Troubleshooting Riverbed Edge Status

In the event that you experience problems with connecting your Riverbed Edge instance as described in Configuring Riverbed Edge and Data Sources:

  • A Riverbed Edge instance shows red status on the Data Sources page.

  • There's no discernible evidence of data being pushed to Azure blob storage.

A Riverbed Edge instance shows red status on the Data Sources page

  • Make certain that you have whitelisted DNS names and opened required ports as detailed in Firewall Rules. Having these set incorrectly is the most common cause of Riverbed Edge not coming up completely and correctly.

  • ssh to Riverbed Edge using the default username and password.

    • Run the following commands and collect the corresponding outputs:

      • iotedge check (see an example of this later on this page)

      • cloud-init analyze boot

    • Collect the following files and outputs:

      • /var/log/cloud-init.log

      • /var/log/cloud-init-output.log

      • /etc/aziot/config.toml

There's no discernible evidence of data being pushed to Azure blob storage

Riverbed Edge has partial connectivity: the Data Sources page shows its status as green, but no data is being collected from data sources.

  • Make certain that you have whitelisted DNS names and opened required ports as detailed in Firewall Rules. Having these set incorrectly is the most common cause of Riverbed Edge not coming up completely and correctly.

  • Run iotedge check and docker ps and collect the corresponding outputs. (See an example of iotedge check output below). Most likely, one of the DNS names is not whitelisted or one of the ports is not open.

    • Verify that port 11002 is open from the point product. This port lets point products push data to the Azure blob.

    • Verify that ports 443 (NetProfiler/AppResponse) and 8543(NetIM) are open for on-demand calls from the Riverbed IQ service.

iotedge check Output Example

An example of typical iotedge check output follows:

Copy 
Configuration checks (aziot-identity-service)
---------------------------------------------
√ keyd configuration is well-formed - OK
√ certd configuration is well-formed - OK
√ tpmd configuration is well-formed - OK
√ identityd configuration is well-formed - OK
√ daemon configurations up-to-date with config.toml - OK
√ identityd config toml file specifies a valid hostname - OK
‼ aziot-identity-service package is up-to-date - Warning
    Installed aziot-identity-service package has version 1.2.5 but 1.3.0 is the latest stable version available.
    Please see https://aka.ms/aziot-update-runtime for update instructions.
‼ host time is close to reference time - Warning
    Time on the device is out of sync with the NTP server. This may cause problems connecting to IoT Hub.
    Please ensure time on device is accurate, for example by installing an NTP daemon.
√ preloaded certificates are valid - OK
√ keyd is running - OK
√ certd is running - OK
√ identityd is running - OK
√ read all preloaded certificates from the Certificates Service - OK
√ read all preloaded key pairs from the Keys Service - OK
√ ensure all preloaded certificates match preloaded private keys with the same ID - OK

Connectivity checks (aziot-identity-service)
--------------------------------------------
√ host can connect to and perform TLS handshake with iothub AMQP port - OK
√ host can connect to and perform TLS handshake with iothub HTTPS / WebSockets port - OK
√ host can connect to and perform TLS handshake with iothub MQTT port - OK

Configuration checks
--------------------
√ aziot-edged configuration is well-formed - OK
√ configuration up-to-date with config.toml - OK
√ container engine is installed and functional - OK
√ configuration has correct URIs for daemon mgmt endpoint - OK
‼ aziot-edge package is up-to-date - Warning
    Installed IoT Edge daemon has version 1.2.7 but 1.3.0 is the latest stable version available.
    Please see https://aka.ms/iotedge-update-runtime for update instructions.
√ container time is close to host time - OK
‼ DNS server - Warning
    Container engine is not configured with DNS server setting, which may impact connectivity to IoT Hub.
    Please see https://aka.ms/iotedge-prod-checklist-dns for best practices.
    You can ignore this warning if you are setting DNS server per module in the Edge deployment.
√ production readiness: logs policy - OK
‼ production readiness: Edge Agent's storage directory is persisted on the host filesystem - Warning
    The edgeAgent module is not configured to persist its /tmp/edgeAgent directory on the host filesystem.
    Data might be lost if the module is deleted or updated.
    Please see https://aka.ms/iotedge-storage-host for best practices.
‼ production readiness: Edge Hub's storage directory is persisted on the host filesystem - Warning
    The edgeHub module is not configured to persist its /tmp/edgeHub directory on the host filesystem.
    Data might be lost if the module is deleted or updated.
    Please see https://aka.ms/iotedge-storage-host for best practices.
√ Agent image is valid and can be pulled from upstream - OK
√ proxy settings are consistent in aziot-edged, aziot-identityd, moby daemon and config.toml - OK

Connectivity checks
-------------------
√ container on the default network can connect to upstream  AMQP port - OK
√ container on the default network can connect to upstream HTTPS / WebSockets port - OK
√ container on the default network can connect to upstream MQTT port - OK
√ container on the IoT Edge module network can connect to upstream AMQP port - OK
√ container on the IoT Edge module network can connect to upstream HTTPS / WebSockets port - OK
√ container on the IoT Edge module network can connect to upstream MQTT port - OK
30 check(s) succeeded.
6 check(s) raised warnings. Re-run with --verbose for more details.