RaspberryPi3 not connecting to openbalena

stephanp · November 28, 2021, 1:45pm

Hi,

I have worked through the openbalena getting started guide. I’m on a local setup:
raspberrypi3-64-2.80.3+rev1-dev-v12.7.0.img
PC Windows running cli version 12.54.5
PC Linux running Ubuntu 18.04.4 LTS with openbalena:

api v0.139.0
db v4.1.0
mdns v1.9.2
registry v2.16.1
s3 v2.9.9
vpn v9.17.11

I have a local dns pointing for all the following names to the openbalena ip (10.0.10.9):
api.topfdomain.local
registry.topfdomain.local
vpn.topfdomain.local
s3.topfdomain.local
tunnel.topfdomain.local

From the CLI I’m able to login to the openbalena server and can connect via balena ssh to my raspberry.

I modified the image for the raspberry with the CLI as explained in the getting started procedure.

curl -k https://api.topfdomain.local/ping is returning OK when i run it from the raspberry.

Can someone confirm, that such a setup worked with a raspberry?
Currently I don’t know where to search the problem.

I get the following lines on the raspberry from journalctl
Can’t interprete this error messages.

Nov 28 13:30:40 6deb90c b0e641564f9d[1322]: [event]   Event: Device bootstrap failed, retrying {"delay":30000,"error":{"message":"","stack":"Error\n    at /usr/src/app/dist/app.js:10:913015\n    at runMicrotasks (<anonymous>)\n    at processTicksAndRejections (internal/process/task_queues.js:97:5)"}}
Nov 28 13:30:40 6deb90c balena-supervisor[24105]: [event]   Event: Device bootstrap failed, retrying {"delay":30000,"error":{"message":"","stack":"Error\n    at /usr/src/app/dist/app.js:10:913015\n    at runMicrotasks (<anonymous>)\n    at processTicksAndRejections (internal/process/task_queues.js:97:5)"}}
Nov 28 13:30:49 6deb90c prepare-openvpn[25548]: prepare-openvpn: [INFO] Balena.io VPN authentication.
Nov 28 13:30:49 6deb90c openvpn[25551]: Sun Nov 28 13:30:49 2021 WARNING: file '/var/volatile/vpn-auth' is group or others accessible
Nov 28 13:30:49 6deb90c openvpn[25551]: Sun Nov 28 13:30:49 2021 OpenVPN 2.4.7 aarch64-poky-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Nov 28 13:30:49 6deb90c openvpn[25551]: Sun Nov 28 13:30:49 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10
Nov 28 13:30:49 6deb90c openvpn[25551]: Sun Nov 28 13:30:49 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 28 13:30:49 6deb90c openvpn[25551]: Sun Nov 28 13:30:49 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]10.0.10.9:443
Nov 28 13:30:49 6deb90c openvpn[25551]: Sun Nov 28 13:30:49 2021 Socket Buffers: R=[131072->131072] S=[16384->16384]
Nov 28 13:30:49 6deb90c openvpn[25551]: Sun Nov 28 13:30:49 2021 Attempting to establish TCP connection with [AF_INET]10.0.10.9:443 [nonblock]
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 TCP connection established with [AF_INET]10.0.10.9:443
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 TCP_CLIENT link local: (not bound)
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 TCP_CLIENT link remote: [AF_INET]10.0.10.9:443
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 TLS: Initial packet from [AF_INET]10.0.10.9:443, sid=4efb3c18 654ef338
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 VERIFY OK: depth=1, CN=vpn-ca.topfdomain.local
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 VERIFY KU OK
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 Validating certificate extended key usage
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 VERIFY EKU OK
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 VERIFY OK: depth=0, CN=vpn.topfdomain.local
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
Nov 28 13:30:50 6deb90c openvpn[25551]: Sun Nov 28 13:30:50 2021 [vpn.topfdomain.local] Peer Connection Initiated with [AF_INET]10.0.10.9:443
