Getting Started with Azure IoT Edge on Ubuntu Core
Introduction
Earlier this month/week, we announced that you can now benefit from the combined power of Ubuntu Core and Azure IoT Edge to bring the computation, storage, and AI capabilities of the cloud closer to the edge of the network. Azure IoT Edge is a device-focused runtime that enables you to deploy, run, and monitor containerised Linux workloads. Ubuntu Core is a version of Ubuntu that has been specially optimised for IoT and embedded systems. The combination of the two is ideal for those looking for reduced latency, lower bandwidth, and more efficient data processing.
This tutorial helps you get started using an Ubuntu Core device and managing it from the Azure IoT Hub. Azure IoT Hub is the cloud platform which allows you to connect to, configure and deploy Edge workloads directly to your device.
Setting up Ubuntu Core
Ubuntu Core is a minimal, immutable version of Ubuntu focused on providing a reliable and secure platform for connected devices.
Create an Ubuntu SSO Account
Before you can create an Ubuntu Core device, you need to ensure you can connect to it after initial configuration. This will require an Ubuntu SSO account and an SSH keypair.
You can skip this step if you already have an account. If you do not have an SSO account, you can sign up for one here:
SSH Keys
In order to authenticate yourself when trying to connect to your Ubuntu Core device, you will need to upload a public SSH key to your SSO account. This will then be automatically downloaded to the Core device during initial configuration.
To generate and upload an SSH key pair, please follow the steps detailed in the link below:
Connect to Ubuntu Core with SSH
You may also want to come back to this information once you have configured your Core device in the next stage.
Obtaining and configuring an Ubuntu Core Device
For the next stage in the process you will need an IoT device running Ubuntu Core. This can either be a physical device, such as a raspberry pi, or a virtual device on your desktop.
You can find all the available Ubuntu Core images, ready to download at: https://ubuntu.com/certified/iot
To set up a virtual device, you can use QEMU to emulate your desired hardware. Please follow these instructions to complete this phase:
Independently of which option you chose, you should now have a fully working Ubuntu Core device that you can connect to via SSH. You are now ready to provision it for Microsoft Azure.
Installing Azure IoT Edge Snaps
Having created and connected to your Ubuntu Core device, the next step is to install the Azure snaps.
Microsoft provides four snaps for your Ubuntu Core device:
- The Identity snap authenticates your device with the Azure cloud.
- The Device Agent snap ensures your device is up-to-date.
- The Edge snap manages your cloud-deployed workloads on the device.
- The Delivery Optimization agent manages downloads of payloads from the Azure cloud.
In addition, Azure’s workloads are distributed as Docker containers and you therefore need to install the Docker Snap to run these.
All five snaps can be installed from your SSH terminal using the following commands:
snap install azure-iot-identity
snap install azure-iot-edge
snap install deviceupdate-agent
snap install deliveryoptimization-agent
snap install docker
Note: if you are being asked to use sudo to run snap install, you may need to authenticate yourself with the snap store using sudo snap login <email address>. This will then allow you to perform all snap commands without root privileges.
Wiring up slots and plugs
By default, snaps are dependency-free, untrusted, and strictly confined hence they must be connected to other snaps and system resources once installed using interfaces. Each snap has a selection of plugs and slots that either request or provide certain access. For production deployments, they can be configured to automatically connect to reduce the provisioning workload but to get started you may need to manually configure some of them to ensure they have all the permissions they need.
If installing the snaps from the global snap store, most interfaces will already be connected for you, however there are a few you may need to manually configure.
From an SSH terminal, you can check which interfaces are already connected using the following commands for each snap:
undefined
snap connections azure-iot-identity
snap connections azure-iot-edge
snap connections deviceupdate-agent
snap connections deliveryoptimization
For each snap you will be presented with a list of the interfaces. If the slot is empty, it may need connecting. For example, if you get the following response from snap connections azure-iot-identity:
We can see that some interfaces have been connected but the identity snap can not access hostname information, log information, mount information, system information or the tpm. We need to manually connect them which we can do from our terminal:
undefined
snap connect azure-iot-identity:log-observe
snap connect azure-iot-identity:mount-observe
snap connect azure-iot-identity:system-observe
snap connect azure-iot-identity:tpm
snap connect azure-iot-identity:hostname-control
The format of this command is snap connect <plug> <slot> but as we are connecting to snapd system slots we do not need to specify them.
