- 新しい順
- 投票が多い順
- コメントが多い順
Hi Koverski,
It is possible to use the fleet provisioning by claim with Greengrass v2 running in Docker.
You have to run through the fleet provisioning setup and make sure you have created the template and policy as described in the documentation.
Once you have that setup, you can run the docker setup with some small tweaks.
We need to mount the claim-certs and config into the docker container so Greengrass can access it. We will create a directory, /tmp/greengrass-setup and mount that into the container at /greengrass-setup.
Place the claim certificates and AmazonRootCA in a directory like /tmp/greengrass-setup/certs
Place the fleet provisioning plugin in /tmp/greengrass-setup/
Create an environment file /tmp/greengrass-setup/env with the following contents:
GGC_ROOT_PATH=/greengrass/v2
PROVISION=false
COMPONENT_DEFAULT_USER=ggc_user:ggc_group
TRUSTED_PLUGIN=/greengrass-setup/fleetprovisioningbyclaim-latest.jar
INIT_CONFIG=/greengrass-setup/config.yaml
There are other env vars you can set - see https://docs.aws.amazon.com/greengrass/v2/developerguide/build-greengrass-dockerfile.html#set-dockerfile-environment-variables
Create a config file /tmp/greengrass-setup/config.yaml as described in https://docs.aws.amazon.com/greengrass/v2/developerguide/fleet-provisioning.html#run-greengrass-core-v2-installer-fleet
This should look like
---
services:
aws.greengrass.Nucleus:
version: "2.5.0"
aws.greengrass.FleetProvisioningByClaim:
configuration:
rootPath: /greengrass/v2
awsRegion: "us-west-2"
iotDataEndpoint: "<your endpoint>"
iotCredentialEndpoint: "<your endpoint>"
iotRoleAlias: "GreengrassCoreTokenExchangeRoleAlias"
provisioningTemplate: "GreengrassFleetProvisioningTemplate"
claimCertificatePath: "/greengrass-setup/certs/claim.pem.crt"
claimCertificatePrivateKeyPath: "/greengrass-setup/certs/claim.private.pem.key"
rootCaPath: "/greengrass-setup/certs/AmazonRootCA1.pem"
templateParameters:
ThingName: "<thing name>"
ThingGroupName: "<group name>"
You will want to make sure the paths align with the directory we will mount into docker
Finally, run a container via:
docker run --rm --init -it \
--name aws-iot-greengrass \
-v /tmp/greengrass-setup:/greengrass-setup \
--env-file=/tmp/greengrass-setup/env \
-p 8883 amazon/aws-iot-greengrass:latest
We mount the directory into the container with the -v option and load the environment vairables with the --env-file option.
This will launch the container and start greengrass.
You can enter the container and inspect the logs
docker exec -it <container-id> cat /greengrass/v2/logs/greengrass.log
to see what is happening with Greengrass. Any errors occur where it cannot provision the IoT thing with the fleet provisioning plugin will show up in greengrass.log
Edited by: rob-aws on Nov 17, 2021 8:08 PM
Hello Rob,
Thank you for a complex answer.
I've managed to configure everything and as i launch 'docker run' as suggested i get an error:
Error while trying to setup Greengrass Nucleus
java.lang.RuntimeException: The trusted plugin jar file does not exist or is not accessible
at com.aws.greengrass.easysetup.GreengrassSetup.validatePluginJarPath(GreengrassSetup.java:478)
at com.aws.greengrass.easysetup.GreengrassSetup.parseArgs(GreengrassSetup.java:456)
at com.aws.greengrass.easysetup.GreengrassSetup.main(GreengrassSetup.java:268)
the file has been downloaded by me and put in a path /setup/FleetProvisioningByClaim.jar
In the .env file i've tried putting absolute path, like /User/username/greengrass_iot/setup/FleetProvisioningByClaim.jar, to be even more sure i've ran chmod 777 on the plugin jar file. All of this came to no effect unfortunately. If that helps i am running this from a MacOS
Could you please help?
Edited by: Koverski on Nov 26, 2021 4:12 AM
Hello,
The path must be accessible from inside the container. According to the previous post from Rob, you are not mounting anything in /setup, so /setup doesn't exist in the container hence you get this error.
So please ensure that on your real operating system, you put the trusted plugin in /tmp/greengrass-setup/fleetprovisioningbyclaim-latest.jar. Then ensure that you are mounting the directory to the proper location inside of the docker container using the option "-v /tmp/greengrass-setup:/greengrass-setup".
Any paths that you put in the env file need to be the paths inside of the container, not the path on your real file system.
If you are changing the command such that it is not what Rob suggested to you, then please provide the command which you are running as that will affect the answer.
Cheers,
Michael
関連するコンテンツ
- AWS公式更新しました 1年前