question

smharishbabu avatar image
0 Votes"
smharishbabu asked viktor-peller answered

MQTT Connectivity Setup - IoT Edge

Hi,

I am using the below deployment file for the IoT edge deployment. Replaced with the actual iot hub <iothub> before deployment. Deployment is successful. But in the Azure portal, when I see the modules, it is showing error "Unable to retrieve IoT Edge informationIoT Edge configuration uses an unsupported schema and cannot be displayed."

Please guide anything missing here.

{
"$schema-template": "2.0.0",
"modulesContent": {
"$edgeAgent": {
"properties.desired": {
"schemaVersion": "1.0",
"runtime": {
"type": "docker",
"settings": {
"minDockerVersion": "v1.25",
"loggingOptions": "",
"registryCredentials": {}
}
},
"systemModules": {
"edgeAgent": {
"type": "docker",
"settings": {
"image": "mcr.microsoft.com/azureiotedge-agent:1.2",
"createOptions": ""
}
},
"edgeHub": {
"type": "docker",
"status": "running",
"env": {
"experimentalFeatures_enabled": {
"value": "true"
},
"experimentalFeatures
_mqttBrokerEnabled": {
"value": "true"
}
},
"restartPolicy": "always",
"settings": {
"image": "mcr.microsoft.com/azureiotedge-hub:1.2",
"createOptions": "{\"HostConfig\":{\"PortBindings\":{\"443/tcp\":[{\"HostPort\":\"443\"}],\"5671/tcp\":[{\"HostPort\":\"5671\"}],\"8883/tcp\":[{\"HostPort\":\"8883\"}]}}}"
}
}
},
"modules": {}
}
},
"$edgeHub":{
"properties.desired":{
"schemaVersion":"1.2",
"routes":{
"Route1":"FROM /messages/* INTO $upstream"
},
"storeAndForwardConfiguration":{
"timeToLiveSecs":7200
},
"mqttBroker":{
"authorizations":[
{
"identities": [
"{ {iot:identity}}"
],
"allow":[
{
"operations":[
"mqtt:connect"
]
}
]
},
{
"identities": [
"<iothub>.azure-devices.net/sub_client"
],
"allow":[
{
"operations":[
"mqtt:subscribe"
],
"resources":[
"test_topic"
]
}
]
},
{
"identities": [
"<iothub>.azure-devices.net/pub_client"
],
"allow":[
{
"operations":[
"mqtt:publish"
],
"resources":[
"test_topic"
]
}
]
}
]
}
}
}
}
}

azure-iot-edge
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@smharishbabu Could you please share the documentation you are following? You will get the error "IoT Edge configuration uses an unsupported schema and cannot be displayed" when The schema version in the deployment configuration is invalid.
I see that you have mentioned different $schemaVersion versions. Can you change/modify them accordingly?

0 Votes 0 ·

@smharishbabu Did you get a chance to see my suggestions below? Please let us know if you are still blocked and need further help.

0 Votes 0 ·
NewtonAJ-2321 avatar image
0 Votes"
NewtonAJ-2321 answered

I also encountered this issue (following documentation at https://docs.microsoft.com/en-us/azure/iot-edge/how-to-publish-subscribe?view=iotedge-2020-11)
It is because the
$edgeHub.properties.desired.schemaVersion can only be 1.0 or 1.1

In order to view it in IoTHub you need to set it to one of those values. e.g.:

{
...
    "$edgeHub": {
      "properties.desired": {
        "schemaVersion": "1.1",
}


HOWEVER, if you do this the local authentication will no longer work (tested using mosuitto_pub and mosquitto-sub)

With a sudo iotedge logs -f edgeHub you can see that it authenticates but does not authorize.

