Lately I was updating a couple of my scripts, and when I re-used my script that automatically updates AWS records for Let's Encrypt DNS challenges, I realised that I never stored my AWS credentials anywhere, but I was just using those cached into my powershell environment. Time to have some proper credential management.
The beginning of each year, lately seems to be the time when I have to update my scripts that control the automatic management of SSL certificates. I started three years ago by learning first about Let's Encrypt certificates, and how they could have solved my needs for automatically renew (for free!) my SSL certificates. At the time I started to use ACMESharp: it seemed to be a great fit as it worked in powershell and had all the features I needed; but lately, it has lagged behind, and the move the ACME v2 was the final nail in its coffin.
A couple of weeks ago I presented to a customer Veeam's integration with AWS services, specifically the Direct Restore to EC2 feature. He was really interested, but he also immediately thought about possible large scenarios of this feature. This solution is not a Disaster Recovery technology, since a machine is not replicated into EC2, ready to be powered on, but it's rather a backup that is uploaded and then imported into EC2. But still, massive migrations or the creation of dev/test environments from a production copy were really nice use cases.
I wrote already two articles about this topic. I know that managing SSL certificates can be a cumbersome task, so any option to automate the process is a great addition to any IT administrator toolbox. This is why Let’s Encrypt certificates are becoming so popular, not just because they are free but also because the automated platform that they use allow for some amazing automation solutions. In my first article Use Let’s Encrypt free certificates in Windows for Veeam Cloud Connect I explained the basics of Let’s Encrypt technology, and how to use its certificates on a Windows machine using ACMEsharp libraries with Powershell. Then, in the second article Improved Powershell script for Let’s Encrypt certificate renewals I optimized the script even more. But still, there was room for improvement and even more automation.
In chapter 3 of this blog series, I showed you how to connect a vCloud Director to Veeam Backup & Replication. Before Veeam Backup & Replication 9.5 Update 4, the main usage of vCloud Director was to make backups of vCloud VMs. But now with Update 4, we can use vCloud Director as a target for Cloud Connect replicas.
In the previous posts we completed the automatic configuration of the Veeam Cloud Connect environment. In this third post of this short series, we will add additional resources in order to offer replication services. In fact, all the Cloud Connect components are now successfully deployed, so Backup services can already be offered, but to offer also replication services we need to connect our environment to the virtualized platform. Historically, Veeam Cloud Connect supported VMware vSphere and Microsoft Hyper-V, but since the soon-to-come 9.5 Update 4 will also add support for VMware vCloud Director, we will see how to add both to the infrastructure.