VMware Site Recovery Manager 8.2 – No more Windows

VMware has just announced the release of Site Recovery Manager 8.2. There are a number of new items in SRM 8.2, such as enhancements to the HTML5 user interface, support for vSphere 6.7 Update 2, but most notably is Site Recovery Manager 8.2 virtual appliance!

No more Microsoft Windows license needed! The SRM 8.2 virtual appliance runs on the Photon OS distro, which is similar to what the vCenter virtual appliance has been running on for years now.

How to install a Let’s Encrypt SSL cert on Microsoft IIS

If you’ve ever wondered how to install a Let’s Encrypt certificate on a Microsoft IIS server than this post is just for you.

Let’s Encrypt has always been pretty easy to setup on a Linux box and not so much on the Windows side. Thankfully, there are now nearly a dozen different tools that make adding a Let’s Encrypt SSL certificate to a Microsoft IIS server just as easy.

In this post we’ll be focusing in on, and using the Windows ACME Simple (WACS) solution. Mostly because it’s so easy to use, how easy? Well lets take a look!

How to update VMware Windows VM’s DNS using PowerCLI

Update VMware Windows VM’s DNS using PowerCLI

This post will show you how to update a VMware Windows virtual machine’s DNS IP addresses using PowerCLI.

You’ll also see how I went from a starting point to a fully working script – all thanks to the awesome #vCommunity!

Here at work we’ve been doing a number of networking, AD, and DNS changes. In doing so, our DNS IP address have changed. Changing the DNS settings for our workstations was easy, simply edit the DHCP scope.

The servers on the other hand all had static IP’s and static DNS IP’s entered, each of which needed to be updated.

My VMware ESXi Home Lab Upgrade

Dell R720 Server

Although the focus in my career right now is certainly more cloud focused in Amazon Web Services and Azure, I still use my home lab a lot.

For the last 5+ years my home lab had consisted of using 3x Intel NUC’s (i5 DC53427HYE), a Synology NAS for shared storage and an HP ProCurve switch. This setup served me well for most of those years. It has allowed me to get many of the certifications I have, progress in my career and have fun as well.

At the start of this year I decided it was time to give the home lab an overhaul. At first I looked at the newest generation of Intel NUC’s but really wasn’t looking forward to dropping over $1,300 on just partial compute (I’d still need to be RAM for each of the 3 NUC’s). I also wanted something that just worked, no more fooling around with network adapter drivers or doing this tweak or that tweak.

I also no longer needed to be concerned about something that had a tiny footprint. I also questioned if I really needed multiple physical ESXi hosts. My home lab isn’t running anything mission critical and if I really wanted I could always build additional nested VMware ESXi hosts on one powerful machine if I needed.

So in the end, the below is what I settled on. Replacing all of my compute, most of my networking and adding more storage!

Using AWS Systems Manager to regain access to an EC2 machine

AWS Systems Manager

The other last night I received a call from a co-worker who added a Windows firewall rule to a production AWS EC2 machine running Server 2016. Soon after he couldn’t access the server via RDP nor were any of the IIS sites loading.

Of course a snapshot was not created prior to the change, because “It worked in Test”.

At first I thought we might be up a creek and restoring from an older backup. But, then I remembered AWS Systems Manager and the ability to send commands to an AWS EC2 machine via the AWS console.

Below are the quick steps I took to disable the Windows Firewall using AWS Systems Manager to regain access into the EC2 machine.

Enable DNS over HTTPS and Encrypted SNI in Firefox

In Firefox 62, Mozilla has added two new features called DNS over HTTPS (DoH) and Trusted Recursive Resolver (TRR). The ideal behind each of these features is to improve user privacy and improved performance. DNS has typically been sent over insecure HTTP allowing anyone on the wire, such as your ISP, to monitor what sites you are visiting.

Below we’ll look at how to enable TRR you can tell Firefox to make DoH it’s first choice and use the system DNS as a fallback option.

The second feature we will be enable is Encrypted SNI, which prevents others from intercepting the TLS SNI extension and use it to determine what websites you are browsing.

Scroll to Top