Category Archives: Virtualization

Lightsail Network Isolation

Amazon Lightsail started offering a managed database service a few months ago.

I took a look at it … and tried it out … a while back and wasn’t really happy with it.

Although it had some nice features, I wasn’t given a ‘root’ (or super user) account and (as I sometimes do) was able to completely trash the instance within a few hours of creating it (I tried to manipulate the permissions on the master database user and ended up revoking all of them).

So I was considering creating my own database server using MySQL on a stand alone Amazon Linux instance.

This would give me a stand alone database with the flexibility to do anything I wanted.

My big concern was network security. I wanted to make sure that only my Lightsail instances would be able to communicate with the database server.

Continue reading
Related posts ...
Back in October of 2012 I devised a way of blocking abuse of my mailing
Over the holiday weekend, I experienced the ultimate computer security mechanism: "Spontaneous Security" I was
OK, I've had this phone a few weeks ... time for me to list some
By now everyone's probably heard about the data breach at Epsilon ... which resulted in

More on Amazon Lightsail

As a follow-on to my first post about Amazon Lightsail, here’s some additional information that I’ve discovered…

Continue reading
Related posts ...
Amazon Lightsail started offering a managed database service a few months ago. I took a
This post only covers the technical details of how to implement http/2 on an Apache
Although not directly supported, it's quite possible to use the LetsEncrypt certbot client on Amazon
Ha! I'll be you thought this blog was dead. Well, truth be told, it was

LetsEncrypt, Certbot, and Lightsail

Although not directly supported, it’s quite possible to use the LetsEncrypt certbot client on Amazon Lightsail Linux.

First of all … what is LetsEncrypt?

Let’s Encrypt is a free service that offers basic SSL certificates any web site.  The certificates are good for 90 days but can be renewed indefinitely. With the proper software, the installation & renewal of the certificates can be fully automated.

There are a few things to be aware of and workarounds that need to be done.

First, download the certbot-auto client itself…

Continue reading
Related posts ...
Lets Encrypt is an quick & easy way to add SSL to you website. You
If you're seeing a lot of messages about untrusted TLS connections in your mail log
We bit the bullet ... we got iPhones.   Our Verizon cell phone contract has
Ha! I'll be you thought this blog was dead. Well, truth be told, it was

Xen, LVM, and Grub

I ran into an interesting problem with my new server the other day.

Due to a hardware problem with an external USB hard drive, I had to reboot the XEN host.

I had to do the reboot remotely … so I couldn’t intervene if something went wrong.  Yes, you guessed it, something did go wrong.

When I finally got home I found the system trying to boot ‘bree’ … which is one of the XEN guest machines.

Continue reading

Related posts ...
I need some virtualization advice. I'm currently running this blog, among others, on XEN 3.1.2

OK, I'm jumping in with both feet. This post starts my test of server virtualization.

One of the goals I have for the new system is to replace the two

Yes, it's that time of year again ... UPGRADE TIME! With the release of Fedora

Virtualization Advice

I need some virtualization advice.

I’m currently running this blog, among others, on XEN 3.1.2 based virtualization on CentOS 5.5.

At the present time, I have three physical machines running … rivendell, gondor, and middle-earth.

Middle-earth”is the XEN host.

Rivendell and gondor are stand alone servers running Fedodra 10.

Currently gondor is primarily a web server and backup mail delivery server.

Rivendell is the main system and acts as a NIS server, MySQL server, samba file server, chat server, mail server, etc.

My goal is to migrate all the functions from rivendell & gondor to XEN instances on middle-earth.

My questions relate to where to run services, file systems, and processor allocation.

Specifically …

Continue reading

Related posts ...
I ran into an interesting problem with my new server the other day. Due to

OK, I'm jumping in with both feet. This post starts my test of server virtualization.

One of the goals I have for the new system is to replace the two

Yes, it's that time of year again ... UPGRADE TIME! With the release of Fedora