New Mail SSL Certificate
I have purchased an SSL certificate for mail.tacomatelematics.com. So, in your mailer, as long as you use “mail.tacomatelematics.com” as your mail server, it will no longer complain about a self-signed certificate.
This also means that SSL is now fully functional for the webmail client. Since we no longer have the self-signed certificate concern, I will be disabling webmail access via standard HTTP. Finally.
Why hadn’t I heard of SNI years ago?
Web Server Update
The hard part of upgrading the server is done now. So that’s good. Aggregate downtime was about five minutes, hooray for virtualization.
I’m going to be adding some other things to the web server (in anticipation of wrapping the media streaming and distribution functions out of the media server), but that will have downtimes measured in milliseconds.
I’m upgrading the web server today. In fact, the web server we’re using right now is the backup image of the actual web server.
There should be a couple of outage about a minute or two long, but web performance is going to be slow as I make changes in LVM snapshots, and make backup copies.
This should all be done by tomorrow, the 11th of June.
Database server has been updated, which is why the web server was showing a maintenance page for a little under an hour tonight. No data lost, mail queued, everything went fairly painlessly.
Next is the mail server.
Copernicium got strange. Copernicium, or Cn, is the server in Arizona that all the main VMs run on.
I can’t say it crashed, because I rebooted it. It just got hung up on a bad XFS filesystem and wouldn’t properly remount. I needed to have someone at the facility go up and press the button.
Sort of my bad, but I was attempting to begin upgrading to fix some problems on the network, so I need to work on this. Total outage about eight minutes.
UPDATE: Now that that’s out of the way, I’m beginning site-wide upgrades. I’ve done a test upgrade of of indra and it is working, so I’ll start with that one.
The server was down from about 4:00 AM until 11:30 AM– on a limited basis, with sporadic service. Problem was upstream, badly defined, and now resolved.
I’d look into it more, but we’re weeks away from being elsewhere.
So, the Comcast tech is here in the building, and he says that the WA market doesn’t use modems other than the one I’ve got for business accounts, so the fix I was hoping for was a bust. He says there’s a lot of RF noise and he’s working on that, and he’ll swap out for a different modem of the same type. I was told that the routing problem we’re seeing is a firmware issue, so I don’t hold out a lot of hope for this being a good solution.
So I’m on to Plan F: Abandon the affected IP addresses and ask for my money back. I’m going to start the process of moving said services onto a different IP. Since there isn’t a physical move involved, there should be no appreciable outages (other than when the modem decides to crap the bed again).
Puget Sound Atheism and vis.nu Networks are the only affected subsystems– basically, everything brought into the corporate substrate from The Great Convergence. It’s all one set of servers now, but it still speaks on three addresses.
I’ll just move them onto the same IP as Tacoma Telematics, and all should be well. This is also a temporary solution, as there’s likely another move coming up.