#----------------------------------------------------------------------------------------------------------------------- # Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance # with the License. A copy of the License is located at # # http://www.apache.org/licenses/LICENSE-2.0 # # or in the 'license' file accompanying this file. This file is distributed on an 'AS IS' BASIS, WITHOUT WARRANTIES # OR CONDITIONS OF ANY KIND, express or implied. See the License for the specific language governing permissions # and limitations under the License. #----------------------------------------------------------------------------------------------------------------------- # This Playbook installs Greengrass V2 Core Software(Nucleus) on an EC2 Instance running amazonlinux2 AMI # Pre-reqs required: ansible agent installed on EC2 instance: Steps below # > Sudo yum update # > sudo amazon-linux-extras install epel # > sudo yum install ansible --- - hosts: all remote_user: ec2_user gather_facts: false become: yes vars: # signed urls for downloading the device certs iot_device_cred_zip_url: '' # All passed through extraVars passed through from CDF:Device-Patcher Module needs to be base64 decoded decoded_iot_device_cred_zip_url: '{{ iot_device_cred_zip_url | b64decode }}' # signed urls for downloading the device config yaml iot_device_config_url: '' # All passed through extraVars passed through from CDF:Device-Patcher Module needs to be base64 decoded decoded_iot_device_config_url: '{{ iot_device_config_url | b64decode }}' # Defaults, can be overridden through env vars if needed # Any of these overrides are passed through as extraVars through Device Patcher API these would need to be base64 decoded iot_root_ca_url: 'https://www.amazontrust.com/repository/AmazonRootCA1.pem' iot_greengrass_core_software_url: 'https://d2s8p88vqu9w66.cloudfront.net/releases/greengrass-nucleus-latest.zip' iot_root_ca_file_name: 'AmazonRootCA1.pem' iot_greengrass_core_software_dir_name: 'GreengrassCore' greengrass_root_dir: '/greengrass/v2' amazon_linux_extra_packages: - 'corretto8' packages_to_install: - 'java-1.8.0-amazon-corretto-devel' tasks: - name: 'Check mandatory variables are defined' assert: that: - iot_device_cred_zip_url != "" - iot_device_config_url != "" fail_msg: 'Missing required envVars, verify the following envVars are passed [iot_device_cred_zip_url, iot_device_config_url]' success_msg: 'Required Variables are defined' - name: Create greengrass root directory file: path: '{{ greengrass_root_dir }}' state: directory mode: 755 - name: Create greengrass core software directory file: path: '{{ iot_greengrass_core_software_dir_name }}' state: directory - name: Download Root CA i.e. (default set to download amazon root CA 1) get_url: url: '{{ iot_root_ca_url }}' dest: '{{ greengrass_root_dir }}/{{ iot_root_ca_file_name }}' - name: Download Device Credential Zip file get_url: url: '{{ decoded_iot_device_cred_zip_url }}' dest: '{{ greengrass_root_dir }}/certs.zip' - name: Download Device Config File get_url: url: '{{ decoded_iot_device_config_url }}' dest: '{{ iot_greengrass_core_software_dir_name }}/config.yaml' - name: Extract certs zip ansible.builtin.unarchive: src: '{{ greengrass_root_dir }}/certs.zip' dest: '{{ greengrass_root_dir }}' remote_src: yes - name: copy certs into the greengrass root file copy: src: '{{ greengrass_root_dir }}/certs/' dest: '{{ greengrass_root_dir }}' remote_src: yes directory_mode: yes - name: Download & Unarchive the Greengrass Core software within a specified directory ansible.builtin.unarchive: src: '{{ iot_greengrass_core_software_url }}' dest: '{{ iot_greengrass_core_software_dir_name }}' remote_src: yes - name: Enable amazon-linux-extras packages shell: 'amazon-linux-extras enable {{ item }}' become: yes with_items: '{{ amazon_linux_extra_packages }}' - name: Install packages i.e (java8) yum: name: '{{ packages_to_install }}' state: present - name: Install Greengrass Nucleus register: install_results become: yes shell: | java -Droot="{{ greengrass_root_dir }}" -Dlog.store=FILE \ -jar ./{{ iot_greengrass_core_software_dir_name }}/lib/Greengrass.jar \ --init-config ./{{ iot_greengrass_core_software_dir_name }}/config.yaml \ --component-default-user ggc_user:ggc_group \ --setup-system-service true - debug: msg="{{install_results.stdout_lines}}" - name: Verify Status of Greengrass System service become: yes register: svcstatus command: cmd: systemctl status greengrass.service - debug: msg="{{svcstatus.stdout_lines}}"