Comments (8)
huguesBouvier
commented on June 19, 2024
1
Hello,
That's correct, you need to complete the GG procedure completetly, once deployement is complete, it should turn green "Successfully completed".
Usual problems are:
- GG not correctly configured on the device it is running on (configure end point etc...)
- Device running GG as a firewall blocking port 8883
- In settings, add a role "Greengrass service role"
Right now there is no GGD test but I brought back the idea to our internal GG team.
Hugues
from amazon-freertos.
huguesBouvier
commented on June 19, 2024
Connection to Greengrass is established in 3 steps:
- It connects to your AWS IoT Endpoint (not Greengrass) on port 8443 to retrieve an HTML file that embeds a JSON document.
- The retrieved JSON document is parsed to extract the Greengrass Certificate, the Port Number and the Greengrass IP.
- Once IP, Port Number, and the Certificate are retrieved, it will connect to the Greengrass, usually on port 8883 (not 8443) using the extracted certificate.
Looking at the logs you provided, it seems that you are able to connect to your AWS IoT Endpoint on port 8443 (as mentioned in step 1 above) but you are unable to retrieve the Greengrass JSON file.
One potential issue may be that your device policy doesn't authorize Greengrass, an example of which may be the following:
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":"iot:",
"Resource":""
},
{
"Effect":"Allow",
"Action":"greengrass:",
"Resource":""
}
]
}
Would you please share the policy document attached to the certificate you are using?
Hugues
from amazon-freertos.
cyliangtw
commented on June 19, 2024
@huguesBouvier , my original policy is really without action for greengrass, however still got error after I adjusted the policy with greengrass action. It failed in GGD_SecureConnect_Read. I could pass MQTT stress & agent test, so my certificate should be OK to TLS connect.
Error log as:
TEST(Full_GGD, GetIPandCertificateFromJSON)JSONRequestGetSize: 112
SecureConnect - recv error, -30848
JSON parsing - JSON file retrieval failed
Adjusted policy as:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"greengrass:*",
"iot:*"
],
"Resource": "*"
}
]
}
from amazon-freertos.
cyliangtw
commented on June 19, 2024
@huguesBouvier , is there any problem of my policy file for green-grass ?
from amazon-freertos.
huguesBouvier
commented on June 19, 2024
Hello,
Your policy seems to be correct. Looking at the error, it comes from an issue in the HTML document that is sent by the server.
i.e: The size is only 112. If it contains the certificate, it should be a lot bigger that that.
Could you look into the response sent by the server?
You can achieve it by adding:
GGD_SecureConnect_Read( &BufferBiggerThan112,
( uint32_t ) 112,
*pxSocket,
&ulReadSize );
After
GGD_JSONRequestGetSize( &xSocket, &ulJSONFileSize );
The content of BufferBiggerThan112 will reflect what is inside the returned http page.
Hugues
from amazon-freertos.
cyliangtw
commented on June 19, 2024
@huguesBouvier , thanks of your helpful comment, the error message reveals the wrong region and I changed region as Oregon.
Then, to create Greengrass group, policy & core. In setting my core ->"connectivity", except to Setting Up an Amazon EC2 Instance by myself, is there any existing endpoint(IP or DNS) & port for test purpose ?
from amazon-freertos.
huguesBouvier
commented on June 19, 2024
Hello,
You are welcome :).
About the test endpoint, I have no knowledge of it but I can consult with our internal Greengrass team.
Could you give more information about what you need?
Thank you,
Hugues
from amazon-freertos.
cyliangtw
commented on June 19, 2024
@huguesBouvier , I created green-grass group, policy, core & added device. In my green-grass group, I created one Lambdas & local resource with status as "Affiliated". In my green-grass core, it's connectivity shows "doesn't have any endpoints configured". However, to make greengrass group a deployment, it's status seems keep "In progress" forever.
Based on the above condition, GGD_SecureConnect_Read got {"errorMessage":"Resource not found"} after GGD_JSONRequestGetSize.
Should I need to finish green-grass core's connectivity setting ?
Is there any existing shared test environment for GGD test ?
from amazon-freertos.
Related Issues (20)
- [BUG] `CORE_MQTT_MUTUAL_AUTH` Demo: Failed to establish new connection HOT 5
- [BUG] pPublishInfo->payloadLength changes after call to sendPacket HOT 6
- [BUG] MbedTLS version not reflected within git modules. HOT 2
- [BUG] Array bound warning observed in iot_test_tcp.c HOT 2
- [General] Where is esp_hw_support component ? HOT 1
- [Feature Request] Allow to define custom 'help' command in freertos-cli HOT 2
- nvs_flash_init() panics HOT 1
- [BUG] Lacking a check for the return value of mbedtls_ssl_conf_own_cert() HOT 1
- [Feature Request] Update submodule "vendors/espressif/esp-idf" to release/v4.4 of esp-afr-sdk HOT 2
- [General] Unable to access esp-idf ble_wifi_provisioning component HOT 9
- [General] Cannot use Bluedroid, NVS crashes/panics HOT 15
- [General] BLE service to leverage IOT BLE data transfer service HOT 1
- ESP32 compiled binary shows absolute file path when walked through using binwalk HOT 6
- [General] STM32L4 discovary board AWS IoT Tera Term Error HOT 5
- [BUG] ESP32 Port SPI Error with S3 HOT 2
- [BUG] Trace output of ESP32-DevKitC jobs demo is clobbered HOT 2
- [General] Ethernet AWS MQTT DNS Network Error HOT 4
- [General] Is there a reason, why there is almost two months no merge in main? HOT 5
- [General] ESP32S3 OTA fails due to not multiple of 16 bytes
- [General] esp_ota_begin fails in simple example HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from amazon-freertos.