Only Docker images are updated in this release. The daemon remains at version 1.5.13.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.13 to match the daemon)
Only Docker images are updated in this release. The daemon remains at version 1.5.13.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.13 to match the daemon)
- Restore
aziotctl --version
command ( 17074d0 )
Only Docker images are updated in this release. The daemon remains at version 1.5.10.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.10 to match the daemon)
Only Docker images are updated in this release. The daemon remains at version 1.5.10.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.10 to match the daemon)
- Add support for logging IoT Hub SDK events ( 3557a22 )
- Don't sync reported properties to local cache until cloud sync completes ( e4c3dc0 )
- Add support for logging IoT Hub SDK events ( 3557a22 )
- Increase dockerd client timeout ( e7abc49 )
- Add support for Ubuntu 24.04 ( 0de6f80 )
Only Docker images are updated in this release. The daemon remains at version 1.5.8.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.8 to match the daemon)
This release only updates aziot-edge and aziot-identity-service. The Docker images remain at 1.5.7.
- Fix snap startup error ( d950b62 )
- Update snap base image and remove unnecessary config ( c66b5c7 )
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics
- Correctly close & dispose SDK client when it fails to open ( df2f019 )
- Fix docker-proxy startup issue in snaps @st3v3nmw ( 80e3465 )
- Add support for Debian 12 (identity service only) ( d1cf0f5 )
- Treat malformed key(pair) as missing in create-key(pair) code paths ( 0351353 )
- Update shlex dependency to patch security vulnerabilities ( bcc83b4 )
Only Docker images are updated in this release. The daemon remains at version 1.5.0.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.0 to match the daemon)
Only Docker images are updated in this release. The daemon remains at version 1.5.0.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.0 to match the daemon)
Only Docker images are updated in this release. The daemon remains at version 1.5.0.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.0 to match the daemon)
Only Docker images are updated in this release. The daemon remains at version 1.5.0.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.0 to match the daemon)
Only Docker images are updated in this release. The daemon remains at version 1.5.0.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.0 to match the daemon)
Only Docker images are updated in this release. The daemon remains at version 1.5.0.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.5.0 to match the daemon)
The 1.5 version is the latest long-term servicing (LTS) release for Azure IoT Edge. It will be serviced with fixes for regressions and critical security issues through November 10, 2026 (product lifecycle).
If upgrading to 1.5 from 1.1 or earlier, refer to the notes on updating IoT Edge to the latest release.
- Upgrade to .NET 8 ( 7508ffc )
- Upgrade to .NET 8 ( 7508ffc )
- Update iotedge CLI to detect latest supported version by querying https://aka.ms/azure-iotedge-latest-versions instead of https://aka.ms/latest-aziot-edge ( fad7ea1 )
- Remove support for CentOS 7 and Debian 10 (support continues in 1.4 through June 2024) ( c13dabb )
- Only reprovision when aziot-edged startup errors come from aziot-identityd ( 6f61f95 )
- Add an option to find and remove orphaned identities ( bfb6d2f )
- Update dependency on mio crate to get security fixes ( 8b5744c )
- Update aziotctl CLI to detect the latest supported version by querying https://aka.ms/azure-iotedge-latest-versions instead of https://aka.ms/latest-aziot-identity-service ( b9fff6b )
- Remove support for CentOS 7 and Debian 10 (support continues in 1.4 through June 2024) ( 0f93f7a )
- Update dependency on mio crate to get security fixes ( 5d0c44e )
- Disable HTTP/2 in http-common ( 1a31efe )
Only Docker images are updated in this release. The daemon remains at version 1.4.33.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.33 to match the daemon)
- Ensure agent and hub use logger for stack traces by @Gunni ( 4ae6c29 )
- Ensure agent and hub use logger for stack traces by @Gunni ( 4ae6c29 )
- Add support for Snap amd64/arm64 packages ( c38e0c8 )
- Fix apt purge --autoremove on Debian/Ubuntu ( 6c34f4b )
- Add support for Snap amd64/arm64 packages ( 9743701 )
- Add packages for debug symbols ( 0cea2bd )
- Fix apt purge --autoremove on Debian/Ubuntu ( 014edf1 )
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.27 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.27 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.27 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.27 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.27 to match the daemon)
- Add support for GetCountFromStartKey for InMemoryDbStore ( f1a9da3 )
- Parse default edged path from environment variable by @ef4203 ( 1f048bf )
- Remove Ubuntu 18.04 support ( 765ec2d )
- Remove Ubuntu 18.04 support ( ea88b83 )
- Fix nullptr deref when decoding EST PKCS#7 response ( 3fd2073 )
- Only create PKCS#11 AES keys if AES-GCM is supported ( 79aae50 )
- Upgrade Functions sample to remove dependency on .NET Core 3.1 ( c38aa54 )
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.20 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.20 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.20 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.20 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.20 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.20 to match the daemon)
- Fix container restart policy deserialization ( bd05d4d )
- Add support for 'prefer_module_identity_cache' option ( 9c7dbdd )
- Fix error in CLI warning message ( 978ccaa )
- Add support for 'prefer_module_identity_cache' option ( 137258d )
- Update EL package configuration to fix a conflict with distro's tpm2-tss package ( d644195 )
- Remove socket path if it is a directory instead of a file ( ed69cc4 )
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.16 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.16 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.16 to match the daemon)
- Ensure database shuts down properly before Edge Hub closes ( 238c121 )
- Ignore 'systemd daemon-reload' errors when purging debian package ( 291d716 )
- Patch vulnerabilities in cargo dependencies ( 9e71341 )
- Make RHEL8 package depend on moby-engine or docker-ce ( 3a2e68e )
- Ignore 'systemd daemon-reload' errors when purging debian package ( 7856c23 )
- Patch vulnerabilities in cargo dependencies ( 67fa660 )
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.10 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.10 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.10 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.10 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.10 to match the daemon)
Beginning with this release we are publishing installable packages for Red Hat Enterprise Linux 9 (amd64) on Microsoft's Linux package repository.
Note: On RHEL 9 the IoT Edge security subsystem has been tested with openssl 3.0. It may not function properly if older versions of openssl are also present on the device. If you previously installed openssl 1.1 in combination with an earlier version of IoT Edge then we would recommend removing both and starting fresh to avoid potential incompatibilities.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics
- Update versions of .NET dependencies to patch security vulnerabilities ( 82ca5e8 )
- Update version of Azure IoT SDK to fix a memory leak ( d98f43c )
- Optionally detect and remove orphaned module identities when a new deployment is received ( 3bac802 )
- Update versions of .NET dependencies to patch security vulnerabilities ( 82ca5e8 )
- Update version of Azure IoT SDK to fix a memory leak ( d98f43c )
- Optionally check for server cert expiry at the given interval ( fbe35da )
- Add support for RHEL 9 amd64 ( 32f7481 )
- Add a timeout to prevent
iotedge support-bundle
from hanging in certain circumstances ( f7dd1aa ) - Relax padding requirement in symmetric keys ( 907eef1 )
- Fix memory and swap information reported by
iotedge check
and Edge Agent ( b29d736 ) - Add comment to config template about quickstart Edge CA ( a4196a4 )
- Update guidance in
iotedge config apply
warning message ( 86b8e69 ) - Update version of openssl crate to patch security vulnerabilities ( 3b8b9e3 )
- Add support for RHEL 9 amd64 ( 24f227d )
- Relax padding requirement in symmetric keys ( 77ca573 )
- Update version of openssl crate to patch security vulnerabilities ( df1885b )
Beginning with this release we are publishing installable packages for Ubuntu 22.04 (amd64, arm64) on Microsoft's Linux package repository.
