By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

AWS Greengrass Proxy Issues

0

I am attempting to connect and manage a Greengrass v2 device, nucleus version 2.12.1, on ubuntu 22, that is running remotely.

The device is now offline (and effectively unreachable) since we incorrectly configured a proxy via the cloud-based deployment.

The proxies set on the host device are:

https_proxy=<url>:9480
http_proxy=<url>:9480

Do these also need to be set in uppercase?

The networkProxy object set in the cloud deployment (and verified to be present in the local effectiveConfig.yaml) is:

"networkProxy": {
      "proxy": {
        "url": "<url>:9400"  <------- Note the incorrect port here, set from the cloud.
      }
    }

I have read the documentation at: https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-alpn-network-proxy, specifically, 'Connection through a network proxy'.

So I have two questions:

  • How can I recover/remove/overwrite the incorrect config on the local device? I can gain local access through a screen share
  • Once that is recovered/reset - could you please clarify the process for working with a proxy normally? I presume it is not enough that there is a system-wide proxy set through etc/environment - I must also match that with the 'networkProxy' object, and cat the proxy cert onto the rootCA.pem cert?
Topics
Internet of Things (IoT)
Tags
AWS IoT GreengrassAWS IoT Core
Language
English
scriobhneoir
asked 15 days ago85 views
2 Answers
0

Hi

Do you have the Greengrass CLI deployed on your device? If yes, you can deploy the correct proxy settings using the CLI. Please take a look at [1].

If not, then you need to uninstall Greengrass from that device and re-install with the correct configuration provided as a yaml file with the --init-config param. Please take a look at [2].

It is recommended to have http_proxy in all caps.

could you please clarify the process for working with a proxy normally? Did you read through [3]? Your device should able to operate in a network proxy properly if this doc is followed.

Please reach out if there are other concerns/questions. Thanks!

[1] https://docs.aws.amazon.com/greengrass/v2/developerguide/gg-cli-deployment.html#deployment-create

[2] https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-installer.html

[3] https://docs.aws.amazon.com/greengrass/v2/developerguide/configure-greengrass-core-v2.html#configure-mqtt-port-443

AWS
sidsriv
answered 15 days ago
  • scriobhneoir
    14 days ago

    The greengrass-cli is locally deployed on the device.

    If there is a cloud deployment currently on the device, which specifies the incorrect proxy, will a local deployment merge with a new networkProxy setting overwrite the cloud one?

    Additional clarification question on the gg cli deployment command: The deployment create command -recipeDir and and an --artifactDir argument. Must I specify these for a local deployment? Where can I find these values for the AWS Nucleus component?

    Regarding 'normal' operation with a proxy, I have read the documentation but I am still unclear on the following:

    If the environmental variables, 'HTTP_PROXY' and 'HTTPS_PROXY' are set (at an OS level), in /etc/environment, will the Greengrass components inherit those settings, or do they still need the networkProxy object to be explicitly set?

0

Recipe directory is the only required param for the CLI deployment create command. You need to create a directory on your device and provide its absolute path as the value to this param.

You can skip every other param except the --update-config in which you need to merge in the correct network config for the component aws.greengrass.Nucleus. For more info on the config for Nucleus, please take a look at [1].

Greengrass will not inherit the values set in /etc/environment, you need to set the networkProxy object explicitly.

I hope this helps! Happy to help if there are further questions!

[1] https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html#greengrass-nucleus-component-configuration

AWS
sidsriv
answered 13 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content