Hi, list,
I'm going to deploy postfix + dovecot + CephFS( as Mail Storage).
Basically I want to use two servers for them, which is kind of HA.
My idea is that using keepalived or Pacemaker to host a VIP, which
could fail over the other server once one is down. And I'll use Haproxy or
Nginx to schedule connections to one of those server based on source IP(
Session stickiness), I'll use VIP as DNS record.etc, is my plan doable?
I know MX could be server ones with different priority. But I think it
brings along shortage that DNS couldn't know Email server is up or down, it
just returns results to MUA, right?
Thanks for any suggestions and ideas.
-
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20190411/a4fae4a8/attachment.html>
> Le 11 avr. 2019 ? 10:44, luckydog xf via dovecot <dovecot at dovecot.org> a ?crit : > > Hi, list, > > I'm going to deploy postfix + dovecot + CephFS( as Mail Storage). Basically I want to use two servers for them, which is kind of HA. > > My idea is that using keepalived or Pacemaker to host a VIP, which could fail over the other server once one is down. And I'll use Haproxy or Nginx to schedule connections to one of those server based on source IP( Session stickiness), I'll use VIP as DNS record.etc, is my plan doable? > > I know MX could be server ones with different priority. But I think it brings along shortage that DNS couldn't know Email server is up or down, it just returns results to MUA, right? > > Thanks for any suggestions and ideas. > > -If you just want HA and don't have scalability issue, the simplest solution is probably to deploy your mail stack on 2 servers, and use pacemaker to make sure it run only on one at once (with a VIP managed by pacemaker too). For the storage, if you have a SAN, go with it, else you may use local DRBD partition with replication on the standby server.
> I'm going to deploy postfix + dovecot + CephFS( as Mail Storage). Basically I want to use two servers for them, which is kind of HA.you may consider dovecot's builtin dsync replication which works great with two servers (while there still is one little bug that may duplicate mails upon deletion with pop3 only under specific conditions)> My idea is that using keepalived or Pacemaker to host a VIP, which could fail over the other server once one is down. And I'll use Haproxy or Nginx to schedule connections to one of those server based on source IP( Session stickiness), I'll use VIP as DNS record.etc, is my plan doable? > I know MX could be server ones with different priority. But I think it brings along shortage that DNS couldn't know Email server is up or down, it just returns results to MUA, right?DNS just returns your servers' ip addresses/mx records and does not know if they are up or down. You could combine that with an external monitoring system that modifies your dns entries but this is overkill (keep ttl in mind). DNS resolvers return records in a round robin fashion so that you get 50/50 active/active loadbalancing. SMTP does cope with delivery errors very well (e.g. greylisting is a temporary delivery error). MTAs just connect to the second MX and try to deliver the mail. Even MUAs like Outlook, Apple Mail or Thunderbird are capable to use more than one ip - if the connection fails they connect to the second ip returned via DNS, without any user interaction. Best regards Gerald
On 11.4.2019 11.44, luckydog xf via dovecot wrote:> Hi, list, > > ? ? ?I'm going to deploy postfix?+ dovecot?+ CephFS( as Mail Storage). > Basically I want to use two servers for them, which? is kind of HA. > ? > ? ? My idea is that using keepalived or Pacemaker to host a VIP, which > could fail over the other server once one is down. And I'll use > Haproxy or Nginx to schedule connections to one of those server based > on source IP( Session stickiness),??I'll use VIP as DNS record.etc, is > my plan doable? > > ? ?I know MX could be server ones with different priority. But I think > it brings along shortage that DNS couldn't know Email server is up or > down, it just returns results to MUA, right? > > ? ?Thanks for any suggestions and ideas.? > > ? ? -You could use dovecot configured as director in the front, it would assign users to backends and maintain that to avoid accessing same users on two backends. Aki
While possible it probably overkill. A simple failover proxy is enough unless he requires a active-active setup. On 11.04.19 11:54, Aki Tuomi via dovecot wrote:> > On 11.4.2019 11.44, luckydog xf via dovecot wrote: >> Hi, list, >> >> ? ? ?I'm going to deploy postfix?+ dovecot?+ CephFS( as Mail Storage). >> Basically I want to use two servers for them, which? is kind of HA. >> ? >> ? ? My idea is that using keepalived or Pacemaker to host a VIP, which >> could fail over the other server once one is down. And I'll use >> Haproxy or Nginx to schedule connections to one of those server based >> on source IP( Session stickiness),??I'll use VIP as DNS record.etc, is >> my plan doable? >> >> ? ?I know MX could be server ones with different priority. But I think >> it brings along shortage that DNS couldn't know Email server is up or >> down, it just returns results to MUA, right? >> >> ? ?Thanks for any suggestions and ideas.? >> >> ? ? - > > You could use dovecot configured as director in the front, it would > assign users to backends and maintain that to avoid accessing same users > on two backends. > > Aki >