Note: On Ubuntu 22.04 the IoT Edge security subsystem has been tested with openssl 3.0. It may not function properly if older versions of openssl are also present on the device. If you previously installed openssl 1.1 in combination with an earlier version of IoT Edge then we would recommend removing both and starting fresh to avoid potential incompatibilities.
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics
- Fix incorrectly reported metrics on a module's expected and actual running time ( 94f8072 )
- Add support for Ubuntu 22.04 amd64, arm64v8 ( b4b54da )
- Enable >4GB files in support_bundle ZIP writer ( cea876f )
- Update cargo dependencies to take security updates ( a372eca )
- Update to the latest version of aziot-identity-service ( 37f51c2 )
- Fix
iotedge restart
command to correct a problem with workload sockets ( 08dfac5 )
- Add support for Ubuntu 22.04 amd64, arm64v8 ( ea9e476 )
- Retry with exponential backoff when IoT Hub throttles ( a6aacda )
- Update cargo dependencies to take security updates ( b3de517 )
- Use fair mutex to fix request ordering problem ( 03e383e )
- Use ISO 8601 for UTC timestamps sent to IoT Hub ( 0ab44e1 )
- Eliminate 30 sec delay when M2M ack is interrupted by disconnect ( e32cfce )
- Use ISO 8601 for UTC timestamps sent to IoT Hub ( 0ab44e1 )
- Bump iot-identity-service to 1.4.2
- Update to Newtonsoft.Json 13.0.2 ( f2b95bf )
- Update to Newtonsoft.Json 13.0.2 ( f2b95bf )
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.3 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.3 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.3 to match the daemon)
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics (remains at version 1.4.3 to match the daemon)
- Fix bug causing Edge Agent to delay sending reported properties to IoT Hub by 1 hour ( e43cdc9 )
- Fix edgeagentuser's login shell ( 6274476 )
- Make client timeout configurable for management API ( 7a379d3, 8afaa3a )
- Call IoT Device SDK CloseAsync before Dispose ( 8787301 )
- Upgrade DotNetty and set a timeout for shutdown calls to mitigate hangs ( 15e72bb )
- Fix edgehubuser's login shell ( 6274476 )
- Make iotedge check respect journald as valid log rotation setting ( 3a39460 )
- Upgrade Azure Functions sample's base image ( c38c61d )
- Upgrade Newtonsoft.Json in samples and Azure Functions binding ( a5ae82b )
- Update dependency to fix OOM bug ( 906786c )
- Fix confusing log message in image garbage collection ( 736116b )
The following Docker images were updated because their base images changed:
- azureiotedge-agent
- azureiotedge-hub
- azureiotedge-simulated-temperature-sensor
- azureiotedge-diagnostics
- Bump iot-identity-service to fix regression in TPM authentication key index ( fd90024 )
The 1.4 version is the latest long-term support (LTS) version of IoT Edge. It will be serviced with fixes for regressions and critical security issues through November 12, 2024 (product lifecycle). In addition to long-term servicing, it includes the following improvements.
- Automatic cleanup of unused Docker images (doc)
- Ability to pass a custom json payload to DPS on provisioning (doc)
- Option to download all modules in a deployment before (re)starting any (doc)
- Use of the TCG TPM2 Software Stack which enables TPM hierarchy authorization values, specifying the TPM index at which to persist the DPS authentication key, and accommodating more TPM configurations (doc)
With this release, the 1.3.x release is no longer serviced with bug fixes and security patches.
When upgrading to 1.4 you should be aware of the following changes:
- Automatic cleanup of unused Docker images is on by default
- If upgrading from 1.0 or 1.1 then refer to the notes on updating IoT Edge to the latest release
- Fix bug where Edge Agent is updated without backing image ( 72e5d648c )
- Fix user creation for edgeAgent and edgeHub ( 388ec1a34 )
- Add total memory to device metadata ( 683a2dde6 )
- Support feature flag
ModuleUpdateMode
( 303b3fdcc ) - Update NewtonSoft to 13.0.1 ( 84e883779 )
- Remove docker mode ( 40824ed28 )
- Fix user creation for edgeAgent and edgeHub ( 388ec1a34 )
- Run
cargo update
everywhere ( 82d1c12c6 ) - Image garbage collection for iotedge ( f48335d68 )
- Allow socket throttling limits to be configurable ( ba7052fd3 )
- Support privileged modules specified without
CAP_CHOWN
andCAP_SETUID
( d0470e2e6 ) - Fix creation and cleanup of edgeagentuser and edgehubuser ( 89801b4d9 )
- Fix user creation for edgeAgent and edgeHub ( 388ec1a34 )
- Add total memory to device metadata ( 683a2dde6 )
- Trim leading
$
from server cert SANs ( 9a6f39bcd ) - Run
cargo update
everywhere ( 96566c1d3 ) - Include tpmd configuration section from IIS ( 0a65c31a7 )
- Update version to 1.4.0 ( 1b3f818c2 )
- Support DPS custom allocation payloads ( b428ac9f4 )
- Socket Activation for Mariner Package Builds ( 6ac5577fd )
- Upgrade to latest Rust version ( 9a5ebddcf )
- Correct container runtime status code propagation ( fe3137061 )
- Enable Edge CA auto-renewal by default ( 279145c0a )
- Do not rename configuration items for SystemInfo ( 4c4717e83 )
The 1.3 release is the next stable release after the 1.2 and includes the following in preparation for the next LTS:
- OS support changes
- System modules based on .NET 6 with Alpine as the base layer
- Required use of TLS 1.2 by default
- Ability to configure device identity, EST identity, and Edge CA certificate auto-renewal before expiration using
config.toml
, addresses #5787, #5788, and Azure/iot-identity-service#300 - Added a check for
iotedge config apply
to detect hostname changes to prevent mismatch between configuration and edgeHub server certificate, addresses #5773 and #6276 - Updates to the rust-based components to use tokio 1.0
- Various bug fixes
With this release the 1.2.x is no longer serviced with bug fixes and security patches.
You can configure Edge Hub to still accept TLS 1.0 or 1.1 connections via the SslProtocols environment variable. Please note that support for TLS 1.0 and 1.1 in IoT Hub is considered legacy and may also be removed from Edge Hub in future releases. To avoid future issues, use TLS 1.2 as the only TLS version when connecting to Edge Hub or IoT Hub.
The preview for the experimental MQTT broker in Edge Hub 1.2 has ended and is not included in Edge Hub 1.3. We are continuing to refine our plans for an MQTT broker based on feedback received. In the meantime, if you need a standards-compliant MQTT broker on IoT Edge, consider deploying an open-source broker like Mosquitto as an IoT Edge module.
You can have IoT Edge proactively renew device identity (for authentication to IoT Hub and DPS), Edge CA, and EST identity certificates by configuring a few basic options in the config.toml
. Use this feature along with an EST server like GlobalSign IoT Edge Enroll or DigiCert IoT Device Manager to automate certificate renewals customized to your needs.
