Raspberry PI / IOTEdge无法从Azure容器注册表中提取
我有一个IOTEdge设备(Rapi3),并且IotEdgeHub和IotEdgeagent已部署并正在运行。
我已成功将映像(custom-vision example)构建和部署到ACR,并已在门户中配置了访问密钥。我已将各自的凭据添加到我的.env文件中。
已使用deployment.json部署了Create deployment for single device。
在IotAgent日志中,我可以看到一系列500错误:
执行操作[“ create”]的命令失败。 Microsoft.Azure.Devices.Edge.Agent.Edgelet.EdgeletCommunicationException- 消息:调用创建模块照相机捕获时出错:无法创建 导致的模块相机捕获:无法提取图像 myregistryname.azurecr.io/azurev1/cameracapture:0.2.7-arm32v7引起 创建人:获取 https://myregistryname.azurecr.io/v2/azurev1/cameracapture/manifests/0.2.7-arm32v7: 未经授权:需要身份验证,StatusCode:500
我已经成功运行sudo docker login -u myregistryname -p accesskeypassword1 myregistryname.azurecr.io/azurev1
我可以手动运行sudo docker pull myregistryname.azurecr.io/azurev1/cameracapture:0.2.7-arm32v7并成功下载相应的图像。
似乎IotEdgeHub和/或IotEdgeAgent对ACR的访问权限不同。我如何提升特权。
更新;我的deployment.template.json文件如下:
{
"moduleContent": {
"$edgeAgent": {
"properties.desired": {
"schemaVersion": "1.0",
"runtime": {
"type": "docker",
"settings": {
"minDockerVersion": "v1.25",
"loggingOptions": "",
"registryCredentials": {
"registryName": {
"username": "$CONTAINER_REGISTRY_USERNAME",
"password": "$CONTAINER_REGISTRY_PASSWORD",
"address": "$CONTAINER_REGISTRY_ADDRESS"
}
}
}
},
"systemModules": {
"edgeAgent": {
"type": "docker",
"settings": {
"image": "mcr.microsoft.com/azureiotedge-agent:1.0",
"createOptions": ""
}
},
"edgeHub": {
"type": "docker",
"status": "running",
"restartPolicy": "always",
"settings": {
"image": "mcr.microsoft.com/azureiotedge-hub:1.0",
"createOptions": ""
},
"env": {
"OptimizeForPerformance": {
"value": "false"
}
}
}
},
"modules": {
"camera-capture": {
"version": "1.0",
"type": "docker",
"status": "running",
"restartPolicy": "always",
"env": {
"VIDEO_PATH": {"value": 0},
"IMAGE_PROCESSING_ENDPOINT": {"value": "http://image-classifier-service:80/image"},
"RESIZE_WIDTH": {"value": 256},
"RESIZE_HEIGHT": {"value": 256},
"SHOW_VIDEO": {"value": "True"}
},
"settings": {
"image": "${MODULES.CameraCapture.arm32v7}",
"createOptions": {
"HostConfig": {
"PortBindings": {
"5012/tcp": [ { "HostPort":"5012"}]
},
"Binds": ["/dev/video0:/dev/video0"],
"Devices":[{"PathOnHost":"/dev/video0","PathInContainer":"/dev/video0","CgroupPermissions":"mrw"}]
}
}
}
},
"sensehat-display": {
"version": "1.0",
"type": "docker",
"status": "running",
"restartPolicy": "always",
"env": {
"THRESHOLD": {"value": 0.6}
},
"settings": {
"image": "${MODULES.SenseHatDisplay.arm32v7}",
"createOptions": {
"HostConfig":{
"Binds":["/dev/i2c1:/dev/i2c1"],
"Privileged":true
}
}
}
},
"image-classifier-service": {
"version": "1.0",
"type": "docker",
"status": "running",
"restartPolicy": "always",
"settings": {
"image": "${MODULES.ImageClassifierService.arm32v7}",
"createOptions": ""
}
}
}
}
},
"$edgeHub": {
"properties.desired": {
"schemaVersion": "1.0",
"routes": {
"CameraCaptureToSenseHatDisplay": "FROM /messages/modules/camera-capture/outputs/output1 INTO BrokeredEndpoint(\"/modules/sensehat-display/inputs/input1\")",
"CameraCaptureToIoTHub": "FROM /messages/modules/camera-capture/outputs/output1 INTO $upstream",
"CameraCaptureGAToIoTHub": "FROM /messages/modules/CameraCaptureGA/outputs/* INTO $upstream"
},
"storeAndForwardConfiguration": {
"timeToLiveSecs": 7200
}
}
}
}
}
在门户中显示的设置:
1 个答案:
答案 0 :(得分:1)
发送到设备的deployment.json应该看起来像这样(如果您确实使用ACR管理员凭据而不是推荐的service principle):
"registryCredentials": {
"registryName": {
"username": "myregistryname",
"password": "xxxxxxxxxxxxxxxxxxx",
"address": "myregistryname.azurecr.io"
}
}
您可以确认您的deployment.json看起来像这样吗?
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?