Edge Proxy Release Notes

2.4

2.4.15

abbability.azurecr.io/edge/proxy:2.4.15

New Features

[94397] - Support for configuration-based addition of custom header for outgoing telemetries from a device to skip telemetry validation in the cloud

New Functionality

This feature supports adding a custom header to all the outgoing telemetries from a given device based on a configuration flag in the Edge Configuration. This allows the data processing component in the cloud (DPP) to perform header-based checks to decide if a given piece of telemetry needs to be validated or not. The default value for this configuration would be false, indicating that the telemetries will undergo validation, which is the current behavior. The telemetry validation can be skipped by enabling the configuration in Edge type at the location properties.telemetry.skipValidation as shown below:

"properties":{
      "telemetry":{
           "skipValidation":{
                "dataType":"boolean",
                "value":false,
                "isMandatory":false      
      }   
   } 
}

Resolved Issues

[90561] - Proxy exits when updating the Object Model of a Module with a new image

We have added exception handling for a scenario where the requestId was missing when the module responded to an update from the cloud.

[91098] - Incorrect log statement being logged when updating module configuration

An incorrect log statement was being logged, indicating that the module configuration update failed. This occurred when only one module was configured and its configuration was updated. The log statement has been corrected.

[97306] - Edge Proxy failed to boot if the compression flag was enabled

The Edge proxy can now be set up with compression enabled by default in the Edge Type, allowing the Edge modules to appear. Only gzip compression is supported by the proxy. If default is used, telemetry will be discarded when processed in DPP.

[101373] - Security scan shows potential vulnerability in libaries/packages

The vulnerabilities identified in the security scan have been addressed.

2.4.13

abbability.azurecr.io/edge/proxy:2.4.13

Resolved Issues

[79916] - Added a SAS token cache support for file upload and supported file upload via system-wide proxy

File upload failure with edge unable to obtain SAS issue is resolved. Added support of file upload via system-wide proxy.

[82927] - The proxy ensures the first model update to be successful to proceed further

Edge proxy ensures that the first model update is successful to proceed further, thus avoids updating the model multiple times and conflict responses.

[83885] - The correlation-id from module message is considered in the update response

Edge device property update response now includes correlation-id in response received from module message.

[85168] - Resolved IM Model get JSON response returning "undefined" properties error

Condition added to check the empty module name in edge configuration model, this resolves IM model get response returning undefined properties.

[89003] - Proxy not updating all properties persisted in MQTT for persisted devices

The model update fix handles the issue of proxy not updating all properties persisted in MQTT for persisted devices.

2.4.12

abbability.azurecr.io/edge/proxy:2.4.12

Improvements

• [81446] High severity security updates
• [62959] Allowing Edge module to have shared memory greater than 64M

Bug fixes

• [79916] Any file upload interruptions would consume the 10 file upload tokens. Each interruption would prevent one token from being used again for 1 hour. The file upload mechanism was modified to better handle file upload interruptions by attempting to recover the token by reusing it or properly releasing it for the next file upload.
• [79499] Unable to use symlink in module mount via module configuration docker.volumePath property.
• [79500] Edge module docker service is not updated by edge-proxy when docker.volumePath contains 'files'.
• [77410] Edge modules do not have full control over file storage due to permission problems.
• [75165] Edge Proxy would stop receiving c2d messages from the cloud during high c2d traffic. Microsoft addressed the issue with an update to the Azure IOT SDK used by the proxy.
• [77354] Edge Proxy security issues addressed by upgrading perl-base, dot-prop and lodash library packages.
• [77198] Edge Proxy image for ARM included non-essential libraries that inflated the size excessively. Only required software is now included, greatly reducing the size of the container.

2.4.11

abbability.azurecr.io/edge/proxy:2.4.11

Bug fixes

• [73067] Edge proxy continuously restarting because of missing file for file upload operation

2.4.10

abbability.azurecr.io/edge/proxy:2.4.10

Bug fixes

• [73602] identity.delete requests initiated by Proxy should not contain parent property

2.4.9

abbability.azurecr.io/edge/proxy:2.4.9

Bug fixes

• [71730] Edge Proxy do not reconnect to Edge Broker after re-connection to IoT Hub
• [72218] Edge Proxy doesn't delete abb.ability.configuration model of uninstalled modules
• [73425] Edge Proxy also removes all untyped modules when a typed module has been removed on the cloud side

2.4.8

abbability.azurecr.io/edge/proxy:2.4.8

Bug fixes

• [71481] Edges failing and need to have proxy reset

• [72346] Edge proxy tends to stop after running for 12-14 Hours

• [72612] Edge-proxy crashes with 'TypeError: cb is not a function' on method invocation.