For example, adding the below configuration enables device identity certificate auto-renewal when the certificate is at 80% of its lifetime, retry at increment of 4% of lifetime, and rotate the private key:
[provisioning.attestation.identity_cert.auto_renew]
rotate_key = true
threshold = "80%"
retry = "4%"
To enable the certificate renewal feature, changes were made to consolidate and improve IoT Edge's certificate management system. There are some important differences in 1.3 compared to 1.2:
- All modules restart when Edge CA certificate is renewed. This is necessary so that each module receives the updated trust bundle with the new CA certificate. By default, and when there's no specific
auto_renew
configuration, Edge CA renews at 80% certificate lifetime and so modules would restart at that time. - The device identity certificate no longer renews when reprovisioned within 1 day of certificate expiry. This old behavior in 1.2 is removed because it causes authentication errors with IoT Hub or DPS when using X.509 thumbprint authentication, since the new certificate comes with a new thumbprint that the user must manually update in Azure. In 1.3, device identity automatic renewal must be explicitly enabled similar to example above and should only be used with DPS X.509 CA authentication.
- The device identity certificate no longer renews when reprovisioned after certificate expiry. The reason for this change is same as above: device identity certificates do not renew by default since it causes issues with X.509 thumbprint authentication.
- Adding RedHat Enterprise Linux 8 for AMD and Intel 64-bit architectures.
- Adding Debian 11 (Bullseye) for ARM32v7 ( Generally available: Azure IoT Edge supports Debian Bullseye on ARM32v7 )
- Debian 9 (Stretch) for ARMHF ( Update your IoT Edge devices on Raspberry Pi OS Stretch )
The IoT Edge compatibility script performs a variety of checks to determine whether a platform has the necessary capabilities to run IoT Edge. This stand-alone script is still considered under development, but we invite anyone to give it a try and send us your feedback by posting in the Issues. Go here to learn more about the checks it performs and how to use it.
We recommend using Bullseye instead of Buster as the host OS. Seccomp on Buster may not be aware of new system calls used by your container resulting in crashes.
If you need to use Buster, then apply the following workaround to change the default seccomp profile for Moby's defaultAction
to SCMP_ACT_TRACE
:
- Make sure you are runing latest docker and latest seccomp package from oldstable channel
- Download Moby's default seccomp profile and put it somewhere.
- On line 2 change the value for defaultAction from
SCMP_ACT_ERRNO
toSCMP_ACT_TRACE
- Edit file /etc/systemd/system/multi-user.target.wants/docker.service to have it contain:
--seccomp-profile=/path/to/default.json
- Restart your container engine by running:
sudo systemctl daemon-reload sudo systemctl restart docker
- Remove unused plan runner and planner ( 2159dfad3 )
- Flatten additional properties of metrics ( dbc6af347 )
- Update Device SDK to the latest LTS version ( 90e5b3264 )
- Update ARM32 and ARM64 images to use Alpine ( 059aaea2d )
- Migrate to Dotnet 6 ( 37234e02b )
- Device product information ( 9faf5a5c0 )
- Update references to the default branch ( 04ee9751f )
- Update Microsoft.Azure.Devices.Client from 1.36.3 to 1.36.4 ( 19beaae55 )
- Remove k8s projects from master ( d81a032bc )
- Fix underflow possibility on ColumnFamilyDbStore ( bc78f1c )
- Remove BouncyCastle dependency ( aa2237988 )
- Fix Workload socket issue for concurrent module create ( 26bbf7145 )
- Handle Return Code From Get Module Logs Failure ( 5015eca6d )
- Update SDK from 1.36.2 to 1.36.3 to fix connectivity issues ( 865b275b4 )
- Restrict EdgeAgent parallel calls to edged to 5 ( 3bb4c8f7f )
- Recreate edgeAgent when not
Running
,Stopped
, orFailed
( 6b21874fe ) - Add
RocksDB_MaxManifestFileSize
env var ( 2c878635c ) - Update SDK references to fix
Dotnetty
bug ( 0750a4414 ) - Update k8s client ( edad631d7 )
- Fix edgeAgent creates rogue
ModuleClients
in case of error ( e3892eb4a ) - Fix various RUSTSEC ( 89917f1bb )
- Make sure to dispose
HttpContentStream
when done reading module logs. ( 43d662397 ) - Introduce multiple workload sockets ( 323bdc9ac )
- Fix delayed frequent twin pulls on reconnect ( c87e85b0f )
- Properly dispose UDS for Workload Client. ( 472cee5, f9cdb59 )
- Use Docker Timestamp When Log Timestamp is not Available in JSON log ( 00cfb6fbe )
- Don't dispose stream too early ( ce0ca9a87 )
- Change default uid ( b443b0c2f )
- Update
GetModuleLogs
method whentail + since + until
options are provided. ( 32df5ee8a ) $upstream
support for container registry address ( 58f5faa0c )- Resolve security concern in logging ( e96554c63 )
- Verify Twin Signatures ( e8d2bc270 )
- Remove experimental mqtt broker code ( 85084e4f0 )
- Batch incoming amqp messages to optimize sender feedback ( 5667c58ce )
- Bump Device SDK to latest LTS version ( 90e5b3264 )
- Restrict TLS protocol to 1.2 for EdgeHub and ApiProxy modules ( 4a76a20b1 )
- Update agent ARM32/64 images to use Alpine ( 059aaea2d )
- Configurable task for cancelling upstream calls ( cf9e04987 )
- Build docker images with embedded metadata ( a458af376 )
- Migrate to Dotnet 6 ( 37234e02b )
- Rust toolchain upgrade fixes ( a45cc5f71 )
- Device product information ( 9faf5a5c0 )
- Update
regex
to 1.5.5 ( 9f0f7f424 ) - Upgrade Rust toolchain ( ab700e82a )
- Update Microsoft.Azure.Devices.Client from 1.36.3 to 1.36.4 ( 19beaae55 )
- Remove
thread_local
for non-edgelet projects ( 6db976def ) - Add more logging to certificate import ( 49d41df98 )
- Fix edgeHub shutdown for renew certificate ( fcd4d007a )
- AMQP CBS token message dispose ( 4179221bc )
- Fix underflow possibility on ColumnFamilyDbStore ( bc78f1c )
- Remove
BouncyCastle
dependency ( aa2237988 ) - Update Base Images for a Security Patch ( e6d52d6f6, 7e0c1a5d3, 704250b04, b592e4776, 5cb16fb5d, b00a78805 )
- Allow identity translation for subscriptions ( 5fbd0d9f3 )
- Update vulnerable
nix
version ( 33c8a778f ) - Wait for configuration before starting protocol heads ( b6c5d861b )
- Update dependency on vulnerable package ( 76c22bf10 )
