By using AWS re:Post, you agree to the Terms of Use
/AWS IoT Greengrass/

Questions tagged with AWS IoT Greengrass

Sort by most recent
  • 1
  • 90 / page

Browse through the questions and answers listed below or filter and sort to narrow down your results.

AWS CLI greengrass v2 create-deployment using JSON to import lambda not importing lambda artifact

I am importing lambdas as components for ggv2 using the AWS CLI. The lambdas import successfully but when I deploy to greengrass v2 I get the following error: > Error occurred while processing deployment. {deploymentId=********************, serviceName=DeploymentService, currentState=RUNNING}java.util.concurrent.ExecutionException: com.aws.greengrass.componentmanager.exceptions.NoAvailableComponentVersionException: No local or cloud component version satisfies the requirements. Check whether the version constraints conflict and that the component exists in your AWS account with a version that matches the version constraints. If the version constraints conflict, revise deployments to resolve the conflict. Component devmgmt.device.scheduler version constraints: thinggroup/dev-e01 requires =3.0.61. at java.base/java.util.concurrent.FutureTask.report(FutureTask.java:122) The version exists as it was imported successfully but the artifact is not transferred to the Greengrass Core. If I import the lambda from the AWS Management Console then it works as expected. Here is my CLI json input file and the command I am running. What am I missing? `aws greengrassv2 create-component-version --cli-input-json file://lambda-import-worker.json` *lambda-import-worker.json file:* ``` { "lambdaFunction": { "lambdaArn": "arn:aws:lambda:*******:***************:function:devmgmt-worker:319", "componentName": "devmgmt.device.scheduler", "componentVersion": "3.0.61", "componentPlatforms": [ { "name": "Linux amd64", "attributes": { "os": "All", "platform": "All" } } ], "componentDependencies": { "aws.greengrass.TokenExchangeService":{ "versionRequirement": ">=2.0.0 <3.0.0", "dependencyType": "HARD" }, "aws.greengrass.LambdaLauncher": { "versionRequirement": ">=2.0.0 <3.0.0", "dependencyType": "HARD" }, "aws.greengrass.LambdaRuntimes": { "versionRequirement": ">=2.0.0 <3.0.0", "dependencyType": "SOFT" } }, "componentLambdaParameters": { "maxQueueSize": 1000, "maxInstancesCount": 100, "maxIdleTimeInSeconds": 120, "timeoutInSeconds": 60, "statusTimeoutInSeconds": 60, "pinned": true, "inputPayloadEncodingType": "json", "environmentVariables": {}, "execArgs": [], "linuxProcessParams": { "isolationMode": "NoContainer" }, "eventSources": [ { "topic": "device/notice", "type": "PUB_SUB" }, { "topic": "$aws/things/thingnameManager/shadow/name/ops/update/accepted", "type": "IOT_CORE" }, { "topic": "dev/device", "type": "IOT_CORE" } ] } } } ```
1
answers
0
votes
20
views
asked 14 days ago

Accessing Custom Environment Variables inside component's docker containers

I have a manifest file which looks like : ``` { "Platform": { "os": "all" }, "Lifecycle": { "Setenv": { "ENDPOINT": "Test_endpoint" }, "Run": "docker rm core -f && docker rm A -f && docker rm B -f && docker rm C -f && docker-compose -f {artifacts:path}/docker-compose.yml up -d" }, "Artifacts": [ { "URI": "docker:D" }, { "URI": "s3://bucket/docker-compose.yml" }, { "URI": "docker:C" }, { "URI": "docker:B" }, { "URI": "docker:A" } ] } ``` and in docker compose file ``` service: image: "XXXXX.dkr.ecr.us-east-1.amazonaws.com/service-1.0:latest" container_name: service network_mode: host environment: AWS_GG_NUCLEUS_DOMAIN_SOCKET_FILEPATH_FOR_COMPONENT: ${AWS_GG_NUCLEUS_DOMAIN_SOCKET_FILEPATH_FOR_COMPONENT} SVCUID: ${SVCUID} AWS_CONTAINER_CREDENTIALS_FULL_URI: ${AWS_CONTAINER_CREDENTIALS_FULL_URI} AWS_CONTAINER_AUTHORIZATION_TOKEN: ${AWS_CONTAINER_AUTHORIZATION_TOKEN} AWS_REGION: ${AWS_REGION} AWS_IOT_THING_NAME: ${AWS_IOT_THING_NAME} ENDPOINT: ${ENDPOINT} depends_on: - core - ledservice - scannerservice volumes: - ${AWS_GG_NUCLEUS_DOMAIN_SOCKET_FILEPATH_FOR_COMPONENT}:${AWS_GG_NUCLEUS_DOMAIN_SOCKET_FILEPATH_FOR_COMPONENT} command: --uri localhost:4400 --port 9100 --name stow ``` But i am unable to retrieve the value of ENDPOINT in my docker container using System.getEnv("ENDPOINT") or print all the environment variable using printenv on SSH. Value being returned is 'ENDPOINT=' i.e. empty. What am i doing wrong here? because i could not find much references where Setenv is being used or how to use it using docker.
1
answers
0
votes
58
views
asked 17 days ago

GGv2: Pinned (long lived) Node.js Lambda Times Out

I've created a Node.js Lambda function based on the examples found here (https://github.com/aws-samples/aws-greengrass-lambda-functions) and imported it as a Greengrass V2 component. Additionally, I've configured the Lambda function component as a 'pinned' or 'long-lived' function (i.e., it should remain running in the background). Also, the Lambda function is configured NOT to run in a Greengrass container (i.e., `NoContainer`). Initially, upon deploying the Lambda function, it would not run at all. Then, after increasing the `timeoutInSeconds` value from 3 to 60, I was able to see the function start and run, but then it is promptly killed via `SIGTERM` after ~60 seconds. Increasing the `timeoutInSeconds` value to the max allowed (2147483647) doesn't seem to change the behavior either (and isn't really a good solution). Since a 'pinned' function should be able to run indefinitely, I would think the `timeoutInSeconds` value would not matter to the execution of the function (i.e., Greengrass should not kill it)? I have seen some older comments/notes from other users (https://www.repost.aws/questions/QUJcrxYJosQHe_jTAyaAzYOw/issues-node-js-hello-world-running-core-1-9-2) that this can happen when the `callback()` function is not called in your Lambda's handler function, but I tried this, and it did not seem to fix the issue. I also tried using an asynchronous (`async`) handler, but this didn't behave any differently. Is there another setting that must be configured properly in Greengrass V2? The Lambda component? The Lambda function itself? Do I need construct the Lambda handler in a specific way? Are there any better examples of Lambda functions for Greengrass than what is at the link above? Thanks!
3
answers
0
votes
67
views
asked 20 days ago

Unable to connect to AWS service[API Gateway] from IOT Core device[Inside docker container]

