Skip to content
This repository has been archived by the owner on Jan 20, 2023. It is now read-only.

Deploy Lightwave on AWS

Jump to bottom
wfu8 edited this page May 16, 2017 · 18 revisions

With Photon OS

  1. Upload PhotonOS-EBS backed AMI image to your AWS EC2

  2. Launch a PhotonOS instance

Go to your EC2 web console, click 'AMIs' and browse to your PhotonOS AMI, right click to choose launch instance from where we will set up lightwave domain with first domain controller, i.e. 'lightwave-dc01' and subsequent domain replica, i.e. 'lightwave-dc02' etc. The 't2.small' should be sufficient to run lightwave domain controller.

  1. Set firewall rules for your instance

Go to 'instances' and find the Photon instance we just launched in step 2. Right-click to show 'connect'. You will need set up ssh key the first time you establish ssh connection to your instance running in AWS. Subsequently you can choose to use an existing key when launching VM. A typical ssh command to connect to AWS instance is

ssh -i "wfu-lightwave.pem" [email protected]

Once logged in, run the following command to open all needed protocols/ports.

echo "iptables -I INPUT -p tcp --dport 22 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p udp --dport 53 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 53 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p udp --dport 88 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 88 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 389 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 443 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 636 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 2012 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 2014 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 2020 -j ACCEPT" >> /etc/systemd/scripts/iptables

This can also be done through AWS web console by configuring 'security groups' such as

Security Groups associated with i-04a9fe9b2b97c5173
Ports	Protocol	Source	launch-wizard-69
80	tcp	0.0.0.0/0	✔
2012	tcp	0.0.0.0/0	✔
2015	tcp	0.0.0.0/0	✔
2020	tcp	0.0.0.0/0	✔
2014	tcp	0.0.0.0/0	✔
53	        udp	0.0.0.0/0	✔
389	        tcp	0.0.0.0/0	✔
443	        tcp	0.0.0.0/0	✔
88	        tcp	0.0.0.0/0	✔
22	        tcp	0.0.0.0/0	✔
636	        tcp	0.0.0.0/0	✔
53	        tcp	0.0.0.0/0	✔
88	        udp	0.0.0.0/0	✔
  1. Set hostname for your lightwave instance

Find out the 'gcloud' command, for instance

gcloud compute --project "lightwave-fu" ssh --zone "us-west1-a" "lightwave-dc01"

From your client machine, connect to your VM instance - 'lightwavev-dc01', update your hosts file to append

10.138.0.6 lw-dc01.lightwave.local lw-dc01

You should be able to retrieve your host IpAddr with 'ifconfig' on eth0.

Next, click on the VM instance launched in step 3 and click 'edit' and browse to "Custom metadata" and add two properties:

Note: "startup-script" allows you to preserve your host name during instance reboot.

  1. Configure the host to use the first lightwave as its DNS

Open '/etc/resolve.conf' and add "nameserver 1st_lightwave_instance_ip" for instance "nameserver 10.138.0.6" at the top line. Note: the first lightwave instance will also need this entry to point to itself in order for lightwave DNS work correctly.

Make sure you run

systemctl restart systemd-networkd; systemctl restart systems-resolved

to allow network/hostname configuration take effect on your VM instance.

  1. Install lightwave

Connect to your VM instance, and run 'sudo su' to be root.

sudo su 
tdnf makecache
tdnf install -y commons-daemon-1.0.15-8.ph1 openjre-1.8.0.112 apache-tomcat-8.5.8 (Require a specific version of 3rd dependency will be fixed in future lightwave server release)
tdnf install -y vmware-lightwave-server-1.2.0

  1. Promote your first lightwave domain controller

    • /opt/vmware/bin/configure-lightwave-server --domain --password

  2. Deploy 2nd lightwave instance joining to lightwave domain

Repeat Step 3, 4, 5 and 6 where we install and configure another instance.

  1. Promote your second lightwave domain controller

    • /opt/vmware/bin/configure-lightwave-server --domain --password --server <1st_lightwave_server_fqdn>

You can choose to bring up more lightwave domain controllers in the same lightwave domain by repeating step 8 and 9 above.

Home | FAQ | Build Lightwave | VMware on GitHub

Clone this wiki locally