- Update SDK from 1.36.2 to 1.36.3 to fix connectivity issues ( 865b275b4 )
- Fix
edgehub_queue_len
counting ( d3f649886 ) - Fix detect fail-over from iot hub/sdk behavior and disconnect from hub ( 676a0f58c )
- Remove WebSocket Ping KeepAlives ( 31531ec22 )
- Update links to docs from .md files ( 97c803071 )
- Fix
OnReconnectionClientsGetTwinsPulled()
increased timeout ( e6ddd546b ) - Add
RocksDB_MaxManifestFileSize
env var ( 2c878635c ) - Add connection-check for direct method test ( 0ad320041 )
- Update SDK references to fix Dotnetty bug ( 0750a4414 )
- Create identities for leaf ( ca2f4aac5 )
- Add
ComponentName
to message properties ( 9a32670dd ) - Remove redundant tests and wait for device to be disconnected ( 221048a9c )
- Fix exception type in
BrokerConnection::SendAsync
( bbe3525af ) - Don't dispose stream too early ( ce0ca9a87 )
- Fix edgeHub error code propagation in case of an error ( 8250d87a5 )
- Change default uid ( b443b0c2f )
- Format error message in registry controller (#4776) ( 0dceddcfa )
- Fix
edgehub_queue_len_metric
( 065bf3297 ) - Update rust toolchain to 1.52.1 ( e5218d1e7 )
- Overwrite
IsDirectConnection
flag when device changes fromIndirect
( 68d5ebff4 ) - Restore device scopes from older store (version < 1.2) ( 207a5f07b )
- Upgrade cargo deps for watchdog ( 797df90bc )
- Close AMQP connection explicitly when no more links ( 6c8134e6c )
- Add
SharedAccessSignature
to repo with fix for vulnerability ( 6c4269a0b ) - Add validation for null props inside objects inside arrays. ( f96961f4a )
- Fix resolving BrokeredCloudProxyDispatcher ( ef27142f9 )
- Fix getDeviceAndModuleOnBehalfOf to check if target device is in scope ( 7c3261a67 )
- Send connection device Id information on twin change notifications ( cd39064f5 )
- Update
HttpClient
timeout for scope sync ( 5b22e774f ) - Add caching to TokenProvider ( 8988456 )
- Registry API On-behalf-of calls auth check fix ( cad6c5b0c )
- Device scope cache refresh ( 44b599caa )
- Update rust toolchain to 1.51 ( 0f1d90c7c )
- Update bridge config validation. ( 78236a7ba )
- Add edgeHub identity to the scopes cache at the startup ( 0dbdd0577 )
- Drop messages when device is not in scope and auth mode is Scope ( 51ad827de )
- Update client twins after disconnect/connect ( 794c32459 )
- Throw transient error when edgeHubCore is disconnected from the broker ( b196a15e3 )
- Don't unsubscribe when there is no subscription registered ( 53ff15b8c )
- CloudConnection did not forward
close()
call to cloud proxy ( 6f3f8ecc4 ) - Move
NestedEdgeEnabled
out of experimental features. (#4467) ( 7e0fc1fae ) - Add a separate message pump for messages from upstream ( 0e6985445 )
- Verify Twin Signatures ( e8d2bc270 )
- Enable Edge CA auto-renewal by default ( 04bd75d9c )
- Correct handling of
/images/create
response stream ( 287629d09 ) - Fix debug artifacts being used in the release pipeline. ( 59b192cff )
- Flatten additional properties of metrics ( dbc6af347 )
- Upgrade to latest Rust version ( 9f674bdf5, f9c174f98, 4dfe8b1bf )
- Remove
check_submodules
tool ( 038f1c5a2 ) - Fix for new hostname conflicting with old modules ( bb844b5a8 )
- Fix exit code when restarting due to reprovision ( 223f3922a )
- Fix subject name setting of Edge CA ( 921840e02 )
- Remove Debian 9 from main ( 30a1ee5d9 )
- Build docker images with embedded metadata ( a458af376 )
- Add auto-renewal of the Edge CA cert ( d8ae9bd7d )
- RHEL8 packages ( 53d3afc2a )
- Add settings for auto-renewal of Edge CA ( a8fb6465e )
- Remove
failure
dependency ( 496c89924 ) - Device product information ( 9faf5a5c0 )
- Upgrade Rust toolchain ( bf3f444b8 )
- Update regex to 1.5.5 ( 9f0f7f424 )
- Update scripts for removing keys and certificates on edge device ( 9557aecff )
- Update references to the default branch ( 04ee9751f )
- Update tokio, rayon, and crossbeam to latest compatible versions ( 54163699b )
- Upgrade Rust toolchain ( ab700e82a )
- Move test clients and functions to iot-identity-service ( f8155c06a )
- Update cargo dependency ( 512f1364b )
- Add Instructions to Run Azure IoT Edge Daemon Locally ( bd43e5d5e )
- Update vulnerable
regex
package ( cfeea7d14 ) - Change default common name of Edge CA cert to "aziot-edge CA" ( a62e2cad6 )
- Update vulnerable
nix
version ( 33c8a778f ) - Update tokio to 1.15.0 ( c941f0605 )
- Update edgelet cargo dependency ( 132e1d340 )
- Iotedge check proxy-settings ( dc6d0d093 )
- Remove moby check ( 3b95ec7c9 )
- Remove Subject Alternate Name Sanitization in Workload Cert Creation ( 070610dbc )
- Reorder
identity_pk
andidentity_cert
( cb3d8b552 ) - Fix typo in template configuration ( 02cf5a733 )
- Update template configuration with subject DN options ( 452fcc5ee )
- Fix bug where Edge CA is always self-signed ( 4e7a5bbab )
- Use IS client retries ( 87f978e4f )
- Recreate edgeAgent when not Running, Stopped, or Failed ( 6b21874fe )
- Expand build targets to include Debian11 ( a9dc1df65 )
- Update cargo dependency ( 31c4afa17 )
- Add doc for device ID and Edge CA certs over EST ( 1d58e64c3 )
- Fix missing uptime in iotedge list ( f0cb947ab )
- Fix aziot-edged startup when mnt is missing ( 68f564c77 )
- Disable connection pooling for docker client. ( b35d36493 )
- Renew Edge CA on startup of edged ( 96d003115 )
- Use 1ES hosted agent for amd64 single-node connectivty tests ( b4b2d7d93 )
- Update edgelet to use tokio 1 ( 4c2f173b3 )
- Fix various RUSTSEC ( 89917f1bb )
- Add timestamp to the default support-bundle filename ( d7f36c178 )
- Handle
proxy_uri
consistently in iotedge check ( ff79848aa ) - Fix host cpu metric incorrectly reported at 100% (#5204) ( 3eaaae993 )
- Implement throttling mechanism to prevent spamming of workload socket ( 63c566b97 )
- Update connectivity check on ports to skip checks when not needed ( ec491d799 )
- Introduce multiple workload sockets ( 323bdc9ac )
- Fix Privileged Flag ( 07d6c3c67 )
- Introduce
Timestamps
Option via mgmt.sock (#4970) ( 244723e5c ) - Improve log message for container state ( c07ade738 )
- Device config has
allow_privileged
flag ( 6a035ea09 ) - Fix DPS E2E tests ( 46db9fdfc )
- Enable aziot-edged in CentOS package ( dafe2ece2 )
- Limit sysinfo crate FDs usage. ( bc5606131 )
- Change default uid ( b443b0c2f )
- Make edgelet uses
humantime