<6> 2021-07-07 21:15:30.824 +00:00 [INF] [server{listener=0.0.0.0:1883}:connection{client_id=pub_client remote_addr=172.2.0.1:45110 connec
tion=e4867dfb-392e-4a3c-888b-64363d776003}: mqtt_edgehub::auth::authentication::edgehub] - authenticate client                             
<6> 2021-07-07 21:15:30.970 +00:00 [INF] - Client pub_client in device scope authenticated locally.                                        
<6> 2021-07-07 21:15:30.974 +00:00 [INF] - AUTH succeeded "my-iothub-here.azure-devices.net/pub_client"                                    
<4> 2021-07-07 21:15:30.998 +00:00 [WRN] [broker{client_id=pub_client event="client"}: mqtt_broker::broker] - not authorized: client: pub_c
lient operation: CONNECT; reason: denied by policy                                                                                         
<6> 2021-07-07 21:15:31.000 +00:00 [INF] [server{listen


So, this appears to be a bug in their implementation. My working manifest is below. You can't see it in IoThub due to the Unable to retrieve IoT Edge informationIoT Edge configuration uses an unsupported schema and cannot be displayed. error. But I was able to get publishing and subscribing locally working on the device. There are probably some superfluous identities, but none of them work with a lower schema version (`1.2` is required)

json
{
  "$schema-template": "2.0.0",
  "modulesContent": {
    "$edgeAgent": {
      "properties.desired": {
        "schemaVersion": "1.1",
        "runtime": {
          "type": "docker",
          "settings": {
            "minDockerVersion": "v1.25",
            "loggingOptions": "",
            "registryCredentials": {}
          }
        },
        "systemModules": {
          "edgeAgent": {
            "type": "docker",
            "settings": {
              "image": "mcr.microsoft.com/azureiotedge-agent:1.2",
              "createOptions": "{}"
            }
          },
          "edgeHub": {
            "type": "docker",
            "status": "running",
            "restartPolicy": "always",
            "settings": {
              "image": "mcr.microsoft.com/azureiotedge-hub:1.2",
              "createOptions": "{\"HostConfig\":{\"PortBindings\":{\"5671/tcp\":[{\"HostPort\":\"5671\"}],\"8883/tcp\":[{\"HostPort\":\"8883\"}],\"443/tcp\":[{\"HostPort\":\"443\"}],\"1883/tcp\":[{\"HostPort\":\"1883\"}]}}}"
            },
            "env": {
              "experimentalFeatures__enabled": {
                "value": "true"
              },
              "experimentalFeatures__mqttBrokerEnabled": {
                "value": "true"
              }
            }
          }
        },
        "modules": {}
      }
    },
    "$edgeHub": {
      "properties.desired": {
        "schemaVersion": "1.2",
        "routes": {
          "Upstream": "FROM /messages/* INTO $upstream"
        },
        "storeAndForwardConfiguration": {
          "timeToLiveSecs": 7200
        },
        "mqttBroker": {
          "authorizations": [
            {
              "identities": [
                "{
  
                 {iot:identity}}",
                "my-iothub.azure-devices.net/sub_client",
                "my-iothub.azure-devices.net/pub_client",
                "sub_client",
                "pub_client"
              ],
              "allow": [
                {
                  "operations": ["mqtt:connect"]
                }
              ]
            },
            {
              "identities": ["my-iothub.azure-devices.net/sub_client", "sub_client"],
              "allow": [
                {
                  "operations": ["mqtt:subscribe"],
                  "resources": ["test_topic"]
                }
              ]
            },
            {
              "identities": ["my-iothub.azure-devices.net/pub_client", "pub_client"],
              "allow": [
                {
                  "operations": ["mqtt:publish"],
                  "resources": ["test_topic"]
                }
              ]
            }
          ]
        }
      }
    }
  }
}

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

viktor-peller avatar image
0 Votes"
viktor-peller answered

The problem you experience with schema 1.2 is the following:
- Edge 1.2 has an Mqtt broker in it. It needs policy information in order to work (otherwise it will not authorize any operation through the mqtt broker)
- The broker itself is for experimental feature and does not have full support. One of the consequence of this that the updated schema (which is needed to be able to describe the policy information) is not supported through azure portal.
- Now the two options with 1.2 are: a) not using the built in mqtt broker. In this case no need for policy information and the previous schemas can be used for deployment, which are supported by azure portal. b) use the mqtt broker which requires schema 1.2, but in this case azure portal will not be able to help maintaining it.

Sorry for the inconvenience.



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.