director service tries to start without any configuration
Hello,
- Dovecot 2.3.18 (originally Dovecot 2.3.16, but upgraded in an attempt to fix issue)
- Ubuntu 20.04 using Dovecot repo
In my organization have run a cluster of dovecot proxy machines, with
the director service enabled in a transition period as we have
migrated all our users to do direct proxying to backend (e.g.
proxy=y, host=192.168.0.2
), bypassing the director service.
Now that all users have been migrated, it is time to disable the director service. However, even after removing all director configuration ("doveconf -n | grep director" returns nothing) and restarting the entire dovecot service (not just "doveadm reload"), the error log still spits out these errors:
2022-04-29T11:27:25+0200 director: Error: Empty server list 2022-04-29T11:27:25+0200 director: Fatal: Invalid value for director_mail_servers setting 2022-04-29T11:27:25+0200 master: Error: service(director): command startup failed, throttling for 60.000 secs
Why is this happening? It's not critical, and logins work fine without the director service running, but I'm trying to figure out why and stop the log noise.
doveconf stuff:
root@director03:~# doveconf -n | grep director # Hostname: director03
root@director03:~# doveconf -n # 2.3.18 (9dd8408c18): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.18 (0bc28b32) # OS: Linux 5.4.0-88-generic x86_64 Ubuntu 20.04.4 LTS # Hostname: director03 debug_log_path = /var/log/dovecot.log default_vsz_limit = 768 M disable_plaintext_auth = no doveadm_password = # hidden, use -P to show it doveadm_port = 24245 event_exporter log { format = json format_args = time-rfc3339 transport = log } imap_id_retain = yes info_log_path = /var/log/dovecot.log lmtp_add_received_header = no lmtp_proxy = yes log_path = /var/log/dovecot.err log_timestamp = "%FT%T%z " login_greeting = %{hostname} ready. login_log_format_elements = user=<%u> orig=<%{orig_user}> method=%m proto=%s rip=%r lip=%l session=<%{session}> %c %k login_proxy_max_disconnect_delay = 10 secs login_trusted_networks = <redacted> mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext metric auth_passdb_request_finished { filter = event=auth_passdb_request_finished AND category=service:auth group_by = service passdb_name result } passdb { args = /etc/dovecot/dovecot-redis.conf.ext auth_verbose = yes driver = dict name = redis override_fields = proxy=y } protocols = imap pop3 lmtp sieve service doveadm { inet_listener http { port = 8080 } } service imap-login { client_limit = 2048 executable = imap-login inet_listener imap { address = port = 143 } inet_listener imaps { address = port = 993 ssl = yes } process_limit = 32 process_min_avail = 16 service_count = 0 vsz_limit = 1 G } service lmtp { inet_listener lmtp { port = 24 } } service managesieve-login { client_limit = 1024 executable = managesieve-login inet_listener sieve { address = port = 4190 } process_limit = 2 process_min_avail = 1 service_count = 0 vsz_limit = 1 G } service pop3-login { client_limit = 2048 executable = pop3-login inet_listener pop3 { address = port = 110 } inet_listener pop3s { address = port = 995 ssl = yes } process_limit = 4 process_min_avail = 2 service_count = 0 vsz_limit = 1 G } service stats { client_limit = 65536 inet_listener http { port = 9900 } } ssl_cert = </etc/dovecot/wildcard.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it ssl_min_protocol = TLSv1 verbose_proctitle = yes protocol imap { mail_max_userip_connections = 25 } protocol pop { mail_max_userip_connections = 25 } local 127.0.0.0/8 { doveadm_password = # hidden, use -P to show it }
On 29/04/2022 12:37 Eirik Rye <rye@trojka.no> wrote:
Hello,
- Dovecot 2.3.18 (originally Dovecot 2.3.16, but upgraded in an attempt to fix issue)
- Ubuntu 20.04 using Dovecot repo
In my organization have run a cluster of dovecot proxy machines, with the director service enabled in a transition period as we have migrated all our users to do direct proxying to backend (e.g.
