Posts

Showing posts from October, 2016

AWS Gotcha - IIS + ELB + HTTPS

So I've run into this twice now and have to write it down so I don't forget (or at least so future-me can google myself).

We were using a standard AWS Elastic Load Balancer (ELB) to serve traffic to our API.  The API is served from IIS webservers via 80/443.  ELB is not checking back-end cert authenticity.  (the servers have a self-signed cert)

We're trying to move toward more of a farming approach to servers vs. pets, and so decided to spin up a batch of new servers and migrate them over using the very fabulous Route 53 traffic policies.  It worked great!

Until humans got involved.

Since this is a new thing, I built one, tested it, then built the rest.  For whatever reason a seemingly minor change I made didn't make it back into the repo, and so the other 3 servers were built using the non-fixed configuration.

We noticed in New Relic that of the four servers, only one was doing any heavy lifting - the other 3 were receiving almost the same amount of requests.  So what…

Perhaps I misunderstand 'vision'

Three guys set out to make money.

The first decides the best way is to talk to his entire contact list and solicit sales.
The second decides that an MBA is a sure ticket.
The third decides that robbing banks is certainly the fastest path.

Do they share the same vision?