High availability of Dovecot
Hi, list,
I'm going to deploy postfix + dovecot + CephFS( as Mail Storage).Basically I want to use two servers for them, which is kind of HA.
My idea is that using keepalived or Pacemaker to host a VIP, whichcould fail over the other server once one is down. And I'll use Haproxy or Nginx to schedule connections to one of those server based on source IP( Session stickiness), I'll use VIP as DNS record.etc, is my plan doable?
I know MX could be server ones with different priority. But I think it brings along shortage that DNS couldn't know Email server is up or down, it just returns results to MUA, right?
Thanks for any suggestions and ideas.
-Le 11 avr. 2019 à 10:44, luckydog xf via dovecot dovecot@dovecot.org a écrit :
Hi, list,
I'm going to deploy postfix + dovecot + CephFS( as Mail Storage). Basically I want to use two servers for them, which is kind of HA. My idea is that using keepalived or Pacemaker to host a VIP, which could fail over the other server once one is down. And I'll use Haproxy or Nginx to schedule connections to one of those server based on source IP( Session stickiness), I'll use VIP as DNS record.etc, is my plan doable?I know MX could be server ones with different priority. But I think it brings along shortage that DNS couldn't know Email server is up or down, it just returns results to MUA, right?
Thanks for any suggestions and ideas.
-
If you just want HA and don't have scalability issue, the simplest solution is probably to deploy your mail stack on 2 servers, and use pacemaker to make sure it run only on one at once (with a VIP managed by pacemaker too).
For the storage, if you have a SAN, go with it, else you may use local DRBD partition with replication on the standby server.
I'm going to deploy postfix + dovecot + CephFS( as Mail Storage). Basically I want to use two servers for them, which is kind of HA.
you may consider dovecot's builtin dsync replication which works great with two servers (while there still is one little bug that may duplicate mails upon deletion with pop3 only under specific conditions)
My idea is that using keepalived or Pacemaker to host a VIP, which could fail over the other server once one is down. And I'll use Haproxy or Nginx to schedule connections to one of those server based on source IP( Session stickiness), I'll use VIP as DNS record.etc, is my plan doable?I know MX could be server ones with different priority. But I think it brings along shortage that DNS couldn't know Email server is up or down, it just returns results to MUA, right?
DNS just returns your servers' ip addresses/mx records and does not know if they are up or down. You could combine that with an external monitoring system that modifies your dns entries but this is overkill (keep ttl in mind). DNS resolvers return records in a round robin fashion so that you get 50/50 active/active loadbalancing. SMTP does cope with delivery errors very well (e.g. greylisting is a temporary delivery error). MTAs just connect to the second MX and try to deliver the mail. Even MUAs like Outlook, Apple Mail or Thunderbird are capable to use more than one ip - if the connection fails they connect to the second ip returned via DNS, without any user interaction.
Best regards Gerald
On 11.4.2019 11.44, luckydog xf via dovecot wrote:
Hi, list,
I'm going to deploy postfix + dovecot + CephFS( as Mail Storage). Basically I want to use two servers for them, which is kind of HA. My idea is that using keepalived or Pacemaker to host a VIP, which could fail over the other server once one is down. And I'll use Haproxy or Nginx to schedule connections to one of those server based on source IP( Session stickiness), I'll use VIP as DNS record.etc, is my plan doable?
I know MX could be server ones with different priority. But I think it brings along shortage that DNS couldn't know Email server is up or down, it just returns results to MUA, right?
Thanks for any suggestions and ideas.
-
You could use dovecot configured as director in the front, it would assign users to backends and maintain that to avoid accessing same users on two backends.
Aki
While possible it probably overkill. A simple failover proxy is enough unless he requires a active-active setup.
On 11.04.19 11:54, Aki Tuomi via dovecot wrote:
On 11.4.2019 11.44, luckydog xf via dovecot wrote:
Hi, list,
I'm going to deploy postfix + dovecot + CephFS( as Mail Storage). Basically I want to use two servers for them, which is kind of HA. My idea is that using keepalived or Pacemaker to host a VIP, which could fail over the other server once one is down. And I'll use Haproxy or Nginx to schedule connections to one of those server based on source IP( Session stickiness), I'll use VIP as DNS record.etc, is my plan doable?
I know MX could be server ones with different priority. But I think it brings along shortage that DNS couldn't know Email server is up or down, it just returns results to MUA, right?
Thanks for any suggestions and ideas.
-
You could use dovecot configured as director in the front, it would assign users to backends and maintain that to avoid accessing same users on two backends.
Aki
On Thu, 11 Apr 2019 16:44:40 +0800 luckydog xf via dovecot dovecot@dovecot.org wrote:
Hi, list, [...] Thanks for any suggestions and ideas.
Hm, it seems most of the people answering have no real experience in production with suchs setups. Basically do this:
- setup keepalived as a cluster director on both boxes for two VIP IPs where one is master for each and backup for the other.
- configure keepalived to load-balance both servers on the services you want (e.g. SMTP, POP3, IMAP, POP3S, IMAPS, ...)
- use a high persistence timeout so that the same client ends up mostly on the same service/box
- you need several subnets to do this, so that your loadbalancing takes place on another subnet (not the external VIPs)
- If either of the boxes fails, the other will take over the VIP and continue to serve the configured mail services, load-balancing will leave out the dead box This _will_ work in production, I promise, but you should be experienced with keepalived, arp, networking to do this setup.
-- Regards, Stephan
On Thu, 11 Apr 2019 16:44:40 +0800 luckydog xf via dovecot dovecot@dovecot.org wrote:
Hi, list, [...] Thanks for any suggestions and ideas.
Hm, it seems most of the people answering have no real experience in production with suchs setups. Basically do this:
- setup keepalived as a cluster director on both boxes for two VIPs where one is master for each and backup for the other.
- configure keepalived to load-balance both servers on the services you want (e.g. SMTP, POP3, IMAP, POP3S, IMAPS, ...)
- use a high persistence timeout so that the same client ends up mostly on the same service/box
- you need several subnets to do this, so that your loadbalancing takes place on another subnet (not the external VIPs, neither the same subnet)
- If either of the boxes fails, the other will take over the VIP and continue to serve the configured mail services, load-balancing will leave out the dead box This _will_ work in production, I promise, but you should be experienced with keepalived, arp, networking to do this setup.
-- Regards, Stephan
participants (7)
-
Aki Tuomi
-
Gerald Galster
-
Jan Bramkamp
-
Jean-Daniel Dupas
-
luckydog xf
-
Stephan von Krawczynski
-
Stephan von Krawczynski