instead ofparse_duration
( 450830433 ) - Edgelet RUSTSEC dep update ( 6cae62e46 )
$upstream
support for container registry address ( 58f5faa0c )- Registration ID is optional in super-config ( 35da91ee8 )
- Fix auth certs for EST-issued Edge CA in
iotedge config apply
( 4e29eabc8 ) - Fix Edge CA and module cert CSRs to use version 0 (v1) instead of non-existent version 2 (v3). ( a88f820a5 )
- Support issued Edge CA cert in
iotedge config apply
( 0d579a75f ) - Resolve security concern in logging ( e96554c63 )
- Validate connection string during
iotedge config mp
( 10c82de0d ) - Update iot-identity-service dependency ( d7cc38c27, 5c423cf87 )
- Update the dev version to 1.2 ( 1a796160e )
- Fix for expired CA certificate not renewing ( 04e78bd85 )
- Make super config public ( 825017957 )
- Fix links in help message ( 8533efe2c )
aziotctl system
improvements +system status
formatting changes ( e9923a619 )- Add iotedge user to systemd-journal group ( 1ec948635 )
- Update cargo dependency for iot-identity-service ( 8a6b87fca )
- Update iotedge check for version 1.2.0 ( 80f95d83a )
- Remove references to 'iotedged' from
iotedge
help text ( 0f82c622b ) - Cache device provisioning state ( d9be1e994 )
- Fix check-agent-image-version check for nested Edge scenarios. ( 146f53052 )
- Document the super-config's
agent.config.createOptions
value format more clearly. ( 28ec7b56a ) - Prepend iotedge-config suggestions with sudo. ( e021231b3 )
- Import master encryption key in
iotedge config import
( 1b2ece4a0 ) - Fix
iotedge config apply
not picking up parent hostname because of serde bug. ( fb3c42c80 ) - Fix self-signed edge-ca cert to use its subject name as the issuer name. ( 40ddfff90 )
- Set default agent version to 1.2.0-rc4 ( d7ad36670 )
- Read
parent_hostname
configuration from aziot ( 13124b87c ) - Iotedge system stop ( 94226fd1c )
- Remove leftover unused lint exceptions ( 9d43de593 )
- Use unique common name for edged-ca cert when apply'ing super-config. ( 34e7a6c72 )
- Bump
serde-yaml
version to 0.8 ( 226c01b51 ) - Change default quickstart Edge CA expiry to 90 days. ( 0a1c70406 )
- Re-add dynamic provisioning support ( c0997a78f )
- Add iotedge system reprovision ( 98c916839 )
- Fix versioning scheme ( 9737395cf )
- Add check version for agent image ( deb8a62b8 )
iotedge check
improvements for nested edge ( 22819dd7f )- Add "required" annotation to iotedge-config-mp's
--connection-string
parameter. ( 102936097 ) - Remove constrain that makes no sense in general case ( 168a79c2b )
- Add check
up_to_date_config
( 8af0fe818 ) - Add
iotedge config mp
to create a super-config with a manual-provisioning connection string. ( 8a9787745 ) - Bump aziot version ( bb6d7aeb0 )
- Add optional proxy argument to iotedge ( 6b0c6c5d8 )
- Fix package purge when aziot-edged is running ( 73da8adcc )
- Ignore validity in cert API requests ( a526d6306 )
- Update postrm to delete iotedge user on purge ( 1c0fc8cd7 )
- Fix license type in aziot-edge.spec ( 062592e3b )
- Fix from bugbash ( c6a9bbb44, 7245c8e05 )
- Implement workaround for nested Edge until identityd supports
parent_hostname
. ( dc7c92944 ) - Convert iotedged config to TOML, and implement
iotedge config
( d0978bf63 ) - Skip latest version check in nested scenarios ( 941479382 )
- Azure Functions Module supports only Amd64 ( c57446255 )
- Upgrade to latest Rust version ( 9f674bdf5 )
- Bump Device SDK to latest LTS version ( 90e5b3264 )
- Restrict TLS protocol to 1.2 for ApiProxy modules ( 4a76a20b1 )
- Update ARM32 and ARM64 images to use Alpine ( 059aaea2d )
- Build docker images with embedded metadata ( a458af376 )
- Api proxy image update ( cca4ae51d )
- Remove
failure
dependency ( 496c89924 ) - Migrate to Dotnet 6 ( 37234e02b )
- Update
regex
to 1.5.5 ( 9f0f7f424 ) - Fix API proxy for special characters ( 26ab9c135 )
- Update references to the default branch ( 04ee9751f )
- Upgrade Rust toolchain ( ab700e82a )
- Update
Microsoft.Azure.Devices.Client
from 1.36.3 to 1.36.4 ( 19beaae55 ) - Update Base Images for a Security Patch ( e6d52d6f6, 7e0c1a5d3, 704250b04, b592e4776, 5cb16fb5d, addda2b60, b00a78805 )
- Update tokio to 1.15.0 ( c941f0605 )
- Build rocksdb and arm images in amd64 hosts (ubuntu 20.04 hosts) ( 2ad61fa31 )
- Add delay between nginx crashes ( 2f6bfb30b )
- Add
ContentEncoding
andContentType
to support routing and Event Grid for TempSensor Module ( e261b4b43 ) - Update SDK from 1.36.2 to 1.36.3 to fix connectivity issues ( 865b275b4 )
- Change so nginx doesn't start as root by mistake ( 6769f901e )
- Update TempFilterFunc binding protocol to
Amqp_Tcp_Only
( 72266d057 ) - Update SDK references to fix Dotnetty bug ( 0750a4414 )
- Fix functions sample on centos ( ada39f5c6 )
- Api proxy image update ( 5288a2763 )
- Update edgelet to use tokio 1 ( 4c2f173b3 )
- Update System.Text.Encodings.Web ( ad88f8e32 )
- Fix API proxy cache ( a6064515c )
- RUSTSEC fixes ( e24cec895 )
- Run API proxy as nginx user ( 05c9f7852 )
- Not running api proxy as root ( 675f0e3d0 )
- Change ssl protocols and ciphers ( e369ef883 )
- Update functions packages ( f52a88457 )
- Update tokio and hyper dependencies ( 39bd6dc31 )
- Add ACR unit tests for config parser ( ab6304d68 )
- Fix user configuration ( 73da8f688 )
- Fix setting up env var when receiving new config ( d0c1bf84a )
- Change default uid ( b443b0c2f )
- Fix merge problem. ( 1947aea51 )
- Fix potential instability in iotedged after UploadSupportBundle fails. ( 4c6f5d727 )
- edgehub-proxy update RUSTSEC deps ( e44dd81a6 )
- Adding boolean expression parsing to API proxy ( d1206d949 )
- Update rust toolchain to 1.52.1 ( e5218d1e7 )
- Simplify config parsing ( 5ade90d4c )
- Update functions to 3.0 ( 124a20cd4 )
- Change config on initial twin ( 5421f9e7b )
- Hide SAS key ( 9e8323524 )
- Upgrade api-proxy module to tokio1 ( 8155604c2 )
- Update rust toolchain to 1.51 ( 0f1d90c7c )
- Fix API proxy race condition (#4768) ( d2c331d60 )
- Fix Api proxy indirection ( d129a0719 )
- Merge api proxy edge hub pr ( 8ac0a7462 )
iotedge check
improvements for nested edge ( 22819dd7f )- Change nginx from alpine to ubuntu bionic ( 89ad3dab0 )
- Fix arm64 image ( 17d7cadab )
- Remove references to iiot branches ( 436bada3a )
- Fix api proxy ( 1d7e0a1bb )
- Revert to nginx image ( c2bce19df )
