By using AWS re:Post, you agree to the Terms of Use
/AWS IoT Greengrass/

Questions tagged with AWS IoT Greengrass

Sort by most recent
  • 1
  • 90 / page

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Manage Greengrass-V2 Components in central account

I'm currently trying to create a component in a tenant account using the artifact packaged in a central account S3 bucket. The tenant account and central account are in the same AWS Organization. I've tried the following settings to enable the tenant accounts to access the S3 bucket: 1. On the central account S3 bucket (I wasn't sure what Principal Service/User was trying to test this access, so I just "shotgunned" it): ``` { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "greengrass.amazonaws.com", "iot.amazonaws.com", "credentials.iot.amazonaws.com" ] }, "Action": [ "s3:GetObject", "s3:GetObjectVersion" ], "Resource": "arn:aws:s3:::MY-CENTRAL-ACCOUNT-BUCKET/*" }, { "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": [ "s3:GetObject", "s3:GetObjectVersion", "s3:GetObjectTorrent", "s3:GetObjectVersionAcl", "s3:GetObjectAcl" ], "Resource": "arn:aws:s3:::MY-CENTRAL-ACCOUNT-BUCKET/*", "Condition": { "StringEquals": { "aws:PrincipalOrgID": "o-abc123def456" } } }, ... ] } ``` 2. On the `GreengrassV2TokenExchangeRole` in the tenant account, I've added the `AmazonS3FullAccess` AWS Managed policy (just to see if I could eliminate this Role as the blocker) I've verified that, as a User in the tenant account, I have access to the object in S3 and can do `aws s3 cp` as a tenant User (so the bucket policy doesn't seem to be blocking things). Whenever I try creating the Component in the tenant account, I'm met with: ``` Invalid Input: Encountered following errors in Artifacts: {s3://MY-CENTRAL-ACCOUNT-BUCKET/com.example.my-component-name/1.0.0-dev.0/application.zip = Specified artifact resource cannot be accessed} ``` ... using either the AWS IoT Greengrass Console and the AWS CLI. What am I missing? Is there a different service-linked role, I should be allowing in the S3 Bucket Resource Policy? It just seems like an access-test during Component creation and not an actual attempt to access the resource. I'm fairly certain if I assumed the Greengrass-TES role, I'd be able to download the artifact too (although I haven't explicitly done that yet).
0
answers
0
votes
23
views
asked 3 days ago

Token Exchange Service (TES) failing to fetch credentials

**Gentlefolks, why is the the token exchange service (TES) failing to fetch credentials?** I have greengrass installed on Ubuntu 20.x.x running on a virtual machine. At the end of the numbered items is an error log (truncated) obtained from `/greengrass/v2/logs/greengrass.log`. Thank you What I've done or what I think you should know: 1. There exist `GreenGrassServiceRole` which contains `AWSGreengrassResourceAccessRolePolicy`, and every other policy containing the word "greengrass" in its name. It also has a trust relationship as below. This was created when I installed Greengrass, but I added additional policies. ``` { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "greengrass.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals": { "aws:SourceAccount": "<MY_ACCOUNT_NUMBER>" }, "ArnLike": { "aws:SourceArn": "<ARN_THAT_SHOWS_MY_REGION_AND_ACC_NUMBER>:*" } } }, { "Effect": "Allow", "Principal": { "Service": "credentials.iot.amazonaws.com" }, "Action": "sts:AssumeRole" } ] } ``` 2. `aws.greengrass.Nucleus` component is deployed with the following configuration update. The alias also exists. ``` { "reset": [], "merge": { "ComponentConfiguration": { "DefaultConfiguration": { "iotRoleAlias": "GreengrassV2TokenExchangeRoleAlias", "awsRegion": "us-east-1", "iotCredEndpoint": "https://sts.us-east-1.amazonaws.com", "iotDataEndpoint": "<ENDPOINT_OBTAINED_FROM_IOT_CORE_SETTINGS>" } } } } ``` 3. `aws.greengrass.TokenExchangeService` is deployed. 4. There's a custom component that uses the Greengrass SDK to publish to IoT Core. It has the following configuration update. ``` { "reset": [], "merge": { "ComponentDependencies": { "aws.greengrass.TokenExchangeService": { "VersionRequirement": "^2.0.0", "DependencyType": "HARD" } } } } ``` 5. There is an IoT policy from a previous exercise which attached to the core device (Ubuntu on virtual machine) certificate. It allows **all** actions. There's also another `GreengrassTESCertificatePolicyGreengrassV2TokenExchangeRoleAlias` which is associated with the thing's certificate. The policy allows `iot:AssumeRoleWithCertificate` **ERROR LOG BELOW** ``` 2022-05-21T21:07:39.592Z [ERROR] (pool-2-thread-28) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials, credentialData=Failed to get connection} 2022-05-21T21:08:38.071Z [WARN] (pool-2-thread-28) com.aws.greengrass.tes.CredentialRequestHandler: Encountered error while fetching credentials. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials} com.aws.greengrass.deployment.exceptions.AWSIotException: Unable to get response at com.aws.greengrass.iot.IotCloudHelper.getHttpResponse(IotCloudHelper.java:95) at com.aws.greengrass.iot.IotCloudHelper.lambda$sendHttpRequest$1(IotCloudHelper.java:80) at com.aws.greengrass.util.BaseRetryableAccessor.retry(BaseRetryableAccessor.java:32) at com.aws.greengrass.iot.IotCloudHelper.sendHttpRequest(IotCloudHelper.java:81) at com.aws.greengrass.tes.CredentialRequestHandler.getCredentialsBypassCache(CredentialRequestHandler.java:207) at com.aws.greengrass.tes.CredentialRequestHandler.getCredentials(CredentialRequestHandler.java:328) at com.aws.greengrass.tes.CredentialRequestHandler.getAwsCredentials(CredentialRequestHandler.java:337) at com.aws.greengrass.tes.LazyCredentialProvider.resolveCredentials(LazyCredentialProvider.java:24) at software.amazon.awssdk.awscore.internal.AwsExecutionContextBuilder.resolveCredentials(AwsExecutionContextBuilder.java:165) at software.amazon.awssdk.awscore.internal.AwsExecutionContextBuilder.invokeInterceptorsAndCreateExecutionContext(AwsExecutionContextBuilder.java:102) at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.invokeInterceptorsAndCreateExecutionContext(AwsSyncClientHandler.java:69) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.lambda$execute$1(BaseSyncClientHandler.java:78) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.measureApiCallSuccess(BaseSyncClientHandler.java:175) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:76) at software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:45) at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:56) at software.amazon.awssdk.services.s3.DefaultS3Client.getBucketLocation(DefaultS3Client.java:3382) at com.aws.greengrass.componentmanager.builtins.S3Downloader.lambda$getRegionClientForBucket$2(S3Downloader.java:134) at com.aws.greengrass.util.RetryUtils.runWithRetry(RetryUtils.java:50) at com.aws.greengrass.componentmanager.builtins.S3Downloader.getRegionClientForBucket(S3Downloader.java:133) at com.aws.greengrass.componentmanager.builtins.S3Downloader.getDownloadSize(S3Downloader.java:115) at com.aws.greengrass.componentmanager.ComponentManager.prepareArtifacts(ComponentManager.java:420) at com.aws.greengrass.componentmanager.ComponentManager.preparePackage(ComponentManager.java:377) at com.aws.greengrass.componentmanager.ComponentManager.lambda$preparePackages$1(ComponentManager.java:338) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: java.net.UnknownHostException: https at java.base/java.net.InetAddress$CachedAddresses.get(InetAddress.java:797) at java.base/java.net.InetAddress.getAllByName0(InetAddress.java:1509) at java.base/java.net.InetAddress.getAllByName(InetAddress.java:1368) at java.base/java.net.InetAddress.getAllByName(InetAddress.java:1302) at org.apache.http.impl.conn.SystemDefaultDnsResolver.resolve(SystemDefaultDnsResolver.java:45) at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:112) at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376) at jdk.internal.reflect.GeneratedMethodAccessor51.invoke(Unknown Source) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at software.amazon.awssdk.http.apache.internal.conn.ClientConnectionManagerFactory$Handler.invoke(ClientConnectionManagerFactory.java:80) at com.sun.proxy.$Proxy15.connect(Unknown Source) at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393) at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236) at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186) at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83) at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:56) at software.amazon.awssdk.http.apache.internal.impl.ApacheSdkHttpClient.execute(ApacheSdkHttpClient.java:72) at software.amazon.awssdk.http.apache.ApacheHttpClient.execute(ApacheHttpClient.java:253) at software.amazon.awssdk.http.apache.ApacheHttpClient.access$500(ApacheHttpClient.java:106) at software.amazon.awssdk.http.apache.ApacheHttpClient$1.call(ApacheHttpClient.java:232) at com.aws.greengrass.iot.IotCloudHelper.getHttpResponse(IotCloudHelper.java:88) ... 27 more 2022-05-21T21:08:38.073Z [ERROR] (pool-2-thread-28) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GreengrassV2TokenExchangeRoleAlias/credentials, credentialData=Failed to get connection} ```
1
answers
0
votes
26
views
asked 3 days ago