Nov 28 13:30:51 6deb90c openvpn[25551]: Sun Nov 28 13:30:51 2021 SENT CONTROL [vpn.topfdomain.local]: 'PUSH_REQUEST' (status=1)
Nov 28 13:30:51 6deb90c openvpn[25551]: Sun Nov 28 13:30:51 2021 AUTH: Received control message: AUTH_FAILED
Nov 28 13:30:51 6deb90c openvpn[25551]: Sun Nov 28 13:30:51 2021 SIGTERM[soft,auth-failure] received, process exiting
Nov 28 13:31:02 6deb90c prepare-openvpn[25554]: prepare-openvpn: [INFO] Balena.io VPN authentication.
Nov 28 13:31:02 6deb90c openvpn[25558]: Sun Nov 28 13:31:02 2021 WARNING: file '/var/volatile/vpn-auth' is group or others accessible
Nov 28 13:31:02 6deb90c openvpn[25558]: Sun Nov 28 13:31:02 2021 OpenVPN 2.4.7 aarch64-poky-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Nov 28 13:31:02 6deb90c openvpn[25558]: Sun Nov 28 13:31:02 2021 library versions: OpenSSL 1.1.1g  21 Apr 2020, LZO 2.10
Nov 28 13:31:02 6deb90c openvpn[25558]: Sun Nov 28 13:31:02 2021 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 28 13:31:02 6deb90c openvpn[25558]: Sun Nov 28 13:31:02 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]10.0.10.9:443
Nov 28 13:31:02 6deb90c openvpn[25558]: Sun Nov 28 13:31:02 2021 Socket Buffers: R=[131072->131072] S=[16384->16384]
Nov 28 13:31:02 6deb90c openvpn[25558]: Sun Nov 28 13:31:02 2021 Attempting to establish TCP connection with [AF_INET]10.0.10.9:443 [nonblock]
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 TCP connection established with [AF_INET]10.0.10.9:443
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 TCP_CLIENT link local: (not bound)
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 TCP_CLIENT link remote: [AF_INET]10.0.10.9:443
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 TLS: Initial packet from [AF_INET]10.0.10.9:443, sid=d852912f 5165cb28
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 VERIFY OK: depth=1, CN=vpn-ca.topfdomain.local
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 VERIFY KU OK
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 Validating certificate extended key usage
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 VERIFY EKU OK
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 VERIFY OK: depth=0, CN=vpn.topfdomain.local
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 4096 bit RSA
Nov 28 13:31:03 6deb90c openvpn[25558]: Sun Nov 28 13:31:03 2021 [vpn.topfdomain.local] Peer Connection Initiated with [AF_INET]10.0.10.9:443
Nov 28 13:31:04 6deb90c openvpn[25558]: Sun Nov 28 13:31:04 2021 SENT CONTROL [vpn.topfdomain.local]: 'PUSH_REQUEST' (status=1)
Nov 28 13:31:04 6deb90c openvpn[25558]: Sun Nov 28 13:31:04 2021 AUTH: Received control message: AUTH_FAILED
Nov 28 13:31:04 6deb90c openvpn[25558]: Sun Nov 28 13:31:04 2021 SIGTERM[soft,auth-failure] received, process exiting
Nov 28 13:31:10 6deb90c b0e641564f9d[1322]: [event]   Event: Device bootstrap {}
Nov 28 13:31:10 6deb90c balena-supervisor[24105]: [event]   Event: Device bootstrap {}
Nov 28 13:31:10 6deb90c b0e641564f9d[1322]: [info]    New device detected. Provisioning...
Nov 28 13:31:10 6deb90c balena-supervisor[24105]: [info]    New device detected. Provisioning...
Nov 28 13:31:13 6deb90c b0e641564f9d[1322]: [event]   Event: Device bootstrap failed, retrying {"delay":30000,"error":{"message":"","stack":"Error\n    at /usr/src/app/dist/app.js:10:913015\n    at runMicrotasks (<anonymous>)\n    at processTicksAndRejections (internal/process/task_queues.js:97:5)"}}
Nov 28 13:31:13 6deb90c balena-supervisor[24105]: [event]   Event: Device bootstrap failed, retrying {"delay":30000,"error":{"message":"","stack":"Error\n    at /usr/src/app/dist/app.js:10:913015\n    at runMicrotasks (<anonymous>)\n    at processTicksAndRejections (internal/process/task_queues.js:97:5)"}}
N

