Launch in Amazon Web Services

Launch a Lighthouse Instance on AWS

When the Lighthouse AMI is created, it displays in the Amazon Machine Images (AMIs) section of the EC2 Management Console.

Note: If you are launching from AWS Marketplace, you can start at Instance Type.

To create a new Lighthouse EC2 instance:

  1. Select the Lighthouse AMI.

  2. Click Launch instance from AMI.

Instance Type

Lighthouse should run on a general purpose instance type, such as M5.

Note:  If an instance type that supports "burstable" CPU such as T2 is used, ensure that unlimited CPU is selected, to avoid operational problems caused by CPU throttling.

Key Pair

EC2 requires a key pair to be specified when launching instances.

Network Settings

A security group should be created. Lighthouse requires some ports to be open:

  • SSH (TCP/22) – Secure Shell. Access should be limited to just your corporate network.

  • HTTPS (TCP/443) – Lighthouse Web UI and REST API. This is used by both web browsers and nodes. For example, call-home enrollment.

  • OpenVPN (UDP/1194) – Lighthouse VPN. This is used to communicate with nodes after they are enrolled.

  • Other ports may be required to be opened, depending on feature usage. For example

  • SNMP (UDP/161) – SNMP Management

  • OpenVPN (UDP/1195) – Lighthouse Multiple Instance VPN

  • HTTPS (TCP/8443) – Alternate REST API port

Storage

By default, the root volume will be around 53 GiB. This may be sufficient, depending on your intended usage. It is easier to specify more storage now, but more can be added later.

Advanced Details

An initial lhadmin password must be set in the UserData section.

password=topSecretPassword123

If the user does not specify the lhadmin password in the Advanced Details section they can set the lhadmin password using the ogpasswd utility.

Set a Password for the lhadmin User on Lighthouse

If you are logged into Lighthouse via SSH keys, you will must set lhadmin password to login via GUI. Use the "ogpasswd" utility to do this.

ogpasswd -u lhadmin -p MySecretPassword

Final Steps

When done, the EC2 Linux instance can be shut down and removed or saved for creating future instances.