> Am 11.04.2019 um 11:48 schrieb luckydog xf <luckydogxf at gmail.com>: > > As your statement, nothing speical is needed to do except setting up DNS MX records, right?MX records are for incoming MAIL: yourdomain.com <http://yourdomain.com/> IN MX 100 mail1.yourdomain.com <http://server1.yourdomain.com/> yourdomain.com <http://yourdomain.com/> IN MX 100 mail2.yourdomain.com <http://mail2.yourdomain.com/> -> both priority 100 = 50/50 load balancing (globally, not when checked on a single resolver!) Then you need A Records (AAAA for ipv6) mail1.yourdomain.com IN A 192.168.10.1 mail2.yourdomain.com <http://mail2.yourdomain.com/> IN A 192.168.20.1 mail.yourdomain.com IN A 192.168.10.1 mail.yourdomain.com IN A 192.168.20.1 mail1/mail2 is for direct connection (MTAs) Your users (outlook, thunderbird, ...) connect to mail.yourdomain.com <http://mail.yourdomain.com/> which returns the two ip addresses. In this scenario MUA just connects to mail.yourdomain.com <http://mail.yourdomain.com/> and randomly uses one of the two ips. You can't control which one, but this gives you active/active loadbalancing. In case one server is down the MUA just uses the other ip. dsync replicates bi-directionally so that both servers are up-to-date. You don't need shared storage, every server is a copy of the other. If you want to use shared storage, then dsync is not for you because there is nothing to sync at that stage. I would use shared storage only if you need to have more than two servers. The above setup has no locking problems and is performant due to local filesystems. It depends on how many users you have and how much storage you need. You could buy two 2HE servers with 24 2.5" disks each (up to 96 with 4 HE), which may be sufficient for your needs.> User's mail store is running on shared storage, basically user's MUA connects to primary MX , the backup one is used once Primary is down.If you're not using Maildir beware of locking issues with concurrent access. It could crash indices.> It's a native HA of email system? I'll test those solution out.Yes, it works well with small setups. For big setups you'd typically use dovecot director, shared storage, object storage ... but you need more servers and it is way more complex and expensive. Best regards Gerald -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dovecot.org/pipermail/dovecot/attachments/20190411/8ccd0bd5/attachment-0001.html>
Gerald Galster via dovecot schrieb:> mail1.yourdomain.com <http://mail1.yourdomain.com> IN A 192.168.10.1 > mail2.yourdomain.com <http://mail2.yourdomain.com>?IN A 192.168.20.1 > > mail.yourdomain.com <http://mail.yourdomain.com> ?IN A 192.168.10.1 > mail.yourdomain.com <http://mail.yourdomain.com> ?IN A 192.168.20.1 > > > mail1/mail2 is for direct connection (MTAs) > > Your users (outlook, thunderbird, ...) connect to mail.yourdomain.com > <http://mail.yourdomain.com>?which returns the two ip addresses. > > In this scenario MUA just connects to mail.yourdomain.com > <http://mail.yourdomain.com>?and randomly uses one of the two ips. You > can't control which one, but this gives you active/active loadbalancing. > In case one server is down the MUA just uses the other ip.Are you sure that this is working? Regards Patrick -- Westenberg + Kueppers GbR Spanische Schanzen 37 ---- Buero Koeln ---- 47495 Rheinberg pwestenberg at wk-serv.de Tel.: +49 (0)2843 90369-06 http://www.wk-serv.de Fax : +49 (0)2843 90369-07 Gesellschafter: Sebastian Kueppers & Patrick Westenberg
On Thu, 11 Apr 2019 16:44:40 +0800 luckydog xf via dovecot <dovecot at dovecot.org> wrote:> Hi, list, > [...] > Thanks for any suggestions and ideas. >Hm, it seems most of the people answering have no real experience in production with suchs setups. Basically do this: - setup keepalived as a cluster director on both boxes for two VIP IPs where one is master for each and backup for the other. - configure keepalived to load-balance both servers on the services you want (e.g. SMTP, POP3, IMAP, POP3S, IMAPS, ...) - use a high persistence timeout so that the same client ends up mostly on the same service/box - you need several subnets to do this, so that your loadbalancing takes place on another subnet (not the external VIPs) - If either of the boxes fails, the other will take over the VIP and continue to serve the configured mail services, load-balancing will leave out the dead box This _will_ work in production, I promise, but you should be experienced with keepalived, arp, networking to do this setup. -- Regards, Stephan
On Thu, 11 Apr 2019 16:44:40 +0800 luckydog xf via dovecot <dovecot at dovecot.org> wrote:> Hi, list, > [...] > Thanks for any suggestions and ideas. >Hm, it seems most of the people answering have no real experience in production with suchs setups. Basically do this: - setup keepalived as a cluster director on both boxes for two VIPs where one is master for each and backup for the other. - configure keepalived to load-balance both servers on the services you want (e.g. SMTP, POP3, IMAP, POP3S, IMAPS, ...) - use a high persistence timeout so that the same client ends up mostly on the same service/box - you need several subnets to do this, so that your loadbalancing takes place on another subnet (not the external VIPs, neither the same subnet) - If either of the boxes fails, the other will take over the VIP and continue to serve the configured mail services, load-balancing will leave out the dead box This _will_ work in production, I promise, but you should be experienced with keepalived, arp, networking to do this setup. -- Regards, Stephan