Brandon, I just fail to see why adding more complexity, and essentially making $9K load balancers redundant, is the way of the future, Timo has said its very safe for index's if non dovecot programs write to the maildir, so why the hell is it deliberately left risky using dovecots deliver, I've seen this all before in other setups/software, adding extras that depend on this that and whatever, to make it nifty and play nice when it can be done a simpler way, and it always leads to higher downtime in the end, hence my refusal to go the director way, the simplest and easiest out is to stop using deliver and use postfix's virtual which is what Ill look at if it gives us problems that way there will be no risk (according to Timo) and without added programs running and depending on each other, thus keeping our points of failure low which is why our mail servers have not had one single bit of downtime since I took over.
point in case is with hte OP's initial comment:
"if director service assign 60K user to each front end, how it handle if 5K simultaneous user login, but all 5K happen to be assign to that one machine, it do all work whilst other 7 server sit there do nothing negating what the LB is design for?"
makes perfect sense if he is that big that it assings 60K to each director that in peak periods theres a real risk, no mater how low, that everyone logging in, is in one particular directors list, flooring that box with I/O whilst his others sit there with one or two users on it.
I really thought we got over the NFS corruption stuff when Daniel wrote Maildir ... *sigh*
On Thu, 2010-08-26 at 22:28 -0700, Brandon Davidson wrote:
Noel,
On 8/26/10 9:59 PM, "Noel Butler" noel.butler@ausics.net wrote:
I fail to see advantage if anything it add in more point of failure, with
i agree with this and it is why we dont use it
we use dovecots deliver with postfix and have noticed no problems, not to say there was none, but if so, we dont notice it.
We might be a slightly larger install than you (60k users, mail on FAS 3170 Metrocluster), but we have noticed corruption issues and the director is definitely going to see use in our shop. We still use Sendmail+procmail for delivery, so no issue there... but we've got hordes of IMAP users that will leave a client running at home, at their desk, on their phone, and then will use Webmail on their laptop.
Without the director, all of these sessions end up on different backend mailservers, and it's basically a crapshoot which Dovecot instance notices a new message first. NFS locking being what it is, odds are an index will get corrupted sooner or later, and when this happens the user's mail 'disappears' until Dovecot can reindex it. The users inevitably freak out and call the helpdesk, who tells them to close and reopen their mail client. Maybe you're small enough to not run into problems, or maybe your users just have lower expectations or a higher pain threshold than ours. Either way, it's unpleasant for everyone involved, and quite easy to solve with the director proxy.
Timo has been saying for YEARS that you need user-node affinity if you're doing NFS, and now he's done something about it. If you've already got a load balancer, then just point the balancer at a pool of directors, and then point the directors at your existing mailserver pool.
<shameless plug> For health monitoring on the directors, check out: http://github.com/brandond/poolmon </shameless plug>
-Brad