IoT – Blog – René Hézser

Count provisioned devices by DPS

Azure, Event Grid, Event Hub, IoT, IoT Hub, Stream Analytics, Uncategorised by René Hézser

This post shows a way to find out how many IoT (Edge) devices have been provisioned by a specific enrolment group within the last x minutes.

The solution could be much simpler if I just wanted to know how many devices are registering themselves. In this case the build in metrics are enough to get that information.

The use case required a more sophisticated solution that is able to reflect the tenants, identified by tags.

Device Provisioning Service

Different Enrolment Groups separate devices in this scenario into Tenants. To be able to identify the customers, an initial tag CustomerId is added to the enrolment group. It is then applied to the devices that are create by DPS in the IoT Hub.

{
  "tags": {
    "CustomerId": "AnotherCustomer"
  },
  "properties": {
    "desired": {}
  }
}

This tag can then be used for e.g. message enrichment. I’ve written previously about using it: https://www.hezser.de/blog/2020/05/13/properties-for-iot-messages-in-azure-stream-analytics/ (opens in a new tab)

The metrics from DPS did not allow me to distinguish the tags/customers. But IoT Hub will make them available and offers events for newly created devices.

IoT Hub

Within IoT Hub I created an event subscription, that passed on all necessary events to an EventHub.

The event will include the device twin, which has been prepopulated with the tags specified in the enrolment group.

As seen in the architecture diagram, Event Grid has been connected to an Event Hub. #plugandplay 😉 It will fire an event with the documented schema: Azure IoT Hub and Event Grid | Microsoft Docs

Event Hub

Why the additional Event Hub? Event Grid cannot be used as input for an Azure Stream Analytics Job and Event Hub is the universal connector in this case.

You can use the smallest tier (which is Basic) as there is not a lot of events flowing through it. The default 2 partitions is also fine.

Stream Analytics Job

I chose Stream Analytics for the further analysis of the events, because it offers an out-of-the box functionality for queries on time windows: Introduction to Azure Stream Analytics windowing functions | Microsoft Docs

As you can see, the query is pretty simple and can be adjusted easily.

The example uses a blob storage as output, but you can choose to write to an Azure Function or whatever you want to do with the know how that one customer has onboarded lots of devices in a short period of time.

Azure IoT Edge on constraint devices

Azure, IoT, IoT Edge, Uncategorised by René Hézser

Introduction

In this post I would like to show some tweaks you can (and might need to) apply to influence the behavior of your IoT Edge device, when it comes to message retention on devices that are limited in resources.

The setup of this scenario is not uncommon, as it uses a module to retrieve telemetry from machines, parses them in another module and sends the messages to an IoT Hub.

The problem

After a while the device is not sending data anymore and is not accessible via SSH. The logs reveal lots of message still in the queue.

picture with logfile lines like Cleaned up messages from queue for endpoint iothub and messages from message store — Lots of messages in the queue in edgeHub logs

But why? And how can I find out what causes the problem?
Spoiler: Disk full 🙁

Troubleshoot

Looking at logfiles helps a lot – if you have access to the logfiles. Fortunately IoT Edge can expose data in the Prometheus exposition format for the edgeHub and edgeAgent. These endpoints are enabled by default for IoT Edge 1.0.10 (upgrade to this version if you haven’t) and can be enabled for 1.0.9.

The data can then be uploaded to Log Analytics for further analysis and to create alerts with a sample metrics-collector module.

For analyzation and to display the metrics, you can use a Workbook in Azure Monitor.

Azure Monitor Workbook with edgeHub log extract

In this particular case I could see that the available disk space was going down, down, down until the whole device did not respond anymore (no SSH access possible, no data sent to Azure).

What to change?

Adding more space to the disk was not an option. Other solutions needed to solve the issue. There are 2 options I looked at and adjusted to be a better fit for the usage scenario and resource limitation.

The Time to live setting defines how long messages will be kept on the device: Operate devices offline – Azure IoT Edge | Microsoft Docs (which is set to 2h per default).
The not so obvious Rocks DB size configures the size of the logfiles: https://github.com/Azure/iotedge/issues/2431#issuecomment-582089419

After tweaking the settings, the following graph shows that now the device cleans up data before the disk runs full.

