Skip to content

AWS IoT Greengrass Installation

The following guide provides the steps to install AWS IoT Greengrass V2 on an Eurotech IoT Gateway The process will install AWS IoT Greengrass V2 with automatic resource provisioning. Please refer to the AWS IoT Greengrass V2 Documentation for altenative installation methods.

Prepare the Eurotech Gateway

Create the default system user and group that runs components on your device. 

sudo useradd --system --create-home ggc_user
sudo groupadd --system ggc_group
sudo usermod -aG docker idt_ggc_user
sudo visudo
root ALL=(ALL:ALL) ALL

Provide AWS credentials to the device

Provide your AWS credentials to your device so that the installer can provision the required AWS resources. Run the following commands to provide the credentials to the AWS IoT Greengrass Core software. 

export AWS_ACCESS_KEY_ID=AKIAIOSFODNN7EXAMPLE
export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

Download AWS IoT Greengrass Core software

Download the AWS IoT Greengrass Core Installer and prepare for the installation. 

sudo mkdir -p /opt/aws/
cd /opt/aws/
sudo curl -s https://d2s8p88vqu9w66.cloudfront.net/releases/greengrass-nucleus-latest.zip --output greengrass-nucleus-latest.zip
sudo unzip greengrass-nucleus-latest.zip -d GreengrassInstaller
sudo rm greengrass-nucleus-latest.zip
sudo java -jar ./GreengrassInstaller/lib/Greengrass.jar --version

Install AWS IoT Greengrass Core software

Run the AWS IoT Greengrass Core installer. Replace argument values in your command as follows.

  • region: The AWS Region in which to find or create resources (e.g. us-east-1).
  • EurotechIoTGatewayGreengrassCore: The name of the AWS IoT thing for your Greengrass core device. If the thing doesn't exist, the installer creates it.
  • MyGreengrassCoreGroup: The name of AWS IoT thing group for your Greengrass core device. If the thing group doesn't exist, the installer creates it and adds the thing to it.
  • GreengrassV2IoTThingPolicy: The name of the AWS IoT policy that allows the Greengrass core devices to communicate with AWS IoT and AWS IoT Greengrass. If the AWS IoT policy doesn't exist, the installer creates a permissive AWS IoT policy with this name.
  • GreengrassV2TokenExchangeRole: The name of the IAM role that allows the Greengrass core device to get temporary AWS credentials. If the role doesn't exist, the installer creates it and creates and attaches a policy named GreengrassV2TokenExchangeRoleAccess.
  • GreengrassCoreTokenExchangeRoleAlias: The alias to the IAM role that allows the Greengrass core device to get temporary credentials later. If the role alias doesn't exist, the installer creates it and points it to the IAM role that you specify.

The following command sets up the AWS IoT Greengrass Core software as a system service that runs when this device boots. The system service name is greengrass. For more information on the GreengrassInstaller arguments, please refer to the AWS IoT Greengrass V2 Documentation.

cd /opt/aws/
sudo -E java -Droot="/opt/aws/greengrass/v2" -Dlog.store=FILE \
  -jar ./GreengrassInstaller/lib/Greengrass.jar \
  --aws-region region \
  --thing-name EurotechIoTGatewayGreengrassCore \
  --thing-group-name MyGreengrassCoreGroup \
  --thing-policy-name GreengrassV2IoTThingPolicy \
  --tes-role-name GreengrassV2TokenExchangeRole \
  --tes-role-alias-name GreengrassCoreTokenExchangeRoleAlias \
  --component-default-user ggc_user:ggc_group \
  --deploy-dev-tools \
  --provision true \
  --setup-system-service true

Configure AWS IoT Greengrass nucleus

Run the following command to check the status of the Greengrass system service. 

sudo systemctl status greengrass.service

To enable the nucleus to start when the device boots. 

sudo systemctl enable greengrass.service

To stop the nucleus from starting when the device boots. 

sudo systemctl disable greengrass.service

To start the AWS IoT Greengrass Core software. 

sudo systemctl start greengrass.service

To stop the AWS IoT Greengrass Core software. 

sudo systemctl stop greengrass.service

To view the log messages of the AWS IoT Greengrass Core software. 

sudo journalctl -u greengrass.service -f

If AWS IoT Greengrass Core service should not find the java executable in the path, please add a link to java under /usr/bin. For example, add a symbolic link like the following: 

sudo ln -s /usr/java/bin/java /usr/bin/java

Eurotech recommends to use the following configuration of JVM options for the AWS IoT Greengrass nucleus configuration: 

./bin/greengrass-cli component details --name aws.greengrass.Nucleus

nano aws_greengrass_Nucleus.json
{
  "aws.greengrass.Nucleus": {
    "MERGE": {
      "jvmOptions": "-Xmx64m -XX:+UseSerialGC -XX:TieredStopAtLevel=1"
    }
  }
}

sudo mkdir artifacts
sudo mkdir recipes
sudo ./bin/greengrass-cli deployment create \
  --recipeDir recipes \
  --artifactDir artifacts \
  --merge "aws.greengrass.Nucleus=2.5.3" \
  --update-config aws_greengrass_Nucleus.json

./bin/greengrass-cli deployment status -i 80b76202-1982-4de2-a4e9-2b142ede8154
./bin/greengrass-cli component details --name aws.greengrass.Nucleus

For other AWS IoT Greengrass configuration options please refer to the AWS IoT Greengrass V2 Documentation.