Restarting GreenGrass V2 docker does not listen on port 8883

0

I am running the v2 aws-iot-greengrass:latest docker with automatic provisioning, and it works fine the first time I run it.
However, if I stop the docker (ctrl-c) and try to restart it, there are no error messages but it does not appear to be listening on port 8883 so no MQTT communication with devices can occur. So of course it is unusable at this point. The only way for me to get running again is to create a completely new core device (basically start from scratch and provision all new resources).

What would cause the greengrass docker process to NOT listen on the MQTT port?

I am using this command to start:
docker run --rm --init -it --name aws-iot-greengrass \
-v /home/cds/greengrass-v2-credentials:/root/.aws/:ro \
--env-file .env \
-p 8883 \
amazon/aws-iot-greengrass:latest

This is the .env
GGC_ROOT_PATH=/greengrass/v2
AWS_REGION=us-west-2
PROVISION=true
THING_NAME=Docker2GreengrassCore
THING_GROUP_NAME=Docker2GreengrassCoreGroup
TES_ROLE_NAME=Docker2GreengrassV2TokenExchangeRole
TES_ROLE_ALIAS_NAME=Docker2GreengrassCoreTokenExchangeRoleAlias
COMPONENT_DEFAULT_USER=ggc_user:ggc_group
DEPLOY_DEV_TOOLS=true

The startup messages look normal (no indication of an error):
Installing Greengrass for the first time...
Running Greengrass with the following options: -Droot=/greengrass/v2 -Dlog.store=FILE -Dlog.level= -jar /opt/greengrassv2/lib/Greengrass.jar --provision true --deploy-dev-tools true --aws-region us-west-2 --start false --thing-name Docker2GreengrassCore --thing-group-name Docker2GreengrassCoreGroup --tes-role-name Docker2GreengrassV2TokenExchangeRole --tes-role-alias-name Docker2GreengrassCoreTokenExchangeRoleAlias --component-default-user ggc_user:ggc_group
SLF4J: Failed to load class "org.slf4j.impl.StaticMDCBinder".
SLF4J: Defaulting to no-operation MDCAdapter implementation.
SLF4J: See http://www.slf4j.org/codes.html#no_static_mdc_binder for further details.
Provisioning AWS IoT resources for the device with IoT Thing Name: [Docker2GreengrassCore]...
Found IoT policy "GreengrassV2IoTThingPolicy", reusing it
Creating keys and certificate...
Attaching policy to certificate...
Creating IoT Thing "Docker2GreengrassCore"...
Attaching certificate to IoT thing...
Successfully provisioned AWS IoT resources for the device with IoT Thing Name: [Docker2GreengrassCore]!
Adding IoT Thing [Docker2GreengrassCore] into Thing Group: [Docker2GreengrassCoreGroup]...
IoT Thing Group "Docker2GreengrassCoreGroup" already existed, reusing it
Successfully added Thing into Thing Group: [Docker2GreengrassCoreGroup]
Setting up resources for aws.greengrass.TokenExchangeService ...
Attaching TES role policy to IoT thing...
No managed IAM policy found, looking for user defined policy...
IAM policy named "Docker2GreengrassV2TokenExchangeRoleAccess" already exists. Please attach it to the IAM role if not already
Configuring Nucleus with provisioned resource details...
Downloading Root CA from "https://www.amazontrust.com/repository/AmazonRootCA1.pem"
Created device configuration
Successfully configured Nucleus with provisioned resource details!
Thing group exists, it could have existing deployment and devices, hence NOT creating deployment for Greengrass first party dev tools, please manually create a deployment if you wish to
Creating user ggc_user
ggc_user created
Creating group ggc_group
ggc_group created
Added ggc_user to ggc_group
Nucleus start set to false, exiting...
Making loader script executable...
Starting Greengrass...
_ set _m
++ dirname /greengrass/v2/alts/current/distro/bin/loader

  • PWD=/greengrass/v2/alts/current/distro/bin
  • sigterm_received=0
    ++ cd /greengrass/v2/alts/current/distro/bin/../../../..
    ++ pwd
  • GG_ROOT=/greengrass/v2
  • echo 'Greengrass root: /greengrass/v2'
    Greengrass root: /greengrass/v2
  • LAUNCH_DIR=/greengrass/v2/alts/current
  • CONFIG_FILE=
  • is_directory_link /greengrass/v2/alts/new
  • '[' -L /greengrass/v2/alts/new ']'
  • is_directory_link /greengrass/v2/alts/broken
  • '[' -L /greengrass/v2/alts/broken ']'
  • is_directory_link /greengrass/v2/alts/old
  • '[' -L /greengrass/v2/alts/old ']'
  • j=1
  • '[' 1 -le 3 ']'
  • '[' 0 -eq 0 ']'
  • launch_kernel
  • is_directory_link /greengrass/v2/alts/current
  • '[' -L /greengrass/v2/alts/current ']'
  • '[' -d /greengrass/v2/alts/current ']'
  • '[' -f /greengrass/v2/alts/current/launch.params ']'
    ++ cat /greengrass/v2/alts/current/launch.params
  • JVM_OPTIONS='-Dlog.level= -Dlog.store=FILE'
  • JVM_OPTIONS='-Dlog.level= -Dlog.store=FILE -Droot=/greengrass/v2'
  • OPTIONS='--setup-system-service false'
  • '[' '!' -z ']'
  • echo 'JVM options: -Dlog.level=' -Dlog.store=FILE -Droot=/greengrass/v2
    JVM options: -Dlog.level= -Dlog.store=FILE -Droot=/greengrass/v2
  • echo 'Nucleus options: --setup-system-service' false
    Nucleus options: --setup-system-service false
  • child_pid=
  • trap 'echo Received SIGTERM; sigterm_received=1; kill -TERM ${child_pid}; wait ${child_pid}; echo Killed child PID' TERM
  • java -Dlog.store=FILE -Dlog.level= -Dlog.store=FILE -Droot=/greengrass/v2 -jar /greengrass/v2/alts/current/distro/lib/Greengrass.jar --setup-system-service false
  • child_pid=89
  • wait 89
    SLF4J: Failed to load class "org.slf4j.impl.StaticMDCBinder".
    SLF4J: Defaulting to no-operation MDCAdapter implementation.
    SLF4J: See http://www.slf4j.org/codes.html#no_static_mdc_binder for further details.
    Launching Nucleus...
    AWS libcrypto resolve: searching process and loaded modules
    AWS libcrypto resolve: found static aws-lc HMAC symbols
    AWS libcrypto resolve: found static aws-lc libcrypto 1.1.1 EVP_MD symbols
    Launched Nucleus successfully.

I can use netstat to verify it is not listening:
bash-4.2# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 172.17.0.2:39576 35.160.131.204:8883 ESTABLISHED
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 17982578 /greengrass/v2/ipc.socket
unix 2 [ ] STREAM CONNECTED 17980220

It should look something like this:
bash-4.2# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:8883 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:34996 127.0.0.1:8883 ESTABLISHED
tcp 0 0 127.0.0.1:8883 127.0.0.1:34996 ESTABLISHED
tcp 0 0 172.17.0.2:59406 44.226.157.150:8883 ESTABLISHED

Edited by: cds on Oct 12, 2021 9:06 AM

cds
asked 2 years ago365 views
2 Answers
0

OK, so it appears to you have to re-deploy your components if you stop and restart the docker image. This must be done automatically the first time it runs and the initial deployment is created.

cds
answered 2 years ago
0

I guess you also can try docker run without rm flag.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions