Raspberry PI / IOTEdge failing to pull from Azure Container Registry

拜拜、爱过 提交于 2019-12-11 19:55:05

问题


I have an IOTEdge device (Rapi3) and IotEdgeHub and IotEdgeagent are deployed and running.

I have successfully built and deployed images (custom-vision example) to ACR and have configured Access Keys in the portal. I've added the respective credentials to my .env file.

The deployment.json has been deployed using Create deployment for single device.

Within IotAgent logs I can see a series of 500 errors:

Executing command for operation ["create"] failed. Microsoft.Azure.Devices.Edge.Agent.Edgelet.EdgeletCommunicationException- Message:Error calling Create module camera-capture: Could not create module camera-capture caused by: Could not pull image myregistryname.azurecr.io/azurev1/cameracapture:0.2.7-arm32v7 caused by: Get https://myregistryname.azurecr.io/v2/azurev1/cameracapture/manifests/0.2.7-arm32v7: unauthorized: authentication required, StatusCode:500

I have already run sudo docker login -u myregistryname -p accesskeypassword1 myregistryname.azurecr.io/azurev1 successfully

I can run sudo docker pull myregistryname.azurecr.io/azurev1/cameracapture:0.2.7-arm32v7 manually which successfully download the respective image.

It would appear that IotEdgeHub and/or IotEdgeAgent doesn't have the same access to the ACR. How can I elevate the privileges.


Update; my deployment.template.json file is as follows:

{
  "moduleContent": {
    "$edgeAgent": {
      "properties.desired": {
        "schemaVersion": "1.0",
        "runtime": {
          "type": "docker",
          "settings": {
            "minDockerVersion": "v1.25",
            "loggingOptions": "",
            "registryCredentials": {
              "registryName": {
                "username": "$CONTAINER_REGISTRY_USERNAME",
                "password": "$CONTAINER_REGISTRY_PASSWORD",
                "address": "$CONTAINER_REGISTRY_ADDRESS"
              }
            }
          }
        },
        "systemModules": {
          "edgeAgent": {
            "type": "docker",
            "settings": {
              "image": "mcr.microsoft.com/azureiotedge-agent:1.0",
              "createOptions": ""
            }
          },
          "edgeHub": {
            "type": "docker",
            "status": "running",
            "restartPolicy": "always",
            "settings": {
              "image": "mcr.microsoft.com/azureiotedge-hub:1.0",
              "createOptions": ""
            },
            "env": {
                "OptimizeForPerformance": {
                  "value": "false"
                }
            }
          }
        },
        "modules": {
          "camera-capture": {
            "version": "1.0",
            "type": "docker",
            "status": "running",
            "restartPolicy": "always",
            "env": {
              "VIDEO_PATH": {"value": 0},
              "IMAGE_PROCESSING_ENDPOINT":  {"value": "http://image-classifier-service:80/image"},
              "RESIZE_WIDTH":  {"value": 256},
              "RESIZE_HEIGHT":  {"value": 256},
              "SHOW_VIDEO":  {"value": "True"}
            },
            "settings": {
              "image": "${MODULES.CameraCapture.arm32v7}",
              "createOptions": {
                "HostConfig": {
                  "PortBindings": {
                    "5012/tcp": [ { "HostPort":"5012"}]
                  },
                  "Binds": ["/dev/video0:/dev/video0"],
                  "Devices":[{"PathOnHost":"/dev/video0","PathInContainer":"/dev/video0","CgroupPermissions":"mrw"}]
                }
              }
            }
          },
          "sensehat-display": {
            "version": "1.0",
            "type": "docker",
            "status": "running",
            "restartPolicy": "always",
            "env": {
              "THRESHOLD": {"value": 0.6}
            },
            "settings": {
              "image": "${MODULES.SenseHatDisplay.arm32v7}",
              "createOptions": {
                "HostConfig":{
                  "Binds":["/dev/i2c1:/dev/i2c1"],
                  "Privileged":true
                }
              }
            }
          },
          "image-classifier-service": {
            "version": "1.0",
            "type": "docker",
            "status": "running",
            "restartPolicy": "always",
            "settings": {
              "image": "${MODULES.ImageClassifierService.arm32v7}",
              "createOptions": ""
            }
          }
        }
      }
    },
    "$edgeHub": {
      "properties.desired": {
        "schemaVersion": "1.0",
        "routes": {
          "CameraCaptureToSenseHatDisplay": "FROM /messages/modules/camera-capture/outputs/output1 INTO BrokeredEndpoint(\"/modules/sensehat-display/inputs/input1\")",
          "CameraCaptureToIoTHub": "FROM /messages/modules/camera-capture/outputs/output1 INTO $upstream",
          "CameraCaptureGAToIoTHub": "FROM /messages/modules/CameraCaptureGA/outputs/* INTO $upstream"
        },
        "storeAndForwardConfiguration": {
          "timeToLiveSecs": 7200
        }
      }
    }
  }
}

Settings as displayed in the portal:


回答1:


The deployment.json that gets send to the device should look like this (if you do use the ACR admin credentials and not the recommended service principle):

"registryCredentials": {
    "registryName": {
        "username": "myregistryname",
        "password": "xxxxxxxxxxxxxxxxxxx",
        "address": "myregistryname.azurecr.io"
     }
 }

Can you confirm your deployment.json looks like this?



来源:https://stackoverflow.com/questions/54449612/raspberry-pi-iotedge-failing-to-pull-from-azure-container-registry

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!