Here also my config. json

{
  "apiEndpoint": "https://api.topfdomain.local",
  "apiKey": "GmZjFQfARMa2h5bfflXdIJUqDRjw0Zc0",
  "appUpdatePollInterval": 600000,
  "applicationId": 1,
  "balenaRootCA": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZZekNDQTB1Z0F3SUJBZ0lVRU9EWnNYNzRVbHNYbXJqOHFreEpCYTQ5Z2Jzd0RRWUpLb1pJaHZjTkFRRUwKQlFBd0hqRWNNQm9HQTFVRUF3d1RZMkV1ZEc5d1ptUnZiV0ZwYmk1c2IyTmhiREFlRncweU1URXhNalV3TnpNNQpOVGxhRncwek1URXhNak13TnpNNU5UbGFNQjR4SERBYUJnTlZCQU1NRTJOaExuUnZjR1prYjIxaGFXNHViRzlqCllXd3dnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDRHdBd2dnSUtBb0lDQVFEZnVlWUlXTWN0TUV0SFRON0wKQ0lpdVZtR0I2amU1Mk4wMGtHbXRrNVJFWWFUUDFvalYxd21aWnJFb3FQcytwT043T29jNHhkUmE5YU40UGcxWAptaTl1WFFncTN5SWdWQjR4RjFBc1pRQjR4R2g3aDdMU2Z5MEt6YW5sRFBlV1BTZUs1UFVZUHpPRTZRUXEwOXcvCmVUQ2tzejRTOVVyTS92RzRtNE50NWlMY2xkVTFYcEQ4K1lMS2ViWGdwL285bDVqYzc0RXRZM1FHVW9YdHJDWWEKU0xUeXVsTEhUSTVrT0JEY01lTEpRamFtNjBkdndVbkRmeVQvT0dZK1ZlUzJsZ20xdzFhdDlidU5LWGFPNXJSQQpYcW8vYkJlTjNrTFIrQW13elBnOXR0bXpqZ3VLL3ZlcFBDTVNTY0lmbXk1QXlaN3lHZEQ3dWRhSlpLdEt3Vk1wCkR4OWhMeEVPVTRod1FTSk9waVB5S0ZYaGo2dk02L3hIbDlvNXd0SjhLQUJzM2ZjLzhXa1hXRlZ6bzBWYjR2VkQKQzJvdHBITUlzS0dHaEVhOHdPdTlvRjlCem16M2IxVVhzK3E0NmZaQnB6TGlCeGQrYmppYWtjeUEybjBpWDJaUQpDTzRoKzRIdGZiTGtyU29CeHBPV2Z2Y0hPOStLaUNyZ2YyS3p3TU5Oenc5bmZUT2U2T3BNWXFxd3J5NDd1VW4yCkNVTjU1TlNQVnpwak1mdFlhTmtQOFZJeU1TU0pURGJkaGhqMjgzbWxFMENPWElpZ3hTQmQ3U1RSMWJzS1hBK3EKZEN6S0RzZjhPL21pSFVNWWR3RFN1b3hrQUZraG43N1pReHQ3L2tyUjhpOEg0MDNYRm1BbGZSUDdnM3ZOM0lkMwpkVk94N2ZVMVJEMlltWmxqQlpBNjlUTDQ1d0lEQVFBQm80R1lNSUdWTUIwR0ExVWREZ1FXQkJSbzkzTUxTS3I4CjN5dDQ4VGVNc2JFNFpReFhJakJaQmdOVkhTTUVVakJRZ0JSbzkzTUxTS3I4M3l0NDhUZU1zYkU0WlF4WElxRWkKcENBd0hqRWNNQm9HQTFVRUF3d1RZMkV1ZEc5d1ptUnZiV0ZwYmk1c2IyTmhiSUlVRU9EWnNYNzRVbHNYbXJqOApxa3hKQmE0OWdic3dEQVlEVlIwVEJBVXdBd0VCL3pBTEJnTlZIUThFQkFNQ0FRWXdEUVlKS29aSWh2Y05BUUVMCkJRQURnZ0lCQU1SMzZtcUUxTFAxdFIwdVcvT3BiRUtuWnZZUUtWclFTSmJGSVR3N1FVYms0UzVBNjc5UUVOVTEKMU80VTkydUY2WU1mY21neVpPd3lzdWZWVVQxT3dGWGQrZi9CZUJ6bFFxK2xBdVQxZVlzK1ROYlNqSXhqRkdjOQp5MkV2UlJSOU5qdHZjMEVuMEJkQlAyaG1zdzd1L2lMN3hFSFp5alhNa0c4NmhqSEFzWUxNeXN5czBjblNxT0FRCjBvand2WndMZ3l0OGNvc2Iya1pJYjB6Y3FDb0czeVFWcC80eHIxdWtsa0oxNGlidm1qOFowTHpaS21aOVE4ZDUKOFUxeEZITGI1UUwrV05veFg5TzVKaTc5TzRkb1E0ak5lTFZTODNTRFRWNmpBcyt4N1ZsQ2NpVTZLM2RuYzVnSwpTcDFrSlBWWXF6N2RVOVZWTExVMnVrdGdmLzd1YnNodXhSOElNbENxa1NiREwzUWxtdXQ4d29TYVBsUGI2aUZSCnBrM0t3SnRtbCthVVgvSk5MN2xxZGZQUTNyWG83dWQrNmtiaXhLVGM3TU9nTXgzVUt0YmUrYWRXRkVVRnBsMlQKeUw4VVFnZ0RObzJBWHRXcERpc2Z3Q3hEVDNQekc0SU9BSjBic0ZVV052N3Y5bXdGaUJBc3VpQkE5d29Sei9vZgp5TTdhMzh4UjR6d0pKZk9DZXA2OHZhU1NGZ0JNL3NXQUUwTGYvcjZyR0pJbDEvNGFFRXVjTUwrUzd5Tk5tb3R2CldmZnNmSlBtaitMV21ybEo4SXpmMWxPK01FMjB1cUd2Ujg0ZnIzbzBXRXprTmx1alZ5cUhBdWVWdWtvQ01JV1QKazZIRWFaRXlTajVHR0lUZ2x2OUNhWStoSVdMZ1A4emtDSStoSDF2Ykh2Y2xFVVAxaGtFawotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==",
  "deltaEndpoint": "https://delta.topfdomain.local",
  "deviceApiKey": "6bb1e6506a174b3577b47047249ded68",
  "deviceApiKeys": {
    "api.topfdomain.local": "6bb1e6506a174b3577b47047249ded68"
  },
  "deviceType": "raspberrypi3-64",
  "files": {
    "network/network.config": "[service_home_ethernet]\nType=ethernet\nNameservers=8.8.8.8,8.8.4.4"
  },
  "listenPort": 48484,
  "mixpanelToken": "__unused__",
  "registryEndpoint": "registry.topfdomain.local",
  "userId": 2,
  "vpnEndpoint": "vpn.topfdomain.local",
  "vpnPort": 443,
  "uuid": "6deb90cef00860e6dce67b41e43da445"
}