I can not give you values for you particular setup. You’ll need to figure them out for your setup depending on the amount of messages going though the Edge device and hardware sizing. Here are some pointers to settings which you might want to investigate, if you hit a similar problem on your devices:

Time-to-live: iotedge/Route_priority_and_TTL.md at master · Azure/iotedge (github.com)
Set the used protocol (MQTT/AMQP/HTTP): Prepare to deploy your solution in production – Azure IoT Edge | Microsoft Docs
Place limits on log sizes: Prepare to deploy your solution in production – Azure IoT Edge | Microsoft Docs
Alternate cleanup of message store: Alternate cleanup processor for MessageStore by dylanbronson · Pull Request #2893 · Azure/iotedge (github.com)
Optimize for performance will allocate larger files upon usage. Disabling might help: iotedge/EnvironmentVariables.md at master · Azure/iotedge (github.com)

The above image shows setting for RocksDB (orange: 512MB, blue, 128MB, green 256MB). With the default setting the device is running out of disk space.

What can I do to prevent the device crashing?

Well, it depends 🙂 You can find a setting from the above that will prevent a full disk for a known scenario. But if you don’t know which modules with which setting is deployed?

In this case an alarm for low disk space is an option. It then needs to trigger a function that calls a method on the device to restart the edgeHub. This will clear the cache.

Azure IoT Edge not starting

IoT Edge by René Hézser

Sometimes a permission denied is a permission denied 🙁

[INFO] - Starting Azure IoT Edge Security Daemon [INFO] - Version - 1.0.10~rc1 [INFO] - Using config file: /etc/iotedge/config.yaml [INFO] - Configuring /var/lib/iotedge as the home directory. [INFO] - Configuring certificates… [INFO] - Transparent gateway certificates not found, operating in quick start mode… [INFO] - Finished configuring provisioning environment variables and certificates. [INFO] - Initializing hsm… [INFO] - Finished initializing hsm. [INFO] - Provisioning edge device… [INFO] - Starting provisioning edge device via manual mode using a device connection string… [INFO] - Manually provisioning device "iotedgedevice" in hub "iothub.azure-devices.net" [INFO] - Finished provisioning edge device. [INFO] - Initializing the module runtime… [INFO] - Initializing module runtime… [INFO] - Using runtime network id azure-iot-edge [WARN] - Could not initialize module runtime [WARN] - caused by: Container runtime error [WARN] - caused by: error trying to connect: Permission denied (os error 13) [ERR!] - The daemon could not start up successfully: Could not initialize module runtime [ERR!] - caused by: Could not initialize module runtime [ERR!] - caused by: Container runtime error [ERR!] - caused by: error trying to connect: Permission denied (os error 13)

This is the output I got viajournalctl -u iotedge -f on a testinstallation.

For troubleshooting purpose I looked at the https://docs.microsoft.com/en-us/azure/iot-edge/troubleshoot guide. But nothing solved my problem. Then I disabled http and mqtt support as of https://docs.microsoft.com/en-us/azure/iot-edge/production-checklist. Still not starting.

Finally I got it up and running by creating a docker group, adding iotedge to it and changed the group ownership of the /var/run/docker.sock file sudo chown root:docker /var/run/docker.sock

This post is meant to be found via search engines if you (or me again) has the same startup problems.

My context: Ubuntu 20.04 with snap installed docker

Properties for IoT Messages in Azure Stream Analytics

Azure, IoT, Stream Analytics by René Hézser

In this post I want to show how to use properties that are added to messages that IoT devices are sending to Azure IoT Hub in Stream Analytics. And while talking about properties, let’s even use message enrichment 🙂

Sample Message

The green properties will be added by the Message enrichment feature of IoT Hub, as the data is not most likely not known on the IoT device or does not need to be transferred with each message.