I have created a component using GreengrassV2 and running multiple containers inside this component. Now, my requirement is to call API Gateway and fetch some data into one of the docker containers running on the local device inside the component. I am using "import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;" for fetching the credentials but getting ``` 05:45:06.476 INFO - Calling API Gateway with request params com.amazon.spiderIoT.stowWorkcell.entities.ApiGatewayRequest@e958e637 Exception in thread "main" com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain: [EnvironmentVariableCredentialsProvider: Unable to load AWS credentials from environment variables (AWS_ACCESS_KEY_ID (or AWS_ACCESS_KEY) and AWS_SECRET_KEY (or AWS_SECRET_ACCESS_KEY)), SystemPropertiesCredentialsProvider: Unable to load AWS credentials from Java system properties (aws.accessKeyId and aws.secretKey), WebIdentityTokenCredentialsProvider: To use assume role profiles the aws-java-sdk-sts module must be on the class path., com.amazonaws.auth.profile.ProfileCredentialsProvider@7c36db44: profile file cannot be null, com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper@6c008c24: Failed to connect to service endpoint: ] at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:136) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.getCredentialsFromContext(AmazonHttpClient.java:1269) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.runBeforeRequestHandlers(AmazonHttpClient.java:845) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:794) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:781) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:755) at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:715) at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:697) at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:561) at com.amazon.spiderIoT.stowWorkcell.client.ApiGatewayClient.execute(ApiGatewayClient.java:134) at com.amazon.spiderIoT.stowWorkcell.client.ApiGatewayClient.execute(ApiGatewayClient.java:79) at com.amazon.spiderIoT.stowWorkcell.StowWorkcellService.startMQTTSubscriberForSortLocationEvents(StowWorkcellService.java:120) at com.amazon.spiderIoT.stowWorkcell.StowWorkcellService.onInitialize(StowWorkcellService.java:65) at com.amazon.spideriot.sdk.service.Service.run(Service.java:79) at com.amazon.spiderIoT.stowWorkcell.StowWorkcellServiceDriver.main(StowWorkcellServiceDriver.java:26) ``` My dependencyConfiguration looks like :- ``` { "aws.greengrass.TokenExchangeService": { "componentVersion": "2.0.3", "DependencyType": "HARD" }, "aws.greengrass.DockerApplicationManager": { "componentVersion": "2.0.4" }, "aws.greengrass.Cloudwatch": { "componentVersion": "3.0.0" }, "aws.greengrass.Nucleus": { "componentVersion": "2.4.0", "configurationUpdate": { "merge": "{\"logging\":{\"level\":\"INFO\"}, \"iotRoleAlias\": \"GreengrassV2TestCoreTokenExchangeRoleAlias\"}" } }, "aws.greengrass.LogManager": { "componentVersion": "2.2.3", "configurationUpdate": { "merge": "{\"logsUploaderConfiguration\":{\"systemLogsConfiguration\": {\"uploadToCloudWatch\": \"true\",\"minimumLogLevel\": \"INFO\",\"diskSpaceLimit\": \"10\",\"diskSpaceLimitUnit\": \"MB\",\"deleteLogFileAfterCloudUpload\": \"false\"},\"componentLogsConfigurationMap\": {\"LedService\": {\"minimumLogLevel\": \"INFO\",\"diskSpaceLimit\": \"20\",\"diskSpaceLimitUnit\": \"MB\",\"deleteLogFileAfterCloudUpload\": \"false\"}}},\"periodicUploadIntervalSec\": \"5\"}" } } } ``` Java code for using AWS credentials ``` public class APIGatewayModule extends AbstractModule { @Provides @Singleton public AWSCredentialsProvider getAWSCredentialProvider() { return new DefaultAWSCredentialsProviderChain(); } @Provides @Singleton public ApiGatewayClient getApiGatewayClient(final AWSCredentialsProvider awsCredentialsProvider) { System.out.println("Getting client configurations"); final com.amazonaws.ClientConfiguration clientConfiguration = new com.amazonaws.ClientConfiguration(); System.out.println("Got client configurations" + clientConfiguration); return new ApiGatewayClient(clientConfiguration, Region.getRegion(Regions.fromName("us-east-1")), awsCredentialsProvider, AmazonHttpClient.builder().clientConfiguration(clientConfiguration).build()); } } ``` I have been following this doc: https://docs.aws.amazon.com/greengrass/v2/developerguide/device-service-role.html My question is regarding everywhere in this document, it is mentioned that "AWS IoT Core credentials provider", what credentials provider should we use? Also, as mentioned in this doc we should use --provision true when "When you run the AWS IoT Greengrass Core software, you can choose to provision the AWS resources that the core device requires." But we started without this flag, how can this be tackled and is there any other document that provides reference to using credentials provider and calling API Gateway from AWS SDK Java. On SSH to docker, i could find that the variable is set ``` AWS_CONTAINER_CREDENTIALS_FULL_URI=http://localhost:38135/2016-11-01/credentialprovider/ ``` But unable to curl from docker to this URL, is this how this is suppose to work?
3
answers
0
votes
47
views
asked 21 days ago

AWS Greengrass Secure Tunnel Component Fails to Install

The component 'aws.greengrass.SecureTunneling' (v1.0.7) is not installing on an Ubuntu 18.04 device with Greengrass. What command/service does it use to determine the OS type ? Output of common os-checking commands: lsb_release -a ``` LSB Version: core-9.20170808ubuntu1-noarch:security-9.20170808ubuntu1-noarch Distributor ID: Ubuntu Description: Ubuntu 18.04.6 LTS Release: 18.04 Codename: bionic ``` arch ``` arch ``` hostnamectl ``` Icon name: computer Machine ID: a3d9197b765643568af09eb2bd3e5ce7 Boot ID: 485f9ca2cc4549d694968e332c58f415 Operating System: Ubuntu 18.04.6 LTS Kernel: Linux 4.9.253-tegra Architecture: arm64 ``` Logs: ``` redacted@terminal$ sudo tail -n 100 /greengrass/v2/logs/aws.greengrass.SecureTunneling.log 2022-05-31T15:49:53.220Z [INFO] (pool-2-thread-5665) aws.greengrass.SecureTunneling: shell-runner-start. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=STARTING, command=["java -jar /greengrass/v2/packages/artifacts/aws.greengrass.SecureTunneling/1.0..."]} 2022-05-31T15:49:56.358Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. [INFO ] 2022-05-31 16:49:56.348 [main] SecureTunneling - Starting secure tunneling component!. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:56.408Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. WARNING: sun.reflect.Reflection.getCallerClass is not supported. This will impact performance.. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:56.450Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. [ERROR] 2022-05-31 16:49:56.402 [main] SecureTunneling - Exception initializing secure tunneling task.. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:56.451Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. com.aws.greengrass.component.securetunneling.exceptions.SecureTunnelingTaskException: Unable to determine compatible OS distribution information! Supported OS distributions: [amzn2,ubuntu,raspberrypi]. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:56.452Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. at com.aws.greengrass.component.securetunneling.utils.PlatformResolver.getOSDistroInfoForArch(PlatformResolver.java:51) ~[GreengrassV2SecureTunnelingComponent-1.0-all.jar:?]. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:56.452Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. at com.aws.greengrass.component.securetunneling.SecureTunneling.extractExecutablePathFromArgs(SecureTunneling.java:66) ~[GreengrassV2SecureTunnelingComponent-1.0-all.jar:?]. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:56.452Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. at com.aws.greengrass.component.securetunneling.SecureTunneling.main(SecureTunneling.java:33) ~[GreengrassV2SecureTunnelingComponent-1.0-all.jar:?]. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:56.509Z [INFO] (Copier) aws.greengrass.SecureTunneling: Run script exited. {exitCode=1, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:56.515Z [INFO] (pool-2-thread-5659) aws.greengrass.SecureTunneling: shell-runner-start. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=STARTING, command=["java -jar /greengrass/v2/packages/artifacts/aws.greengrass.SecureTunneling/1.0..."]} 2022-05-31T15:49:59.375Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. [INFO ] 2022-05-31 16:49:59.368 [main] SecureTunneling - Starting secure tunneling component!. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:59.425Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. WARNING: sun.reflect.Reflection.getCallerClass is not supported. This will impact performance.. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:59.472Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. [ERROR] 2022-05-31 16:49:59.419 [main] SecureTunneling - Exception initializing secure tunneling task.. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:59.472Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. com.aws.greengrass.component.securetunneling.exceptions.SecureTunnelingTaskException: Unable to determine compatible OS distribution information! Supported OS distributions: [amzn2,ubuntu,raspberrypi]. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:59.472Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. at com.aws.greengrass.component.securetunneling.utils.PlatformResolver.getOSDistroInfoForArch(PlatformResolver.java:51) ~[GreengrassV2SecureTunnelingComponent-1.0-all.jar:?]. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:59.473Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. at com.aws.greengrass.component.securetunneling.SecureTunneling.extractExecutablePathFromArgs(SecureTunneling.java:66) ~[GreengrassV2SecureTunnelingComponent-1.0-all.jar:?]. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:59.473Z [INFO] (Copier) aws.greengrass.SecureTunneling: stdout. at com.aws.greengrass.component.securetunneling.SecureTunneling.main(SecureTunneling.java:33) ~[GreengrassV2SecureTunnelingComponent-1.0-all.jar:?]. {scriptName=services.aws.greengrass.SecureTunneling.lifecycle.run.script, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} 2022-05-31T15:49:59.508Z [INFO] (Copier) aws.greengrass.SecureTunneling: Run script exited. {exitCode=1, serviceName=aws.greengrass.SecureTunneling, currentState=RUNNING} ```
4
answers
1
votes
73
views
asked a month ago

