So you have a site that is on an EC2 instance, and you want to turn it into an SSL site. That’s a common task, but what if you have multiple SSL sites on that host. You can’t share the IP and still have things work for older browsers, so you end up using ELBs.
If you have some static content you want to send to CloudFront, and you don’t want to redo all your hrefs to handle that for you, here’s a quick and dirty way to use Apache instead.
Say you have a bunch of sites that are hosted on an EC2 instances, and for various reasons you’ve setup CloudFront to help handle the traffic. You have your normal webserver logs to give you part of the picture, but you probably will want to dig into the CloudFront logs as well in order to get a better picture of your actual throughput.
Thankfully, this is pretty easy. And somewhat annoyingly complicated.
Ignoring for the fact that there are very good reasons not to do this (latency, eventual consistency, etc), using S3 buckets as filesystems actually fills a niche that AWS doesn’t currently even try. Sure you could just setup an NFS instance on EC2, or even use the storage gateway service to go an off-service data store, but that is overkill for many use cases.
So here’s how I got it done.
First of all, there are some options on how to implement this. Here are the ones I tried out :
I ended up choosing s3fs-c. I used s3fs at first, but the lack of other-client compatibility was a killer. I’m still not sure why this is even a problem to be solved, given that the s3fs-c fork didn’t make major changes to get that feature. Or maybe there are major changes that I didn’t notice on my, admittedly cursory, review.
So I took an S3 bucket, and EC2 instance running ubuntu 12.04, and did the following.
i’ve been happy with my AWS instances that i’m running, but decided tonight to start up a joyent instance to see how that goes. so far i’m fairly disappointed with the documentation, but it isn’t any worse than the AWS EC2 stuff.
still, the whole process was pretty easy to go through, even if it wasn’t easy to actually login to my new ubuntu VM.
i’ll be starting up a mail server on this thing to see how that goes.
Most of the documentation for getting apache’s mod-auth-mysql modules to work under ubuntu are painfully short of at least a couple of configuration lines, so here’s my attempt to be helpful to others that have trouble with this.
Almost a year after I first wrote about dancer, I finally got around to building my first site with it. Overall, it is a pretty nice little framework. If you are already familiar with perl and/or the template toolkit, then I highly recommend this for quickly deploying projects.
In my case, I was able to build and deploy a management interface for a smartos zone server in just a few hours. I fleshed it out over the course of a week or so, and how it is in production managing dozens of zones quite easily. The interface talks to a mysql database, a node.js server I wrote as part of the same project, and even manages a local haproxy instance. All of this in such a tiny space that I keep getting weirded out.
In the future I’ll document some of the pitfalls and oddities that I experienced. I found that once I came around to the dancer way of thinking, it got pretty easy and I’ve rarely had to address the documentation since.
So you have an ubuntu server that you’d like to do LDAP authentication on. Here are the quick and dirty steps. Note that I’m leaving out a lot of additional options and tweaks as many will be situationally different.
Just a little cheat sheet for setting up multiple routes/interfaces on ubuntu servers. The file you’ll be making modifications to is “/etc/network/interfaces”.
lately i’ve been poking at vmware more as building kvm deployments is annoying and managing them sucks.
so i’ve played with the vmware ESX 3.5 and 4.1 deployments, which are pretty cool although a pain to manage as you have to run the thick client from a windows box, which gave me the opportunity to also mess with vmware fusion, which i’ll get to later. the ESX systems are pretty nice, but lacked some features that i thought would be givens; notably cloning/copying virtual machines. apparently you CAN do it, but it isn’t intuitive or quick, or at least not enough that building a template system and using that to spin up new servers was any better than my kvm method. and to be fair, it looks like the new versions they are rolling out can do exactly that.
other than that, the ESX stuff is pretty cool, and the hardware it runs on is pretty varied – i was able to use an couple of old dell servers that i had laying around.
i also tried setting up the non-ESX server that vmware puts out, but it refused to install at various points. further research showed that the installer scripts needed some fairly involved modifications to get past where i was stuck. i never was able to finish building that implementation out, but i’m still trying. honestly if building it is that hard, it might not be worth doing.
vmware fusion was pretty nice. i’ve used parallels in the past when i need to run a windows app, but that was a while back and i no longer have that setup. it was nice, but i usually don’t like having to jump into a VM just to run an app, so as much as i applaud vmware for making fusion work well, i have to criticize them for not having a mac version of their management software.
funny story : a day or so after i did all of that, i had to log into a machine that is only accessible by modem. i recently upgraded to os x lion, which apparently hates the apple modem i have, so i had to use my keyspan to connect to a USR hardware modem, and the windows environment i had from vmware was able to work great with that setup. so, yay.