-
Notifications
You must be signed in to change notification settings - Fork 99
Deploy Lightwave on AWS
-
Upload PhotonOS-EBS backed AMI image to your AWS EC2
-
Launch a PhotonOS instance
Go to your EC2 web console, click 'AMIs' and browse to your PhotonOS AMI, right click to choose launch instance from where we will set up lightwave domain with first domain controller, i.e. 'lightwave-dc01' and subsequent domain replica, i.e. 'lightwave-dc02' etc. The 't2.small' should be sufficient to run lightwave domain controller.
- Set firewall rules for your instance
Go to 'instances' and find the Photon instance we just launched in step 2. Right-click to show 'connect'. You will need set up ssh key the first time you establish ssh connection to your instance running in AWS. Subsequently you can choose to use an existing key when launching VM. A typical ssh command to connect to AWS instance is
ssh -i "wfu-lightwave.pem" [email protected]
Once logged in, run the following command to open all needed protocols/ports.
echo "iptables -I INPUT -p tcp --dport 22 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p udp --dport 53 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 53 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p udp --dport 88 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 88 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 389 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 443 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 636 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 2012 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 2014 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 2020 -j ACCEPT" >> /etc/systemd/scripts/iptables
This can also be done through AWS web console by configuring 'security groups' such as
Security Groups associated with i-04a9fe9b2b97c5173
Ports Protocol Source launch-wizard-69
80 tcp 0.0.0.0/0 ✔
2012 tcp 0.0.0.0/0 ✔
2015 tcp 0.0.0.0/0 ✔
2020 tcp 0.0.0.0/0 ✔
2014 tcp 0.0.0.0/0 ✔
53 udp 0.0.0.0/0 ✔
389 tcp 0.0.0.0/0 ✔
443 tcp 0.0.0.0/0 ✔
88 tcp 0.0.0.0/0 ✔
22 tcp 0.0.0.0/0 ✔
636 tcp 0.0.0.0/0 ✔
53 tcp 0.0.0.0/0 ✔
88 udp 0.0.0.0/0 ✔
- Set hostname for your lightwave instance
Connect to your instance via ssh, update your hosts file '/etc/hosts/' to append
172.31.1.242 lw-dc01.lightwave.local lw-dc01
You should be able to retrieve your host IpAddr with 'ifconfig' on eth0. Additionally run:
hostnamectl set-hostname --static lw-dc01
-
Configure the host to use the first lightwave as its DNS
vi /etc/systemd/network/10-dhcp-en.network
In the section of [Network] append:
DNS=172.31.5.222 //This is the IPAddr of first lightwave instance
Domains=photon.local //This is the lightwave domain name we intend to set up
Make sure you run
systemctl restart systemd-networkd; systemctl restart systems-resolved
to allow network/hostname configuration take effect on your VM instance.
- Install lightwave
Connect to your VM instance via ssh
tdnf makecache
tdnf install -y commons-daemon-1.0.15-8.ph1 openjre-1.8.0.112 apache-tomcat-8.5.8 (Require a specific version of 3rd dependency will be fixed in future lightwave server release)
tdnf install -y vmware-lightwave-server-1.2.0
-
Promote your first lightwave domain controller
- /opt/vmware/bin/configure-lightwave-server --domain --password
-
Deploy 2nd lightwave instance joining to lightwave domain
Repeat Step 2, 3, 4, 5 and 6 where we install and configure another instance.
-
Promote your second lightwave domain controller
- /opt/vmware/bin/configure-lightwave-server --domain --password --server <1st_lightwave_server_fqdn>
You can choose to bring up more lightwave domain controllers in the same lightwave domain by repeating step 8 and 9 above.