AWS IoT Greengrass (V2) and Video Streaming

Hello, The use case I have is this - There are two types of AWS IoT Greengrass V2 core devices that are implemented, which are connected (in the same private LAN network) in hub and spoke architecture. None of them are connected to client devices (Greengrass is being used because of its IPC and orchestration benefits): 1. [Spoke] AWS IoT Greengrass V2 core device is directly attached to a camera. The Video stream is sent to an Hub AWS IoT Greengrass V2 core device for ML processing (inference) that must be near-real time. 2. [Hub] AWS IoT Greengrass V2 core device that is processing and Fan-Out video streams: **A)** to ML inference interface (**local component of the hub**) **B)** to Kinesis Firehose (S3; to re-train the model) **C)** AWS Kinesis Video Stream (for human to view the video online) I have a couple of questions: 1. Is the architecture feasible? Make sense? 2. What is the best (performance and security wise) technology (open source, AWS component, protocol) to use in Spoke and Hub devices to send the video stream from the spokes to the hub (the video has to be high quality with minimal/no compression to keep the inference accuracy high)? 2. Can the Stream Manager component of AWS IoT Greengrass V2 core send (Hub) streams in fun-out mode (**e.g., to two different destinations concurrently, AWS Kinesis Firehose and AWS Kinesis Video Streams**)? Thank you, Yossi
1
answers
0
votes
52
views
asked a month ago

Greengrass-v2: Using variables in `accessControl` statements

According to [this documentation](https://docs.aws.amazon.com/greengrass/v2/developerguide/component-recipe-reference.html), we can use variables, but it seems like only _"within lifecycle definitions in component recipes"_. Is there any undocumented way of using variables in the `accessControl` statements? Specifically I'm trying to add the following `accessControl` statements: ```yaml DefaultConfiguration: accessControl: aws.greengrass.ipc.mqttproxy: "{COMPONENT_NAME}:mqttproxy:1": policyDescription: Allows subscribing to command messages from aws-iot-core operations: - "aws.greengrass#SubscribeToIoTCore" resources: - "iot/cache/#" - "iot/gateways/{iot:thingName}/command/+" - "iot/gateways/{iot:thingName}/status/+" "{COMPONENT_NAME}:mqttproxy:2": policyDescription: Allows publishing update messages to aws-iot-core operations: - "aws.greengrass#PublishToIoTCore" resources: - "iot/things/+/message" ``` ... but I get `awsiot.greengrasscoreipc.model.UnauthorizedError` when subscribing to `iot/gateways/my-actual-core-name/command/+` and `iot/gateways/my-actual-core-name/status/+`. I have found through trial and error that the following resource statements allow me to do what I want, but they're somewhat "overly permissive": ```yaml resources: - "iot/cache/#" - "iot/gateways/+/command/+" - "iot/gateways/+/status/+" ``` Then I can actually subscribe to `iot/gateways/my-actual-core-name/command/+` and `iot/gateways/my-actual-core-name/status/+`. That's a little counter-intuitive to me because they're not explicitly the same topic pattern (I would expect to only be allowed to subscribe to `iot/gateways/+/command/+` exactly). It's an okay workaround for now, but I was hoping I could do better and prevent a given gateway from subscribing to `iot/gateways/arbitrary-words/command/+`
1
answers
0
votes
15
views
asked a month ago

Manage Greengrass-V2 Components in central account

I'm currently trying to create a component in a tenant account using the artifact packaged in a central account S3 bucket. The tenant account and central account are in the same AWS Organization. I've tried the following settings to enable the tenant accounts to access the S3 bucket: 1. On the central account S3 bucket (I wasn't sure what Principal Service/User was trying to test this access, so I just "shotgunned" it): ``` { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "greengrass.amazonaws.com", "iot.amazonaws.com", "credentials.iot.amazonaws.com" ] }, "Action": [ "s3:GetObject", "s3:GetObjectVersion" ], "Resource": "arn:aws:s3:::MY-CENTRAL-ACCOUNT-BUCKET/*" }, { "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": [ "s3:GetObject", "s3:GetObjectVersion", "s3:GetObjectTorrent", "s3:GetObjectVersionAcl", "s3:GetObjectAcl" ], "Resource": "arn:aws:s3:::MY-CENTRAL-ACCOUNT-BUCKET/*", "Condition": { "StringEquals": { "aws:PrincipalOrgID": "o-abc123def456" } } }, ... ] } ``` 2. On the `GreengrassV2TokenExchangeRole` in the tenant account, I've added the `AmazonS3FullAccess` AWS Managed policy (just to see if I could eliminate this Role as the blocker) I've verified that, as a User in the tenant account, I have access to the object in S3 and can do `aws s3 cp` as a tenant User (so the bucket policy doesn't seem to be blocking things). Whenever I try creating the Component in the tenant account, I'm met with: ``` Invalid Input: Encountered following errors in Artifacts: {s3://MY-CENTRAL-ACCOUNT-BUCKET/com.example.my-component-name/1.0.0-dev.0/application.zip = Specified artifact resource cannot be accessed} ``` ... using either the AWS IoT Greengrass Console and the AWS CLI. What am I missing? Is there a different service-linked role, I should be allowing in the S3 Bucket Resource Policy? It just seems like an access-test during Component creation and not an actual attempt to access the resource. I'm fairly certain if I assumed the Greengrass-TES role, I'd be able to download the artifact too (although I haven't explicitly done that yet).
1
answers
0
votes
45
views
asked a month ago