Greengrass V2: LegacySubscriptionRouter component target LambdaNotFoundException

I have a Greengrass Lambda component subscribed to the `aws.greengrass.SNS` output topic `sns/message/status` using the `aws.greengrass.LegacySubscriptionRouter` component with the following configuration: ``` { "subscriptions": { "GreengrassSnsOutput": { "id": "GreengrassSnsOutput", "source": "component:aws.greengrass.SNS", "subject": "sns/message/status", "target": f"component:MyComponentName", } } } ``` That works as expected, but if I update the Lambda corresponding to `MyComponentName`, I get the following error message in the main Greengrass log file: ``` com.aws.greengrass.lambdamanager.LambdaNotFoundException: Lambda arn:aws:lambda:region:account:function:my-function-name:# does not exist ``` The [developer guide](https://docs.aws.amazon.com/greengrass/v2/developerguide/legacy-subscription-router-component.html#legacy-subscription-router-component-configuration) suggests that v2.1.0... >Adds support to specify component names instead of ARNs for source and target. If you specify a component name for a subscription, you don't need to reconfigure the subscription each time the version of the Lambda function changes. I took that to mean nothing needs to happen with respect to the subscription after a new component version with the same name but a new Lambda ARN is deployed. Is that right or is there something else that needs to be done? I'm using the following component versions: ``` "aws.greengrass.LegacySubscriptionRouter": { "componentVersion": "2.1.4" }, "aws.greengrass.Nucleus": { "componentVersion": "2.5.5" }, "aws.greengrass.SNS": { "componentVersion": "2.1.0" }, ```
1
answers
0
votes
5
views
asked 13 days ago

[Greengrass][IDT] test component and MQTT failed with general info

At current, my Greengrass core device (v2.5.5), is on my rasp 3b+ running normally with manual deployment from local/cloud. However, the IDT (version 4.5.3 with suite=GGV2Q_2.3.1) execution passed for 3/6 test cases as below only: ========== Test Summary ========== * Execution Time: 1m51s * Tests Completed: 6 * Tests Passed: 3 * Tests Failed: 3 * Tests Skipped: 0 ---------------------------------- Test Groups: * pretestvalidation: PASSED * version: PASSED * coredependencies: PASSED * mqtt: FAILED * component: FAILED ---------------------------------- Failed Tests: * Group Name: mqtt Test Name: mqttpubsub; Reason: Failed at 'my device is running Greengrass * Group Name: component Test Name: cloudcomponent; Reason: Failed at 'my device is running Greengrass' Test Name: localcomponent; Reason: Failed at 'my device is running Greengrass' ---------------------------------- **Is there further detail/meaningful info from these error log/code?** **I have tried to look into the log folder but nothing else there.** **I have attached all failed logs as below:** # localcomponent: - time="22:48:06+07:00" level=info msg=22:48:06.237 [localdeployment] [INFO] com.aws.greengrass.testing.features.LoggerSteps - Attaching thread context to scenario: 'A component is deployed locally using CLI' - time="22:48:06+07:00" level=info msg=22:48:06.238 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 4: 'my device is registered as a Thing' - time="22:48:08+07:00" level=info msg=22:48:08.085 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotPolicy in IotLifecycle - time="22:48:09+07:00" level=info msg=22:48:09.615 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IamPolicy in IamLifecycle - time="22:48:10+07:00" level=info msg=22:48:10.194 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IamRole in IamLifecycle - time="22:48:10+07:00" level=info msg=22:48:10.639 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotRoleAlias in IotLifecycle - time="22:48:10+07:00" level=info msg=22:48:10.837 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotPolicy in IotLifecycle - time="22:48:11+07:00" level=info msg=22:48:11.040 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotThingGroup in IotLifecycle - time="22:48:12+07:00" level=info msg=22:48:12.066 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotCertificate in IotLifecycle - time="22:48:12+07:00" level=info msg=22:48:12.466 [localdeployment] [INFO] com.aws.greengrass.testing.resources.AbstractAWSResourceLifecycle - Created IotThing in IotLifecycle - time="22:48:14+07:00" level=info msg=22:48:14.966 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 5: 'my device is running Greengrass' - time="22:48:14+07:00" level=info msg=22:48:14.976 [localdeployment] [ERROR] greengrass/features/localdeployment.feature - Failed at step: 'my device is running Greengrass' - time="22:48:14+07:00" level=info msg=com.google.inject.ConfigurationException: Guice configuration errors: - time="22:48:14+07:00" level=info msg=1) [Guice/ErrorInUserCode]: Unable to method intercept: GreengrassSteps - time="22:48:14+07:00" level=info msg= while locating GreengrassSteps - time="22:48:14+07:00" level=info msg=22:48:14.990 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 9: 'I create a Greengrass deployment with components' - time="22:48:14+07:00" level=info msg=22:48:14.990 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 11: 'I deploy the Greengrass deployment configuration' - time="22:48:14+07:00" level=info msg=22:48:14.991 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 12: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' - time="22:48:14+07:00" level=info msg=22:48:14.991 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 13: 'I verify greengrass-cli is available in greengrass root' - time="22:48:14+07:00" level=info msg=22:48:14.991 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 14: 'I create a local deployment with components' - time="22:48:14+07:00" level=info msg=22:48:14.991 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 16: 'the local Greengrass deployment is SUCCEEDED on the device after 120 seconds' - time="22:48:14+07:00" level=info msg=22:48:14.991 [localdeployment] [INFO] greengrass/features/localdeployment.feature - line 17: 'the aws.greengrass.LocalHelloWorld log on the device contains the line "Hello World!!" within 20 seconds' - time="22:48:16+07:00" level=info msg=22:48:16.569 [localdeployment] [INFO] com.aws.greengrass.testing.features.LoggerSteps - Clearing thread context on scenario: 'A component is deployed locally using CLI' - time="22:48:16+07:00" level=info msg=22:48:16.577 [localdeployment] [ERROR] com.aws.greengrass.testing.launcher.reporting.StepTrackingReporting - Failed: 'A component is deployed locally using CLI': Failed at 'my device is running Greengrass' - time="22:48:16+07:00" level=info msg=22:48:16.584 [] [] [INFO] com.aws.greengrass.testing.modules.AWSResourcesCleanupModule - Cleaned up com.aws.greengrass.testing.resources.iam.IamLifecycle$$EnhancerByGuice$$10441879@e128dc2 - time="22:48:23+07:00" level=error msg=Test exited unsuccessfully error=exit status # cloudcomponent: - 2022-May-04 15:37:28,499 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 9: 'I create a Greengrass deployment with components' - 2022-May-04 15:37:28,499 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 11: 'I deploy the Greengrass deployment configuration' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 12: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 13: 'the com.aws.HelloWorld log on the device contains the line "Hello World!!" within 20 seconds' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 15: 'I create a Greengrass deployment with components' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 17: 'I deploy the Greengrass deployment configuration' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 18: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' - 2022-May-04 15:37:28,500 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] greengrass/features/cloudComponent.feature - line 19: 'the com.aws.HelloWorld log on the device contains the line "Hello World Updated!!" within 20 seconds' - 2022-May-04 15:37:31,557 [cloudComponent] [idt-b47156801aee3f29c860] [INFO] com.aws.greengrass.testing.features.LoggerSteps - Clearing thread context on scenario: 'As a developer, I can create a component in Cloud and deploy it on my device' - 2022-May-04 15:37:31,558 [cloudComponent] [idt-b47156801aee3f29c860] [ERROR] com.aws.greengrass.testing.launcher.reporting.StepTrackingReporting - Failed: 'As a developer, I can create a component in Cloud and deploy it on my device': Failed at 'my device is running Greengrass' # mqttpubsub: - 2022-May-04 15:36:55,929 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] greengrass/features/mqtt.feature - line 9: 'I create a Greengrass deployment with components' - 2022-May-04 15:36:55,931 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] greengrass/features/mqtt.feature - line 12: 'I deploy the Greengrass deployment configuration' - 2022-May-04 15:36:55,931 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] greengrass/features/mqtt.feature - line 13: 'the Greengrass deployment is COMPLETED on the device after 180 seconds' - 2022-May-04 15:36:55,931 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] greengrass/features/mqtt.feature - line 14: 'the aws.greengrass.IotMqttSubscriber log on the device contains the line "Subscribed to IoT topic idt/Mqtt/Test with QOS=AT_LEAST_ONCE" within 20 seconds' - 2022-May-04 15:36:55,931 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] greengrass/features/mqtt.feature - line 15: 'the aws.greengrass.IotMqttPublisher log on the device contains the line "Published to IoT topic idt/Mqtt/Test with payload test message and qos AT_LEAST_ONCE" within 10 seconds' - 2022-May-04 15:36:58,922 [mqtt] [idt-614fb227a4f0913ba4be] [INFO] com.aws.greengrass.testing.features.LoggerSteps - Clearing thread context on scenario: 'Component publishes MQTT message to Iot core and retrieves it as well' - 2022-May-04 15:36:58,924 [mqtt] [idt-614fb227a4f0913ba4be] [ERROR] com.aws.greengrass.testing.launcher.reporting.StepTrackingReporting - Failed: 'Component publishes MQTT message to Iot core and retrieves it as well': Failed at 'my device is running Greengrass' - 2022-May-04 15:36:58,930 [] [] [INFO] com.aws.greengrass.testing.modules.AWSResourcesCleanupModule - Cleaned up com.aws.greengrass.testing.resources.s3.S3Lifecycle$$EnhancerByGuice$$11137706@7e3ca22c
4
answers
0
votes
34
views
asked 21 days ago

Greengrass Lambda with Compressed Binary Payload

I'm trying to configure a Greengrass Lambda to accept a binary encoding with the goal of sending a compressed JSON payload. My Lambda configuration looks something like: ``` "componentLambdaParameters": { "inputPayloadEncodingType": "binary", "eventSources": [ { "topic": "my/topic", "type": "IOT_CORE" } ], "linuxProcessParams": { "isolationMode": "NoContainer" }, "pinned": false } ``` I'm using Python/Boto3 to send the messages, and the topic publish looks something like: ``` client = boto3.client("iot-data") payload = gzip.compress(json.dumps({"large": "message"}).encode()) client.publish(topic="my/topic", qos=1, retain=True, payload=payload) ``` I get the following error from the Greengrass Lambda: ``` lambda_runtime.py:183,Cannot parse given invoke payload as JSON: b'my contents' ``` I can send the same message without compressing it (e.g. `payload = json.dumps({"large": "message"}).encode()`), and the Lambda succeeds. That suggests to me that `"inputPayloadEncodingType": "binary"` setting only works if the payload is encoded JSON, but that seems to defeat the purpose of using the binary payload option to send something other than JSON. I'm using the Python 3.8 Lambda runtime with following component versions: ``` "aws.greengrass.LambdaLauncher": { "componentVersion": "2.0.10" }, "aws.greengrass.LambdaManager": { "componentVersion": "2.2.2" }, "aws.greengrass.LambdaRuntimes": { "componentVersion": "2.0.8" }, "aws.greengrass.Nucleus": { "componentVersion": "2.5.5", }, ``` Is there something I might be doing wrong here or any other guidance on accepting a compressed payload? Thanks!
1
answers
0
votes
8
views
asked a month ago

