【以下的问题经过翻译处理】 我正在尝试使用Fleet Provisioning By Claim 的方式来配置新设备(文档:https://docs.aws.amazon.com/greengrass/v2/developerguide/fleet-provisioning.html)。我已经将所有的证书放在设备上,并设置了设备的 iotDataEndpoint/iotCredentialEndpoint/provisioningTemplate/rootCaPath。
运行最后一个命令“sudo -E java -Droot="/greengrass/v2"”后,我收到了“Successfully set up Nucleus as a system service”和“greengrass is running”的提示,但是无法在iotCore上找到该设备。我检查了greengrass.log,并在后面粘贴上了日志。同时,我的nucleus和main.log文件都是空的。请问是否有其他方法来debug此问题?
config.yaml文件
services:
aws.greengrass.Nucleus:
version: "2.5.6"
configuration:
awsRegion: "us-east-1"
aws.greengrass.FleetProvisioningByClaim:
configuration:
rootPath: /greengrass/v2
awsRegion: "us-east-1"
iotDataEndpoint: "$iotDataEndpoint" // replaced with endpoint as retrieved from aws iot describe-endpoint --endpoint-type iot:Data-ATS
iotCredentialEndpoint: "$iotCredentialEndpoint" // replaced with endpoint as retrieved from aws iot describe-endpoint --endpoint-type iot:CredentialProvider
iotRoleAlias: "GreengrassV2TokenExchangeRoleAlias"
provisioningTemplate: "$provisioningTemplate" // Value as copied from `Fleet provisioning templates` in IOT Core
claimCertificatePath: "/greengrass/v2/claim-certs/claim.pem.crt" // copied from certificatePem as mentioned in https://tiny.amazon.com/n4qhu1jm/docsawsamaziotlateapirAPI_
claimCertificatePrivateKeyPath: "/greengrass/v2/claim-certs/claim.private.pem.key" // copied from keyPair.privateKey as mentioned in https://tiny.amazon.com/n4qhu1jm/docsawsamaziotlateapirAPI_
rootCaPath: "/greengrass/v2/AmazonRootCA1.pem" // verified they are present
templateParameters:
ThingName: "$thingName" // replaced $thingName with my thing name
ThingGroupName: "$thingGroupName" // replaced $thingName with my group name
Java 命令:
sudo -E java -Droot="/greengrass/v2" -Dlog.store=FILE \
-jar /target/GreengrassInstaller/lib/Greengrass.jar \
--trusted-plugin /target/GreengrassInstaller/aws.greengrass.FleetProvisioningByClaim.jar \
--init-config /target/GreengrassInstaller/config.yaml \
--component-default-user ggc_user:ggc_group \
--setup-system-service true
greengrass.log:
2022-07-03T14:33:00.260Z [ERROR] (pool-2-thread-1) com.aws.greengrass.FleetProvisioningByClaimPlugin: Exception encountered while getting device identity information. {}
software.amazon.awssdk.crt.CrtRuntimeException: aws_tls_ctx_options_init_client_mtls_from_path failed (aws_last_error: AWS_ERROR_INVALID_ARGUMENT(34), An invalid argument was passed to a function.) AWS_ERROR_INVALID_ARGUMENT(34)
at software.amazon.awssdk.crt.io.TlsContextOptions.tlsContextOptionsNew(Native Method)
at software.amazon.awssdk.crt.io.TlsContextOptions.getNativeHandle(TlsContextOptions.java:108)
at software.amazon.awssdk.crt.io.TlsContext.<init>(TlsContext.java:24)
at software.amazon.awssdk.crt.io.ClientTlsContext.<init>(ClientTlsContext.java:26)
at software.amazon.awssdk.iot.AwsIotMqttConnectionBuilder.build(AwsIotMqttConnectionBuilder.java:619)
at com.aws.greengrass.MqttConnectionHelper.getMqttConnection(MqttConnectionHelper.java:66)
at com.aws.greengrass.FleetProvisioningByClaimPlugin.updateIdentityConfiguration(FleetProvisioningByClaimPlugin.java:142)
at com.aws.greengrass.lifecyclemanager.KernelLifecycle.lambda$executeProvisioningPlugin$1(KernelLifecycle.java:199)
at com.aws.greengrass.util.RetryUtils.runWithRetry(RetryUtils.java:50)
at com.aws.greengrass.lifecyclemanager.KernelLifecycle.lambda$executeProvisioningPlugin$2(KernelLifecycle.java:198)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)