azure-samples / iotedge_config_cli Goto Github PK

Tool for creating Azure IoT Edge hierarchies

License: MIT License

Rust 95.60% Shell 4.40%

iotedge_config_cli's Introduction

IoT Edge Config

IoT Edge config is a command-line tool that helps to configure hierarchies of Azure IoT Edge devices. It simplifies the configuration of the hierarchy by automating and condensing several steps into two:

Setting up the cloud configuration and preparing each device configuration, which includes:
- Creating devices in your IoT Hub
- Setting the parent-child relationships to authorize communication between devices
- Generating a chain of certificates for each device to establish secure communication between them
- Generating configuration files for each device
Installing each device configuration, which includes:
- Installing certificates on each device
- Applying the configuration files for each device

To learn more about how to use the IoT Edge config tool to deploy hierarchies of IoT Edge devices, please visit https://aka.ms/iotedge-nested-tutorial.

Build

main:

Usage

Make sure you are logged in (az login) to the latest version of aziot-cli (2.20.0 or above) and have openssl in your path (or use the --openssl-path flag). Use az account set -s {{subscription_name}} to set your subscription and make sure the IoT Hub you want to use is already created.

Run visualize to verify your config cargo build && sudo target/debug/iotedge_config --visualize

Run using the default config cargo build && sudo target/debug/iotedge_config

Options

cargo build && sudo target/debug/iotedge_config -h

iotedge_config 0.1.0

USAGE:
    iotedge_config [FLAGS] [OPTIONS]

FLAGS:
        --clean        Clean: deletes working directory at start
    -d, --delete       Delete: deletes devices in hub instead of creating them
    -f, --force        Force: tries to delete devices in hub before creating new ones
    -h, --help         Prints help information
    -V, --version      Prints version information
    -v, --verbose      Verbose: gives more detailed output
        --visualize    Visualize: only outputs visualization file, does no other work

OPTIONS:
    -c, --config <config>                Config: path to config file [default: ./iotedge_config.yaml]
        --openssl-path <openssl-path>    Openssl Path: Path to openssl executable. Only needed if `openssl` is not in
                                         PATH
    -o, --output <output>                Output: path to create directory at [default: ./iotedge_config]
        --zip-options <zip-options>      Zip Options: what should be zipped: all, devices, or none [default: devices]

Contributing

If you would like to build or change the IoT Edge source code, please follow the devguide.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.

iotedge_config_cli's People

Contributors

Stargazers

Watchers

Forkers

varunpuranik emmanuel-bv lfitchett suhailkhan-aziz huguesbouvier konichi3 omar-nav isabella232 therealsvc c-ryan-k jlian yeonhooy pataltimore ashahbazi58 ancaantochi

iotedge_config_cli's Issues

After running the script, sometimes we get the error in iotedge check, sometimes not

Getting this from lower layer:

Connectivity checks
-------------------
√ container on the default network can connect to upstream  AMQP port - OK
× container on the default network can connect to upstream HTTPS / WebSockets port - Error
    Container on the default network could not connect to 10.126.18.54:443
√ container on the default network can connect to upstream MQTT port - OK
√ container on the IoT Edge module network can connect to upstream AMQP port - OK
× container on the IoT Edge module network can connect to upstream HTTPS / WebSockets port - Error
    Container on the azure-iot-edge network could not connect to 10.126.18.54:443
√ container on the IoT Edge module network can connect to upstream MQTT port - OK

However, the system works just fine and the certificate looks fine.

It was fixed after doing sudo iotedge config apply again. Which is weird the last command in the install.sh is also config apply. Why do you need to do it twice in a row?

[Suggestion] Include ARM builds of the iotedge_config tool

Hi,

If possible, It would be nice to include ARM builds of the iotedge_config tool, so that other folks could apply this tutorial on a Raspberry Pi device also. This would save the step of having to recompile it from source.

(just as nice to have)

Thanks!

Buggy when provided root CA private key is protected by pass phrase

To repro:

Create test CA and private key using https://docs.microsoft.com/azure/iot-edge/how-to-create-test-certificates
- Pass phrase is hardcoded "1234"
Specify in YAML to use the generated files
Run the tool
Observe that
1. The tool prompts you to enter the pass phrase twice in a row
2. Enter the pass phrase once and press enter, it goes to the next line and appears to hang
3. You have to enter the pass phrase again, but this time it shows it in the terminal output

Silent hanging if Azure CLI command requires interactivity

When running the tool as sudo. I noticed that it would just hang at "Creating 2 devices in hub jlian-sandbox". Finally figured out after when I ran sudo az iot hub device-identity create directly and it asked me if I wanted to install azure-iot extension [Y/n]. Once installed the tool no longer hangs.

Strangely I can't repro this anymore.

I think we should either make azure-iot extension a prerequisite in the docs or expose the interactivity through the tool.

Name of provided root certificate is not applied to the install.sh script

I followed this guide to install a nested edge hierarchy.

At step 3 of the chapter "Create a hierarchy of IoT Edge devices" is described that I can provide a custom root certificate by editing the iotedge_config.yaml. I adjusted the paths of the root_ca_cert_path and root_ca_cert_key_path accordingly. After executing ./iotedge_config --config <path to config> --output <output path> -f the generated install.sh file contains the (hardcoded here and here) root CA name iotedge_config_cli_root.pem instead of my configured root CA name.

Let me know if you need further information. Thanks in advance for you efforts.

iothub_hostname in iotedge_config.yaml not used

I was wondering why the iotedge_config tool would require iothub_hostname and iothub_name, since the latter is a component of the first. I'm new to Rust, but upon looking at the Rust source, it appears iothub_hostname is not used.

Why use zip instead of `tar`?

Most Linux distributions come with tar installed. Why use zip and require the user to install it on the target device? The device might not have internet connectivity.