Hi @Villalobos, Rolando Greetings! Apologies for the delayed response. The API Proxy module uses the port 8000 which is exposed by default to enable the downstream devices pull the container images. With the downstream device, you should the point the image source to the API proxy module port image tag in the downstream device config.toml file as follows
image = "$upstream:8000/azureiotedge-api-proxy:1.1"
Port 8000 is exposed by default from the docker image. If a different nginx proxy port is used, add the ExposedPorts section declaring the port in the deployment manifest. For example, if you change the nginx proxy port to 8001, add the following to the deployment manifest:
{
"ExposedPorts": {
"8001/tcp": {}
},
"HostConfig": {
"PortBindings": {
"8001/tcp": [
{
"HostPort": "8001"
}
]
}
}
}
Although, looking at the error message you have added in the comments, it appears that error is originating due to failed authentication between the proxy module and the IoT Edge device. The error indicates that the certificate is signed by an unknown authority. This means that the certificate presented by the API proxy module is not trusted by the IoT Edge runtime. This can happen if the certificate is self-signed or if it is signed by a certificate authority that is not trusted by the IoT Edge runtime. If you are using a self-signed certificate, you would need to add the root CA to the trust bundle
of the IoT Edge device. Please refer the article Manage trusted root CA (trust bundle) to add the root CA to the IoT Edge device. This should resolve this error.
Hope this helps. Please let us know if you have any additional questions or concerns in the comments below.
Update
If you still continue to experience the same error leading to failed pull of containers, there could be additional restrictions set on the network. To overcome this, you would need to grant network access to the resources by whitelisting the URL's.
If the response helped, please do click Accept Answer and Yes for the answer provided. Doing so would help other community members with similar issue identify the solution. I highly appreciate your contribution to the community.