GG logs are pushed intermittently to cloudwatch

Hello, We are using GreenGrass v2 and would like to have logs pushed as frequently as possible. We understand the limitation for certain components (eg telemetry) but our application logs should be sent as near real time as we can. Currently, regardless of the configurations set our logs are only sent intermittently to CloudWatch. Logs are seen every few hours or even few days. Could anyone please help us understand whats happening? We are using the following configuration: ``` 'aws.greengrass.Nucleus': { componentVersion: '2.4.0', configurationUpdate: { merge: `{ "logging" : { "level" : "DEBUG", "format" : "JSON" } }`, }, }, 'aws.greengrass.LogManager': { componentVersion: '2.2.1', configurationUpdate: { merge: `{ "logsUploaderConfiguration": { "systemLogsConfiguration": { "uploadToCloudWatch": "true", "minimumLogLevel": "DEBUG", "diskSpaceLimit": "2", "diskSpaceLimitUnit": "KB", "deleteLogFileAfterCloudUpload": "true" }, "componentLogsConfigurationMap": { "com.component1": { "minimumLogLevel": "DEBUG", "diskSpaceLimit": "2", "logFileDirectoryPath": "/greengrass/v2/logs/", "logFileRegex": "com.component1\\\\w*.log", "diskSpaceLimitUnit": "KB", "deleteLogFileAfterCloudUpload": "true" }, "com.component2": { "minimumLogLevel": "DEBUG", "diskSpaceLimit": "2", "logFileDirectoryPath": "/greengrass/v2/logs/", "logFileRegex": "com.component2\\\\w*.log", "diskSpaceLimitUnit": "KB", "deleteLogFileAfterCloudUpload": "true" }, "aws.greengrass.SageMakerEdgeManager": { "minimumLogLevel": "DEBUG", "logFileDirectoryPath": "/greengrass/v2/logs/", "logFileRegex": "aws.greengrass.SageMakerEdgeManager\\\\w*.log", "diskSpaceLimit": "2", "diskSpaceLimitUnit": "KB", "deleteLogFileAfterCloudUpload": "true" }, "aws.greengrass.SecureTunneling": { "minimumLogLevel": "DEBUG", "logFileDirectoryPath": "/greengrass/v2/logs/", "logFileRegex": "aws.greengrass.SecureTunneling\\\\w*.log", "diskSpaceLimit": "2", "diskSpaceLimitUnit": "KB", "deleteLogFileAfterCloudUpload": "true" } } }, "periodicUploadIntervalSec": "10" }`, }, }, ```
3
answers
0
votes
7
views
asked a month ago

com.aws.greengrass.lambdamanager.StatusTimeoutException mysterious lambda error

I am trying to use lambdas on greengrass v2. I created and packaged the hello world lambda from the greengrass tutorial and deployed it to the core but it continues to error out. It doesnt seem to run to completion, or the lambda isnt getting called correctly and the core reports it as timed out. This is the stacktrace. How do I get this lambda to work in greeengrass v2? com.aws.greengrass.lambdamanager.StatusTimeoutException: Lambda status not received within timeout at com.aws.greengrass.lambdamanager.Lambda.lambda$createInstanceKeepAliveTask$5(Lambda.java:282) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539) at java.base/java.util.concurrent.FutureTask.runAndReset(FutureTask.java:305) at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:305) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635) at java.base/java.lang.Thread.run(Thread.java:833) aws.greengrass.LambdaManager 2.2.2 using Python Python 3.7 With the following hello world lambda ``` import json import awsiot.greengrasscoreipc import awsiot.greengrasscoreipc.client as client from awsiot.greengrasscoreipc.model import ( QOS, PublishToIoTCoreRequest ) TIMEOUT = 10 ipc_client = awsiot.greengrasscoreipc.connect() def greengrass_hello_world_run(): topic = "my/topic" message = "Hello, World" qos = QOS.AT_LEAST_ONCE request = PublishToIoTCoreRequest() request.topic_name = topic request.payload = bytes(message, "utf-8") request.qos = qos operation = ipc_client.new_publish_to_iot_core() operation.activate(request) future = operation.get_response() future.result(TIMEOUT) Timer(5, greengrass_hello_world_run).start() greengrass_hello_world_run() def lambda_handler(event, context): return ```
1
answers
0
votes
3
views
asked a month ago

Deploying greengrass v2 public components using CDK (e.g. ShadowManager)?

Hi, I am working on a greengrass V2 project that uses CDK to automate the deployment. Everything is working up to now. However, I would like to use the public shadow manager greengrass v2 component in the deployment. From the console, I can manually add the aws.greengrass.ShadowManager to the deployment. However, I would like to add this component programmatically using CDK. I copied the component recipe for the shadow manager and it shows that the URI is for example. I used this Uri in my CDK typescript template. ``` "Uri": "greengrass:n6*7r*yO*c9*QK*kN*77**G-G*H*bb*08*V*X50_k=/aws.greengrass.ShadowManager.jar" ``` but when I generate and deploy it using CDK I get an error: ``` Invalid Input: Encountered following errors in Artifacts: {greengrass:greengrass:n6*7r*yO*c9*QK*kN*77**G-G*H*bb*08*V*X50_k=/aws.greengrass.ShadowManager.jar = URI format does not meet the S3 URI requirements} ``` Do I need to copy the ShadowManager.jar to my S3 bucket and if so where can I download the ShadowManager.jar file from? I cant seem find any information on how I can deploy a public component such as the aws.greengrass.ShadowManager using CDK. I have been following this guide but this doesnt show how to deploy public components using CDK: https://github.com/aws-samples/aws-iot-greengrass-v2-using-aws-cdk Is there a good guide on deploying greengrass v2 public components using CDK? Could anyone be able to provide some guidance? Many thanks Oide
5
answers
0
votes
23
views
asked 2 months ago

Connecting from awsiotsdk to Greengrass Core over LocalMQTT TLS problems

I try and connect from a client device over localMQTT to the broker on the greengrass core. However, when I connect, I get this error on the awsiotsdk side. I ran an almost identical script to this a couple months ago and I don't think it had the same problems. ``` Traceback (most recent call last): File "client_v2.py", line 76, in <module> connect_future.result() File "/Users/username/.pyenv/versions/3.8.11/lib/python3.8/concurrent/futures/_base.py", line 444, in result return self.__get_result() File "/Users/username/.pyenv/versions/3.8.11/lib/python3.8/concurrent/futures/_base.py", line 389, in __get_result raise self._exception awscrt.exceptions.AwsCrtError: AWS_IO_TLS_ERROR_NEGOTIATION_FAILURE: TLS (SSL) negotiation failed ``` On the Core side, I have just the Moquette broker and the bridge and a component that subscribes to the messages coming off of LocalMqtt and through the bridge. This is the message in greengrass.log ``` 2022-04-05T07:00:56.397Z [ERROR] (nioEventLoopGroup-7-10) io.moquette.broker.NewNettyMQTTHandler: Unexpected exception while processing MQTT message. Closing Netty channel. CId=null. {} io.netty.handler.codec.DecoderException: javax.net.ssl.SSLProtocolException: Received close_notify during handshake at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:478) at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:276) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) at io.netty.handler.timeout.IdleStateHandler.channelRead(IdleStateHandler.java:286) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) at io.moquette.broker.metrics.BytesMetricsHandler.channelRead(BytesMetricsHandler.java:51) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166) at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:719) at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:655) at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:581) at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493) at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989) at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) at java.base/java.lang.Thread.run(Thread.java:829) Caused by: javax.net.ssl.SSLProtocolException: Received close_notify during handshake at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:129) at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:117) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:339) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:295) at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:286) at java.base/sun.security.ssl.Alert$AlertConsumer.consume(Alert.java:250) at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:185) at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172) at java.base/sun.security.ssl.SSLEngineImpl.decode(SSLEngineImpl.java:681) at java.base/sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:636) at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:454) at java.base/sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:433) at java.base/javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:637) at io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:282) at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1387) at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1282) at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1329) at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:508) at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:447) ... 25 more 2022-04-05T07:00:56.399Z [INFO] (nioEventLoopGroup-7-10) io.moquette.broker.metrics.MQTTMessageLogger: Channel Inactive. {} ``` I'm using the mqtt_connection_builder.mtls_from_path function to create my connection setup between the client and the core, but obviously during the connect function itself it breaks because of the TLS handshake.
1
answers
0
votes
9
views
asked 2 months ago

Greengrass v2 fleet provisioning retry in case of lack of the Internet connection.

