Azure Module Policies

1. Introduction

Each Azure IoT Edge device (edge node) runs at least two modules: 'edge agent module twin' and 'edge hub module twin,' which are part of the Azure IoT Edge runtime. The IoT Edge devices can run multiple additional modules (up to 50 modules) for many processes. Use a deployment manifest to tell your edge node which modules to install and configure them to work together.
The deployment manifest is a JSON document that describes:
  • The IoT Edge agent module twin, which includes three components:
    • The container image for each module that runs on the device.
    • The credentials to access private container registries that contain module images.
    • Instructions for how each module should be created and managed.
  • The IoT Edge hub module twin includes how messages flow between modules and eventually to IoT Hub.
  • The desired properties of any additional module twins (optional).
All IoT Edge devices must be configured with a deployment manifest. A newly installed IoT Edge runtime reports an error code until configured with a valid manifest.

2. Module Policy Scenarios

2.1. Two module policies defined for the edge node or group of edge nodes

You have defined module policy 'Module-policy1' with a set of modules (including the Edge agent and Edge hub) and deployed them via deployment manifest to come online on an edge node or a group of edge nodes. Now, you define another module policy, 'Module-policy2', and defined a new set of modules. However, you see the modules from the first policy.
The reason can be the low priority of Module-policy2 than Module-policy1 or the wrong tag/target condition. Even if you delete the module policy, that does not mean the modules will get deleted from the edge node. This is the way Azure IoT has designed the module deployment with a manifest.
In case you want to delete a specific module, the following are the options you could choose from:
  • Update the module policy and delete the module from the policy you want to delete from the edge node.
  • Create a new module policy with a new set of modules, and priority should be greater than the module policy currently applied. Also, it should have the right tag.
  • Create a module policy without a module and with a correct target condition. Set the priority higher than the one applied currently. The new module policy with no module is applied and will delete all the modules from that edge node (edge agent module twin' and 'edge hub module twin' will remain, though).
Was this article helpful?
1 out of 1 found this helpful