- Restore SystemInfo structure for product information ( bf31d16 )
- Update Base Image to address security vulnerabilities CVE-2022-23267 CVE-2022-29117 CVE-2022-1271
- Configurable task for cancelling hanging upstream calls( 12b52ba )
- Update Base Image to address security vulnerabilities CVE-2022-23267 CVE-2022-29117 CVE-2022-1271
- Improve error logging for WorkloadManager ( f2e5a47 )
- Fix exit code when restarting due to reprovision( d7d98d0 )
- Mariner 2.0 Package Build for IoTEdge( 63273b1 )
- Flatten additional properties of metrics ( 4983128 )
- Dev identity issues when switching identities ( fb8d034 )
- Update regex to 1.5.5 ( cb20b6b )
- Device product information ( 477814d )
- AMQP CBS token message dispose ( 8670979 )
- Dev identity issues when switching identities ( fb8d034 )
- Update tokio, rayon, and crossbeam to latest compatible versions( d468058, a0f148e )
- Update regex to 1.5.5 ( cb20b6b )
- Device product information ( 477814d )
- Fix underflow possibility on ColumnFamilyDbStore ( bc78f1c )
- Remove BouncyCastle dependency ( 403ca87, 7589457 )
- Update
Microsoft.Azure.Devices.Client
SDK ( 4b7570f )
- Fix underflow possibility on ColumnFamilyDbStore ( bc78f1c )
- Remove BouncyCastle dependency ( 403ca87, 7589457 )
- Restart EdgeHub upon certificate renewal ( c5e90a7 )
- Update
Microsoft.Azure.Devices.Client
SDK ( 4b7570f ) - Workaround for windows-certificate import problem for EdgeHub in Visual Studio debug runs ( 0ed0c71 )
- Remove
sudo
fromiotedge check
for local proxy setting check ( 5976efb ) - Update vulnerable regex package ( a34fd5b, fe7de0b )
- Update base image for security patch ( 8194a93 )
- Removed Moby check ( 27a14d8 )
- Fix for workload socket issue for concurrent module creation ( 5712dcc )
- Addition of device ID to edge CA common name to support large number of devices ( 6627c7a )
- New IoTedge check called proxy-settings which verifies proxy settings ( 4983128 )
- Revert 2677657, which inadvertently disabled duration and Unix timestamp formats in the since and until arguments of GetModuleLogs and UploadModuleLogs direct methods ( f7f4b89 )
- Add
RocksDB_MaxManifestFileSize
env var to Edge Agent and Edge Hub ( c9c4b29 ) - Recreate edgeAgent when not Running, Stopped, or Failed ( c5d6176 )
- Update SDK to 1.36.3 ( f12d7ca )
- Update Base Images for a security patch ( d6e3657 )
- Restricting EdgeAgent identity parallel operation calls to edged to 5 ( 2391cd9 )
- Remove WebSocket Ping KeepAlives ( 2d451cc )
- Update SDK to 1.36.3 ( f12d7ca, 9a2a526 )
- Update Base Images for a security patch ( d6e3657 )
- Detect fail-over from Iot Hub and SDK behavior and disconnect from IoT Hub ( 52c563a )
- Fix
edgehub_queue_len
metric ( 487890d )
- Update TempFilterFunc binding protocol to Amqp_Tcp_Only ( a5e559c )
- Update Base Images for a security patch ( d6e3657 )
- Update SDK to 1.36.3 ( f12d7ca )
- Disable connection pooling for docker client ( 12e12cf )
- Allows an issued Edge CA certificate to be specified in the super config ( 6368eb6 )
- Fix workload socket permission denied ( 861aceb )
- Backport EST documentation and update configuration template ( 3822152 )
- Fix typo in template configuration ( d0978ba )
- Delay frequent twin pulls on reconnect ( 95b4441 )
- Make sure to dispose HttpContentStream when done reading module logs ( 47011b1 )
- Update Base Images for a Security Patch ( 3b83e7f, 56e96cd )
$upstream
support for container registry address ( ebdb5be )- Fix edgeAgent creates rogue ModuleClients when encounters an error ( 4b87cc9 )
- Update SDK to fix dotnetty bugs ( ea818f0 )
- Add a component name to message properties ( 4f36aba )
- Update Base Images for a Security Patch ( 3b83e7f, 56e96cd )
- Enable leaf identity creation ( 358aeb7 )
- Update SDK to fix dotnetty bugs ( ea818f0 )
- Use separate flag for MQTT Buffer pooling ( 38f34f6 )
- Update Azure Functions packages ( d8ea036 )
- Update Base Images for a Security Patch ( 3b83e7f, 56e96cd )
- Fix find_first_block seek logic ( 1c9b39a )
- Fix host cpu metric incorrectly reported at 100% ( 876900a )
- Add timeout to support bundle calls ( 16ede21 )
- Introduce
allow_elevated_docker_permissions
flag ( 175603c ) - RUSTSEC Security Update ( 24e4d27, b59a089, 5e2ba80, 790a8f9, c6d805b )
- $upstream support for container registry address ( ebdb5be )
- Improve Workload Manager logging and cleanup ( febd7a2 )
- Update cargo dependencies ( f147f12 )
- Update Azure IoT Identity Service components to version 1.2.3 ( fea0ae2 )
- Fix
iotedge check
recommending an old version of aziot-identity-service. ( 87381d9 )
- Properly dispose UDS for Workload Client. ( 472cee5, f9cdb59 )
- Update Base Images for Security Vulnerability ( d0e6113 )
- Use Docker Timestamp When Log Timestamp is not Available in JSON-formatted log. ( d336d08 )
- Update Base Images for Security Vulnerability ( d0e6113 )
- Propagate back error code from edgeHub ( 421347d )
- Fix potential instability in iotedged after UploadSupportBundle fails. ( f567e38 )
- Update Base Images for Security Vulnerability ( d0e6113 )
- Update Temperature Filter Function sample module to be using .NET3.0. ( adf8878 )
- Enable aziot-edged in CentOS package. ( 0539cdb )
- Update IoT Identity Service to version 1.2.1 ( 572de56 )
- Update Base Images for Security Patch. ( 513f721 )
- Update bridge config validation. ( afdc9c2 )
- Device scope cache retry for first initialization. ( 3b903a1 )
- Add validation for null props inside objects inside arrays. ( c25fcb9 )
- Adds SharedAccessSignature to repo with fix for vulnerability. ( 60d411c )
- Update GetModuleLogs method when tail + since + until options are provided. ( 2b650a8 )
- Fix edgehub queue len metric ( 4068369 )
- Update Base Images for Security Patch. ( 513f721 )
- Restore device scopes from older store. ( c90245b )
- Introduce Timestamps Option via mgmt.sock. ( 37c661b )
This release contains a significant refactoring to the IoT Edge security daemon. It separates out the daemon's functionality for provisioning and providing cryptographic services for Linux-based devices into a set of stand-alone system services. Details on these individual system services can be found in the Overview of the related github repository in which they reside.