Hi. I have created a Greengrass fleet deployment workflow for my devices which works great - cloud resources are provisioned, claim certs are used to obtain device individual certs, and device gets connected. However in production environment the scenario will be different: 1. An IoT device is installed by an engineer in a newly built home, with no occupiers and no internet connection. 2. The Greengrass is ready to claim device certs and connect as soon as the device is powered up. 3. The device then is powered up by the installing engineer, meaning the Greengrass fleet provisioning plugin will try to do its job, but there is no internet connection, so it will fail. 4. The engineer will leave the device on, and it will be permanently on since now on. 5. The occupiers will move in some time later and install their broadband router, the Internet is now available. At this point, from my tests, I noticed the Greengrass/provisioning plugin won't detect Internet connection and won't try to register the device/obtain certs - meaning there is no retry functionality implemented. I understand that the device can be rebooted or Greengrass service restarted to initialize new registration attempt, however - if possible I'd like to avoid occupiers fiddling with the device, and prefer the device to the retry automatically. I also understand that I can write a software that will be automatically cyclically restarting the Greengrass service if the previous registration attempt failed (probably by checking if the thingCert.crt is present) but before I'll spend my time on coding, **the question is**: Is it possible to configure Greengrass to retry delayed provisioning using claim certificates if previous attempt has failed? Appreciate any help.
1
answers
0
votes
13
views
asked 2 months ago

greengrasssdk.stream_manager.exceptions.UnknownFailureException: Broken bit parity

Hi there I have some problem with stream manager in ggv1, I can fix this after I reboot the device. However I dont think this is a good solution. Do you have any suggestion where I can look into ``` [2022-04-01T09:19:31.876+11:00][INFO]-imageCamera.py:108,>>> Get frame atm hour:9 - sleep_time:11 s [2022-04-01T09:19:31.876+11:00][INFO]-imageCamera.py:112,>>> Frame size from rtsp: (720, 1280, 3) [2022-04-01T09:19:31.889+11:00][INFO]-imageCamera.py:119,>>> Resized farme: (720, 1280, 3) [2022-04-01T09:19:32.002+11:00][INFO]-imageCamera.py:144, >>>>> realite-data-image Sleep time: 60 - payload size: 189004 [2022-04-01T09:19:32.002+11:00][INFO]-Response: 1065 [2022-04-01T09:19:39.336+11:00][INFO]-lambda_runtime.py:366,Caught signal 15. Stopping runtime. [2022-04-01T09:20:22.061+11:00][INFO]-imageCamera.py:173,>> Getting hub config ... [2022-04-01T09:20:22.064+11:00][INFO]-ipc_client.py:167,Posting work for function [:function:secret_loader] to http://localhost:8000/2016-11-01/functions/arn:aws:lambfunction:secret_loader [2022-04-01T09:20:22.078+11:00][INFO]-ipc_client.py:177,Work posted with invocation id [14ce6b2c-add7-4dc0-452d-be84d2700e4e] [2022-04-01T09:20:22.078+11:00][INFO]-ipc_client.py:290,Getting work result for invocation id [14ce6b2c-add7-4dc0-452d-be84d2700e4e] from http://localhost:8000/2016-11-01/functions/arn:aws:lambda:ap:function:secret_loader [2022-04-01T09:20:26.32+11:00][INFO]-ipc_client.py:298,Got result for invocation id [14ce6b2c-add7-4dc0-452d-be84d2700e4e] [2022-04-01T09:20:26.321+11:00][INFO]-imageCamera.py:175,>> Done ... [2022-04-01T09:20:26.321+11:00][INFO]-imageCamera.py:180,Setup tranfer stream [2022-04-01T09:20:26.628+11:00][INFO]-imageCamera.py:151, >>> Stream list: ['kstream1'] [2022-04-01T09:20:27.291+11:00][ERROR]-imageCamera.py:209, >>>>> Exception while running: Broken bit parity [2022-04-01T09:20:27.291+11:00][ERROR]-Traceback (most recent call last): [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/.imageCamera.14/imageCamera.py", line 182, in main [2022-04-01T09:20:27.291+11:00][ERROR]- stream_client=setup_data_stream(stream_name,kinesis_stream_name) [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/.function.imageCamera.14/imageCamera.py", line 154, in setup_data_stream [2022-04-01T09:20:27.291+11:00][ERROR]- client.delete_message_stream(stream_name=stream_name) [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/arn.aws.lambda.ap-southeast-Camera.14/greengrasssdk/stream_manager/streammanagerclient.py", line 448, in delete_message_stream [2022-04-01T09:20:27.291+11:00][ERROR]- return Util.sync(self._delete_message_stream(stream_name), loop=self.__loop) [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/.function.imageCamera.14/greengrasssdk/stream_manager/util.py", line 28, in sync [2022-04-01T09:20:27.291+11:00][ERROR]- return asyncio.run_coroutine_threadsafe(coro, loop=loop).result() [2022-04-01T09:20:27.291+11:00][ERROR]- File "/usr/lib/python3.7/concurrent/futures/_base.py", line 432, in result [2022-04-01T09:20:27.291+11:00][ERROR]- return self.__get_result() [2022-04-01T09:20:27.291+11:00][ERROR]- File "/usr/lib/python3.7/concurrent/futures/_base.py", line 384, in __get_result [2022-04-01T09:20:27.291+11:00][ERROR]- raise self._exception [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/arn.aws.lambda.ap-southeast-2era.14/greengrasssdk/stream_manager/streammanagerclient.py", line 352, in _delete_message_stream [2022-04-01T09:20:27.291+11:00][ERROR]- Util.raise_on_error_response(delete_stream_response) [2022-04-01T09:20:27.291+11:00][ERROR]- File "/greengrass/ggc/deployment/lambda/ar.imageCamera.14/greengrasssdk/stream_manager/util.py", line 148, in raise_on_error_response [2022-04-01T09:20:27.291+11:00][ERROR]- raise UnknownFailureException(response.error_message, response.status, response.request_id) [2022-04-01T09:20:27.291+11:00][INFO]-imageCamera.py:210,>>> restart module after 10s ```
0
answers
0
votes
7
views
asked 2 months ago

Invalid Input: Encountered following errors in Artifacts: {s3://greengrass-tutorial/com.example.HelloWorld/1.1.0/helloWorld.zip = Specified artifact resource cannot be accessed}

I'm following these Youtube tutorials: 1. https://www.youtube.com/watch?v=hAZ-nlAaSvw&ab_channel=Michael 2. https://www.youtube.com/watch?v=hAZ-nlAaSvw&ab_channel=Michael I was able to successfully deploy a component that printed "hello world!" based on the first YouTube tutorial. I had no problems reading from the s3 bucket. I'm now deploying a new component version in the second tutorial. I have the following recipe: ``` --- RecipeFormatVersion: '2020-01-25' ComponentName: com.example.HelloWorld ComponentVersion: '1.1.0' ComponentDescription: My first AWS IoT Greengrass component. ComponentPublisher: Me ComponentConfiguration: DefaultConfiguration: {} Manifests: - Platform: os: linux Lifecycle: Run: PYTHONPATH="{artifacts:decompressedPath)/helloWorld/dependencies" python3 -u {artifacts:decompressedPath}/helloWorld/hello_world.py Artifacts: - URI: s3://greengrass-tutorial/com.example.HelloWorld/1.1.0/helloWorld.zip Unarchive: ZIP ``` I have uploaded my helloWorld.zip to the greengrass-tutorial s3 bucket using the aws cli: ``` aws s3 cp ./helloWorld.zip s3://greengrass-tutorial/com.example.HelloWorld/1.1.0/helloWorld.zip ``` the helloWorld.zip contains hello_world.py and a dependencies folder. When I click "Create version" I get the following error message: Invalid Input: Encountered following errors in Artifacts: {s3://greengrass-tutorial/com.example.HelloWorld/1.1.0/helloWorld.zip = Specified artifact resource cannot be accessed} Would anyone be able to help me?
1
answers
0
votes
3
views
asked 2 months ago

com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. merge-config-service BROKEN

