port - Error
    Container on the azure-iot-edge network could not connect to iothub.azure-devices.net:5671
× container on the IoT Edge module network can connect to upstream HTTPS / WebSockets port - Error
    Container on the azure-iot-edge network could not connect to iothub.azure-devices.net:443
26 check(s) succeeded.
2 check(s) raised warnings. Re-run with --verbose for more details.
7 check(s) raised errors. Re-run with --verbose for more details.
2 check(s) were skipped due to errors from other checks. Re-run with --verbose for more details.

Context (Environment)

Device Information

  • Host OS: Raspbery Pi OS, Buster, debian 10
  • Architecture: ARM32
  • Container OS: -

Runtime Versions

  • aziot-edged [run iotedge version]: iotedge 1.4.2
  • Edge Agent [image tag (e.g. 1.0.0)]: 1.4.2
  • Edge Hub [image tag (e.g. 1.0.0)]: -
  • Docker/Moby [run docker version]: 3.0.13+azure

Logs

aziot-edged logs 

okt 10 13:38:31 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:38:31Z [INFO] - Started Edge runtime module edgeAgent
okt 10 13:39:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:39:30Z [INFO] - Watchdog checking Edge runtime status
okt 10 13:39:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:39:30Z [INFO] - Edge runtime status is failed, starting module now...
okt 10 13:39:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:39:30Z [INFO] - Starting module edgeAgent...
okt 10 13:39:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:39:30Z [INFO] - Starting new listener for module edgeAgent
okt 10 13:39:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:39:30Z [INFO] - Starting workload API...
okt 10 13:39:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:39:30Z [INFO] - Workload API stopped
okt 10 13:39:31 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:39:31Z [INFO] - Started Edge runtime module edgeAgent
okt 10 13:40:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:40:30Z [INFO] - Watchdog checking Edge runtime status
okt 10 13:40:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:40:30Z [INFO] - Edge runtime status is failed, starting module now...
okt 10 13:40:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:40:30Z [INFO] - Starting module edgeAgent...
okt 10 13:40:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:40:30Z [INFO] - Starting new listener for module edgeAgent
okt 10 13:40:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:40:30Z [INFO] - Starting workload API...
okt 10 13:40:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:40:30Z [INFO] - Workload API stopped
okt 10 13:40:31 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:40:31Z [INFO] - Started Edge runtime module edgeAgent
okt 10 13:41:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:41:30Z [INFO] - Watchdog checking Edge runtime status
okt 10 13:41:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:41:30Z [INFO] - Edge runtime status is failed, starting module now...
okt 10 13:41:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:41:30Z [INFO] - Starting module edgeAgent...
okt 10 13:41:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:41:30Z [INFO] - Starting new listener for module edgeAgent
okt 10 13:41:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:41:30Z [INFO] - Starting workload API...
okt 10 13:41:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:41:30Z [INFO] - Workload API stopped
okt 10 13:41:31 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:41:31Z [INFO] - Started Edge runtime module edgeAgent
okt 10 13:42:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:42:30Z [INFO] - Watchdog checking Edge runtime status
okt 10 13:42:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:42:30Z [INFO] - Edge runtime status is failed, starting module now...
okt 10 13:42:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:42:30Z [INFO] - Starting module edgeAgent...
okt 10 13:42:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:42:30Z [INFO] - Starting new listener for module edgeAgent
okt 10 13:42:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:42:30Z [INFO] - Workload API stopped
okt 10 13:42:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:42:30Z [INFO] - Starting workload API...
okt 10 13:42:31 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:42:31Z [INFO] - Started Edge runtime module edgeAgent
okt 10 13:43:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:43:30Z [INFO] - Watchdog checking Edge runtime status
okt 10 13:43:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:43:30Z [INFO] - Edge runtime status is failed, starting module now...
okt 10 13:43:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:43:30Z [INFO] - Starting module edgeAgent...
okt 10 13:43:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:43:30Z [INFO] - Starting new listener for module edgeAgent
okt 10 13:43:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:43:30Z [INFO] - Starting workload API...
okt 10 13:43:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:43:30Z [INFO] - Workload API stopped
okt 10 13:43:31 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:43:31Z [INFO] - Started Edge runtime module edgeAgent
okt 10 13:44:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:44:30Z [INFO] - Watchdog checking Edge runtime status
okt 10 13:44:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:44:30Z [INFO] - Edge runtime status is failed, starting module now...
okt 10 13:44:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:44:30Z [INFO] - Starting module edgeAgent...
okt 10 13:44:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:44:30Z [INFO] - Starting new listener for module edgeAgent
okt 10 13:44:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:44:30Z [INFO] - Starting workload API...
okt 10 13:44:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:44:30Z [INFO] - Workload API stopped
okt 10 13:44:31 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:44:31Z [INFO] - Started Edge runtime module edgeAgent
okt 10 13:45:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:45:30Z [INFO] - Watchdog checking Edge runtime status
okt 10 13:45:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:45:30Z [INFO] - Edge runtime status is failed, starting module now...
okt 10 13:45:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:45:30Z [INFO] - Starting module edgeAgent...
okt 10 13:45:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:45:30Z [INFO] - Starting new listener for module edgeAgent
okt 10 13:45:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:45:30Z [INFO] - Starting workload API...
okt 10 13:45:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:45:30Z [INFO] - Workload API stopped
okt 10 13:45:31 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:45:31Z [INFO] - Started Edge runtime module edgeAgent
okt 10 13:46:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:46:30Z [INFO] - Watchdog checking Edge runtime status
okt 10 13:46:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:46:30Z [INFO] - Edge runtime status is failed, starting module now...
okt 10 13:46:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:46:30Z [INFO] - Starting module edgeAgent...
okt 10 13:46:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:46:30Z [INFO] - Starting new listener for module edgeAgent
okt 10 13:46:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:46:30Z [INFO] - Starting workload API...
okt 10 13:46:30 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:46:30Z [INFO] - Workload API stopped
okt 10 13:46:31 edge-dev-pi aziot-edged[14403]: 2022-10-10T11:46:31Z [INFO] - Started Edge runtime module edgeAgent
edge-agent logs 

