У меня есть устройство Azure IoT Edge, настроенное как виртуальная машина Ubuntu Linux на VMware. Подключается к моему IoT Hub без проблем. Я пытаюсь зарегистрировать конечное устройство (raspberry pi, который я успешно подключил к концентратору IoT напрямую, я удалил устройство из концентратора). Устройство Edge настроено как прозрачный шлюз. Когда я пытаюсь зарегистрировать устройство через Edge, я получаю Соединение отказано. Iptables на пограничном устройстве настроен для пересылки MQTT в контейнер edgeHub, который находится в сети док-станции azure-iot-edge. Это в регистрационных примерах устройства от Python SDK. Точная ошибка, которую я получаю:
MQTTTransportStage: _on_mqtt_connection_failure called: Connection Refused: not authorised.
MQTTTransportStage(ConnectOperation): completing with error Connection Refused: not authorised.
SerializeConnectOpsStage(ConnectOperation): op failed. Unblocking queue with error: Connection Refused: not authorised.
EnsureConnectionStage(MQTTSubscribeOperation): Connection failed. Completing with failure because of connection failure: Connection Refused: not authorised.
EnsureConnectionStage(MQTTSubscribeOperation): completing with error Connection Refused: not authorised.
ProvisioningMQTTConverterStage(EnableFeatureOperation): completing with error Connection Refused: not authorised.
MQTTTransportStage: _on_mqtt_disconnect called: The connection was refused.
Unhandled exception in background thread
MQTTTransportStage: disconnection was unexpected
This may cause the background thread to abort and may result in system instability.
Exception caught in background thread. Unable to handle.
azure.iot.device.common.transport_exceptions.ConnectionFailedError: The connection was refused.
Похоже, что пересылка не происходит. Это мой iptables
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
DOCKER-USER all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-1 all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DOCKER all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (2 references)
target prot opt source destination
ACCEPT tcp -- anywhere 172.18.0.2 tcp dpt:8883
ACCEPT tcp -- anywhere 172.18.0.2 tcp dpt:amqps
ACCEPT tcp -- anywhere 172.18.0.2 tcp dpt:https
Chain DOCKER-ISOLATION-STAGE-1 (1 references)
target prot opt source destination
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
DOCKER-ISOLATION-STAGE-2 all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION-STAGE-2 (2 references)
target prot opt source destination
DROP all -- anywhere anywhere
DROP all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere