On Fri, 2011-09-09 at 19:33 -0700, Paul B. Henson wrote:
default_pass_scheme = PLAIN
Uhg i'll pretend I didnt see that :)
According to the sample SQL configuration file "HA / round-robin load-balancing is supported by giving multiple host settings, like: host=sql1.host.org host=sql2.host.org".
However, as far as I can tell dovecot only connects to the first listed host, and processes all queries through it, there does not appear to be any load-balancing going on.
I suspect the wording here is incorrect, its just a failover AFAIK, it only hits the first entry failing to second if no response. HA would be like running a mysql slave on all the front ends failing over to the master on your CRM server etc, which is what I do and suggest, having just one master server, after all, dovecot and postfix just need to read, not alter/update/insert etc.
That's not necessarily a dealbreaker; however, high-availability does not appear to be working either.
If I shutdown the first mysql server, dovecot starts to log connection failures:
Sep 9 15:47:34 tweak dovecot: auth: Error: mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - waiting for 1 seconds before retry
Sep 9 15:47:39 tweak dovecot: auth: Error: mysql(mysql-1.unx.csupomona.edu): Connect failed to database (idmgmt): Can't connect to MySQL server on 'mysql-1.unx.csupomona.edu' (111) - waiting for 25 seconds before retry
yep thats correct because it has " gone away" but it still uses the second host immediately, thats just dovecot trying to re-establish its link with primary
And postfix starts to fail authentications:
err postfix is not dovecot, you need to also add failover in postfix's sql lookup commands hosts = unix:/var/run/mysql/mysql.sock 10.10.10.2 (assuming .2 is your master sql server)
Resulting in a complete unavailability of smtp service, not just unavailability of authenticated services.
You could have a higher sec mx smtp box that uses postfix for virtual transport for cases of if dovecot is unavailable, this of course means storing partial paths in your mail db, for use only by that one non-behind-load-balancer separated sec mx, of course this wont solve users issue of sending unless you have multiple smtp behind a load balancer, but allows for inbound still, depends on how big your setup (and budget) is or can be :)
(note: I talk of load balancer as in real hardware device, not as in pretend LB's as in software)
Does the example sql config have incorrect information?
I suspect so.