Hi there I tried to deploy a component to a new provisioned device, however i encounter this error com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. merge-config-service BROKEN here is part of the logs ``` 2022-03-20T23:26:34.797Z [INFO] (pool-2-thread-6) com.aws.greengrass.componentmanager.ComponentManager: Found running component which meets the requirement and use it.. {ComponentIdentifier=rtt.ancillary-v1.0.1} 2022-03-20T23:26:34.798Z [INFO] (pool-2-thread-6) com.aws.greengrass.componentmanager.ComponentManager: Found the best local candidate that satisfies the requirement.. {LocalCandidateId=rtt.ancillary-v1.0.1} 2022-03-20T23:26:35.377Z [INFO] (pool-2-thread-6) com.aws.greengrass.componentmanager.ComponentManager: resolve-component-version-end. Resolved component version.. {ResolvedComponent=rtt.ancillary-v1.0.1} 2022-03-20T23:26:35.409Z [INFO] (pool-2-thread-6) com.aws.greengrass.componentmanager.DependencyResolver: resolve-group-dependencies-finish. Finish resolving group dependencies. {resolvedComponents={rtt.ancillary=ComponentMetadata(componentIdentifier=rtt.ancillary-v1.0.1, dependencies={})}, componentToVersionRequirements={rtt.ancillary={thing/test123==1.0.1}}} 2022-03-20T23:26:35.439Z [INFO] (pool-2-thread-6) com.aws.greengrass.componentmanager.ComponentManager: prepare-package-start. {packageIdentifier=rtt.ancillary-v1.0.1} 2022-03-20T23:26:35.502Z [INFO] (pool-2-thread-5) com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService: register-service-update-action. {action=0-071b-439e-9e57-303d24e2748f, serviceName=UpdateSystemPolicyService, currentState=RUNNING} 2022-03-20T23:26:35.508Z [INFO] (pool-2-thread-6) com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService: service-update-start. {serviceName=UpdateSystemPolicyService, currentState=RUNNING} 2022-03-20T23:26:35.513Z [INFO] (pool-2-thread-6) com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. Applying deployment changes, deployment cannot be cancelled now. {deployment=07e027a5-071b-439e-9e57-303d24e2748f} 2022-03-20T23:26:35.514Z [INFO] (pool-2-thread-6) com.aws.greengrass.deployment.DeploymentDirectoryManager: Persist configuration snapshot. {file=/greengrass/v2/deployments/07e027a5-071b-439e-9e57-303d24e2748f/rollback_snapshot.tlog} 2022-03-20T23:26:35.574Z [INFO] (main-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=main, currentState=FINISHED, newState=INSTALLED} 2022-03-20T23:26:35.587Z [INFO] (Serialized listener processor) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-config-change. Requesting restart for component. {configNode=services.main.lifecycle, serviceName=main, currentState=INSTALLED} 2022-03-20T23:26:35.804Z [ERROR] (pool-2-thread-14) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-errored. {reason=Script errored in install, serviceName=rtt.ancillary, currentState=NEW} 2022-03-20T23:26:35.806Z [INFO] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=rtt.ancillary, currentState=NEW, newState=ERRORED} 2022-03-20T23:26:35.807Z [INFO] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=rtt.ancillary, currentState=ERRORED, newState=NEW} 2022-03-20T23:26:35.905Z [ERROR] (pool-2-thread-14) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-errored. {reason=Script errored in install, serviceName=rtt.ancillary, currentState=NEW} 2022-03-20T23:26:35.905Z [INFO] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=rtt.ancillary, currentState=NEW, newState=ERRORED} 2022-03-20T23:26:35.906Z [INFO] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=rtt.ancillary, currentState=ERRORED, newState=NEW} 2022-03-20T23:26:35.996Z [ERROR] (pool-2-thread-14) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-errored. {reason=Script errored in install, serviceName=rtt.ancillary, currentState=NEW} 2022-03-20T23:26:35.997Z [INFO] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-set-state. {serviceName=rtt.ancillary, currentState=NEW, newState=BROKEN} 2022-03-20T23:26:35.997Z [ERROR] (rtt.ancillary-lifecycle) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-broken. service is broken. Deployment is needed. {serviceName=rtt.ancillary, currentState=BROKEN} 2022-03-20T23:26:36.701Z [WARN] (pool-2-thread-6) com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. merge-config-service BROKEN. {serviceName=rtt.ancillary} 2022-03-20T23:26:36.702Z [ERROR] (pool-2-thread-6) com.aws.greengrass.deployment.activator.DeploymentActivator: merge-config. Deployment failed. {deploymentId=07e027a5-439e-9e57-303d24e} com.aws.greengrass.deployment.exceptions.ServiceUpdateException: Service rtt.ancillary in broken state after deployment at com.aws.greengrass.deployment.DeploymentConfigMerger.waitForServicesToStart(DeploymentConfigMerger.java:194) at com.aws.greengrass.deployment.activator.DefaultActivator.activate(DefaultActivator.java:84) at com.aws.greengrass.deployment.DeploymentConfigMerger.updateActionForDeployment(DeploymentConfigMerger.java:150) at com.aws.greengrass.deployment.DeploymentConfigMerger.lambda$mergeInNewConfig$0(DeploymentConfigMerger.java:102) at com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService.runUpdateActions(UpdateSystemPolicyService.java:95) at com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService.lambda$startup$0(UpdateSystemPolicyService.java:165) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:834) 2022-03-20T23:26:36.708Z [INFO] (pool-2-thread-6) com.aws.greengrass.deployment.activator.DeploymentActivator: merge-config. Rolling back failed deployment. {deploymentId=07e027a5-071b-9e57-303d} 2022-03-20T23:26:36.769Z [INFO] (pool-2-thread-6) com.aws.greengrass.config.ConfigurationWriter: truncate-tlog. queued immediate truncation. {} 2022-03-20T23:26:36.882Z [INFO] (Serialized listener processor) com.aws.greengrass.config.ConfigurationWriter: truncate-tlog. completed successfully. {} 2022-03-20T23:26:36.889Z [INFO] (pool-2-thread-6) com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. Removing services. {service-to-remove=[rtt.ancillary]} 2022-03-20T23:26:36.889Z [INFO] (pool-2-thread-14) com.aws.greengrass.lifecyclemanager.GenericExternalService: service-close. Service is now closing. {serviceName=rtt.ancillary, currentState=BROKEN} ``` here is my deployment config ``` { "targetArn": "arn:aws:iot::thing/test123", "revisionId": "2", "deploymentId": "07e027a5-9e57-303d2", "deploymentName": "update firmware", "deploymentStatus": "ACTIVE", "components": { "rtt.ancillary": { "componentVersion": "1.0.1", "configurationUpdate": { "merge": "{\"thing_name\":\"test_name\"}" } } }, "deploymentPolicies": { "failureHandlingPolicy": "ROLLBACK", "componentUpdatePolicy": { "timeoutInSeconds": 30, "action": "NOTIFY_COMPONENTS" }, "configurationValidationPolicy": { "timeoutInSeconds": 60 } }, "iotJobConfiguration": { "jobExecutionsRolloutConfig": { "exponentialRate": { "baseRatePerMinute": 5, "incrementFactor": 2.0, "rateIncreaseCriteria": { "numberOfNotifiedThings": 10, "numberOfSucceededThings": 5 } }, "maximumPerMinute": 50 }, "timeoutConfig": { "inProgressTimeoutInMinutes": 15 } }, "creationTimestamp": 1647818095.423, "isLatestForTarget": true, "tags": { "PRODUCT": "GGv2 Deployment" } } ```
4
answers
0
votes
12
views
asked 2 months ago

How to change the greengrass v2 config on a core device

Hi there I have a problem with the iot permision on my device which already have gg installed and running so when i run the gg installer I put GGTokenAccessRole for "iotRoleAlias" instead of the actual name ``` 2022-03-18T05:43:45.295Z [ERROR] (pool-2-thread-5) com.aws.greengrass.tes.CredentialRequestHandler: TES responded with status code: 403. Caching response. {"message":"Access Denied"}. {iotCredentialsPath=/role-aliases/GGTokenAccessRole/credentials} 2022-03-18T05:43:45.296Z [ERROR] (pool-2-thread-5) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GGTokenAccessRole/credentials, credentialData=TES responded with status code: 403. Caching response. {"message":"Access Denied"}} 2022-03-18T05:44:27.897Z [ERROR] (pool-2-thread-5) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GGTokenAccessRole/credentials, credentialData=TES responded with status code: 403. Caching response. {"message":"Access Denied"}} 2022-03-18T05:45:22.119Z [ERROR] (pool-2-thread-5) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GGTokenAccessRole/credentials, credentialData=TES responded with status code: 403. Caching response. {"message":"Access Denied"}} ``` Also i did not create iot aliase so i wonder if that is a problem? can it use a IAMF role directly ? Thanks for your help
1
answers
0
votes
12
views
asked 2 months ago

Greengrass StreamManager dependency problem

Hello! I created a Greengrass core device through the [online tutorials](https://docs.aws.amazon.com/greengrass/v2/developerguide/getting-started.html). On step **5b** I followed the **recommended option**, so I think it uses *sts:AssumeRole* for authentication. Everything is working fine and I tried to install and use the AWS StreamManager Component. I updated my deployment and Stream Manager was successfully installed on my core device. But when I created a stream and appended data to that stream, I got errors in `/greengrass/v2/logs/aws.greengrass.StreamManager.log` about Stream Manager not being able to connect to IoT Analytics. The full debug logs of Stream Manager can be found in [this gist](https://gist.github.com/hacor/364face5e03d1065ceccc04e88ed29cb) I found following issues in this logs: - Line #140: `2022-03-04T08:30:35.708Z [INFO] (Copier) aws.greengrass.StreamManager: stdout. 2022 Mar 04 08:30:35,707 [DEBUG] (pool-7-thread-1) com.amazonaws.auth.AWSCredentialsProviderChain: Unable to load credentials from WebIdentityTokenCredentialsProvider: To use assume role profiles the aws-java-sdk-sts module must be on the class path.. {scriptName=services.aws.greengrass.StreamManager.lifecycle.startup.script, serviceName=aws.greengrass.StreamManager, currentState=STARTING} ` - Line #167: `2022-03-04T08:30:36.085Z [INFO] (Copier) aws.greengrass.StreamManager: stdout. 2022 Mar 04 08:30:36,074 [ERROR] (pool-7-thread-1) com.amazonaws.iot.greengrass.streammanager.export.destination.IOTAnalyticsDestination: Encountered error while exporting data to AWS IoT Analytics. {scriptName=services.aws.greengrass.StreamManager.lifecycle.startup.script, serviceName=aws.greengrass.StreamManager, currentState=STARTING} ` When I created the file `/home/ggc_user/.aws/credentials` using basic credentials ```bash [default] aws_access_key_id = ****** aws_secret_access_key = ******* ``` Stream manager works perfectly. As I read in the logs, the Stream Manager package should have the `aws-java-sdk-sts` module as a dependency in order to work with this method. Because the Stream manager component is not open source, I'm unable to create a PR. So I hope this message will reach the Stream Manager developers. Here are the component versions used in my deployment: ```bash Component Name: aws.greengrass.StreamManager Version: 2.0.14 State: RUNNING Configuration: {"JVM_ARGS":"","LOG_LEVEL":"DEBUG","port":"8088","runWithDefault":{"posixUser":"ggc_user:ggc_group"},"STREAM_MANAGER_AUTHENTICATE_CLIENT":false,"STREAM_MANAGER_ENABLE_LOCK_ON_METADATA_STORE":"false","STREAM_MANAGER_EXPORTER_MAX_BANDWIDTH":"2147483647","STREAM_MANAGER_EXPORTER_S3_DESTINATION_MULTIPART_UPLOAD_MIN_PART_SIZE_BYTES":"5242880","STREAM_MANAGER_EXPORTER_THREAD_POOL_SIZE":"5","STREAM_MANAGER_SERVER_PORT":"8088","STREAM_MANAGER_STORE_ROOT_DIR":"."} Component Name: aws.greengrass.TokenExchangeService Version: 2.0.3 State: RUNNING Configuration: {"port":0.0} Component Name: aws.greengrass.Nucleus Version: 2.5.3 State: FINISHED Configuration: {"awsRegion":"eu-central-1","componentStoreMaxSizeBytes":"10000000000","deploymentPollingFrequencySeconds":"15","envStage":"prod","fleetStatus":{"periodicStatusPublishIntervalSeconds":86400.0},"greengrassDataPlanePort":"8443","httpClient":{},"iotCredEndpoint":"c18zy2f9lrcrq0.credentials.iot.eu-central-1.amazonaws.com","iotDataEndpoint":"a3sh1t0ug8wcry-ats.iot.eu-central-1.amazonaws.com","iotRoleAlias":"GreengrassV2TokenExchangeRoleAlias","jvmOptions":"-Dlog.store=FILE","logging":{},"mqtt":{"spooler":{}},"networkProxy":{"proxy":{}},"platformOverride":{},"runWithDefault":{"posixShell":"sh","posixUser":"ggc_user:ggc_group"},"telemetry":{}} ``` Best regards, Hacor
2
answers
0
votes
9
views
asked 3 months ago