Token Exchange Service (TES) failing to fetch credentials

**Gentlefolks, why is the the token exchange service (TES) failing to fetch credentials?** I have greengrass installed on Ubuntu 20.x.x running on a virtual machine. At the end of the numbered items is an error log (truncated) obtained from `/greengrass/v2/logs/greengrass.log`. Thank you What I've done or what I think you should know: 1. There exist `GreenGrassServiceRole` which contains `AWSGreengrassResourceAccessRolePolicy`, and every other policy containing the word "greengrass" in its name. It also has a trust relationship as below. This was created when I installed Greengrass, but I added additional policies. ``` { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "greengrass.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals": { "aws:SourceAccount": "<MY_ACCOUNT_NUMBER>" }, "ArnLike": { "aws:SourceArn": "<ARN_THAT_SHOWS_MY_REGION_AND_ACC_NUMBER>:*" } } }, { "Effect": "Allow", "Principal": { "Service": "credentials.iot.amazonaws.com" }, "Action": "sts:AssumeRole" } ] } ``` 2. `aws.greengrass.Nucleus` component is deployed with the following configuration update. The alias also exists. ``` { "reset": [], "merge": { "ComponentConfiguration": { "DefaultConfiguration": { "iotRoleAlias": "GreengrassV2TokenExchangeRoleAlias", "awsRegion": "us-east-1", "iotCredEndpoint": "https://sts.us-east-1.amazonaws.com", "iotDataEndpoint": "<ENDPOINT_OBTAINED_FROM_IOT_CORE_SETTINGS>" } } } } ``` 3. `aws.greengrass.TokenExchangeService` is deployed. 4. There's a custom component that uses the Greengrass SDK to publish to IoT Core. It has the following configuration update. ``` { "reset": [], "merge": { "ComponentDependencies": { "aws.greengrass.TokenExchangeService": { "VersionRequirement": "^2.0.0", "DependencyType": "HARD" } } } } ``` 5. There is an IoT policy from a previous exercise which attached to the core device (Ubuntu on virtual machine) certificate. It allows **all** actions. There's also another `GreengrassTESCertificatePolicyGreengrassV2TokenExchangeRoleAlias` which is associated with the thing's certificate. The policy allows `iot:AssumeRoleWithCertificate` **ERROR LOG BELOW** ``` 2022-05-21T21:07:39.592Z [ERROR] (pool-2-thread-28) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials, credentialData=Failed to get connection} 2022-05-21T21:08:38.071Z [WARN] (pool-2-thread-28) com.aws.greengrass.tes.CredentialRequestHandler: Encountered error while fetching credentials. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials} com.aws.greengrass.deployment.exceptions.AWSIotException: Unable to get response at com.aws.greengrass.iot.IotCloudHelper.getHttpResponse(IotCloudHelper.java:95) at com.aws.greengrass.iot.IotCloudHelper.lambda$sendHttpRequest$1(IotCloudHelper.java:80) at com.aws.greengrass.util.BaseRetryableAccessor.retry(BaseRetryableAccessor.java:32) at com.aws.greengrass.iot.IotCloudHelper.sendHttpRequest(IotCloudHelper.java:81) at com.aws.greengrass.tes.CredentialRequestHandler.getCredentialsBypassCache(CredentialRequestHandler.java:207) at com.aws.greengrass.tes.CredentialRequestHandler.getCredentials(CredentialRequestHandler.java:328) at com.aws.greengrass.tes.CredentialRequestHandler.getAwsCredentials(CredentialRequestHandler.java:337) at com.aws.greengrass.tes.LazyCredentialProvider.resolveCredentials(LazyCredentialProvider.java:24) at software.amazon.awssdk.awscore.internal.AwsExecutionContextBuilder.resolveCredentials(AwsExecutionContextBuilder.java:165) at software.amazon.awssdk.awscore.internal.AwsExecutionContextBuilder.invokeInterceptorsAndCreateExecutionContext(AwsExecutionContextBuilder.java:102) at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.invokeInterceptorsAndCreateExecutionContext(AwsSyncClientHandler.java:69) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.lambda$execute$1(BaseSyncClientHandler.java:78) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.measureApiCallSuccess(BaseSyncClientHandler.java:175) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:76) at software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:45) at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:56) at software.amazon.awssdk.services.s3.DefaultS3Client.getBucketLocation(DefaultS3Client.java:3382) at com.aws.greengrass.componentmanager.builtins.S3Downloader.lambda$getRegionClientForBucket$2(S3Downloader.java:134) at com.aws.greengrass.util.RetryUtils.runWithRetry(RetryUtils.java:50) at com.aws.greengrass.componentmanager.builtins.S3Downloader.getRegionClientForBucket(S3Downloader.java:133) at com.aws.greengrass.componentmanager.builtins.S3Downloader.getDownloadSize(S3Downloader.java:115) at com.aws.greengrass.componentmanager.ComponentManager.prepareArtifacts(ComponentManager.java:420) at com.aws.greengrass.componentmanager.ComponentManager.preparePackage(ComponentManager.java:377) at com.aws.greengrass.componentmanager.ComponentManager.lambda$preparePackages$1(ComponentManager.java:338) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: java.net.UnknownHostException: https at java.base/java.net.InetAddress$CachedAddresses.get(InetAddress.java:797) at java.base/java.net.InetAddress.getAllByName0(InetAddress.java:1509) at java.base/java.net.InetAddress.getAllByName(InetAddress.java:1368) at java.base/java.net.InetAddress.getAllByName(InetAddress.java:1302) at org.apache.http.impl.conn.SystemDefaultDnsResolver.resolve(SystemDefaultDnsResolver.java:45) at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:112) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) at jdk.internal.reflect.GeneratedMethodAccessor51.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at software.amazon.awssdk.http.apache.internal.conn.ClientConnectionManagerFactory$Handler.invoke(ClientConnectionManagerFactory.java:80) at com.sun.proxy.$Proxy15.connect(Unknown Source) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) at software.amazon.awssdk.http.apache.internal.impl.ApacheSdkHttpClient.execute(ApacheSdkHttpClient.java:72) at software.amazon.awssdk.http.apache.ApacheHttpClient.execute(ApacheHttpClient.java:253) at software.amazon.awssdk.http.apache.ApacheHttpClient.access$500(ApacheHttpClient.java:106) at software.amazon.awssdk.http.apache.ApacheHttpClient$1.call(ApacheHttpClient.java:232) at com.aws.greengrass.iot.IotCloudHelper.getHttpResponse(IotCloudHelper.java:88) ... 27 more 2022-05-21T21:08:38.073Z [ERROR] (pool-2-thread-28) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials, credentialData=Failed to get connection} ```
2
answers
0
votes
46
views
asked a month ago

Greengrass V2: LegacySubscriptionRouter component target LambdaNotFoundException

I have a Greengrass Lambda component subscribed to the `aws.greengrass.SNS` output topic `sns/message/status` using the `aws.greengrass.LegacySubscriptionRouter` component with the following configuration: ``` { "subscriptions": { "GreengrassSnsOutput": { "id": "GreengrassSnsOutput", "source": "component:aws.greengrass.SNS", "subject": "sns/message/status", "target": f"component:MyComponentName", } } } ``` That works as expected, but if I update the Lambda corresponding to `MyComponentName`, I get the following error message in the main Greengrass log file: ``` com.aws.greengrass.lambdamanager.LambdaNotFoundException: Lambda arn:aws:lambda:region:account:function:my-function-name:# does not exist ``` The [developer guide](https://docs.aws.amazon.com/greengrass/v2/developerguide/legacy-subscription-router-component.html#legacy-subscription-router-component-configuration) suggests that v2.1.0... >Adds support to specify component names instead of ARNs for source and target. If you specify a component name for a subscription, you don't need to reconfigure the subscription each time the version of the Lambda function changes. I took that to mean nothing needs to happen with respect to the subscription after a new component version with the same name but a new Lambda ARN is deployed. Is that right or is there something else that needs to be done? I'm using the following component versions: ``` "aws.greengrass.LegacySubscriptionRouter": { "componentVersion": "2.1.4" }, "aws.greengrass.Nucleus": { "componentVersion": "2.5.5" }, "aws.greengrass.SNS": { "componentVersion": "2.1.0" }, ```
1
answers
0
votes
9
views
asked 2 months ago

