Skip to content
This repository has been archived by the owner on Jan 20, 2023. It is now read-only.

Deploy Lightwave on AWS

goyalvivek edited this page May 19, 2017 · 18 revisions

With Photon OS

1. Upload PhotonOS-EBS backed AMI image to your AWS EC2

2. Launch a PhotonOS instance

Select US West (Oregon) zone. Go to your EC2 web console, click 'AMIs' and browse to your PhotonOS AMI, right click to choose launch instance from where we will set up lightwave domain with first domain controller, i.e. 'lightwave-dc01' and subsequent domain replica, i.e. 'lightwave-dc02' etc. The 't2.small' should be sufficient to run lightwave domain controller.

3. Set firewall rules for your instance

Go to 'instances' and find the Photon instance we just launched in step 2. Right-click to show 'connect'. You will need set up ssh key the first time you establish ssh connection to your instance running in AWS. Subsequently you can choose to use an existing key when launching VM. A typical ssh command to connect to AWS instance is

ssh -i "wfu-lightwave.pem" [email protected]

Once logged in, run the following command to open all needed protocols/ports.

echo "iptables -I INPUT -p tcp --dport 22 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p udp --dport 53 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 53 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p udp --dport 88 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 88 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 389 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 443 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 636 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 2012 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 2014 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 2015 -j ACCEPT" >> /etc/systemd/scripts/iptables
echo "iptables -I INPUT -p tcp --dport 2020 -j ACCEPT" >> /etc/systemd/scripts/iptables

This can also be done through AWS web console by configuring 'security groups' such as

Security Groups associated with i-04a9fe9b2b97c5173
Ports	Protocol	Source	launch-wizard-69
80	tcp	0.0.0.0/0	✔
2012	tcp	0.0.0.0/0	✔
2015	tcp	0.0.0.0/0	✔
2020	tcp	0.0.0.0/0	✔
2014	tcp	0.0.0.0/0	✔
53	udp	0.0.0.0/0	✔
389	tcp	0.0.0.0/0	✔
443	tcp	0.0.0.0/0	✔
88	tcp	0.0.0.0/0	✔
22	tcp	0.0.0.0/0	✔
636	tcp	0.0.0.0/0	✔
53	tcp	0.0.0.0/0	✔
88	udp	0.0.0.0/0	✔

4. Set hostname for your lightwave instance

Connect to your instance via ssh, update your hosts file '/etc/hosts/' to append

172.31.1.242 lw-dc01.lightwave.local lw-dc01

You should be able to retrieve your host IpAddr with 'ifconfig' on eth0. Additionally run:

hostnamectl set-hostname lw-dc01

5. Configure the host to use the first lightwave as its DNS

* vi /etc/systemd/network/10-dhcp-en.network

In the section of [Network] append:

DNS=172.31.5.222 //This is the IPAddr of first lightwave instance
Domains=lightwave.local //This is the lightwave domain name we intend to set up

Make sure you run

systemctl restart systemd-networkd; systemctl restart systems-resolved

to allow network/hostname configuration take effect on your VM instance.

6. Install lightwave

Connect to your VM instance via ssh

tdnf makecache
tdnf install -y commons-daemon-1.0.15-8.ph1 openjre-1.8.0.112 apache-tomcat-8.5.8 (Require a specific version of 3rd dependency will be fixed in future lightwave server release)
tdnf install -y vmware-lightwave-server-1.2.0

7. Promote your first lightwave domain controller

/opt/vmware/bin/configure-lightwave-server --domain <domain name> --password <password>

8. Deploy 2nd lightwave instance joining to lightwave domain

Repeat Step 2, 3, 4, 5 and 6 where we install and configure another instance.

9. Promote your second lightwave domain controller

* /opt/vmware/bin/configure-lightwave-server --domain <domain name>  --password <password> --server <1st_lightwave_server_fqdn>

You can choose to bring up more lightwave domain controllers in the same lightwave domain by repeating step 8 and 9 above.

Clone this wiki locally