Every attempt has been made to ensure that the APIs on which Edge modules depend will remain unaffected and backward compatible. Issues affecting Edge modules will be treated with the highest priority.
The refactoring does affect the packaging and installation of IoT Edge. While we've attempted to minimize the impact of these there are expected differences. For more details on these changes please refer to the discussion of Packaging.
- Update Base Images for Security Vulnerability ( ac0da07 )
- Update SDK version ( 46c2d20 )
- Update .NET Core Runtime base images ( 8f9e22e )
- Update http client timeout for scope sync ( 69d8c0c )
- Add caching to TokenProvider ( 8988456 )
- Update Base Images for Security Vulnerability ( ac0da07 )
- Fix edgeHub children mismatched leaf device subscriptions ( 39c600f )
- Improve registry controller error message ( 0b0a40e )
- Add edgeHub identity to the scopes cache at the startup ( 621a2ad )
- Improve AMQP messages
Batchable
delay ( e88c2b9 ) - Fix websocket authentication with certificates over ApiProxy ( 6c48961 )
- Fix EdgeHub dropping routing RP upon info forwarding ( fa60e52 )
- Fix registry API On-behalf-of calls authentication ( 64fb35b )
- Fix getDeviceAndModuleOnBehalfOf to check if target device is in scope ( 5e1028e )
- Fix resolving BrokeredCloudProxyDispatcher ( 5fc8dfb )
- Update SDK version ( 46c2d20 )
- Fix twins reconnection issue for clients with MQTT upstream ( eb6051c )
- Support new SDK subscription optimization ( 1e3ee4b )
- Propagate close() upon cloud proxy for CloudConnection ( b5177de )
- Update .NET Core Runtime base images ( 8f9e22e )
- Drop messages when device is not in scope and auth mode is the scope ( 7c08b9c )
- Move NestedEdgeEnabled out of experimental features ( ee703c4 )
- Update
iotedge check
for version 1.2.0 ( db18594, ee73e76 )
- Fix for expired CA certificate not renewing ( ac142d1 )
- Cache device provisioning state ( 9301f13 )
- Fix check-agent-image-version check for nested Edge scenarios ( 36d859e )
- Import master encryption key in
iotedge config import
( 01ef049 ) - Fix
iotedge config apply
not picking up parent hostname because of serde bug ( b4c600a ) - Read
parent_hostname
configuration from aziot ( b14db9d ) - Update serde-yaml version ( 474ce0e )
- Enable dynamic provisioning support ( d9aa3ac )
- Fix package purge when aziot-edged is running ( 808a2d7 )
- Ignore validity in cert API requests ( 109ee6a )
- Allow aziot-edge to collect system logs when calling remote support-bundle ( a0f3725 )
aziotctl system
improvements ( d62b22f )- Update
iotedge check
&iotedge config
for version 1.2.0 ( ee73e76, 33661f5 ) - Document the super-config's agent.config.createOptions value format more clearly ( 76c4b70 )
- Introduce
iotedge system stop
( ca77919 ) - Introduce
iotedge system reprovision
( cf62d66 ) - Introduce edgeAgent image version check ( be8bb55 )
- Allow Connection with trust bundle in the Nested topology ( fb3f1a3 )
- Introduce check up_to_date_config ( 8e4f685 )
- Introduce optional proxy argument to iotedge ( a0a883d )
- Preview support for Linux arm64
- Upgrade Moby version in .cab file to 3.0.5 (f23aca1)
- Update .NET Core version to 2.1.10 (ad345ef)
- Stability improvements
- Upgrade C# Client SDK to 1.20.3 and Service SDK to 1.18.1
- Various improvements to
iotedge check
troubleshooting command - Fix Win install setup for symmetric key provisioning mode (602472f)
- Support for arm64 (6189e21)
- Initial support for remote get of module logs (c49f957, 6bc92d2, e064a59, 5b310b1, a8cdf8d, 75d7460, 951afd8, edaad81, 83118b2, 5ce1903, 372026e)
- Additional optional settings to limit upstream bandwidth usage
- Fix NRE in IotHubReporter.ReportShutdown (81065db)
- In some cases Edge Agent won't restart a stopped module (6261fc9)
- Edge Agent can support local Docker registries (2086d4b)
- Be more resilient on GetTwin calls (2c4bc2a)
- Strip headers in get logs calls when sending to blob store (95a657a)
- Implement equality on registry credentials to prevent unnecessary backup (c6b0ba9)
- Add timeout to workload client calls (a1b77bf)
- Fix file extension for logs uploaded to blob store (49d8655)
- Add ability to get status of logs upload request (e7876eb)
- Put experimental features behind experimental flags (9e6ea0c)
- Support for arm64 (4fdfa40)
- Upstream performance improvements (864b33d)
- Twin Manager v2 is now default (96a0087)
- Encrypt twins at rest (075d5c0)
- Additional optional settings to limit upstream bandwidth usage
- Fix IoT Hub name parsing in AMQP SASL Plain auth (bb6c327)
- Set EdgeHub user id to UID 1000 explicitly (cf40c16)
- Fix possible NRE in messages (1c2efc6)
- Fix edge case in checking twin version when storing (663198c)
- Forward product information for connected devices and modules (749b9b7)
- Configure MQTT protocol head to use num_procs * 2 threads. Improves stability on constrained devices. (206568c)
- Put experimental features behind experimental flags (9e6ea0c)
- Update uTPM to support Resource Manager v2 (a272069)
- Return meaningful exit codes on failure (62f3d44)
- Properly handle asynchronous errors when pulling images (020ddbc)
- Fix RPM packages for SUSE (c16bc50)
- Don't lowercase the keys in
config.yaml
(34df35a) - Windows install script checks for container feature (90f6368)
- Do not reconfigure when provisioning from the backup (b40ab5b)
- Support for arm64 (a9474e0)
- Fix regression in DPS use on Windows
- Stability improvements
- Workaround
ObjectDisposedException
bug in C# SDK by exiting the process (bbc8d3c)
- Workaround
ObjectDisposedException
bug in C# SDK by recreating the client (e458e14, 7598ef0, c608f38)
- Edge Agent pulls images before creating
- All processes in a container can authenticate with
iotedged
- Provisioning: Symmetric key attestation method support
iotedge check
troubleshooting command- Upgrade C# SDK to 1.20.1
- Agent pulls images before stopping (57c6f7d, 4992833)
- Upgrade to version 1.20.1 of the C# SDK (1637ff9)
- Twin refresh timer logic is now a simple loop (cb7af40)
- Add explicit timeout to
Edge Agent
<-->iotedged
operations and more debug logs (f2cb600)
- Upgrade to version 1.20.1 of the C# SDK (1637ff9)
- Defaults to OptimizeForPerformance=false on arm32v7 (43d47b0)
- Limit MQTT thread count on arm32v7 (2509438, 56a6db1)
- Process subscriptions from clients in batch (20cb6c4)
- Support for DPS symmetric key provisioning (b7adfff)
- All modules processes are authorized to connect (777aec1)
- Add
iotedge check
troubleshooting command (1d74b97) - Use CAB file for Windows installation (ce232a8)
- Encode deviceid/moduleid for IoT Hub operations (bb10be0)
- Load encryption key before generating it (9174a89)
- Add SendData and SendInterval twin configuration (7dc7041)
- Upgrade to version 1.20.1 of the C# SDK (1637ff9)
