Submit Feedback

Using GovCloud to run Liferay in AWS

Government entities can use GovCloud to provision Liferay in AWS.

Subscribe to Liferay DXP

  1. Visit the AWS Marketplace.

  2. In Discover Products, find Liferay DXP Cloud Native Installer for AWS GovCloud.

  3. Subscribe to the product.

Install Liferay DXP

  1. From Manage Subscriptions, select the installer and click Launch.

  2. Select Launch from the EC2 Console.

  3. Select the version you need from the Version drop-down.

  4. Select your desired region from the Region drop-down.

  5. Click Launch from EC2.

  6. In Name and TagsName, give your instance a name.

  7. In Instance TypeInstance Type, search for and select t3.micro.

  8. In Key pair (login)Key pair name - required, select a key pair to use for the instance. If you don’t have one, click Create new key pair and follow the instructions before returning here.

  9. Click Network SettingsEdit and select a Virtual Private Cloud (VPC). Ensure the installer runs in a (VPC) that allows the Amazon Machine Image (AMI) to have access to the AWS Security Token Service (STS) and other AWS APIs (i.e., sts.[region].amazonaws.com). The default VPC should be suitable.

    Important

    If you encounter errors later stating that the AMI cannot communicate with the STS service, reset (or create) the default VPC:

    aws ec2 create-default-vpc

  10. In Advanced DetailsIAM Instance Profile, select the Identity and Access Management (IAM) role that should be granted to the instance (IAM Roles for Service Accounts, or IRSA). If you don’t have one, click Create a New IAM Profile to create one first.

    Note

    Currently, you must attach the AdministratorAccess policy to the role until you can determine the exact minimal permissions needed.

  11. In Advanced DetailsUser Date—Optional, you can pass advanced configuration to the installer. The example below uses the cloud-init format for this configuration. Review the configuration below before pasting into the field:

    #cloud-config
# Reference: https://cloudinit.readthedocs.io/en/latest/index.html
write_files:
  # /opt/liferay/values.yaml - if present configures the Liferay AWS Helm chart
  - content: |
      liferay-default:
        configmap:
          data:
            license\.xml: |
              <?xml version="1.0"?>
              <license>
                <!-- license contents -->
              </license>
        customEnv:
          x-aws:
          - name: LIFERAY_DISABLE_TRIAL_LICENSE
            value: "true"
        customVolumeMounts:
          x-aws:
          - mountPath: /etc/liferay/mount/files/deploy/license.xml
            name: liferay-configmap
            subPath: license.xml
    owner: "liferay:liferay"
    path: /opt/liferay/values.yaml
    permissions: "0644"

  # /opt/liferay/terraform/ecr/customer.auto.tfvars - if present configures the Liferay AWS 'ecr' Terraform script
  - content: |
      # tfvars for 'ecr' terraform
    owner: "liferay:liferay"
    path: /opt/liferay/terraform/ecr/customer.auto.tfvars
    permissions: "0644"

  # /opt/liferay/terraform/eks/customer.auto.tfvars - if present configures the Liferay AWS 'eks' Terraform script
  - content: |
      # tfvars for 'eks' terraform
    owner: "liferay:liferay"
    path: /opt/liferay/terraform/eks/customer.auto.tfvars
    permissions: "0644"

  # /opt/liferay/terraform/dependencies/customer.auto.tfvars - if present configures the Liferay AWS 'dependencies' Terraform script
  - content: |
      # tfvars for 'dependencies' terraform
    owner: "liferay:liferay"
    path: /opt/liferay/terraform/dependencies/customer.auto.tfvars
    permissions: "0644"

    For further details, please see the Cloud Init documentation.

  12. In the Summary section (on the left), click Launch Instance. When it’s ready, click the link to the Instance Console.

  13. Click Connect, and on the EC2 Instance Connect tab, click Connect again. This takes you to a browser-based Amazon Machine Image (AMI) terminal, logged into your image as root.

  14. If you want to review the installer logs, run this command:

    journalctl --follow --since="1 day ago" | grep "cloud-init"

  15. Switch to the Liferay user:

    su liferay

  16. Check to see that Liferay is running via these commands:

    cd ~/terraform/dependencies

kubectl rollout status statefulset/liferay-default \
  --namespace "$(terraform output -raw deployment_namespace)" \
  --timeout=1200s

  17. Extract the public ingress hostname:

    kubectl get ingress liferay-default \
  --namespace "$(terraform output -raw deployment_namespace)" \
  --output jsonpath='{.status.loadBalancer.ingress[0].hostname}'

  18. Retrieve your admin password for Liferay:

    kubectl get secret liferay-default \
    --namespace liferay-system \
    --output jsonpath='{.data.LIFERAY_DEFAULT_PERIOD_ADMIN_PERIOD_PASSWORD}' \
    | base64 --decode

  19. Log into Liferay:

    • Email: test@liferay.com
    • Password: [admin password retrieved in previous step]

Excellent! Now you’re ready to configure your license and SSL.

Capability:
Cloud
DXP Self-Hosted Installation, Maintenance, and Administration
Resource Type:
Official Documentation
Deployment Approach:
Liferay PaaS
Liferay Self-Hosted