Let’s Encrypt was really easy to setup, but Cron was less so. I kept getting emails that the Let’s Encrypt renewal was failing:
2017-03-09 02:51:02,285:WARNING:letsencrypt.cli:Attempting to renew cert from /etc/letsencrypt/renewal/bbbburns.com.conf produced an unexpected error: The apache plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError(). Skipping.
1 renew failure(s), 0 parse failure(s)
I had a cron job setup with the absolute bare minimum:
56 02 * * * /usr/bin/letsencrypt renew >> /var/log/le-renew.log
When I ran /usr/bin/letsencrypt renew
at the command line, everything worked just fine. I was like, “Oh – this must be some stupid cron thing that I used to know, but never remember.”
I have seen articles flying around about Let’s Encrypt for a while now. The idea seemed awesome, but the website seemed so light on technical instructions that I didn’t know if it would actually work. I wanted to know EXACTLY what lines it would propose to hack into my carefully manicured Apache configuration. And by carefully manicured, I mean “strung together with stuff I copied and pasted from stack overflow“.
I couldn’t find the information I really wanted – so I just JUMPED in and started installing things and running commands. 30 seconds later, I had a fully functioning cert on my site. I was blown away. It copied my existing non-ssl vhost config and created a new vhost with SSL enabled. All I had to do was enter my email address, select the vhost to enabled SSL for, and hit GO.
I had to put in a crontab entry myself to get the auto-renewal to work but that wasn’t so bad. I would hope they improve that in the future – but cron is no big deal.
I’m interested to see if everything works when my web certs expire 90 days from now! Crazy times. I used to do this and dread it once per year because the process was so manual. Now that it’s automated – I’ll get new certs while I’m sleeping. Woohoo.
My colleagues Gary Little and John Williamson are starting up a blog series on Nutanix performance. Have you ever wondered how Nutanix would perform for your application? Do you wonder how Nutanix compares to a traditional SAN? Do you ever wonder what it means to have 1 hojillion IOPS? I know I do – so I thought maybe you would too.
I know the blog here has turned into “All Nutanix All The Time”, but I think this performance series is worth a read. Maybe I’ll be posting more about motorcycles, security, and rock climbing in the future. (Oh, I’ve taken up indoor rock climbing) I’ve started using Keybase.io and Signal – so that could also be worth a tech post.
Take a look at the latest Nutanix solution note, detailing VMware NSX for vSphere in a Nutanix environment. With these two technologies combined, customers can now virtualize their entire infrastructure. This solution note describes common customer use cases and advantages of NSX software defined networking. We also test two important deployment scenarios and give configuration recommendations.
I’m happy to announce the release of the first Light Board Videos I recorded with the Nutanix nu.school education team. These videos were a blast to record. The education team here at Nutanix is top notch and made my scribbles and rambling look and sound great! A video production team is an amazing asset to have sitting behind you in the office!
AHV provides an alternative to traditional hypervisors – and with that alternative comes a new virtual switch! This virtual switch bridges the VMs to the physical network.
To find more information about the video, including all of the rationale behind the decisions made – check out the Nutanix .NEXT Community blog I wrote describing AHV Host Networking.
Here’s the embedded first part of the video. I talk about Open vSwitch bridges and bonds, and how to connect the CVM and the User Virtual Machines to the 10gb or 1gb network interfaces. Follow the Nutanix .NEXT community blog, my site here, or the nu.school YouTube page to watch the rest of the series.
We’ll cover Load Balancing, Managed and Unmanaged VM networks, and more in the coming weeks!