Project Lightwave Quickstart

Last month, VMware held a launch event for Cloud-Native Applications and announced two open source projects in support of this initiative.  Project Photon and Project Lightwave are infrastructure components focused on running and securing apps that leverage Linux containers.

Project Lightwave source code was just released on GitHub, but binary RPMs are also available and quite easy to install on a Photon instance if you would like to take it for a spin.  In this post you will see how to add the Lightwave repositories to Photon and perform the initial configuration for a server and client.

Environment Preparation

You will need to create two Photon VMs.  There are several options, ranging from VMware Fusion with Vagrant to vSphere to public clouds.  Ensure that each VM has a unique name.  If necessary, the hostname of a Photon instance can be changed by editing these files:

/etc/sysconfig/network
/etc/hosts

Update the hostname value stored in /etc/hostname by running:

hostnamectl <new name>

Verify by using the ‘hostnamectl’ command after rebooting.

Configure RPM Repositories

Lightwave binary RPMs are available for download, use the following procedure to enable the repositories on both the server and client Photon instances.  Log in as root or use sudo -i before executing the commands below.

First disable the Photon ISO repo if it is not connected to prevent errors during subsequent procedures:

cd /etc/yum.repos.d && sed -i 's/enabled=1/enabled=0/' photon-iso.repo

Note that you will need to edit some files.  This can be done using the installed ‘nano’ text editor, which is installed by default, or by adding the ‘vim’ package with the following command:

tdnf install vim

Paste the following script into the terminal window to create two new RPM repositories on Photon:

cd /etc/yum.repos.d
cat - <<HERE > lightwave.repo
[lightwave]
name=VMware Lightwave 1.0(x86_64)
baseurl=https://dl.bintray.com/vmware/lightwave
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY
gpgcheck=0
enabled=1
skip_if_unavailable=True
HERE
cat - <<HERE > photon-extras.repo
[photon-extras]
name=VMware Photon Extras 1.0(x86_64)
baseurl=https://dl.bintray.com/vmware/photon_extras
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY
gpgcheck=0
enabled=1
skip_if_unavailable=True
HERE

Run the following command to verify four repositories are enabled:

# tdnf repolist
repo id             repo name                               status
photon-updates      VMware Photon Linux 1.0(x86_64)Updates  enabled
lightwave           VMware Lightwave 1.0(x86_64)            enabled
photon-extras       VMware Photon Extras 1.0(x86_64)        enabled
photon              VMware Photon Linux 1.0(x86_64)         enabled

 

Install Lightwave Server Components

There are several dependencies needed for Lightwave but the tdnf package manager will take care of installation. The vmware-lightwave-server package is actually a meta-RPM that pulls everything down with a single command.  Packages can also be installed individually if something interferes with the simplified process.

root [ /etc/yum.repos.d ]# tdnf install vmware-lightwave-server
Installing:
 e2fsprogs-devel x86_64 1.42.9-1
 haveged x86_64 1.9.1-1.0
 vmware-ca-client x86_64 6.0.0-0
 boost x86_64 1.56.0-1
 krb5 x86_64 1.12.2-1
 openldap x86_64 2.4.40-1
 cyrus-sasl x86_64 2.1.26-1
 vmware-directory-client x86_64 6.0.0-0
 vmware-afd-client x86_64 6.0.0-0
 likewise-open x86_64 6.2.0-0
 vmware-ic-config x86_64 1.0.0-0
 vmware-directory x86_64 6.0.0-0
 vmware-ca x86_64 6.0.0-0
 vmware-afd x86_64 6.0.0-0
 vmware-lightwave-server x86_64 6.0.0-0

 

The next step is to promote this first server to become a domain controller:

root [ /etc/yum.repos.d ]# /opt/vmware/bin/ic-promote --domain lightwave.local --password VMware1!
20150519200020:INFO:Setting up system as Infrastructure standalone node
20150519200020:INFO:Starting service [dcerpc]
20150519200020:INFO:Starting service [vmafd]
20150519200021:INFO:Starting service [vmdir]
20150519200024:INFO:Starting service [vmca]
20150519200025:INFO:Setting various configuration values
20150519200025:INFO:Promoting directory service to be domain controller
20150519200025:INFO:Setting up the logical deployment unit
20150519200025:INFO:Setting up VMware Certificate Authority
20150519200025:INFO:Adding VMCA's root certificate to VMware endpoint certificate store
20150519200025:INFO:Generating Machine SSL cert
20150519200025:INFO:Setting Machine SSL certificate
20150519200025:INFO:Publishing Machine SSL certificate for directory service
20150519200025:INFO:Restarting service [vmdir]
Domain Controller setup was successful

Ensure the process is successful as shown above.

 

Install Lightwave Client Components and Join Domain

The client components are also covered by a single meta-RPM called vmware-lightwave-clients.  Jump over to the client Photon instance and execute the following command:

root [ /etc/yum.repos.d ]# tdnf install vmware-lightwave-clients
Installing:
 e2fsprogs-devel x86_64 1.42.9-1
 haveged x86_64 1.9.1-1.0
 boost x86_64 1.56.0-1
 krb5 x86_64 1.12.2-1
 openldap x86_64 2.4.40-1
 cyrus-sasl x86_64 2.1.26-1
 vmware-afd-client x86_64 6.0.0-0
 likewise-open x86_64 6.2.0-0
 vmware-ic-config x86_64 1.0.0-0
 vmware-directory-client x86_64 6.0.0-0
 vmware-ca-client x86_64 6.0.0-0
 vmware-afd x86_64 6.0.0-0
 vmware-lightwave-clients x86_64 6.0.0-0

After installing the packages, one last step is needed to join the domain created in the previous step:

# /opt/vmware/bin/ic-join --domain-controller 192.168.237.198 --domain lightwave.local
Password (administrator@lightwave.local):
20150519201521:INFO:Setting up system as client to Infrastructure node at [192.168.237.198]
20150519201521:INFO:Validating credentials to partner [192.168.237.198] at domain [lightwave.local]
20150519201521:INFO:Starting service [dcerpc]
20150519201521:INFO:Starting service [vmafd]
20150519201521:INFO:Setting various configuration values
20150519201521:INFO:Joining system to directory service at [192.168.237.198]
20150519201521:INFO:Get root certificate from VMware Certificate Authority
20150519201521:INFO:Adding VMCA's root certificate to VMware endpoint certificate store
20150519201521:INFO:Generating Machine SSL cert
20150519201521:INFO:Setting Machine SSL certificate
Domain Join was successful

 

 

Next Steps

It’s easy enough to stand up a prototype Lightwave domain, but there are many more capabilities beyond this simple deployment, such as adding additional servers to the domain in order to enable multi-master replication.

Up next we will walk through enabling SSH authentication to log into the client using domain credentials.  Stay tuned.

(Visited 1,759 times, 1 visits today)
This entry was posted in Virtualizationism and tagged , , . Bookmark the permalink.