any help is appreciated
thanks

nitish · November 29, 2021, 1:53pm

Hi @stephanp,

Great to see you are trying out openBalena. And thanks for sending out detailed setup info.

Looking at the logs, specifically the snippet below:

Nov 28 13:31:04 6deb90c openvpn[25558]: Sun Nov 28 13:31:04 2021 AUTH: Received control message: AUTH_FAILED
Nov 28 13:31:04 6deb90c openvpn[25558]: Sun Nov 28 13:31:04 2021 SIGTERM[soft,auth-failure] received, process exiting
Nov 28 13:31:10 6deb90c b0e641564f9d[1322]: [event]   Event: Device bootstrap {}
Nov 28 13:31:10 6deb90c balena-supervisor[24105]: [event]   Event: Device bootstrap {}
Nov 28 13:31:10 6deb90c b0e641564f9d[1322]: [info]    New device detected. Provisioning...
Nov 28 13:31:10 6deb90c balena-supervisor[24105]: [info]    New device detected. Provisioning...
Nov 28 13:31:13 6deb90c b0e641564f9d[1322]: [event]   Event: Device bootstrap failed, retrying {"delay":30000,"error":{"message":"","stack":"Error\n    at /usr/src/app/dist/app.js:10:913015\n    at runMicrotasks (<anonymous>)\n    at processTicksAndRejections (internal/process/task_queues.js:97:5)"}}

This points me to connectivity issue with the raspberry pi device. The above provisioning error generally happens when there is a timeout. Can you check the connectivity from the device/network setting provided while adding a new device?

I have also reached out to ourbalena-supervisor team; they’ll get back if there is anything more to add.

Regards,
Nitish

stephanp · November 29, 2021, 7:47pm

Hi nitish,

thanks for your fast answer.

I have a wired network.
I selected “Ethernet” when I configured the raspberry image.

10.0.10.1 DNS Server
10.0.10.9 open balena Server
10.0.10.101 raspberry (DHCP)

When I connect to the raspberry with balena ssh 10.0.10.101 and run curl -k https://api.topfdomain.local/ping it returns OK.

regards
Stephan

stephanp · November 30, 2021, 3:23pm

This weekend I’ll give it another try, setting everything up from zero with the commands from this video tutorial: Setting up openBalena on a VPS - YouTube

cywang117 · December 1, 2021, 3:54pm

Hi @stephanp,

Could you also exec into the Supervisor container and see if curl -k https://api.topfdomain.local/ping works from there? It could be something related to mDNS resolution in the container. Thanks!

Regards,
Christina

stephanp · December 1, 2021, 5:03pm

So working now!!
Thanks cywang117! The problem was the setting of my DNS. It is not good to use .local for a domain with DNS-Server. I changed from topfdomain.local to topfdomain.abc and tadaaa

Topic		Replies	Views
openBalena Local server set-up and raspberry device sync failied openBalena	11	2149	February 28, 2019
Device Offline openBalena openBalena raspberrypi3	1	701	October 21, 2019
Raspberry pi 3 not able to join openbalena server Product support raspberrypi3	10	742	September 9, 2021
Troubles getting started with openBalena openBalena	12	2037	November 14, 2018
Network Error getaddrinfo EAI_AGAIN openBalena network	2	830	April 27, 2023

RaspberryPi3 not connecting to openbalena

Related topics