1900-01-00 00:00:00  Starting Edge Agent
1900-01-00 00:00:00  Changing ownership of storage folder: /iotedge/storage//edgeAgent to 13622
1900-01-00 00:00:00  Changing ownership of backup folder: /tmp/edgeAgent_backup to 13622
1900-01-00 00:00:00  Changing ownership of management socket: /var/run/iotedge/mgmt.sock
1900-01-00 00:00:00  Completed necessary setup. Starting Edge Agent.
1900-01-00 00:00:00  Starting Edge Agent
1900-01-00 00:00:00  Changing ownership of storage folder: /iotedge/storage//edgeAgent to 13622
1900-01-00 00:00:00  Changing ownership of backup folder: /tmp/edgeAgent_backup to 13622
1900-01-00 00:00:00  Changing ownership of management socket: /var/run/iotedge/mgmt.sock
1900-01-00 00:00:00  Completed necessary setup. Starting Edge Agent.
1900-01-00 00:00:00  Starting Edge Agent
1900-01-00 00:00:00  Changing ownership of storage folder: /iotedge/storage//edgeAgent to 13622
1900-01-00 00:00:00  Changing ownership of backup folder: /tmp/edgeAgent_backup to 13622
1900-01-00 00:00:00  Changing ownership of management socket: /var/run/iotedge/mgmt.sock
1900-01-00 00:00:00  Completed necessary setup. Starting Edge Agent.
1900-01-00 00:00:00  Starting Edge Agent
1900-01-00 00:00:00  Changing ownership of storage folder: /iotedge/storage//edgeAgent to 13622
1900-01-00 00:00:00  Changing ownership of backup folder: /tmp/edgeAgent_backup to 13622
1900-01-00 00:00:00  Changing ownership of management socket: /var/run/iotedge/mgmt.sock
1900-01-00 00:00:00  Completed necessary setup. Starting Edge Agent.
1900-01-00 00:00:00  Starting Edge Agent
1900-01-00 00:00:00  Changing ownership of storage folder: /iotedge/storage//edgeAgent to 13622
1900-01-00 00:00:00  Changing ownership of backup folder: /tmp/edgeAgent_backup to 13622
1900-01-00 00:00:00  Changing ownership of management socket: /var/run/iotedge/mgmt.sock
1900-01-00 00:00:00  Completed necessary setup. Starting Edge Agent.
1900-01-00 00:00:00  Starting Edge Agent
1900-01-00 00:00:00  Changing ownership of storage folder: /iotedge/storage//edgeAgent to 13622
1900-01-00 00:00:00  Changing ownership of backup folder: /tmp/edgeAgent_backup to 13622
1900-01-00 00:00:00  Changing ownership of management socket: /var/run/iotedge/mgmt.sock
1900-01-00 00:00:00  Completed necessary setup. Starting Edge Agent.

Additional Information

I have applied the workaround mentioned here.

About this issue

  • Original URL
  • State: closed
  • Created 2 years ago
  • Comments: 17 (7 by maintainers)

Most upvoted comments

Hello,

I had exactly the same issue also with Iot Edge 1.4.2 and Buster (can’t update either) The workaround is not well documented, according to this comment: https://github.com/moby/moby/issues/40734#issuecomment-923032325 You need to include the --seccomp-profile=/…/… on the ExecStart line and not the last line (also tried that) After this, the iotedge check is not giving error 132 anymore.

My edgeAgent is not starting yet(System.UnauthorizedAccessException: Access to the path ‘/iotedge/storage/edgeAgent’ is denied.), but that’s probably because I upgraded from IoT Edge 1.2.

+1
guncoban on Oct 26, 2022
Read more comments on GitHub
← iotedge: IoT Edge module stops receiving data
iotedge: IoT edge runtime with DPS and X.509 always reconfigures modules on start →