• [72158] EdgeProxy throws error "Invalid module name" and Configuration updates are not processing on 19.09

• Dependency security audit reports a number of issues:

  • https://www.npmjs.com/advisories/782
    • The reported vulnerability possesses a very low risk since the payloads processed by the Proxy originate in DCS and are not connected to any user input.
  • https://www.npmjs.com/advisories/1065
    • Proxy code does not use the affected function.
  • https://www.npmjs.com/advisories/1523
    • Proxy code does not use the affected function.
  • https://www.npmjs.com/advisories/1213
    • Proxy code does not use the affected function.

2.4.7

abbability.azurecr.io/edge/proxy:2.4.7

Bug Fixes

• [68625] Edge proxy ( 2.4.5 ) failed to dowload module.

2.4.6

abbability.azurecr.io/edge/proxy:2.4.6

• Macvlan access disabled by default

2.4.5

abbability.azurecr.io/edge/proxy:2.4.5

• When a module tries to upload a non-existent file the error is properly propagated to the module
• [65286] proxy:2.2.11 constantly restarts if file to upload is missing.
  • Proxy uses module name to find a correspondent module also in failure cases.

2.4.4

abbability.azurecr.io/edge/proxy:2.4.4

• Edge module access to secure store Unix domain socket removed

2.4.3

abbability.azurecr.io/edge/proxy:2.4.3

• Improved file upload failure handling

2.4.2

abbability.azurecr.io/edge/proxy:2.4.2

• Security issues in package dependencies addressed
• The limit of 100 maximum attempts to restart a module container removed
• [60392] As Edge user I want to have infinite retry policy of container restart so that Edge never gives up restarting containers

2.4.1

abbability.azurecr.io/edge/proxy:2.4.1

• Test coverage increased
• [61321] As a developer, I want Edge Proxy test coverage to be 80% or above so that it passes the quality gate
• Startup sequence optimized
• [59266] As a developer, I want to optimize the query for module object models so that Edge Proxy receives owned modules only
• Device parent reference creation fixed
• The parent reference has been added just to the configuration model
• [58078] deviceDeleted platformEvent doesn't get the object model deleted
• Reverted previously removed reference creation for the devices Edge Proxy creates
• [54023] As a developer, I want to return module object model reference creation logic so that their semantic meaning is retained
• Proxy sends docker.image telemetry value
• [54095] Request for enhancement - send a new telemetry variable "docker.image" for container services
• Proxy recovers when Docker gets stuck while pulling an image
• [53172] Edge Proxy retries Docker image pull if it does not complete within a reasonable amount of time so that Edge can recover from situations when image pull gets stuck
• Logging improved
• [52205] The logs of the edge proxy have been made available and improved
• Proxy uses the existing unit attribute instead of the custom unitOfMeasure.
• [52244] Edge to use the existing unit so that instead a of the custom unitOfMeasure I can use a standard pre-defined attribute
• Logging improved
• [52297] Edge Proxy does not create references for a module's object models
• [52205] Edge Proxy no longer creates references for the devices it creates

Bug Fixes

• [60061] Proxy is unable to start modules with two names as one substring of another
• [60777] edge proxy erases data directory of module service as they are created
• Set the identity of the module to it's model when it's added to models.
• [54252] edge-proxy confused when two modules names are similar
• [55402] Edge components fail to connect to IOT hub on ARM
• [57891] ACLs for the modules in the Edge, do not allow inter module communication
• [58151] Edge Proxy cannot handle Custom Models on edge object
• [54358] In case of platform exception, the proxy potentially deletes all modules.
• [53021] Updating proxy images kills the module service
• [53035] Proxy adds owner to device.created messages from module when it shouldn't

2.3

Since the latest Proxy is backward-compatible with 19.09 platform instances, it is recommended to use the latest instead of 19.09-specific versions.

2.3.6 (HF2)

abbability.azurecr.io/edge/proxy:2.3.6

• [52244] Proxy uses the existing unit attribute instead of the custom unitOfMeasure.

