[Dovecot] Providing shared folders with multiple backend servers

Sven Hartge sven at svenhartge.de
Wed Jan 11 14:50:54 EET 2012


Sven Hartge <sven at svenhartge.de> wrote:

> I am currently in the planning stage for a "new and improved" mail
> system at my university.

OK, executive summary of the design ideas so far:

- deployment of X (starting with 4, but easily scalable) virtual servers
  on VMware ESX

- storage will be backed by a RDM on our iSCSI SAN.
  + main mailbox storage will be on 15k SAS6 600GB disks
  + backup rsnapshot storage will be on 7.2k SAS6 2TB disks

- XFS filesystem on LVM, allowing easy local snapshots for rsnapshot

- sharing folders from one user to another is not needed

- central public shared folders reside on its own storage server and are
  accessed through the imapc-backend configured for the "#shared."-namespace
  (needs dovecot 2.1~rc3 or higher)

- mdbox with compression (23h lifetime, 50MB max size)

- quota in MySQL, allowing my MXes to check the quota for a user
  _before_ accepting any mail for him. This is a much needed feature,
  currently not possible and thus leading to backscatter right now.

- + Backup with bacula for file level backup every 24 hours (120 days
    retention)
  + rsnapshot to node local backup space for easier access (14 days
    retention)
  + possibly SAN-based remote snapshots to different storage tier.


Because sharing a RDM (or VMDK) with multiple VMs pins the VM to an ESX
server and prohibits HA and DRS in the ESX cluster and because of my bad
experience with cluster FS I want to avoid one and use only local
storage for the personal mailboxes of the users.

Each user is fixed to one server, routing/redirecting of IMAP/POP3
connections happens via perdition (popmap feature via LDAP lookup) in a
frontend server (this component is already working since some 3-ish
years).

So each node is isolated from the other nodes, knows only its users and
does not care about users on other nodes. This prevents usage of the
dovecot director, which only works if all nodes are able to access all
mailboxes (correct?)

I am aware this creates a SPoF for an 1/X portion of my users in the
case of a VM failure, but this is deemed acceptable, since the use of
VMs will allow me to quickly deploy a new one and reattach the RDM.
(And if my whole iSCSI storage or ESX cluster fails, I have other,
bigger problems than a non-functional mail system.)

Comments?

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.



More information about the dovecot mailing list