proxy=y, host=192.168.0.2
), bypassing the director service.Now that all users have been migrated, it is time to disable the director service. However, even after removing all director configuration ("doveconf -n | grep director" returns nothing) and restarting the entire dovecot service (not just "doveadm reload"), the error log still spits out these errors:
2022-04-29T11:27:25+0200 director: Error: Empty server list 2022-04-29T11:27:25+0200 director: Fatal: Invalid value for director_mail_servers setting 2022-04-29T11:27:25+0200 master: Error: service(director): command startup failed, throttling for 60.000 secs
Are you sure you do not have some script / monitoring still calling doveadm director
commands?
Aki
On 29/04/2022 11:44, Aki Tuomi wrote:
Are you sure you do not have some script / monitoring still calling
doveadm director
commands?Aki
Of course, you are very right. There is a Prometheus exporter running every minute. With the dovecot log stating "throttling for 60.000 secs", it really did look like it was dovecot trying to restart the service!
Thank you very much. I feel a bit silly now. I guess I was expecting a
doveadm
-related line in the error log.
-- Eirik
On 29/04/2022 11:37, Eirik Rye wrote:
doveconf stuff:
Apologies for the poor doveconf formatting. Trying again:
# 2.3.18 (9dd8408c18): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.18 (0bc28b32) # OS: Linux 5.4.0-88-generic x86_64 Ubuntu 20.04.4 LTS # Hostname: director03 debug_log_path = /var/log/dovecot.log default_vsz_limit = 768 M disable_plaintext_auth = no doveadm_password = # hidden, use -P to show it doveadm_port = 24245 event_exporter log { format = json format_args = time-rfc3339 transport = log } imap_id_retain = yes info_log_path = /var/log/dovecot.log lmtp_add_received_header = no lmtp_proxy = yes log_path = /var/log/dovecot.err log_timestamp = "%FT%T%z " login_greeting = %{hostname} ready. login_log_format_elements = user=<%u> orig=<%{orig_user}> method=%m proto=%s rip=%r lip=%l session=<%{session}> %c %k login_proxy_max_disconnect_delay = 10 secs login_trusted_networks = <redacted> mail_plugins = quota managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext metric auth_passdb_request_finished { filter = event=auth_passdb_request_finished AND category=service:auth group_by = service passdb_name result } passdb { args = /etc/dovecot/dovecot-redis.conf.ext auth_verbose = yes driver = dict name = redis override_fields = proxy=y } protocols = imap pop3 lmtp sieve service doveadm { inet_listener http { port = 8080 } } service imap-login { client_limit = 2048 executable = imap-login inet_listener imap { address = port = 143 } inet_listener imaps { address = port = 993 ssl = yes } process_limit = 32 process_min_avail = 16 service_count = 0 vsz_limit = 1 G } service lmtp { inet_listener lmtp { port = 24 } } service managesieve-login { client_limit = 1024 executable = managesieve-login inet_listener sieve { address = port = 4190 } process_limit = 2 process_min_avail = 1 service_count = 0 vsz_limit = 1 G } service pop3-login { client_limit = 2048 executable = pop3-login inet_listener pop3 { address = port = 110 } inet_listener pop3s { address = port = 995 ssl = yes } process_limit = 4 process_min_avail = 2 service_count = 0 vsz_limit = 1 G } service stats { client_limit = 65536 inet_listener http { port = 9900 } } ssl_cert = </etc/dovecot/wildcard.crt ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it ssl_min_protocol = TLSv1 verbose_proctitle = yes protocol imap { mail_max_userip_connections = 25 } protocol pop { mail_max_userip_connections = 25 } local 127.0.0.0/8 { doveadm_password = # hidden, use -P to show it }
-- Eirik
participants (2)
-
Aki Tuomi
-
Eirik Rye