Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

edgeHub container fails to start, probably due to user permissions (listen on port 443 with unprivileged user)

See original GitHub issue

I am trying to setup GA on redhat 7. One of the errors I have found is that the edgeHub Docker container is unable to start. After some troubleshooting and after checking that the iotedged daemon was reachable through http I created a custom Docker image with user “root” and it worked so I suspect it is due to the edgeHub is unable to listen in that port and it fails. This is the error I am getting:

[2018-07-17 07:23:34 : Starting Edge Hub [07/17/2018 07:23:34.254 AM] Edge Hub Main() FailFast: Exception thrown from SocketAsyncEngine event loop: System.TypeInitializationException: The type initializer for ‘OperationQueue1' threw an exception. ---> System.IO.FileLoadException: Could not load file or assembly 'System.Threading.ThreadPool, Version=4.1.1.0, Culture=neutral, PublicKeyToken=*********'. Access is denied. at System.Net.Sockets.SocketAsyncContext.OperationQueue1…cctor() — End of inner exception stack trace — at System.Net.Sockets.SocketAsyncContext.OperationQueue1.HandleEvent(SocketAsyncContext context) at System.Net.Sockets.SocketAsyncContext.HandleEvents(SocketEvents events) at System.Net.Sockets.SocketAsyncEngine.EventLoop() at System.Environment.FailFast(System.String, System.Exception) at System.Environment.FailFast(System.String, System.Exception) at System.Net.Sockets.SocketAsyncEngine.EventLoop() at System.Net.Sockets.SocketAsyncEngine+<>c.<.ctor>b__24_0(System.Object) at System.Threading.Tasks.Task.ExecuteWithThreadLocal(System.Threading.Tasks.Task ByRef) Exception details: System.TypeInitializationException: The type initializer for 'OperationQueue1’ threw an exception. —> System.IO.FileLoadException: Could not load file or assembly ‘System.Threading.ThreadPool, Version=4.1.1.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a’. Access is denied. at System.Net.Sockets.SocketAsyncContext.OperationQueue1..cctor() --- End of inner exception stack trace --- at System.Net.Sockets.SocketAsyncContext.OperationQueue1.HandleEvent(SocketAsyncContext context) at System.Net.Sockets.SocketAsyncContext.HandleEvents(SocketEvents events) at System.Net.Sockets.SocketAsyncEngine.EventLoop()

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:20 (6 by maintainers)

github_iconTop GitHub Comments

1reaction
roicostascommented, Sep 7, 2018

Hi, have you tried it after rebooting it?

Our host is RHEL 7.5 and it works after a fresh install however it fails after reboot due to two things:

  1. Folder /var/run/iotedge is not automatically created, solution is to create the file /etc/tmpfiles.d/iotedge.conf:
d /run/iotedge 0755 iotedge iotedge -
  1. Socket permissions are still wrong for eventHub and any other non root module, the workaround is to run them with root

We use unix sockets directly in iotedge configuration. That may change in your case.

1reaction
roicostascommented, Sep 7, 2018

Setting User as root in the deployment does not work so you need a new image. It does not make sense for me being able to change a subset not documented of Docker options and not others. This is my workaround:

  • Dockerfile
FROM mcr.microsoft.com/azureiotedge-hub:1.0.1
User root
  • Build
docker build -t <my_registry/user in dockerhub>/azureiotedge-hub:1.0.1-as_root .
  • Use this image in your deployment
Read more comments on GitHub >

github_iconTop Results From Across the Web

Azur IoT Edge Hub fails to start
I have upgraded an iot edge to 1.2 and it edge hub does not start. As per error below (truncated) ---> Microsoft.Azure.Devices.Edge.Agent.
Read more >
Allow non-root process to bind to port 80 and 443?
The reason I ask is I think its foolish to allow a privileged process to open a socket and listen. Anything that opens...
Read more >
Give non root users permission to use one port
Adding a user to the docker group gives that user psuedo root access due to having control of the docker daemon having that...
Read more >
Why am I able to bind a privileged port in my container ...
Basically they defined that unprivileged port start at 0 instead of 1024 so the NET_BIND_SERVICE capability is not needed. I think the rationale ......
Read more >
Troubleshooting Azure IoT Hub error codes
Principal user@example.com is not authorized for GET on /exampleOperation due to no assigned permissions. This error occurs because, for MQTT, ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Supported OS and Platform combination

Next page

Installation of Moby fails on Raspberry Pi Zero W