iot - 无法通过 MQTT 将叶设备连接到 Azure Edge 设备
问题描述
我有一个 azure IoT Edge 设备在 vmware 上设置为 ubuntu linux VM。它连接到我的物联网中心没有任何问题。我正在尝试注册一个叶设备(树莓派 - 我已成功直接连接到 IoT 集线器 - 我已从集线器中删除了该设备)。Edge 设备设置为透明网关。当我尝试通过 Edge 注册设备时,连接被拒绝。边缘设备上的 iptables 设置为将 MQTT 转发到 azure-iot-edge docker 网络上的 edgeHub 容器。这是来自 python sdk 的设备注册示例。我得到的确切错误是
MQTTTransportStage: _on_mqtt_connection_failure called: Connection Refused: not authorised.
MQTTTransportStage(ConnectOperation): completing with error Connection Refused: not authorised.
SerializeConnectOpsStage(ConnectOperation): op failed. Unblocking queue with error: Connection Refused: not authorised.
EnsureConnectionStage(MQTTSubscribeOperation): Connection failed. Completing with failure because of connection failure: Connection Refused: not authorised.
EnsureConnectionStage(MQTTSubscribeOperation): completing with error Connection Refused: not authorised.
ProvisioningMQTTConverterStage(EnableFeatureOperation): completing with error Connection Refused: not authorised.
MQTTTransportStage: _on_mqtt_disconnect called: The connection was refused.
Unhandled exception in background thread
MQTTTransportStage: disconnection was unexpected
This may cause the background thread to abort and may result in system instability.
Exception caught in background thread. Unable to handle.
azure.iot.device.common.transport_exceptions.ConnectionFailedError: The connection was refused.
看来转发没有发生。这是我的 iptables
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (2 references)
target prot opt source destination
ACCEPT tcp -- anywhere 172.18.0.2 tcp dpt:8883
ACCEPT tcp -- anywhere 172.18.0.2 tcp dpt:amqps
ACCEPT tcp -- anywhere 172.18.0.2 tcp dpt:https
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
target prot opt source destination
DROP all -- anywhere anywhere
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
解决方案
我的建议是在 IoT 中心的设备设置中,确保 IoTEdge 设备和叶设备之间存在关系。IoT Edge 设备必须设置为叶设备的父设备:
使用 DeviceClient 时,您的叶设备必须指定 GatewayHostName 并且必须是您的边缘设备,即在 IoT 中心设置为父设备。没有这个,您将收到拒绝连接错误。
推荐阅读
- amazon-web-services - 如何使用 mariadb 创建 ebs Elastic Beanstalk 应用程序
- microsoft-graph-api - Microsoft Graph API Outlook 任务文件夹:NoPermissionsInAccessToken
- html - 验证错误 W3c
- react-native - React-Native 无法解析配置“:classpath”的所有工件
- php - 是否有任何数组函数可以将数组值作为键,将其他值作为该键的值?
- laravel - 在 laravel 5.7 中登录的购物车
- pandas - 根据过去 3 个月和去年的这个时间分离数据
- ios - 错误:在添加平台 iOS 时运行子进程 Cordova 时发生
- python-3.x - Python IF 语句给出“无效语法”错误。请让我知道可能是什么原因
- r - R:对字符值进行分组,并按条件从向量中仅保留一个值