[Greengrass][IDT] test component and MQTT failed with general info

At current, my Greengrass core device (v2.5.5), is on my rasp 3b+ running normally with manual deployment from local/cloud. However, the IDT (version 4.5.3 with suite=GGV2Q_2.3.1) execution passed for 3/6 test cases as below only: ========== Test Summary ========== * Execution Time: 1m51s * Tests Completed: 6 * Tests Passed: 3 * Tests Failed: 3 * Tests Skipped: 0 ---------------------------------- Test Groups: * pretestvalidation: PASSED * version: PASSED * coredependencies: PASSED * mqtt: FAILED * component: FAILED ---------------------------------- Failed Tests: * Group Name: mqtt Test Name: mqttpubsub; Reason: Failed at 'my device is running Greengrass * Group Name: component Test Name: cloudcomponent; Reason: Failed at 'my device is running Greengrass' Test Name: localcomponent; Reason: Failed at 'my device is running Greengrass' ---------------------------------- **Is there further detail/meaningful info from these error log/code?** **I have tried to look into the log folder but nothing else there.** **I have attached all failed logs as below:** # localcomponent: - time="22:48:06+07:00" level=info msg=22:48:06.237 [localdeployment] [INFO] com.aws.greengrass.testing.features.LoggerSteps - Attaching thread context to scenario: 'A component is deployed locally using CLI' - time="22:48:06+07:00" level=info msg=22:48:06.238 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 4: 'my device is registered as a Thing' - time="22:48:08+07:00" level=info msg=22:48:08.085 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotPolicy in IotLifecycle - time="22:48:09+07:00" level=info msg=22:48:09.615 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IamPolicy in IamLifecycle - time="22:48:10+07:00" level=info msg=22:48:10.194 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IamRole in IamLifecycle - time="22:48:10+07:00" level=info msg=22:48:10.639 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotRoleAlias in IotLifecycle - time="22:48:10+07:00" level=info msg=22:48:10.837 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotPolicy in IotLifecycle - time="22:48:11+07:00" level=info msg=22:48:11.040 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotThingGroup in IotLifecycle - time="22:48:12+07:00" level=info msg=22:48:12.066 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotCertificate in IotLifecycle - time="22:48:12+07:00" level=info msg=22:48:12.466 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotThing in IotLifecycle - time="22:48:14+07:00" level=info msg=22:48:14.966 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 5: 'my device is running Greengrass' - time="22:48:14+07:00" level=info msg=22:48:14.976 [localdeployment] [ERROR] greengrass/features/localdeployment.feature - Failed at step: 'my device is running Greengrass' - time="22:48:14+07:00" level=info msg=com.google.inject.ConfigurationException: Guice configuration errors: - time="22:48:14+07:00" level=info msg=1) [Guice/ErrorInUserCode]: Unable to method intercept: GreengrassSteps - time="22:48:14+07:00" level=info msg= while locating GreengrassSteps - time="22:48:14+07:00" level=info msg=22:48:14.990 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 9: 'I create a Greengrass deployment with components' - time="22:48:14+07:00" level=info msg=22:48:14.990 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 11: 'I deploy the Greengrass deployment configuration' - time="22:48:14+07:00" level=info msg=22:48:14.991 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 12: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' - time="22:48:14+07:00" level=info msg=22:48:14.991 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 13: 'I verify greengrass-cli is available in greengrass root' - time="22:48:14+07:00" level=info msg=22:48:14.991 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 14: 'I create a local deployment with components' - time="22:48:14+07:00" level=info msg=22:48:14.991 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 16: 'the local Greengrass deployment is SUCCEEDED on the device after 120 seconds' - time="22:48:14+07:00" level=info msg=22:48:14.991 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 17: 'the aws.greengrass.LocalHelloWorld log on the device contains the line "Hello World!!" within 20 seconds' - time="22:48:16+07:00" level=info msg=22:48:16.569 [localdeployment] [INFO] com.aws.greengrass.testing.features.LoggerSteps - Clearing thread context on scenario: 'A component is deployed locally using CLI' - time="22:48:16+07:00" level=info msg=22:48:16.577 [localdeployment] [ERROR] com.aws.greengrass.testing.launcher.reporting.StepTrackingReporting - Failed: 'A component is deployed locally using CLI': Failed at 'my device is running Greengrass' - time="22:48:16+07:00" level=info msg=22:48:16.584 [] [] [INFO] com.aws.greengrass.testing.modules.AWSResourcesCleanupModule - Cleaned up com.aws.greengrass.testing.resources.iam.IamLifecycle$$EnhancerByGuice$$10441879@e128dc2 - time="22:48:23+07:00" level=error msg=Test exited unsuccessfully error=exit status # cloudcomponent: - 2022-May-04 15:37:28,499 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 9: 'I create a Greengrass deployment with components' - 2022-May-04 15:37:28,499 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 11: 'I deploy the Greengrass deployment configuration' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 12: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 13: 'the com.aws.HelloWorld log on the device contains the line "Hello World!!" within 20 seconds' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 15: 'I create a Greengrass deployment with components' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 17: 'I deploy the Greengrass deployment configuration' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 18: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 19: 'the com.aws.HelloWorld log on the device contains the line "Hello World Updated!!" within 20 seconds' - 2022-May-04 15:37:31,557 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] com.aws.greengrass.testing.features.LoggerSteps - Clearing thread context on scenario: 'As a developer, I can create a component in Cloud and deploy it on my device' - 2022-May-04 15:37:31,558 [cloudComponent] [idt-b47156801aee3f29c860] [ERROR] com.aws.greengrass.testing.launcher.reporting.StepTrackingReporting - Failed: 'As a developer, I can create a component in Cloud and deploy it on my device': Failed at 'my device is running Greengrass' # mqttpubsub: - 2022-May-04 15:36:55,929 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] greengrass/features/mqtt.feature - line 9: 'I create a Greengrass deployment with components' - 2022-May-04 15:36:55,931 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] greengrass/features/mqtt.feature - line 12: 'I deploy the Greengrass deployment configuration' - 2022-May-04 15:36:55,931 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] greengrass/features/mqtt.feature - line 13: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' - 2022-May-04 15:36:55,931 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] greengrass/features/mqtt.feature - line 14: 'the aws.greengrass.IotMqttSubscriber log on the device contains the line "Subscribed to IoT topic idt/Mqtt/Test with QOS=AT_LEAST_ONCE" within 20 seconds' - 2022-May-04 15:36:55,931 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] greengrass/features/mqtt.feature - line 15: 'the aws.greengrass.IotMqttPublisher log on the device contains the line "Published to IoT topic idt/Mqtt/Test with payload test message and qos AT_LEAST_ONCE" within 10 seconds' - 2022-May-04 15:36:58,922 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] com.aws.greengrass.testing.features.LoggerSteps - Clearing thread context on scenario: 'Component publishes MQTT message to Iot core and retrieves it as well' - 2022-May-04 15:36:58,924 [mqtt] [idt-614fb227a4f0913ba4be] [ERROR] com.aws.greengrass.testing.launcher.reporting.StepTrackingReporting - Failed: 'Component publishes MQTT message to Iot core and retrieves it as well': Failed at 'my device is running Greengrass' - 2022-May-04 15:36:58,930 [] [] [INFO] com.aws.greengrass.testing.modules.AWSResourcesCleanupModule - Cleaned up com.aws.greengrass.testing.resources.s3.S3Lifecycle$$EnhancerByGuice$$11137706@7e3ca22c
4
answers
0
votes
63
views
asked 2 months ago

Greengrass Lambda with Compressed Binary Payload

I'm trying to configure a Greengrass Lambda to accept a binary encoding with the goal of sending a compressed JSON payload. My Lambda configuration looks something like: ``` "componentLambdaParameters": { "inputPayloadEncodingType": "binary", "eventSources": [ { "topic": "my/topic", "type": "IOT_CORE" } ], "linuxProcessParams": { "isolationMode": "NoContainer" }, "pinned": false } ``` I'm using Python/Boto3 to send the messages, and the topic publish looks something like: ``` client = boto3.client("iot-data") payload = gzip.compress(json.dumps({"large": "message"}).encode()) client.publish(topic="my/topic", qos=1, retain=True, payload=payload) ``` I get the following error from the Greengrass Lambda: ``` lambda_runtime.py:183,Cannot parse given invoke payload as JSON: b'my contents' ``` I can send the same message without compressing it (e.g. `payload = json.dumps({"large": "message"}).encode()`), and the Lambda succeeds. That suggests to me that `"inputPayloadEncodingType": "binary"` setting only works if the payload is encoded JSON, but that seems to defeat the purpose of using the binary payload option to send something other than JSON. I'm using the Python 3.8 Lambda runtime with following component versions: ``` "aws.greengrass.LambdaLauncher": { "componentVersion": "2.0.10" }, "aws.greengrass.LambdaManager": { "componentVersion": "2.2.2" }, "aws.greengrass.LambdaRuntimes": { "componentVersion": "2.0.8" }, "aws.greengrass.Nucleus": { "componentVersion": "2.5.5", }, ``` Is there something I might be doing wrong here or any other guidance on accepting a compressed payload? Thanks!
1
answers
0
votes
15
views
asked 2 months ago

