OpenVPN Let’s Encrypt

1. Install certbot:

sudo apt install certbot

2. Shudown OpenVPN server command:

sudo systemctl stop openvpnas

3. Install Let’s Encrypt certs multi-line command:

sudo certbot certonly \
--standalone \
--non-interactive \
--agree-tos \
--email EMAIL_ADDRESS \
--domains DOMAIN_NAME \
--pre-hook 'sudo service openvpnas stop' \
--post-hook 'sudo service openvpnas start'

4. Link Let’s Encrypt certs to OpenVPN web certs commands:

sudo ln -s -f /etc/letsencrypt/live/DOMAIN_NAME/cert.pem /usr/local/openvpn_as/etc/web-ssl/server.crt

sudo ln -s -f /etc/letsencrypt/live/DOMAIN_NAME/privkey.pem /usr/local/openvpn_as/etc/web-ssl/server.key

5. Restart OpenVPN service:

sudo systemctl start openvpnas

AWS Solutions Architect Exam Experience

I took and passed the AWS Certified Solutions Architect – Associate exam.

Here’s how I did it.

I wrote this article to describe my experience taking the Solutions Architect — Associate exam to consolidate what I’ve learned, and hopefully, help others who are preparing for the exam. This article is not a braindump or list of answers to tricky exam questions. It is a more general background on how I thought about the exam and what I used to prepare for it.

I’ve been freelancing for the last few years with an emphasis on e-commerce web development and cloud services for small businesses. I know “cloud services” is one of those terms some IT folks roll their eyes at, but it’s a good descriptor for my non-technical customers. Many of them are looking to offload on-prem servers or take advantage of Software-as-a-Service offerings. I’ve been helping customers with that offloading more and more the last two years. My knowledge of AWS has increased in that time, but I’m in no way an expert. Especially when it comes to complex databases, advanced networking, all things serverless. In other words, if I can pass the exam you can, too!

The most important piece of advice I can give is to know the principle principal . Learning all the services AWS can seem daunting, but remember that at the associate level don’t need to explain in great detail a particular service. What you do need is a knowledge of the services so you can choose the best fit for your customers. The exam is targeted at people who’ve had about a year of experience building on AWS. If you’re serious about passing the Solutions Architect exam sign-up for an AWS account if you haven’t already. You can use their Free Tier services for a year without charge. If you’re a freelancer, or part of a small firm, I highly recommend registering with the AWS Partner Network. When you setup your aws.training account make sure that your first and last name are listed the same as on your ID. This is requirement when you sit for the test. My training account had me listed as “Ted”so I had to work with support to change it to “Theodore” before I took the exam. It wasn’t a big deal but if you can set it up right the first time then all the better.

AWS Training Account Sign-up Screenshot
AWS Training Account Sign-up Screenshot

About the Exam

The exam has five domains which map exactly to the five pillars of the AWS Well-Architected Framework: Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization.

The five domains and their percentage on the exam.

  1. Design Resilient Architectures — 34%
  2. Define Performant Solutions — 24%
  3. Specify Secure Applications and Architectures — 26%
  4. Design Cost-optimized Architectures — 10%
  5. Define Operationally Excellent Architectures — 6%

Note the 10% for cost optimization. As solutions architects we have to juggle the technical setup of systems, but also be wary of budgets. This is especially important for me since most of my customers are small businesses with limited IT budgets.

Think of the exam like a job interview. Do your research before hand and know exactly where the test center is, how you’re going to get there, and what to bring with you. Schedule the exam late morning on an off day if possible. I went on a Friday the day after the Fourth of July so the testing center was dead quiet and it only took a few minutes to register.

Take advantage of whatever free training is available. I was lucky that I had signed up as an AWS Partner Network (APN) partner before attending the 2019 AWS Summit in Chicago in May. Because I was an APN partner I was invited to a free day-long training specifically for partners who planned on taking the Solutions Architect – Associate exam within a month. The class was a fantastic way to round out my knowledge, gain insight into how the test is given, and do a little bit of professional networking.

Attending a full day training event just isn’t an option for everyone. Luckily, there’s a ton of resources online from AWS and third party training companies to lean on.

This versus That

When two answers are almost identical except for a single word or phrase you can be fairly confident that one of them is the correct answer. Now you can eliminate the distraction of the other answers and go back to the question and read it closely. What in that question supports one answer or negates the other? Keep in mind that it’s sometimes easier to find the wrong answers first….

Resources

 
 

For more information about the Well-Architected Framework and associated whitepapers:
https://aws.amazon.com/architecture/well-architected/

AWS IQ
https://aws.amazon.com/iq/

WordPress: Best Practices on AWS Whitepaper:

https://d1.awsstatic.com/whitepapers/wordpress-best-practices-on-aws.pdf

CloudFormation reference architecture on GitHub:

https://github.com/aws-samples/aws-refarch-wordpress

Third-party online training:

https://learn.acloud.guru/learning-path/aws-architect

https://linuxacademy.com/amazon-web-services/training/course/name/aws-certified-solutions-architect-associate-level

https://www.whizlabs.com/aws-solutions-architect-associate/

Migrating cPanel/WHM to AWS

A Practical Example of Moving Web Servers into the Cloud

In this article I’ll detail my experiences virtualizing servers into Amazon Web Services ecosystem.

A client who runs a niche web hosting company contacted me about improving his infrastructure. Costs were going up and it was getting difficult managing resources as the business expanded. He had several physical servers spread over three different providers and combined data center and provider fees were approaching $1000.00 per month. That might be a rounding error for big companies, but for a small business it’s real money. The servers included sole-tenant nodes, which are essentially physical servers with only one virtual instance, and co-located boxes. If I’ve ever seen a scenario perfect for virtualization this was it.

There were about 200 WordPress installations that needed to be consolidated. So we put together a plan to migrate them all to AWS in stages.