AWS Marketplace Deployment
This document outlines the essential components and steps for deploying LightBeam via the AWS Marketplace.
Network Prerequisites:
A Virtual Private Cloud (VPC) with a /16 CIDR block is recommended.
Three private subnets, each allocated a /24 CIDR block.
Three public subnets, each also allocated a /24 CIDR block.
Pre-Deployment Requirements:
Jump VM Key Pair Generation:
A Jump Virtual Machine (VM) within AWS facilitates Secure Shell (SSH) access to the LightBeam cluster for administrative and troubleshooting purposes.
Generate an EC2 Key Pair within the AWS console, download the private key to your local machine, and store it securely for future SSH authentication to the Jump VM.
Search for “key pairs” in the AWS console search
Create a new key pair
Existing VPC Configuration (for existing VPC deployment - recommended):
LightBeam deployments can utilize either a newly created VPC or an existing one.
If leveraging an existing VPC, ensure that both DNS resolution and hostname support are enabled within its configuration.
Edit existing VPC settings
Enable DNS resolution and DNS hostnames for the VPC
Deployment Workflow:
CloudFormation Deployment Method Selection:
From the AWS Marketplace launch page, select one of the following deployment options:
Deploy LightBeam with a New VPC.
Deploy LightBeam with an Existing VPC.
CloudFormation Stack Page Redirection:
Upon selection, you will be redirected to the AWS CloudFormation stack creation page.
Stack Naming and Parameter Configuration:
Assign a unique name to your CloudFormation stack (alphanumeric characters and hyphens only, beginning with a letter, maximum 128 characters).
Review and populate the "Deployment Parameters" section with the necessary details, as outlined below.
IAM Resource Acknowledgment and Submission:
Click "Submit" and acknowledge that the template will create Identity and Access Management (IAM) resources required by the Jump VM for LightBeam deployment. LightBeam operates with minimal necessary permissions.
Deployment Initiation and Completion:
The deployment process typically takes approximately 45 minutes to complete.
LightBeam Cluster Access (HTTP):
Refer to the "Accessing Your LightBeam Cluster After Deployment" section for instructions on accessing the LightBeam user interface.
Deployment Parameters:
AMI Configuration:
LightBeam AMI ID: This field is automatically populated with the Amazon Machine Image (AMI) utilized for the Jump VM.
Jump VM Configuration:
Key Pair Name: Specify from the dropdown the EC2 Key Pair generated in the prerequisites section, which enables SSH access to the Jump VM.
Deployment Type:
Public subnet: The Jump VM will be assigned a public subnet and therefore receive a public IP address, enabling external inbound access.
Private subnet: The Jump VM will be assigned a private subnet and therefore not be assigned a public IP address, restricting external inbound access.
SSH Access IP (CIDR): Enter the IP address or range (in CIDR format, e.g., 10.20.30.40/32) from which SSH access to the Jump VM will be permitted.
EKS Cluster Configuration:
Node Instance Type: Defines the instance type for the Amazon Elastic Kubernetes Service (EKS) cluster worker nodes (default: m6i.2xlarge).
Node Count: Specifies the number of nodes in your EKS cluster (minimum:3, which is the default).
Kubernetes Version: The Kubernetes version for your EKS cluster (default: 1.32).
VPC CIDR Block (for new VPC deployment): The CIDR block for a new VPC, if one is being created during deployment (default: 10.0.0.0/16).
Important Note: LightBeam prefers a dedicated VPC. If using a custom CIDR, ensure it does not conflict with existing VPCs. Supported AWS VPC CIDR ranges include 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.
Existing VPC (for existing VPC deployment): Select the target existing VPC from the dropdown.
Existing Internet Gateway (for existing VPC deployment): Provide the Internet Gateway ID attached to the selected existing VPC (found in VPC Console > Internet Gateways).
Private Subnet CIDR Blocks: A list of three private subnet CIDR blocks for your EKS cluster nodes (default values provided).
Public Subnet CIDR Blocks: A list of three public subnet CIDR blocks for the NAT gateway and optionally the Jump VM (default values provided).
Example: new VPC deployment
Example: existing VPC deployment
LightBeam Configuration:
Setup Token: Obtain this token from [email protected] after purchasing the LightBeam solution.
License Key: Obtain this key from [email protected] after purchasing the LightBeam solution.
LightBeam Version: The desired LightBeam version to deploy (default: v3.2.0, the latest release).
Troubleshooting:
Consult the following CloudWatch log groups for deployment-related logs:
lb-infra-install-group: Contains logs pertaining to AWS infrastructure deployment including EKS.
lb-install-group: Provides logs related to LightBeam cluster installation and credential generation.
lb-webui-group: Displays logs for LightBeam Web UI access.
Accessing Your LightBeam Cluster After Deployment:
Locate LightBeam UI Address:
Navigate to CloudWatch Logs -> Log groups -> lb-webui-group -> lb_webui_logs.
Copy the displayed UI address and open it in your web browser.
Retrieve LightBeam UI Credentials:
Access CloudWatch Logs -> Log groups -> lb-install-group -> lb_install_logs.
Retrieve the credentials displayed in the logs to log in to the LightBeam UI.
Accessing the Jump VM:
Refer to the "Outputs" section of your CloudFormation stack for instructions on how to connect to the Jump VM.
Utilize your local machine's command line to establish an SSH connection to the Jump VM for command-line access and advanced troubleshooting.
Uninstalling LightBeam:
Connect to the Jump VM and switch to root.
Uninstall the LightBeam cluster using the lb-cleanup.sh script:
cd /lightbeam-chart
./installer/lb-cleanup.sh
Uninstall EKS using terraform destroy:
cd /lightbeam-tf-iac/eks
terraform destroy
Delete the CloudFormation stack directly from the AWS management console.
Last updated