IoT Edge
For the IoT Edge agent, we can go through a similar process but this time we also want to connect from one snap (Edge agent) to another (Docker). The following commands should cover all unconnected interfaces.
# Connect to logging and grant permission to query system info
snap connect azure-iot-edge:log-observe
snap connect azure-iot-edge:mount-observe
snap connect azure-iot-edge:system-observe
snap connect azure-iot-edge:hostname-control
# Connect IoT Edge to Docker
snap connect azure-iot-edge:docker docker:docker-daemon
IoT Device agent
undefined
# Connect to logging and grant permission to query system info
snap connect deviceupdate-agent:account-control
snap connect deviceupdate-agent:hardware-observe
#Connect to SnapD
snap connect deviceupdate-agent:snapd-control
#Connect to other Azure Snaps
snap connect deviceupdate-agent:identity-service azure-iot-identity:identity-service
With all the interfaces now connected, we are ready to move onto the connecting to the cloud.
Setting up your Azure IoT Edge account
For the next step, you need to move to the cloud and the Azure IoT Edge portal. If you already have an Azure account, you can sign in here:
If you do not have an account, you can sign up for an account here:
You will be given the option to either create a free account (which includes a time-limited, preview credit) or a paid account with access to premium services. Both Azure IoT Hub and Azure IoT Edge are free services that can be used without charge provided you stay within Azure’s usage limitations. More information can be found on this here.
Once you have access to your Azure account and the Azure Portal, you will need to create your IoT Hub. From the Azure services section of the portal, click “More services” and select “IoT Hub” from the “Internet of Things” section.
Once in your IoT Hub, you need to create a Hub. Click the Create button and fill in the details. Once happy, click the ‘Create’ button.
After a brief pause, your Hub will have been deployed and we can now see it in the IoT Hub portal.
Select your Hub and, from the menu on the right hand side of the screen, select Devices.
Click “Add Device”, choose a name for your device and select the “IoT Edge Device” checkbox. Choose any other settings you desire and click “Save”.
Again after a slight pause, your device will have been created and added to your Hub.
Select your device from your Hub and you will be presented with the various options and information. For the moment, we are just interested in the “Primary connection string” as we will need this to provision the actual device.
You can view the connection string by clicking on the small eye icon or copy it to your clipboard by clicking the icon to the right.
Provisioning your Device
In order for your Core device to connect to your newly created IoT Hub, it needs to be
configured with the connection string we have just obtained.
Returning to the SSH terminal of your Core device, create a file called config.toml.
At this point it may be useful to install a text editor onto your Core device. Follow the steps below to install the nano strictly confined snap and connect it to your home directory. Then open the config.toml file to edit
sudo snap install nano-strict
snap connect nano-strict:home :home
nano-strict config.toml
Copy and paste the following into your text editor but replace the connection string with the one you obtained from your IoT Hub Device.
## Manual provisioning with connection string
#
[provisioning]
source = "manual"
connection_string = "HostName=snaphub-free.azure-devices.net;DeviceId=iotvm;SharedAccessKey=XXXXXXXXX"
Apply that configuration file to your Azure Snap using the following command:
sudo snap set azure-iot-edge raw-config="$(cat config.toml)"
It is also possible to authenticate your device to the Azure IoT Hub using X.509 certificates. For information on how to use that method, please refer to this documentation from Microsoft.
Your Device in Azure IoT Hub
Once configured, your device will download some containers to allow it to run Azure IoT Edge workloads. This may take some time depending on your network connection speed but once complete your device will be visible from your Azure portal and you can configure it with additional workloads from there as well as explore all the offerings Azure has for your device.
Deploying Modules to your Device
Next Steps
You should now have a fully working and configured Ubuntu Core device which can be remotely managed with the Azure IoT Hub. From here you can explore the features Azure IoT has to offer.
If you want to try and deploy your first module to your Edge device, this tutorial from Microsoft shows you how you can deploy a sensing module that will send simulated telemetry data from your device to the cloud. It is the perfect place to get started with your Ubuntu Core Azure IoT Edge device.
For more information on what you can do with Azure IoT, please refer to the Microsoft documentation.
Azure IoT Edge documentation | Microsoft Learn
For more information on the power and capabilities of Ubuntu Core please refer to Ubuntu Core.