GG logs are pushed intermittently to cloudwatch

Hello, We are using GreenGrass v2 and would like to have logs pushed as frequently as possible. We understand the limitation for certain components (eg telemetry) but our application logs should be sent as near real time as we can. Currently, regardless of the configurations set our logs are only sent intermittently to CloudWatch. Logs are seen every few hours or even few days. Could anyone please help us understand whats happening? We are using the following configuration: ``` 'aws.greengrass.Nucleus': { componentVersion: '2.4.0', configurationUpdate: { merge: `{ "logging" : { "level" : "DEBUG", "format" : "JSON" } }`, }, }, 'aws.greengrass.LogManager': { componentVersion: '2.2.1', configurationUpdate: { merge: `{ "logsUploaderConfiguration": { "systemLogsConfiguration": { "uploadToCloudWatch": "true", "minimumLogLevel": "DEBUG", "diskSpaceLimit": "2", "diskSpaceLimitUnit": "KB", "deleteLogFileAfterCloudUpload": "true" }, "componentLogsConfigurationMap": { "com.component1": { "minimumLogLevel": "DEBUG", "diskSpaceLimit": "2", "logFileDirectoryPath": "/greengrass/v2/logs/", "logFileRegex": "com.component1\\\\w*.log", "diskSpaceLimitUnit": "KB", "deleteLogFileAfterCloudUpload": "true" }, "com.component2": { "minimumLogLevel": "DEBUG", "diskSpaceLimit": "2", "logFileDirectoryPath": "/greengrass/v2/logs/", "logFileRegex": "com.component2\\\\w*.log", "diskSpaceLimitUnit": "KB", "deleteLogFileAfterCloudUpload": "true" }, "aws.greengrass.SageMakerEdgeManager": { "minimumLogLevel": "DEBUG", "logFileDirectoryPath": "/greengrass/v2/logs/", "logFileRegex": "aws.greengrass.SageMakerEdgeManager\\\\w*.log", "diskSpaceLimit": "2", "diskSpaceLimitUnit": "KB", "deleteLogFileAfterCloudUpload": "true" }, "aws.greengrass.SecureTunneling": { "minimumLogLevel": "DEBUG", "logFileDirectoryPath": "/greengrass/v2/logs/", "logFileRegex": "aws.greengrass.SecureTunneling\\\\w*.log", "diskSpaceLimit": "2", "diskSpaceLimitUnit": "KB", "deleteLogFileAfterCloudUpload": "true" } } }, "periodicUploadIntervalSec": "10" }`, }, }, ```
3
answers
0
votes
13
views
asked 2 months ago

com.aws.greengrass.lambdamanager.StatusTimeoutException mysterious lambda error

I am trying to use lambdas on greengrass v2. I created and packaged the hello world lambda from the greengrass tutorial and deployed it to the core but it continues to error out. It doesnt seem to run to completion, or the lambda isnt getting called correctly and the core reports it as timed out. This is the stacktrace. How do I get this lambda to work in greeengrass v2? com.aws.greengrass.lambdamanager.StatusTimeoutException: Lambda status not received within timeout at com.aws.greengrass.lambdamanager.Lambda.lambda$createInstanceKeepAliveTask$5(Lambda.java:282) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539) at java.base/java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305) at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.base/java.lang.Thread.run(Thread.java:833) aws.greengrass.LambdaManager 2.2.2 using Python Python 3.7 With the following hello world lambda ``` import json import awsiot.greengrasscoreipc import awsiot.greengrasscoreipc.client as client from awsiot.greengrasscoreipc.model import ( QOS, PublishToIoTCoreRequest ) TIMEOUT = 10 ipc_client = awsiot.greengrasscoreipc.connect() def greengrass_hello_world_run(): topic = "my/topic" message = "Hello, World" qos = QOS.AT_LEAST_ONCE request = PublishToIoTCoreRequest() request.topic_name = topic request.payload = bytes(message, "utf-8") request.qos = qos operation = ipc_client.new_publish_to_iot_core() operation.activate(request) future = operation.get_response() future.result(TIMEOUT) Timer(5, greengrass_hello_world_run).start() greengrass_hello_world_run() def lambda_handler(event, context): return ```
1
answers
0
votes
34
views
asked 3 months ago

Deploying greengrass v2 public components using CDK (e.g. ShadowManager)?

Hi, I am working on a greengrass V2 project that uses CDK to automate the deployment. Everything is working up to now. However, I would like to use the public shadow manager greengrass v2 component in the deployment. From the console, I can manually add the aws.greengrass.ShadowManager to the deployment. However, I would like to add this component programmatically using CDK. I copied the component recipe for the shadow manager and it shows that the URI is for example. I used this Uri in my CDK typescript template. ``` "Uri": "greengrass:n6*7r*yO*c9*QK*kN*77**G-G*H*bb*08*V*X50_k=/aws.greengrass.ShadowManager.jar" ``` but when I generate and deploy it using CDK I get an error: ``` Invalid Input: Encountered following errors in Artifacts: {greengrass:greengrass:n6*7r*yO*c9*QK*kN*77**G-G*H*bb*08*V*X50_k=/aws.greengrass.ShadowManager.jar = URI format does not meet the S3 URI requirements} ``` Do I need to copy the ShadowManager.jar to my S3 bucket and if so where can I download the ShadowManager.jar file from? I cant seem find any information on how I can deploy a public component such as the aws.greengrass.ShadowManager using CDK. I have been following this guide but this doesnt show how to deploy public components using CDK: https://github.com/aws-samples/aws-iot-greengrass-v2-using-aws-cdk Is there a good guide on deploying greengrass v2 public components using CDK? Could anyone be able to provide some guidance? Many thanks Oide
5
answers
0
votes
54
views
asked 3 months ago

Connecting from awsiotsdk to Greengrass Core over LocalMQTT TLS problems

I try and connect from a client device over localMQTT to the broker on the greengrass core. However, when I connect, I get this error on the awsiotsdk side. I ran an almost identical script to this a couple months ago and I don't think it had the same problems. ``` Traceback (most recent call last): File "client_v2.py", line 76, in <module> connect_future.result() File "/Users/username/.pyenv/versions/3.8.11/lib/python3.8/concurrent/futures/_base.py", line 444, in result return self.__get_result() File "/Users/username/.pyenv/versions/3.8.11/lib/python3.8/concurrent/futures/_base.py", line 389, in __get_result raise self._exception awscrt.exceptions.AwsCrtError: AWS_IO_TLS_ERROR_NEGOTIATION_FAILURE: TLS (SSL) negotiation failed ``` On the Core side, I have just the Moquette broker and the bridge and a component that subscribes to the messages coming off of LocalMqtt and through the bridge. This is the message in greengrass.log ``` 2022-04-05T07:00:56.397Z [ERROR] (nioEventLoopGroup-7-10) io.moquette.broker.NewNettyMQTTHandler: Unexpected exception while processing MQTT message. Closing Netty channel. CId=null. {} io.netty.handler.codec.DecoderException: javax.net.ssl.SSLProtocolException: Received close_notify during handshake at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:478) at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) at io.netty.handler.timeout.IdleStateHandler.channelRead(IdleStateHandler.java:286) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) at io.moquette.broker.metrics.BytesMetricsHandler.channelRead(BytesMetricsHandler.java:51) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166) at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:719) at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:655) at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:581) at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493) at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989) at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: javax.net.ssl.SSLProtocolException: Received close_notify during handshake at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:129) at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:339) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:295) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:286) at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:250) at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:185) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172) at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681) at java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636) at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454) at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:433) at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:637) at io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:282) at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1387) at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282) at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329) at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508) at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447) ... 25 more 2022-04-05T07:00:56.399Z [INFO] (nioEventLoopGroup-7-10) io.moquette.broker.metrics.MQTTMessageLogger: Channel Inactive. {} ``` I'm using the mqtt_connection_builder.mtls_from_path function to create my connection setup between the client and the core, but obviously during the connect function itself it breaks because of the TLS handshake.
1
answers
0
votes
21
views
asked 3 months ago

Greengrass v2 fleet provisioning retry in case of lack of the Internet connection.

