How to Install a TLS Certificate on NSX 4.1

If you don’t like seeing the “Your connection is not private” or “Warning: Potential Security Risk Ahead” when you browse to your NSX Manager, then you may want to install a TLS certificate from a commercial CA (Certificate Authority). This post tells you how. This NSX manager has a certificate from issued from Sectigo. Note that the padlock in the address bar shows no warning and the certificate’s chain-of-trust can be examined....

July 2, 2023 · 6 min · Brian Cunnie

On-premise is Almost Four Times Cheaper * than the Cloud

* If you don’t count the amount of time spent maintaining the on-premise equipment. Abstract My 48-VM (virtual machine) homelab configuration costs me approximately $430/month in hardware, electricity, virtualization software, and internet, but an equivalent configuration on AWS (Amazon Web Services) would cost $1,660/month (almost four times as expensive)! Disclosures: I work for VMware, which sells on-premise virtualization software (i.e. vSphere). I didn’t put a dollar value on the time spent maintaining on-premise because I had a hard time assigning a dollar value....

January 4, 2023 · 7 min · Brian Cunnie

The Least Secure Way to Back Up vCenter 8.0 with TrueNAS 13.0

We’re going to set up automated backups for a vCenter which we were forced to rebuild over the winter break because the unexpected reboot of the file server hosting the iSCSI datastore backing the vCenter’s disk drive caused unrecoverable database corruption, and we had no backups. Log into your TrueNAS server via its web interface, e.g. https://nas.nono.io Browse to “Services” Start FTP (by toggling the “Running” slider) and configure it to start automatically Remember to start the FTP service and configure it to start automatically....

January 2, 2023 · 2 min · Brian Cunnie

Creating Multi-Platform Docker Images with Concourse

Concourse CI/CD (continuous integration/continuous delivery) can create multi-platform Docker images. This blog post describes how. A multi-platform docker image is one that contains “variants for different architectures”. Docker images are often created for a single architecture (“instruction set architecture” or “ISA”), typically Intel’s/AMD’s x86-64, but with the advent of ARM64-based offerings such as AWS’s Graviton and Apple’s M1/M2, It’s becoming more common to build multi-platform images to avoid the heavy emulation performance penalty (typically >10x) when running an image on a different architecture....

November 25, 2022 · 3 min · Brian Cunnie

How to Install a TLS Certificate on vCenter Server Appliance (VCSA) 8.0

Quickstart First, create your key and your CSR (Certificate Signing Request). In the following example, we are creating a CSR for our vCenter host, “vcenter-80.nono.io”: CN=vcenter-80.nono.io # "CN" is the abbreviation for "Common Name" openssl genrsa -out $CN.key 3072 openssl req \ -new \ -key $CN.key \ -out $CN.csr \ -sha256 \ -subj "/C=US/ST=California/L=San Francisco/O=nono.io/OU=homelab/CN=${CN}/emailAddress=brian.cunnie@gmail.com" \ -config <(cat <<EOF [ req ] distinguished_name = req_distinguished_name req_extensions = req_ext [ req_distinguished_name ] [ req_ext ] subjectAltName = @alt_names [alt_names] DNS....

November 2, 2022 · 6 min · Brian Cunnie