Launch a Lighthouse Instance on AWS

After the Lighthouse AMI has been created, it displays in the Amazon Machine Images (AMIs) section of the EC2 Management Console.

To create a new Lighthouse EC2 instance:

  1. Select the Lighthouse AMI

  2. Click Launch instance from AMI.

Instance Type

Lighthouse should run on a general purpose instance type, such as M5.

Note: If an instance type that supports "burstable" CPU such as T2 is used, ensure that unlimited CPU is selected, to avoid operational problems caused by CPU throttling.

Key Pair

EC2 requires a key pair to be specified when launching instances.

Network Settings

A security group should be created. Lighthouse requiresthe following ports to be open:

  • SSH (TCP/22) – Secure Shell. Access should be limited to just your corporate network.

  • HTTPS (TCP/443) – Lighthouse Web UI and REST API. This is used by both web browsers and nodes (eg, for call-home enrollment).

  • OpenVPN (UDP/1194) – Lighthouse VPN. This is used to communicate with nodes once they are enrolled.

  • Other ports may need to be opened, depending on feature usage. For example

    • SNMP (UDP/161) – SNMP Management

    • OpenVPN (UDP/1195) – Lighthouse Multiple Instance VPN

    • HTTPS (TCP/8443) – Alternate REST API port

Storage

By default, the root volume will be around 53 GB. This may be sufficient, depending on your intended usage. It is easier to specify more storage now, but more can be added later.

Advanced Details

An initial root password should be set in the UserData field in the format password=topSecretPassword123. If you do not, you will have to log in via SSH to set it. Instructions for this are detailed below.

Set a password for the root user on Lighthouse via SSH:

If you are logged into Lighthouse via SSH keys, you will need to set root password to login via GUI. Use the "ogpasswd" utility to do this.

ogpasswd -u root -p MySecretPassword

When done, the EC2 Linux instance can be shut down and removed or saved for creating future instances.

 

Note: Currently AWS support is limited to:

All standard Lighthouse operations

Running on the AWS platform

Providing aws-cli tools for interaction with AWS

Loading the provided SSH key for the root user

Running custom scripts on startup (see above)

Providing a root password via userdata (see above)

At this time we do not support:

Using AWS's database services

Using AWS's redis services

Using any of AWS's scalability functionality

Note: If you want to deploy Lighthouse across different AWS regions an AMI will be needed in each region. Amazon supports copying AMIs between regions and offers a walkthrough of the necessary steps to do this.

Click here to read the instructions on Amazon’s website.