- Upgrade to version 1.20.1 of the C# SDK (1637ff9)
- Reverts name sanitization of the common name on generated certificates (078bda7)
- Stability and reliability fixes
- Update to .NET Core 2.1.6 (d2023be)
- Fix module restart logic when Edge Agent clock is off (72f7112)
- Use HTTPS proxy on Linux and Windows (fceef9f)
- Update to .NET Core 2.1.6 (d2023be)
- Support X509 certificate authentication by default for downstream devices (4a46290)
- New improved Twin manager - in preview and not enabled by default (d99f8ff)
- Use HTTPS proxy on Linux and Windows (eb75f34)
- Allow modules on Edge devices with no device scope to connect to Edge Hub (761254f)
- Handle clients with special characters (82ce72e)
- Fix potential for dropped messages when device is rebooted (88fd5ab)
- Sort serialization of environment variables in config.yaml (0e6a402)
- Support installing iotedged on localized Windows installations (d9b12c9)
- Reinstate "nat" as the Moby network for Windows containers (913678a)
- Support Windows 10 1809 (RS5)
- Improved error messages in
iotedge
/iotedged
- Stability and reliability fixes
- Parallelize stopping modules on shutdown (271e930)
- Avoid caching backup.json on every reconcile (2cea69f)
- Drain messages from disconnected clients to IoT Hub (d3f801b)
- Make device/module client operation timeout configurable -- helps slow connections (6102e31)
- Resync service identity if client request cannot be authenticated (677e16d)
- Enable support for X.509 thumbprint and CA auth for downstream devices - not enabled by default (187e3df)
- Add support for X.509 auth for HTTP and MQTT over Websockets - not enabled by default (9b56f3d)
- AMQP and AMQP+WS support for X.509 authentication - not enabled by default (875776c)
- Allow multiplexing client connections over AMQP (93be534)
- Fix NRE in TwinManager (29f5b74)
- Handle NRE thrown by device SDK (5f5fd67)
- Fix obtaining upstream connection when offline (75e7968)
- Fix MessageStore initial offset after restart (81f93dc)
- Add timeout / cancellation support to Store apis (0eb279b)
- Add identity certificate endpoint to workload API (40f1095)
- Add module list to workload API (5547161)
- Support Unix Domain Sockets on Windows 🎉 (b1ee469)
- Move network-online.target to Wants from Requires in systemd unit (c525acc)
- Add more informative error messages (326ef8c)
- Add support for x.509 v3 extensions Subject and Auth Key Identifiers (9b98780)
- libiothsm-std now includes an so version (5667a9f)
- Remove write access for BUILTIN\Users in
C:\ProgramData\iotedge
(d6b8c3a) - Update Windows images to RS5 (f72a238)
- Enable TLS 1.2 for Invoke-WebRequest (e93e707)
- Start service automatically on Windows startup when using Windows containers on Moby (f72a238)
- Restart service on crash (f72a238)
- Windows installer support for offline installation (using the `-OfflineInstallationPath parameter) (8cec3d5)
- Windows installer support for reusing previous config.yaml on reinstall (82b82cc)
iothsm.dll
now configured to use physical TPM instead of emulator
- Fix potential race in management API list modules (645545a)
- Update Windows installer to create user-defined network for modules (6d5b95a)
- Stability and reliability fixes
- AMQP+WS in Edge Hub
- Functions Binding published as Nuget package
- Allow longer createOptions fields (ecfc2a0)
- N/A
- Fix updating message store endpoints when routes are updated (98a61c0)
- Support C SDK CBS mode on AMQP (84be08c)
- Improve connection recovery after offline periods (6069f7f)
- Setup storage directory in all cases (e0a1a08)
- Fix handling of re-subscriptions after an offline period (d8b9038)
- Improved error messages for docker image pull failures (0d13741, 9f500e4)
- Update hyper http library to 0.12 (10d1d79)
- Regenerate quick start mode CA certificate on startup (d2195f8)
- Add aarch64 build scripts (13ddaa6)
- Support HTTP proxy authentication (42af84d)
- Do not return container sizes in list response (performance improvement) (8ecb27b)
- Add PartOf to iotedge.socket units to enable proper shutdown (f48a966)
- Add docker.service as a dependency of iotedged.service (281c73e)
- Improve Windows install/uninstall experience (a135bdf)
- Fix Stop-Service error on Windows (466fe02)
- Publish Functions Binding as a nuget package (c7ed2b5)
- N/A
- Limit number of messages sent (d0b2196)
- N/A
- Update C# SDK to 1.18.1 (5e1a983)
- N/A
- N/A
- N/A
- N/A
- Adds HTTP Proxy support across the various components of the runtime (956c99f)
- N/A
- Remove CamelCase property name resolver from json deserializer (a924608)
- Add support for extended offline (various commits)
- Upgrade device SDK to 1.18.0 (eeee143)
- Improve startup time (3ac39ac)
- Fix MQTT topic parsing for topics with a trailing slash (DeviceNotFound exception) (2b09542)
UpstreamProtocol
environment variable values are now case insensitive (f48c780)- DotNetty Timeout exceptions are mapped to general timeout exceptions (45bac36)
- Fix potential high-bandwidth usage when SAS tokens expire (9d2ba5e)
- Fix for possible
NullReferenceException
in theTwinManager
(0b4ef50) - Fix twin desired property change notification request handling (8b1fb67)
- Improved error messages for missing/invalid connection strings in config.yaml (94621d5)
- Upgrade to v2.0 of the Azure Functions runtime (1bc69d1)
- N/A
- Updates to license (allow redistribution) and third party notices (9ca6055)
- Ignore version property when comparing module definitions (2fd4bf1)
- Fix exception in logs when MQTT is used as upstream protocol (2d6824b)
- Reduce noise in the logs for planner failures (29fd10e)
- Fix backwards compatibility with iotedgectl (cc7e142)
- Add
connectionDeviceId
andconnectionModuleId
properties to outgoing messages on AMQP (e636135) - Align direct method response with IoT Hub behavior (539f376)
- Prevent connecting to IoT Hub for disconnected clients. Prevents possible tight loop in token refresh (7c77b7f)
- Align MQTT topic parsing with IoT Hub behavior (b19bbb4)
- Fixes receiving messages in batches over AMQP (02f193a)
- Increase twin validation limits (2590d7e)
- Align AMQP link settle modes with IoT Hub (93f13b8)
- Windows installation script (dea9cfc)
- Support older version of systemd (df8d10b)
- Add RPM packages for CentOS/RHEL 7.5 (a090acb)
- Fix internal server error when exec'd into a container (31468a1)
- Module identity delete should return 204, not 200 (2163103)
- Ensure modules get new server certificates when requested (5bba698)
- Update to .NET Core 2.1.2 (542971)
- Update to latest Azure Functions runtime on armhf (31ad5be)
- Update to C# SDK 1.18.0 (dfc72b5)
- Binding uses MQTT protocol by default (f0ce4a5)
- Allow reset command to be an array of messages (bf5f374)
- Add deprecation notice
Initial release