find file location sent as a non-compressed artifact

I have a python greengrass component that in itself is in a compressed artifact. I also have a non-compressed artifact in test/route.nmea that i want to access from within the python component. ``` "Artifacts": [ { "URI": "s3://jeteye/components/artifacts/au.com.company.gg_gps_publish/0.0.123/gg_gps_publish.zip", "Unarchive": "ZIP" }, { "URI": "s3://jeteye/components/artifacts/au.com.company.gg_gps_publish/0.0.123/test/route.nmea", "Unarchive": "NONE" } ``` i tried: `g_nmea_file = os.path.dirname(os.path.abspath(__file__)) + '/../test/route.nmea' ` but that ends up pointing to the decompressed artifact directory : `/greengrass/v2/packages/artifacts-unarchived/au.com.company.gg_gps_publish/0.0.123/gg_gps_publish/test/route.nmea` is there a greengrass call to get access the non-unarchived artifact directory like: `/greengrass/v2/packages/artifacts/au.com.company.gg_gps_publish/0.0.123/gg_gps_publish/` ? I have also tried to pass in the **{artifacts:path}** variable that is available in the receipe by adding it to a config: ``` "ComponentConfiguration": { "DefaultConfiguration": { "GGV2ComponentConfig": { "current_version" : "0.0.123", "gps_tick_topic" : "gps/tick", "timeout_sec" : 10, "test_nmea_file" : "{artifacts:path}/test/route.nmea" }, ``` and passing it into the python like: ``` "Lifecycle": { "Install": "pip3 install awsiotsdk pynmeagps", "Run": { "Script": "python3 -u {artifacts:decompressedPath}/gg_gps_publish/main.py '{configuration:/GGV2ComponentConfig}'", "RequiresPrivilege": "false" } }, ``` when i read the GGV2ComponentConfig.test_nmea_file configuration , the **{artifacts:path}** part is empty
1
answers
0
votes
6
views
asked 3 months ago

StreamManger - UnknownFailureException: Broken bit parity - re:post

Hi there, i just upgrade my Greengrass (GG) core software from 1.10 to 1.11.5. Cus i want to use S3ExportTaskDefinition. However there is some error with the create_message_stream() the attached is the log of my lambda (which i copy from: https://github.com/aws-greengrass/aws-greengrass-stream-manager-sdk-python) I manually trackback and found the error at line 336 `result = await self.__requests[data.request_id].get()` in the streammanagerclient.py::__send_and_receive() GGStreamManager.log ``` [2022-02-28T16:43:51.367+11:00][ERROR]-Feb 28, 2022 4:43:51 PM com.amazonaws.internal.DefaultServiceEndpointBuilder getServiceEndpoint [2022-02-28T16:43:51.367+11:00][ERROR]-INFO: {iotsitewise, ap-southeast-2} was not found in region metadata, trying to construct an endpoint using the standard pattern for this region: 'iotsitewise.ap-southeast-2.amazonaws.com'. [2022-02-28T16:43:51.646+11:00][INFO]- (main) com.amazonaws.iot.greengrass.streammanager.server.StreamServer: Starting streamServer on port: 8088 [2022-02-28T16:43:51.665+11:00][INFO]- (main) com.amazonaws.iot.greengrass.streammanager.export.decider.Decider: Starting decider [2022-02-28T16:43:52.186+11:00][INFO]- (pool-6-thread-1) com.amazonaws.iot.greengrass.streammanager.server.StreamServer: StreamServer ready to accept connections on port 8088 [2022-02-28T16:43:52.207+11:00][INFO]-Putting initialization result for function arn [arn:aws:lambda:::function:GGStreamManager:1] to http://localhost:8000/2016-11-01/functions/arn:aws:lambda:::function:GGStreamManager:1/initialized [2022-02-28T16:43:52.377+11:00][INFO]-Put initialization result for function arn [arn:aws:lambda:::function:GGStreamManager:1] [2022-02-28T16:43:53.407+11:00][ERROR]- (nioEventLoopGroup-3-1) com.amazonaws.iot.greengrass.streammanager.server.handlers.CreateMessageStreamRequestHandler: Encountered unknown exception while creating message stream SomeStatusStreamName [2022-02-28T16:43:53.407+11:00][ERROR]-org.mapdb.DBException$PointerChecksumBroken: Broken bit parity [2022-02-28T16:43:53.407+11:00][ERROR]- at org.mapdb.DataIO.parity4Get(DataIO.java:476) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at org.mapdb.StoreWAL.longStackLoadChunk(StoreWAL.kt:732) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at org.mapdb.StoreWAL.longStackPut(StoreWAL.kt:712) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at org.mapdb.StoreDirectAbstract.releaseData(StoreDirectAbstract.kt:367) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at org.mapdb.StoreWAL.updateProtected(StoreWAL.kt:455) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at org.mapdb.StoreWAL.update(StoreWAL.kt:426) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at org.mapdb.IndexTreeListJava.treePut(IndexTreeListJava.java:341) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at org.mapdb.IndexTreeLongLongMap.put(IndexTreeLongLongMap.kt:77) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at org.mapdb.HTreeMap.putprotected(HTreeMap.kt:363) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at org.mapdb.HTreeMap.put(HTreeMap.kt:324) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at com.amazonaws.iot.greengrass.streammanager.dao.MapDbMetadataDao.put(MapDbMetadataDao.java:73) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at com.amazonaws.iot.greengrass.streammanager.store.log.LogStore.createMessageStream(LogStore.java:113) ~[AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at com.amazonaws.iot.greengrass.streammanager.server.handlers.CreateMessageStreamRequestHandler.handle(CreateMessageStreamRequestHandler.java:41) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at com.amazonaws.iot.greengrass.streammanager.server.handlers.MessageStreamHandler.channelRead(MessageStreamHandler.java:133) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:321) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:295) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.handler.codec.ByteToMessageDecoder.fireChannelRead(ByteToMessageDecoder.java:321) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:295) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:357) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.407+11:00][ERROR]- at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:365) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:163) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:714) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:650) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:576) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:493) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:989) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) [AWSGreengrassStreamManager.jar:?] [2022-02-28T16:43:53.408+11:00][ERROR]- at java.lang.Thread.run(Thread.java:834) [?:?] ``` thanks for your help
2
answers
0
votes
9
views
asked 3 months ago

How to specify log levels using JSON format in Python

Hello, we would like to ask how to configure LOG_LEVEL of messages produced by python components? We are using Nucleus(=2.5.3) with the following config: ``` "logging": { "format": "JSON" } ``` Please, consider the following Python script: ``` print(f'This is an INFO message.', file=sys.stdout) print(f'This is an WARN message.', file=sys.stderr) ``` This produces the following two messages in the log file: ``` {"thread":"Copier","level":"INFO","eventType":"stdout","message":"This is an INFO message.","contexts":{"scriptName":"TEST.lifecycle.Run.Script","serviceName":"TEST","currentState":"RUNNING"},"loggerName":"TEST","timestamp":1646058300228,"cause":null} {"thread":"Copier","level":"WARN","eventType":"stderr","message":"This is an WARN message.","contexts":{"scriptName":"TEST.lifecycle.Run.Script","serviceName":"TEST","currentState":"RUNNING"},"loggerName":"TEST","timestamp":1646058300228,"cause":null} ``` To our understanding, the field "level" in the JSON object is deduced from the file to which the log message is written: - stdout -> INFO - stderr -> WARN We would like to be able to use all of the four different levels described in the GreenGrass Nucleus [documentation](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html#greengrass-nucleus-component-configuration-logging-format) (DEBUG, INFO, WARNING, ERROR). What do we need to to to be able to log a message using level 'DEBUG' or 'ERROR' (i.e. the field "level" in the produced message has a value of "DEBUG" or "ERROR")? Thank you kindly, Simon
2
answers
0
votes
8
views
asked 3 months ago