Bug Fixes

• [58078] deviceDeleted platformEvent doesn't get the object model deleted

2.3.5

abbability.azurecr.io/edge/proxy:2.3.5

Bug Fixes

• [58151] Edge Proxy cannot handle Custom Models on edge object
• [57891] ACLs for the modules in the Edge, do not allow inter module communication
• [55402] Edge components fail to connect to IOT hub on ARM

2.3.4 (HF1)

abbability.azurecr.io/edge/proxy:2.3.4

• [52205] Logging improved
• Proxy sends docker.image telemetry value
• [54095] Sends a new telemetry variable "docker.image" for container services
• Module image pulling improved
• [53172] Edge Proxy to retry Docker image pull if it does not complete within a reasonable amount of time so that Edge can recover from situations when image pull gets stuck

Bug Fixes

• [54358] In case of platform exception, the proxy potentially deletes all modules.
• [53035] Proxy adds owner to device.created messages from module when it shouldn't
• [54251] [19.09] edge-proxy confused when two modules names are similar
• [28219] edge-proxy times out on module creation

2.3.3

abbability.azurecr.io/edge/proxy:2.3.3

Bug Fixes

• [53021] Updating proxy images kills the module service

2.3.2

abbability.azurecr.io/edge/proxy:2.3.2

• Edge Proxy starts the Router module only when routing is configured
• Edge Proxy does not send device created actions for module object models, which already exist
• [49404] Proxy to sync module models from the cloud before creating them in 19.09, so that module model state is persisted in the cloud
• Proxy reports container service status over telemetry as soon as IoT Hub connection is established
• 19.09 port of [50961]
• Explicit upstream HTTPS proxy support without workarounds
• OpenSSL uses libSecStoreEngine.so by default
• unit renamed to unitOfMeasure
• [26051] Authorization and Routing of Commands Based on Object Model Ownership Semantics
  • [36091] Edge Proxy to route all inbound messages including method invocation based on target
  • [36013] File upload acks to work with the new routing
• [33203] Device API - Identity management implemented
  • [33747] Can now create an identity, so that it can own module models
  • [33749] Edge to remove identity of module's models so that it can remove modules
  • [33751] Use the latest conventions from device API v1
  • [45170] Implement identity.create/delete payload changes so that they work with DCS
• [18134] Data Routing and Filtering implemented
  • [37122] Edge to be able to route data either to the cloud or to an Edge system module
  • [33745] Edge not to start any additional system modules if there is no routing configured so that used resources are minimized
  • [37965] Users can create system modules so that they are capable of subscribing to telemetry topics
  • [41943] Messages published to singular local routing topic types
  • [48056] Consumer System Module configuration mapped to file system
• [29544] Edge Broker Updated
  • [32248] Remove usage of authentication plugin in broker and proxy since it is no longer maintained
• [18864] Integrate DPS Client in Edge Proxy Container
  • [41402] Edge Proxy to fetch IoT Hub it should connect to from DPS service on every startup so that Edge can connect to a different hub if such a need arises
• [20677] Improvement in Edge Security Inter Process communication
  • [33287] Unix Domain Sockets can be mounted into Edge Proxy container so that libSecStore can communicate with the TPM Server
• [33202] Device API - Ownership implemented
  • [39819] Owner.remove action can remove model owners
• [30215]
  • [30789] Proxy will not start Broker automatically so that deployments become faster
  • [35245] Edge Proxy to make sure properties passed to IoT Hub from modules are strings so that IoT Hub can handle them properly
  • [37690] Untyped modules not to have broker access
  • [30218] Separate docker image downloading and docker service creation
  • [30259] Updated Node.js to the latest long-term support version
  • [32289] Proxy to use new NodeJS base image, so that Security is improved
  • [45543] Proxy to work behind corporate proxy with the latest Device SDK
  • [48253] Deploy an entire solution without involving hardware security components as a backup/fallback

Bug Fixes

• [50056] Edge Proxy updates modules device model incorrectly during boot up
• [51218] The edge proxy is unable to update it's own image via IM
• [50525] Invalid module name error keeps coming in proxy when user tries to provision edge for the first time
• [50087] Edge proxy crashed after running for 2 days and gives MqttClientDisconnectedError continuously
• [50829] Proxy gets stuck in loop after restarting
• [51022] Proxy removes non system modules on reboot

Known Issues

• [53035] Proxy adds owner to device.created messages from module when it shouldn't
• [50056] Edge Proxy updates modules device model incorrectly during boot up