Hi. I have created a Greengrass fleet deployment workflow for my devices which works great - cloud resources are provisioned, claim certs are used to obtain device individual certs, and device gets connected. However in production environment the scenario will be different: 1. An IoT device is installed by an engineer in a newly built home, with no occupiers and no internet connection. 2. The Greengrass is ready to claim device certs and connect as soon as the device is powered up. 3. The device then is powered up by the installing engineer, meaning the Greengrass fleet provisioning plugin will try to do its job, but there is no internet connection, so it will fail. 4. The engineer will leave the device on, and it will be permanently on since now on. 5. The occupiers will move in some time later and install their broadband router, the Internet is now available. At this point, from my tests, I noticed the Greengrass/provisioning plugin won't detect Internet connection and won't try to register the device/obtain certs - meaning there is no retry functionality implemented. I understand that the device can be rebooted or Greengrass service restarted to initialize new registration attempt, however - if possible I'd like to avoid occupiers fiddling with the device, and prefer the device to the retry automatically. I also understand that I can write a software that will be automatically cyclically restarting the Greengrass service if the previous registration attempt failed (probably by checking if the thingCert.crt is present) but before I'll spend my time on coding, **the question is**: Is it possible to configure Greengrass to retry delayed provisioning using claim certificates if previous attempt has failed? Appreciate any help.
1
answers
0
votes
24
views
asked 3 months ago

greengrasssdk.stream_manager.exceptions.UnknownFailureException: Broken bit parity

Hi there I have some problem with stream manager in ggv1, I can fix this after I reboot the device. However I dont think this is a good solution. Do you have any suggestion where I can look into ``` [2022-04-01T09:19:31.876+11:00][INFO]-imageCamera.py:108,>>> Get frame atm hour:9 - sleep_time:11 s [2022-04-01T09:19:31.876+11:00][INFO]-imageCamera.py:112,>>> Frame size from rtsp: (720, 1280, 3) [2022-04-01T09:19:31.889+11:00][INFO]-imageCamera.py:119,>>> Resized farme: (720, 1280, 3) [2022-04-01T09:19:32.002+11:00][INFO]-imageCamera.py:144, >>>>> realite-data-image Sleep time: 60 - payload size: 189004 [2022-04-01T09:19:32.002+11:00][INFO]-Response: 1065 [2022-04-01T09:19:39.336+11:00][INFO]-lambda_runtime.py:366,Caught signal 15. Stopping runtime. [2022-04-01T09:20:22.061+11:00][INFO]-imageCamera.py:173,>> Getting hub config ... [2022-04-01T09:20:22.064+11:00][INFO]-ipc_client.py:167,Posting work for function [:function:secret_loader] to http://localhost:8000/2016-11-01/functions/arn:aws:lambfunction:secret_loader [2022-04-01T09:20:22.078+11:00][INFO]-ipc_client.py:177,Work posted with invocation id [14ce6b2c-add7-4dc0-452d-be84d2700e4e] [2022-04-01T09:20:22.078+11:00][INFO]-ipc_client.py:290,Getting work result for invocation id [14ce6b2c-add7-4dc0-452d-be84d2700e4e] from http://localhost:8000/2016-11-01/functions/arn:aws:lambda:ap:function:secret_loader [2022-04-01T09:20:26.32+11:00][INFO]-ipc_client.py:298,Got result for invocation id [14ce6b2c-add7-4dc0-452d-be84d2700e4e] [2022-04-01T09:20:26.321+11:00][INFO]-imageCamera.py:175,>> Done ... [2022-04-01T09:20:26.321+11:00][INFO]-imageCamera.py:180,Setup tranfer stream [2022-04-01T09:20:26.628+11:00][INFO]-imageCamera.py:151, >>> Stream list: ['kstream1'] [2022-04-01T09:20:27.291+11:00][ERROR]-imageCamera.py:209, >>>>> Exception while running: Broken bit parity [2022-04-01T09:20:27.291+11:00][ERROR]-Traceback (most recent call last): [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/.imageCamera.14/imageCamera.py", line 182, in main [2022-04-01T09:20:27.291+11:00][ERROR]- stream_client=setup_data_stream(stream_name,kinesis_stream_name) [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/.function.imageCamera.14/imageCamera.py", line 154, in setup_data_stream [2022-04-01T09:20:27.291+11:00][ERROR]- client.delete_message_stream(stream_name=stream_name) [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/arn.aws.lambda.ap-southeast-Camera.14/greengrasssdk/stream_manager/streammanagerclient.py", line 448, in delete_message_stream [2022-04-01T09:20:27.291+11:00][ERROR]- return Util.sync(self._delete_message_stream(stream_name), loop=self.__loop) [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/.function.imageCamera.14/greengrasssdk/stream_manager/util.py", line 28, in sync [2022-04-01T09:20:27.291+11:00][ERROR]- return asyncio.run_coroutine_threadsafe(coro, loop=loop).result() [2022-04-01T09:20:27.291+11:00][ERROR]- File "/usr/lib/python3.7/concurrent/futures/_base.py", line 432, in result [2022-04-01T09:20:27.291+11:00][ERROR]- return self.__get_result() [2022-04-01T09:20:27.291+11:00][ERROR]- File "/usr/lib/python3.7/concurrent/futures/_base.py", line 384, in __get_result [2022-04-01T09:20:27.291+11:00][ERROR]- raise self._exception [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/arn.aws.lambda.ap-southeast-2era.14/greengrasssdk/stream_manager/streammanagerclient.py", line 352, in _delete_message_stream [2022-04-01T09:20:27.291+11:00][ERROR]- Util.raise_on_error_response(delete_stream_response) [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/ar.imageCamera.14/greengrasssdk/stream_manager/util.py", line 148, in raise_on_error_response [2022-04-01T09:20:27.291+11:00][ERROR]- raise UnknownFailureException(response.error_message, response.status, response.request_id) [2022-04-01T09:20:27.291+11:00][INFO]-imageCamera.py:210,>>> restart module after 10s ```
0
answers
0
votes
8
views
asked 3 months ago

Invalid Input: Encountered following errors in Artifacts: {s3://greengrass-tutorial/com.example.HelloWorld/1.1.0/helloWorld.zip = Specified artifact resource cannot be accessed}

I'm following these Youtube tutorials: 1. https://www.youtube.com/watch?v=hAZ-nlAaSvw&ab_channel=Michael 2. https://www.youtube.com/watch?v=hAZ-nlAaSvw&ab_channel=Michael I was able to successfully deploy a component that printed "hello world!" based on the first YouTube tutorial. I had no problems reading from the s3 bucket. I'm now deploying a new component version in the second tutorial. I have the following recipe: ``` --- RecipeFormatVersion: '2020-01-25' ComponentName: com.example.HelloWorld ComponentVersion: '1.1.0' ComponentDescription: My first AWS IoT Greengrass component. ComponentPublisher: Me ComponentConfiguration: DefaultConfiguration: {} Manifests: - Platform: os: linux Lifecycle: Run: PYTHONPATH="{artifacts:decompressedPath)/helloWorld/dependencies" python3 -u {artifacts:decompressedPath}/helloWorld/hello_world.py Artifacts: - URI: s3://greengrass-tutorial/com.example.HelloWorld/1.1.0/helloWorld.zip Unarchive: ZIP ``` I have uploaded my helloWorld.zip to the greengrass-tutorial s3 bucket using the aws cli: ``` aws s3 cp ./helloWorld.zip s3://greengrass-tutorial/com.example.HelloWorld/1.1.0/helloWorld.zip ``` the helloWorld.zip contains hello_world.py and a dependencies folder. When I click "Create version" I get the following error message: Invalid Input: Encountered following errors in Artifacts: {s3://greengrass-tutorial/com.example.HelloWorld/1.1.0/helloWorld.zip = Specified artifact resource cannot be accessed} Would anyone be able to help me?
1
answers
0
votes
15
views
asked 3 months ago

com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. merge-config-service BROKEN

Hi there I tried to deploy a component to a new provisioned device, however i encounter this error com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. merge-config-service BROKEN here is part of the logs ``` 2022-03-20T23:26:34.797Z [INFO] (pool-2-thread-6) com.aws.greengrass.componentmanager.ComponentManager: Found running component which meets the requirement and use it.. {ComponentIdentifier=rtt.ancillary-v1.0.1} 2022-03-20T23:26:34.798Z [INFO] (pool-2-thread-6) com.aws.greengrass.componentmanager.ComponentManager: Found the best local candidate that satisfies the requirement.. {LocalCandidateId=rtt.ancillary-v1.0.1} 2022-03-20T23:26:35.377Z [INFO] (pool-2-thread-6) com.aws.greengrass.componentmanager.ComponentManager: resolve-component-version-end. Resolved component version.. {ResolvedComponent=rtt.ancillary-v1.0.1} 2022-03-20T23:26:35.409Z [INFO] (pool-2-thread-6) com.aws.greengrass.componentmanager.DependencyResolver: resolve-group-dependencies-finish. Finish resolving group dependencies. {resolvedComponents={rtt.ancillary=ComponentMetadata(componentIdentifier=rtt.ancillary-v1.0.1, dependencies={})}, componentToVersionRequirements={rtt.ancillary={thing/test123==1.0.1}}} 2022-03-20T23:26:35.439Z [INFO] (pool-2-thread-6) com.aws.greengrass.componentmanager.ComponentManager: prepare-package-start. {packageIdentifier=rtt.ancillary-v1.0.1} 2022-03-20T23:26:35.502Z [INFO] (pool-2-thread-5) com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService: register-service-update-action. {action=0-071b-439e-9e57-303d24e2748f, serviceName=UpdateSystemPolicyService, currentState=RUNNING} 2022-03-20T23:26:35.508Z [INFO] (pool-2-thread-6) com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService: service-update-start. {serviceName=UpdateSystemPolicyService, currentState=RUNNING} 2022-03-20T23:26:35.513Z [INFO] (pool-2-thread-6) com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. Applying deployment changes, deployment cannot be cancelled now. {deployment=07e027a5-071b-439e-9e57-303d24e2748f} 2022-03-20T23:26:35.514Z [INFO] (pool-2-thread-6) com.aws.greengrass.deployment.DeploymentDirectoryManager: Persist configuration snapshot. {file=/greengrass/v2/deployments/07e027a5-071b-439e-9e57-303d24e2748f/rollback_snapshot.tlog} 2022-03-20T23:26:35.574Z [INFO] (main-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=main, currentState=FINISHED, newState=INSTALLED} 2022-03-20T23:26:35.587Z [INFO] (Serialized listener processor) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-config-change. Requesting restart for component. {configNode=services.main.lifecycle, serviceName=main, currentState=INSTALLED} 2022-03-20T23:26:35.804Z [ERROR] (pool-2-thread-14) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-errored. {reason=Script errored in install, serviceName=rtt.ancillary, currentState=NEW} 2022-03-20T23:26:35.806Z [INFO] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=rtt.ancillary, currentState=NEW, newState=ERRORED} 2022-03-20T23:26:35.807Z [INFO] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=rtt.ancillary, currentState=ERRORED, newState=NEW} 2022-03-20T23:26:35.905Z [ERROR] (pool-2-thread-14) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-errored. {reason=Script errored in install, serviceName=rtt.ancillary, currentState=NEW} 2022-03-20T23:26:35.905Z [INFO] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=rtt.ancillary, currentState=NEW, newState=ERRORED} 2022-03-20T23:26:35.906Z [INFO] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=rtt.ancillary, currentState=ERRORED, newState=NEW} 2022-03-20T23:26:35.996Z [ERROR] (pool-2-thread-14) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-errored. {reason=Script errored in install, serviceName=rtt.ancillary, currentState=NEW} 2022-03-20T23:26:35.997Z [INFO] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=rtt.ancillary, currentState=NEW, newState=BROKEN} 2022-03-20T23:26:35.997Z [ERROR] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-broken. service is broken. Deployment is needed. {serviceName=rtt.ancillary, currentState=BROKEN} 2022-03-20T23:26:36.701Z [WARN] (pool-2-thread-6) com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. merge-config-service BROKEN. {serviceName=rtt.ancillary} 2022-03-20T23:26:36.702Z [ERROR] (pool-2-thread-6) com.aws.greengrass.deployment.activator.DeploymentActivator: merge-config. Deployment failed. {deploymentId=07e027a5-439e-9e57-303d24e} com.aws.greengrass.deployment.exceptions.ServiceUpdateException: Service rtt.ancillary in broken state after deployment at com.aws.greengrass.deployment.DeploymentConfigMerger.waitForServicesToStart(DeploymentConfigMerger.java:194) at com.aws.greengrass.deployment.activator.DefaultActivator.activate(DefaultActivator.java:84) at com.aws.greengrass.deployment.DeploymentConfigMerger.updateActionForDeployment(DeploymentConfigMerger.java:150) at com.aws.greengrass.deployment.DeploymentConfigMerger.lambda$mergeInNewConfig$0(DeploymentConfigMerger.java:102) at com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService.runUpdateActions(UpdateSystemPolicyService.java:95) at com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService.lambda$startup$0(UpdateSystemPolicyService.java:165) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:834) 2022-03-20T23:26:36.708Z [INFO] (pool-2-thread-6) com.aws.greengrass.deployment.activator.DeploymentActivator: merge-config. Rolling back failed deployment. {deploymentId=07e027a5-071b-9e57-303d} 2022-03-20T23:26:36.769Z [INFO] (pool-2-thread-6) com.aws.greengrass.config.ConfigurationWriter: truncate-tlog. queued immediate truncation. {} 2022-03-20T23:26:36.882Z [INFO] (Serialized listener processor) com.aws.greengrass.config.ConfigurationWriter: truncate-tlog. completed successfully. {} 2022-03-20T23:26:36.889Z [INFO] (pool-2-thread-6) com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. Removing services. {service-to-remove=[rtt.ancillary]} 2022-03-20T23:26:36.889Z [INFO] (pool-2-thread-14) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-close. Service is now closing. {serviceName=rtt.ancillary, currentState=BROKEN} ``` here is my deployment config ``` { "targetArn": "arn:aws:iot::thing/test123", "revisionId": "2", "deploymentId": "07e027a5-9e57-303d2", "deploymentName": "update firmware", "deploymentStatus": "ACTIVE", "components": { "rtt.ancillary": { "componentVersion": "1.0.1", "configurationUpdate": { "merge": "{\"thing_name\":\"test_name\"}" } } }, "deploymentPolicies": { "failureHandlingPolicy": "ROLLBACK", "componentUpdatePolicy": { "timeoutInSeconds": 30, "action": "NOTIFY_COMPONENTS" }, "configurationValidationPolicy": { "timeoutInSeconds": 60 } }, "iotJobConfiguration": { "jobExecutionsRolloutConfig": { "exponentialRate": { "baseRatePerMinute": 5, "incrementFactor": 2.0, "rateIncreaseCriteria": { "numberOfNotifiedThings": 10, "numberOfSucceededThings": 5 } }, "maximumPerMinute": 50 }, "timeoutConfig": { "inProgressTimeoutInMinutes": 15 } }, "creationTimestamp": 1647818095.423, "isLatestForTarget": true, "tags": { "PRODUCT": "GGv2 Deployment" } } ```
4
answers
0
votes
51
views
asked 3 months ago
  • 1
  • 90 / page