AWS Greengrass v2 - Windows 10

Hi there, I have a problem when I am installing the AWS Greengrass package on a Windows 10 OS. I have followed all the steps provided by the AWS Greengrass set-up webpage, but unfortunatelly, it does not work. The set-up command I am writing: java "-Droot=C:\greengrass\v2" "-Dlog.store=FILE" -jar .\lib\Greengrass.jar --init-config .\config-CoreDevice01.yaml --component-default-user ggc_user --setup-system-service true The output from the program: Error while trying to setup Greengrass Nucleus java.lang.RuntimeException: Cannot create all required directories at com.aws.greengrass.lifecyclemanager.KernelCommandLine.initPaths(KernelCommandLine.java:191) at com.aws.greengrass.lifecyclemanager.KernelCommandLine.lambda$parseArgs$0(KernelCommandLine.java:147) at com.aws.greengrass.config.Topic.subscribe(Topic.java:50) at com.aws.greengrass.lifecyclemanager.KernelCommandLine.parseArgs(KernelCommandLine.java:147) at com.aws.greengrass.lifecyclemanager.Kernel.parseArgs(Kernel.java:591) at com.aws.greengrass.easysetup.GreengrassSetup.performSetup(GreengrassSetup.java:296) at com.aws.greengrass.easysetup.GreengrassSetup.main(GreengrassSetup.java:269) Caused by: java.nio.file.attribute.UserPrincipalNotFoundException at java.base/sun.nio.fs.WindowsUserPrincipals.lookup(WindowsUserPrincipals.java:147) at java.base/sun.nio.fs.WindowsFileSystem$LookupService$1.lookupPrincipalByGroupName(WindowsFileSystem.java:250) at com.aws.greengrass.util.platforms.windows.WindowsPlatform$WindowsFileSystemPermissionView.aclEntries(WindowsPlatform.java:413) at com.aws.greengrass.util.platforms.windows.WindowsPlatform$WindowsFileSystemPermissionView.<init>(WindowsPlatform.java:326) at com.aws.greengrass.util.platforms.windows.WindowsPlatform.getFileSystemPermissionView(WindowsPlatform.java:458) at com.aws.greengrass.util.platforms.Platform.setPermissions(Platform.java:167) at com.aws.greengrass.util.platforms.Platform.setPermissions(Platform.java:129) at com.aws.greengrass.util.Permissions.setRootPermission(Permissions.java:93) at com.aws.greengrass.util.NucleusPaths.setRootPath(NucleusPaths.java:99) at com.aws.greengrass.lifecyclemanager.KernelCommandLine.initPaths(KernelCommandLine.java:170) The yaml file: --- system: certificateFilePath: "C:\greengrass\v2\X.cert.pem" privateKeyPath: "C:\greengrass\v2\Y.private.key" rootCaPath: "C:\greengrass\v2\AmazonRootCA1.pem" rootpath: "C:\greengrass\v2" thingName: "co2sink-dev-CoreDevice01" services: aws.greengrass.Nucleus: componentType: "NUCLEUS" version: "2.5.2" configuration: awsRegion: "eu-west-1" iotRoleAlias: "co2sink-dev-TokenExchangeRoleAlias" iotDataEndpoint: "aa598pljtwur1-ats.iot.eu-west-1.amazonaws.com" iotCredEndpoint: "cszj6chx6z301.credentials.iot.eu-west-1.amazonaws.com" I hope you could help, looking forward to hearing from you. Kind regards. Daniel.
2
answers
0
votes
15
views
asked 3 months ago

Remote host terminated the handshake during nucleus setup

I'm getting an error: `Unable to execute HTTP request: Remote host terminated the handshake` This occurs during the call to `DeviceProvisioningHelper.createThing(DeviceProvisioningHelper.java:204)` -> `software.amazon.awssdk.services.iot.DefaultIotClient.getPolicy(DefaultIotClient.java:8787)` I am running a custom greengrass-entrypoint.sh to install version 2.5.3 on a docker container with Ubuntu 18.04 base image using automatic provisioning on an armv7 device that worked before with version 2.4.0. Separately, I have successfully installed a 2.5.3 using automatic provisioning by command line on an Ubuntu VM just fine. My network admin opened up port 8883 which allowed gg to install/run. What could be causing the above HTTP request error? Thanks Here is a partial log. I cannot post a question with the full log it must be too long for posting here: ``` root@80d214eacd4c:/greengrass/v2/logs# cat greengrass.log 2022-02-16T21:13:17.982Z [INFO] (main) com.aws.greengrass.util.platforms.Platform: Getting platform instance com.aws.greengrass.util.platforms.unix.linux.LinuxPlatform.. {} 2022-02-16T21:13:21.005Z [INFO] (main) com.aws.greengrass.util.platforms.Platform: Getting platform instance com.aws.greengrass.util.platforms.unix.linux.LinuxPlatform.. {} 2022-02-16T21:13:21.382Z [INFO] (main) com.aws.greengrass.lifecyclemanager.Kernel: No ongoing deployment detected. Proceed as default. {} 2022-02-16T21:13:22.864Z [INFO] (main) com.aws.greengrass.lifecyclemanager.Kernel: effective-config-dump-complete. {file=/greengrass/v2/config/effectiveConfig.yaml} 2022-02-16T21:13:23.713Z [INFO] (main) com.aws.greengrass.deployment.DeviceConfiguration: Successfully setup Nucleus launch parameters. {} 2022-02-16T21:13:26.917Z [INFO] (main) com.aws.greengrass.deployment.DeviceConfiguration: Nucleus lifecycle has been initialized successfully. {} 2022-02-16T21:13:27.917Z [INFO] (main) com.aws.greengrass.deployment.DeviceConfiguration: Copy Nucleus artifacts to component store. {destination=/greengrass/v2/packages/artifacts-unarchived/aws.greengrass.Nucleus/2.5.3/aws.greengrass.nucleus, source=/opt/greengrassv2} 2022-02-16T21:15:21.010Z [ERROR] (main) com.aws.greengrass.easysetup.GreengrassSetup: Error while trying to setup Greengrass Nucleus. {} software.amazon.awssdk.core.exception.SdkClientException: Unable to execute HTTP request: Remote host terminated the handshake at software.amazon.awssdk.core.exception.SdkClientException$BuilderImpl.build(SdkClientException.java:98) at software.amazon.awssdk.core.exception.SdkClientException.create(SdkClientException.java:43) at software.amazon.awssdk.core.internal.http.pipeline.stages.utils.RetryableStageHelper.setLastException(RetryableStageHelper.java:204) at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage.execute(RetryableStage.java:82) at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage.execute(RetryableStage.java:36) at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206) at software.amazon.awssdk.core.internal.http.StreamManagingStage.execute(StreamManagingStage.java:56) at software.amazon.awssdk.core.internal.http.StreamManagingStage.execute(StreamManagingStage.java:36) at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.executeWithTimer(ApiCallTimeoutTrackingStage.java:80) at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.execute(ApiCallTimeoutTrackingStage.java:60) at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.execute(ApiCallTimeoutTrackingStage.java:42) at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallMetricCollectionStage.execute(ApiCallMetricCollectionStage.java:48) at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallMetricCollectionStage.execute(ApiCallMetricCollectionStage.java:31) at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206) at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206) at software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:37) ... Caused by: java.io.EOFException: SSL peer shut down incorrectly at sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:167) at sun.security.ssl.SSLTransport.decode(SSLTransport.java:109) at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1392) ... 65 more ```
0
answers
0
votes
6
views
asked 3 months ago

Greengrass Deployment configuration use environment variables

Hello, I'm quite new to AWS GreenGrass and I try to create a deployment which will work for more then just one device. I work with a raspberry pi 4 which runs Greengrass and connects to some energy meters and sensors through software things that run on the raspberry pi. I created a deployment using the following AWS provided components: - MQTT Broker - MQTT Bridge - Auth - Shadow manager Let's say the Greengrass core device is called __mainDevice01__ and it should subscribe through MQTT bridge to all subjects containing *__mainDevice01__/things/#*. End users can add things (energy meters, sensors,...) to _mainDevice01_ which will run as a piece of software on the device. From what I experience: - I must create a separate deployment for every mainDevice in my cluster. Correct? - Every new thing that is connected to a Greengrass core devices should trigger a lot of updates to the deployment. (Which shadows to collect, new MQTT bridge links,...) I want to create a single deployment for many _mainDevices_ which all subscribe to their respective sub-topic. I tried to use _{iot:thingName}_ as a variable within the merge configuration of the MQTT bridge but that doesn't seem to work. ```json { "reset": [], "merge": { "ThingData": { "topic": "{iot:thingName}/things/#", "source": "IotCore", "target": "LocalMqtt" } } } } ``` In the same way I would like to automatically configure the Shadow manager (if possible) to collect the shadows of a things belonging to a core device or specific group. I'm not sure if my design idea is correct this way? Any suggestions on how this should be done the correct way are more then welcome! Warm regards, Hacor
1
answers
0
votes
14
views
asked 3 months ago

Greengrass V2 continuously giving me MqttProxyIPCAgent Not Authorized

My component: ``` --- RecipeFormatVersion: "2020-01-25" ComponentName: com.savic.Telemetry ComponentVersion: 1.0.12 ComponentDescription: Vehicle telemetry consisting of CAN and additional messages ComponentPublisher: ############## ComponentConfiguration: DefaultConfiguration: Environment: nonprod accessControl: aws.greengrass.ipc.mqttproxy: com.savic.Telemetry:pubsub:2: policyDescription: Allows access to publish to telemetry topic operations: - aws.greengrass#PublishToIoTCore resources: - savicmc/{configuration:/Environment}/telemetry/events Manifests: - Platform: os: linux Lifecycle: Setenv: SAVICMC_ENV: "{configuration:/Environment}" SAVIC_SENDLOG_PATH: "/var/log/sendLog.txt" SAVIC_SAMPLE_RATE: 10 SAVIC_TELEMETRY_TOPIC: "savicmc/{configuration:/Environment}/telemetry/events" Install: RequiresPrivilege: true script: python3 -m pip install --user awsiotsdk Run: RequiresPrivilege: true script: python3 -u {artifacts:path}/telemetry.py Artifacts: - Uri: s3://greengrass-components-#############-############/artifacts/com.savic.Telemetry/1.0.12/telemetry.py Permission: Execute: OWNER ``` (NOTE: I also tried a variation of the accessControl: ``` aws.greengrass.ipc.mqttproxy: com.savic.Telemetry:mqttproxy:2: ``` (note: pubsub vs. mqttproxy) However, in my greengrass.log, I am getting the following: ``` 2022-01-24T06:29:45.178Z [INFO] (Thread-8) software.amazon.awssdk.eventstreamrpc.RpcServer: New connection code [AWS_ERROR_SUCCESS] for [Id 1141, Class ServerConnection, Refs 1](2022-01-24T06:29:45.178120Z) - <null>. {} 2022-01-24T06:29:45.181Z [INFO] (Thread-8) software.amazon.awssdk.eventstreamrpc.ServiceOperationMappingContinuationHandler: aws.greengrass#GreengrassCoreIPC authenticated identity: com.savic.Telemetry. {} 2022-01-24T06:29:45.184Z [INFO] (Thread-8) software.amazon.awssdk.eventstreamrpc.ServiceOperationMappingContinuationHandler: Connection accepted for com.savic.Telemetry. {} 2022-01-24T06:29:45.185Z [INFO] (Thread-8) software.amazon.awssdk.eventstreamrpc.ServiceOperationMappingContinuationHandler: Sending connect response for com.savic.Telemetry. {} 2022-01-24T06:29:45.191Z [INFO] (Thread-8) com.aws.greengrass.builtin.services.mqttproxy.MqttProxyIPCAgent: Not Authorized. {error=Principal com.savic.Telemetry is not authorized to perform aws.greengrass.ipc.mqttproxy:aws.greengrass#PublishToIoTCore on resource savicmc/nonprod/telemetry/events} ``` Any ideas why I am getting the Not Authorized?
1
answers
0
votes
11
views
asked 4 months ago

