Installing in Azure

To use the Microsoft Azure environment:

Login to the Microsoft Azure portal at https://portal.azure.com
Under Azure Services, click the Storage Accounts icon.
Create a new storage account with at least 50GB storage space.
Navigate to the newly created storage account, click Containers under Data Storage and create a new blob container.
Download a Lighthouse VHD image, the latest Lighthouse image can be found in a zip file at the following URL: https://ftp.opengear.com/download/lighthouse_software/current/lighthouse/azure.
Copy the Lighthouse VHD image into the Azure storage container. (Using AzCopy is recommended, as the VHD image is large and the upload can take a long time to complete through the Microsoft Azure portal.)
1. If you haven’t already, install AzCopy following instructions provided by Microsoft. Click here to read the instructions on Microsoft’s website
2. Generate a SAS token to use in your AzCopy commands
  1. While viewing the newly created storage container, click Shared access signature under Settings.
  2. Under Permissions, enable Read, Write and Create.
  3. Set valid start and end date.
  4. Click Generate SAS and connection string at the bottom of the page.
  5. Copy the Blob SAS token and Blob SAS URL, as you will not be able to view these again.

Copy the Lighthouse VHD image into the Azure storage container using the following format, make sure to fill in the path to your local Lighthouse VHD image and your Blob SAS URL generated during the previous step: ./azcopy copy <path_to_local_image_file> "<blob_sas_url>"

A SAS token can also be created using Azure CLI. Click here to read the instructions on Microsoft’s website.

Create an image:
1. In the Azure Portal, under Azure Services, click the Images icon.
2. Click Create to create a new image, make sure that the location is the same as your storage account, the OS type is set to Linux and VM generation is set to Gen 1.
3. Click Browse on the Storage blob field and select the Lighthouse VHD file you uploaded during a previous step.
4. Click Create to create the image.
Go to the newly created image and click Create VM. Ensure the selected image is correct.
Choose the desired virtual machine instance size.
Enter the details for the Microsoft Azure admin user with either password OR SSH key authentication.

Note:If SSH key authentication is selected, the user will be created without a password and will be unable to access the UI.

Select the inbound ports enabled for the Lighthouse instance (SSH, HTTPS).
Navigate to the next page of configuration (Disks) and select the desired storage option for the boot disk.
Go to the Review page and after validation passes, click Create.

Go to the Virtual Machines page, select the virtual machine and open the Serial Console. Lighthouse should now be deploying on Microsoft Azure.
To allow nodes to enroll in Lighthouse, you will need to add the following firewall rules on the Networking page under Settings on the virtual machine you deployed:
1. Add a rule to allow UDP connections from any source to port 1194 on the instance's internal network address (10.0.0.x).
2. Add a rule to allow UDP connections from any source to port 1195 on the instance's internal network address (10.0.0.x).
3. HTTPS and SSH should already be allowed from the initial setup If not, add them.
4. Other ports may need to be opened, depending on feature usage. For example:
  1. SNMP (UDP/161 or TCP/161) – SNMP Management
  2. OpenVPN (UDP/1195) – Lighthouse Multiple Instance VPN
  3. HTTPS (TCP/8443) – Alternate REST API port
Confirm that the Azure instance public IP address has been added to external endpoints in Settings > System > Administration.

Set a password on Lighthouse via SSH

If you are logged into Lighthouse via SSH keys, you will need to set a password to login via GUI. Use the ogpasswd utility to do this.

ogpasswd -u lh_admin -p MySecretPassword

Note: Your username must be the same as the Microsoft Azure admin user created in step 10