{
  "body": {
    "messageId": 2300,
    "temperature": 28,
    "humidity": 66
  },
  "enqueuedTime": "2020-05-08T09:55:24.886Z",
  "properties": {
    "temperatureAlert": "false",
    "CustomerName": "Microsoft Deutschland GmbH",
    "CustomerId": "4711"
  }
}

Sample IoT Device

This message is sent by a sample C# client. I used this one: https://github.com/Azure-Samples/azure-iot-samples-csharp/tree/master/iot-hub/Samples/device/MessageSample

The code that sends the message with the alert property has been adjusted to this:

string dataBuffer = $"{{\"messageId\":{count},\"temperature\":{_temperature},\"humidity\":{_humidity}}}";
using (var eventMessage = new Message(Encoding.UTF8.GetBytes(dataBuffer)))
{
    eventMessage.Properties.Add("temperatureAlert", (_temperature > TemperatureThreshold) ? "true" : "false");

Configure IoT Hub

Device Twin

In most cases the IoT (Edge) device does not know which customer it is associated, as it does not need to know. For further processing of the data – or for device management – this information is relevant. Therefore we add this information to the device twin in Azure IoT Hub.

 "version": 3,
  "tags": {
    "customer": {
      "id": "4711",
      "name": "Microsoft Deutschland GmbH"
    }
  },
  "properties": {

The property names do not need to match the desired properties that will be added via message enrichment. You can choose a structure that fits best.

Message Enrichment

We want to add the customer number and id from the device twins to the message before it is being passed along to an endpoint.

As you can see the name of the property that is added does not need to match the name of the twin properties. Make sure you add the message enrichment to the right endpoint(s). You can decide to add different properties to messages that are routed to different endpoints.

Azure Stream Analytics

In the Stream Analytics job we use a SQL like query to filter the incoming message stream and route the messages to endpoints. The query will work fine as long as you use only the columns that are in the body of the messages (like “temperature” or “humidity” in this examle).

To be able to use the values in the properties, we need to use the GetMetadataPropertyValue function. Please take not of the sentence on the docs page: This function cannot be tested on the Azure portal using sample data

Query

SELECT
    GetMetadataPropertyValue([IoTHub-Messaging], '[User].[temperatureAlert]') AS temperaturealert,
    GetMetadataPropertyValue([IoTHub-Messaging], '[User].[CustomerName]') AS customername,
    GetMetadataPropertyValue([IoTHub-Messaging], '[User].[CustomerId]') AS customerid,
    *

The first three columns are our property and message enrichment columns while the other columns are all added as well.

Output

Let’s assume we want to add all message to a storage account where the customer id is part of the path.

This will work, as we added the customerid column in the query and it can be used for the path. Remember this is a demo and we only use the customerid as part of the path.

In the architecture diagram at the beginning of the post an Alert route is drawn. You can achieve this by adding a second query to the job which routes certain messages to that output.

IoT-Edge-HddMonitoring

Azure, IoT, IoT Edge by René Hézser

With Azure IoT Edge you can deploy modules (also known as Docker Containers) to a server. I’ve created a sample solution on GitHub that deploys a module which monitors the temperature of the harddisk that the server is running on.

https://github.com/ReneHezser/IoT-Edge-HddMonitoring

The repository can be a starting point for further customization.

VisionAI DevKit won’t deploy a module

Docker, IoT Edge, VisionAI DevKit by René Hézser

Today my VisionAI DevKit was not deploying a module. In the logs (sudo journalctl -u iotedge -f) I could see the deployment was received:

Successfully pulled image machinelearndfd8df7d.azurecr.io/mobilenetimagenet:3 Creating module VisionSampleImagenet… Could not create module VisionSampleImagenet caused by: No such image: machinelearndfd8df7d.azurecr.io/mobilenetimagenet:3

Strange. During troubleshooting I started docker images and saw a lot of older images and versions. After deleting a log of them with docker image rm xyz the deployment succeeded and the module started. 🙂

Learning: Clean up the mess…

Session auf der Iot-Konferenz

IoT, Konferenz by René Hézser

Mit dem Thema “IoT – Raus aus der Update-Hölle” bin ich als Sprecher auf der https://www.iot-konferenz.de im Oktober in München unterwegs.

Ich freu mich drauf 🙂

Category: IoT