Component not deploying on Greengrass Core Device

I have a setup where I can get device to use fleet provisioning. The device register fine and can deploy an initial deployment including CLI, ShadowManager, TokenExchangeService, mqtt.Bridge. and Nucleus. I also have a Python component. When I deploy the component locally (CLI) it all works fine. I then uploaded a zip file of my component (only the needed Python files) to a S3 bucket. adapted the recipe and tried to deploy it in that initial deployment. In that instance I get the following errors ``` 2022-01-20T11:42:04.864Z [ERROR] (pool-2-thread-11) com.aws.greengrass.tes.CredentialRequestHandler: Error in retrieving AwsCredentials from TES. {iotCredentialsPath=/role-aliases/GGRATokenXchange/credentials, credentialData=TES responded with status code: 400. Caching response. {"message":"Unable to assume the role, or the role to assume does not exist"}} 2022-01-20T11:42:04.882Z [INFO] (pool-2-thread-11) com.aws.greengrass.componentmanager.builtins.S3Downloader: get-bucket-location. task failed and will be retried. {task-attempt=1, componentIdentifier=io.screencloud.SCRDMngt, artifactUri=s3://scrdm.artifacts/io.screencloud.SCRDMngt/1.0.0/scrdm.zip} ``` With the first message being repeated afterward (There was a stack trace not shown here). Now, GGRATokenXchange is a role alias for GGRTokenXchange with the following policies ``` { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor2", "Effect": "Allow", "Action": [ "logs:DescribeLogStreams", "iot:Connect", "iot:DescribeCertificate", "logs:CreateLogGroup", "logs:PutLogEvents", "s3:ListMultipartUploadParts", "iot:Receive", "s3:PutObject", "logs:CreateLogStream", "iot:Subscribe", "s3:AbortMultipartUpload", "s3:GetBucketLocation", "iot:Publish" ], "Resource": "*" } ] } ``` and ``` { "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::scrdm.artifacts/*" } ] } ``` with scrdm.artifacts the name of the bucket where my component is stored. You'll notice the "s3:GetBucketLocation". effectiveConfig.yaml seem to have the proper thing name and paths Can someone please tell me what I am doing wrong? TIA François
2
answers
0
votes
8
views
asked 4 months ago

Greengrass V2: Removing containerized Lambda corrupts deployment

I've been working with GGv2 and containerized Lambdas and have run into an issue where removing a Lambda via a deployment revision causes the `aws.greengrass.LambdaManager` component to be stuck in a fault state. To reproduce the issue, you can follow these steps: 1. Create two distinct, containerized Lambda components (e.g., lambda1 and lambda2) 2. Create a deployment containing both containerized Lambda components 3. Verify the deployment is successfully pushed down to the GGv2 core device 4. Revise the deployment to remove one of the containerized Lambda components (e.g., lambda2) and push it down to the GGv2 core device 5. While processing the revised deployment, the `aws.greengrass.LambdaManager` component will complain that the Lambda that was removed from the deployment (e.g., lambda2) 'does not exist' and throws a `LambdaNotFoundException`: ``` 2022-01-19T17:09:18.266Z [INFO] (aws.greengrass.LambdaManager-lifecycle) com.aws.greengrass.lambdamanager.LambdaManager: service-set-state. {serviceName=aws.greengrass.LambdaManager, currentState=ERRORED, newState=NEW} 2022-01-19T17:09:18.280Z [ERROR] (pool-2-thread-29) com.aws.greengrass.lambdamanager.LambdaManager: service-errored. {serviceName=aws.greengrass.LambdaManager, currentState=NEW} com.aws.greengrass.lambdamanager.LambdaNotFoundException: Lambda component:<LAMBDA_COMPONENT_NAME> does not exist at com.aws.greengrass.lambdamanager.system.v1subscription.RouteTable.lambda$normalizeToArn$2(RouteTable.java:139) at java.base/java.util.Optional.orElseThrow(Unknown Source) at com.aws.greengrass.lambdamanager.system.v1subscription.RouteTable.normalizeToArn(RouteTable.java:138) at com.aws.greengrass.lambdamanager.system.v1subscription.RouteTable.convertConfigToRoute(RouteTable.java:106) at com.aws.greengrass.lambdamanager.system.v1subscription.RouteTable.addRoute(RouteTable.java:98) at com.aws.greengrass.lambdamanager.system.v1subscription.RouteTable.loadRoutesFromConfig(RouteTable.java:59) at com.aws.greengrass.lambdamanager.system.RouterLambda.loadSubscription(RouterLambda.java:60) at com.aws.greengrass.lambdamanager.LambdaManager.reloadV1Subscription(LambdaManager.java:337) at com.aws.greengrass.lambdamanager.LambdaManager.lambda$install$1(LambdaManager.java:122) at com.aws.greengrass.config.Topics.subscribe(Topics.java:469) at com.aws.greengrass.lambdamanager.LambdaManager.install(LambdaManager.java:117) at com.aws.greengrass.lifecyclemanager.Lifecycle.lambda$handleCurrentStateNew$5(Lifecycle.java:441) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.base/java.util.concurrent.FutureTask.run(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.base/java.lang.Thread.run(Unknown Source) 2022-01-19T17:09:18.287Z [INFO] (aws.greengrass.LambdaManager-lifecycle) com.aws.greengrass.lambdamanager.LambdaManager: service-set-state. {serviceName=aws.greengrass.LambdaManager, currentState=NEW, newState=BROKEN} 2022-01-19T17:09:18.312Z [INFO] (aws.greengrass.LambdaManager-lifecycle) com.aws.greengrass.status.FleetStatusService: fss-status-update-published. Status update published to FSS. {serviceName=FleetStatusService, currentState=RUNNING} 2022-01-19T17:09:18.318Z [ERROR] (aws.greengrass.LambdaManager-lifecycle) com.aws.greengrass.lambdamanager.LambdaManager: service-broken. service is broken. Deployment is needed. {serviceName=aws.greengrass.LambdaManager, currentState=BROKEN} 2022-01-19T17:09:19.201Z [WARN] (pool-2-thread-28) com.aws.greengrass.deployment.DeploymentConfigMerger: merge-config. merge-config-service BROKEN. {serviceName=aws.greengrass.LambdaManager} 2022-01-19T17:09:19.207Z [ERROR] (pool-2-thread-28) com.aws.greengrass.deployment.activator.DeploymentActivator: merge-config. Deployment failed. {deploymentId=8ce921fa-e850-40f7-96f7-dca557bcf130} com.aws.greengrass.deployment.exceptions.ServiceUpdateException: Service aws.greengrass.LambdaManager in broken state after deployment at com.aws.greengrass.deployment.DeploymentConfigMerger.waitForServicesToStart(DeploymentConfigMerger.java:194) at com.aws.greengrass.deployment.activator.DefaultActivator.activate(DefaultActivator.java:84) at com.aws.greengrass.deployment.DeploymentConfigMerger.updateActionForDeployment(DeploymentConfigMerger.java:150) at com.aws.greengrass.deployment.DeploymentConfigMerger.lambda$mergeInNewConfig$0(DeploymentConfigMerger.java:102) at com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService.runUpdateActions(UpdateSystemPolicyService.java:95) at com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService.lambda$startup$0(UpdateSystemPolicyService.java:165) at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.base/java.util.concurrent.FutureTask.run(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.base/java.lang.Thread.run(Unknown Source) ``` After this: * The deployment's status is set to 'Failed' * The GGv2 core device's status is set to 'Unhealthy' * The `aws.greengrass.LambdaManager` component's status is set to 'Broken' * Worst of all, the other Lambda which remains in the deployment (e.g., lambda1) is **NOT** started since the `aws.greengrass.LambdaManager` component is a in 'Broken' state Pushing down the deployment again (i.e., revising it without making any changes) does not fix the issue. Revising the deployment to contain both original Lambdas restores the GGv2 core back to a working state; however, this is definitely not preferred. Has anyone seen this issue? Or are there any workarounds/settings/configurations that I am missing here? Relevant component versions: * aws.greengrass.Nucleus: 2.5.3 * aws.greengrass.LambdaLauncher: 2.0.9 * aws.greengrass.TokenExchangeService: 2.0.3 * aws.greengrass.LambdaRuntimes: 2.0.8 * aws.greengrass.LambdaManager: 2.2.1 * aws.greengrass.LegacySubscriptionRouter: 2.1.4 Thanks!
1
answers
0
votes
8
views
asked 4 months ago
  • 1
  • 90 / page