Question: Cloud to device/module communication with iot-edge

[mrlux]

I was wondering if it is possible to send messages from the cloud to an iot device running iot edge ?
I know it can be done with iot hub link. I still need to try this out but I was wondering if this is by default supported or planned to be supported in the iot-edge-hub.

[varunpuranik]

You can send cloud-to-device (C2D) messages to leaf devices connected to an Edge device in a gateway scenario. However, C2D messages are not supported on modules at the moment.
C2D for modules is in our backlog, but we don't have a timeline on when it will be supported.

[mrlux]

Thx for the answer.
I'm looking into using the iot hub cloud to device functionality. But it looks like the EdgeHubConnectionString was exposed as an env variable before but no longer is tempSensor code I would need to get an instance of the DeviceClient in a module so I can have one module listen to messages sent from the cloud to the device.
I see in the docker container that the only env variable missing is the public shared key of the device connection string:
`$ docker exec container env
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin

HOSTNAME=
IOTEDGE_GATEWAYHOSTNAME=
IOTEDGE_IOTHUBHOSTNAME=
IOTEDGE_MODULEGENERATIONID=
IOTEDGE_MODULEID=
RuntimeLogLevel=Information
IOTEDGE_DEVICEID=
IOTEDGE_AUTHSCHEME=sasToken
IOTEDGE_APIVERSION=2018-06-28
IOTEDGE_WORKLOADURI=http://10.0.75.1:15581/
DOTNET_RUNNING_IN_CONTAINER=true
DOTNET_VERSION=2.0.9
DOTNET_DOWNLOAD_URL=https://dotnetcli.blob.core.windows.net/dotnet/Runtime/2.0.9/dotnet-runtime-2.0.9-linux-x64.tar.gz
DOTNET_DOWNLOAD_SHA=2b49b24ef712fbfc056e0fda95ff18037b4ec938ca8bb41f4c336b6a50870e922f5093684ac92c4bb8e1155b03c36d132d7f90817793f31c9ade5267fff6629a
HOME=/home/moduleuser`

Any idea how I could get these values in a running module container ?
Or is there an other way to get the needed Iot hub connection string settings from the edgeAgent ?

[aribeironovaes]

Hi @mrlux ,

We don't expose edge Device Connection String (or any other connection string) for security reason. If you want to have a module that uses device client (instead of module client), you would have to have an (our of band) way to have the device connection string in a module.
For security reasons we don't advice doing that.

Since we don't support C2D to modules you wouldn't be able to use a module to receive a message that it's destination is a device.

You can't get (from edge) Iot hub connection string from the edge Agent. We don't even have iothub connection string configured into edge (For the manual configuration, the connection string we use is the edge connection string, but that remains stored into iotedged (our security daemon)).

Thanks,

Angelo Ribeiro.

[mrlux]

Hi,

I was able to solve/work around this limitation by binding the /etc/iotedge folder in my module container and by using the NetEscapades.Configuration.Yaml extension read this from my configuration

Code:

try
{
        _configuration = new ConfigurationBuilder().SetBasePath(Directory.GetCurrentDirectory()).AddYamlFile("config/config.yaml", optional: false).Build();
	var deviceConnectionString = _configuration.GetSection("provisioning:device_connection_string").Value;
	await ReceiveCommandAsync(DeviceClient.CreateFromConnectionString(deviceConnectionString));
}
catch (Exception e)
{
	Console.WriteLine(e);
}

Container configuration:

"command": {

            "version": "1.0",
            "type": "docker",
            "status": "running",
            "restartPolicy": "always",
            "settings": {
              "image": "${MODULES.command.arm32v7}",
              "createOptions": "{\"HostConfig\": {\"Binds\": [\"/etc/iotedge:/app/config\"]}}"
            }
          
}

[myagley]

I'm going to close this issue because I think the workaround you provided will work for this scenario. Some further research is required to understand how the runtime can provide access to the device credentials in a secure manner. Please feel free to reopen if you have concerns.

[ralarcon]

Hey @myagley, does the team have any recommendation / update within this scenario?

I would like to take use C2D communication with my iot edge modules (now are supported) but taking adavantage of the IoT Hub Jobs to be able to create a job targeting multiple IoT Edge devices. Since Jobs can only be created by using a DeviceClient connection and only targets Device direct methods, I will require the IoT Hub Device Connection String.

By the way, it would be great if the DeviceClient would create a connection to IoT Hub device in the same way the ModuleClient do it: ModuleClient.CreateFromEnvironmentAsync(settings)

Thanks in advance.