Dovecot Director: Preferred backend server
Hi All
I have a dovecot cluster with directror and two IMAP Servers behind.
Since they are in geographical different locations I would like to have users to go to a specific IMAP backend server (if both are up) and only switch to the other if one goes down (failover).
As to my current knowledge the PassDB extra field „host=„ is not suitable in this case as it would never route the client to a different backend, even if the „user specific backend“ would be down.
Is their a way in dovecot to achive this? As far as I searched the documentation I could not find any information on this so far.
If not, it may also help if I could get certain users to „initially" go to a specific backend (since director usually routes a client/user to the same backend server it initially connects) and therefore it would be interesting to know how dovecot director chooses wether a user goes to server1 or server2? And if a client already gets to server2, how to bring it „back“ to server1?
thanks in advance, Steven
I have a dovecot cluster with directror and two IMAP Servers behind.
Since they are in geographical different locations I would like to have users to go to a specific IMAP backend server (if both are up) and only switch to the other if one goes down (failover).
As to my current knowledge the PassDB extra field „host=„ is not suitable in this case as it would never route the client to a different backend, even if the „user specific backend“ would be down.
Is their a way in dovecot to achive this? As far as I searched the documentation I could not find any information on this so far.
If not, it may also help if I could get certain users to „initially" go to a specific backend (since director usually routes a client/user to the same backend server it initially connects) and therefore it would be interesting to know how dovecot director chooses wether a user goes to server1 or server2? And if a client already gets to server2, how to bring it „back“ to server1?
Have you looked into HAProxy? Don't know if it the answer you seek but it allows for sticky connections and does keep alive checking to stop routing to a non-responsive server. https://www.haproxy.org/
HAProxy is fundamentally different as it operates on connections only, which is not what you usually want on IMAP Servers. Instead you want to route all connections from the same USER to the same server and for this you must have a layer-7 proxy like dovecot director.
The implication with something like HAProxy would be that a user may has severall connections from different devices (Desktop mailclinet, Smartphone, Tablet, etc.) and if these (indpendent) connections go to seperate backend servers, it will cause issues.
Am 30.08.2021 um 18:56 schrieb dovecot@ptld.com:
I have a dovecot cluster with directror and two IMAP Servers behind. Since they are in geographical different locations I would like to have users to go to a specific IMAP backend server (if both are up) and only switch to the other if one goes down (failover). As to my current knowledge the PassDB extra field „host=„ is not suitable in this case as it would never route the client to a different backend, even if the „user specific backend“ would be down. Is their a way in dovecot to achive this? As far as I searched the documentation I could not find any information on this so far. If not, it may also help if I could get certain users to „initially" go to a specific backend (since director usually routes a client/user to the same backend server it initially connects) and therefore it would be interesting to know how dovecot director chooses wether a user goes to server1 or server2? And if a client already gets to server2, how to bring it „back“ to server1?
Have you looked into HAProxy? Don't know if it the answer you seek but it allows for sticky connections and does keep alive checking to stop routing to a non-responsive server. https://www.haproxy.org/
Haven’t looked at this use case, so I’m unsure if there’s existing functionality to achieve this. If not: you could set the default vhost count of the failover server to 0, and up it once some health check sets the primary server to down.
Sent from mobile
Op 30 aug. 2021 om 18:11 heeft Steven Varco dovecot.org@bbs.varco.ch het volgende geschreven:
Hi All
I have a dovecot cluster with directror and two IMAP Servers behind.
Since they are in geographical different locations I would like to have users to go to a specific IMAP backend server (if both are up) and only switch to the other if one goes down (failover).
As to my current knowledge the PassDB extra field „host=„ is not suitable in this case as it would never route the client to a different backend, even if the „user specific backend“ would be down.
Is their a way in dovecot to achive this? As far as I searched the documentation I could not find any information on this so far.
If not, it may also help if I could get certain users to „initially" go to a specific backend (since director usually routes a client/user to the same backend server it initially connects) and therefore it would be interesting to know how dovecot director chooses wether a user goes to server1 or server2? And if a client already gets to server2, how to bring it „back“ to server1?
thanks in advance, Steven
Op 30 aug. 2021 om 18:11 heeft Steven Varco dovecot.org@bbs.varco.ch het volgende geschreven:
Hi All
I have a dovecot cluster with directror and two IMAP Servers behind.
Since they are in geographical different locations I would like to have users to go to a specific IMAP backend server (if both are up) and only switch to the other if one goes down (failover).
As to my current knowledge the PassDB extra field „host=„ is not suitable in this case as it would never route the client to a different backend, even if the „user specific backend“ would be down.
Is their a way in dovecot to achive this? As far as I searched the documentation I could not find any information on this so far.
If not, it may also help if I could get certain users to „initially" go to a specific backend (since director usually routes a client/user to the same backend server it initially connects) and therefore it would be interesting to know how dovecot director chooses wether a user goes to server1 or server2? And if a client already gets to server2, how to bring it „back“ to server1?
This is documented.
thanks in advance, Steven
On 30/08/2021 19:09 Steven Varco dovecot.org@bbs.varco.ch wrote:
Hi All
I have a dovecot cluster with directror and two IMAP Servers behind.
Since they are in geographical different locations I would like to have users to go to a specific IMAP backend server (if both are up) and only switch to the other if one goes down (failover).
As to my current knowledge the PassDB extra field „host=„ is not suitable in this case as it would never route the client to a different backend, even if the „user specific backend“ would be down.
Is their a way in dovecot to achive this? As far as I searched the documentation I could not find any information on this so far.
If not, it may also help if I could get certain users to „initially" go to a specific backend (since director usually routes a client/user to the same backend server it initially connects) and therefore it would be interesting to know how dovecot director chooses wether a user goes to server1 or server2? And if a client already gets to server2, how to bring it „back“ to server1?
thanks in advance, Steven
Hi!
Use dovecot director tag feature. You can match users with tag= to a specific backend@tag.
Aki
Hi Aki
Thanks for pointing out the tag feature which sound really interesting in the first place.
However, if I understand the documentation correctly:
With tags you can use a single director ring to serve multiple backend clusters. Each backend cluster is assigned a tag name, which can be anything you want. By default everything has an empty tag. A passdb lookup can return "director_tag" field containing the wanted tag name. If there aren't any backend servers with the wanted tag, it's treated the same as if there aren't any backend servers available (= wait for 30 secs for a backend and then return temporary failure).
As of my understanding, this only helps if there are multiple IMAP _clusters_ in the doveadm ring. In my case I have only one cluster (with two IMAP _servers_) and would want to go to a specific server, failing over to another if that is unavailable. Now if I have the following scenario:
# Director Server (DEV) root@lb01 [~] # doveadm director status mail server ip tag vhosts state state changed users mx01.example.com mx01 100 up - 0 mx02.example.com mx02 100 up - 1
# IMAP Server (DEV) root@mx01 [~] # doveadm user 'test@example.com' field value uid 1025 gid 12 home /srv/mail/example.com/test mail maildir:~/Maildir maildir example.com/test/ mail_home /srv/mail/example.com/test quota_rule *:storage=20480 sieve_dir /srv/mail/example.com/test/sieve director_tag mx01
Than user 'test@example.com‘ would go to the backend host mx01.example.com, BUT, if mx01.example.com goes down, it would probably fail, because user 'test@example.com‘ wants tag „mx01“, which is now down and the only server with that tag?
By the way, I did a quick live test and it does not even seem to work, when both hosts are up, failing with the log entry on the dovecot server: Aug 31 11:11:11 lb01 dovecot: director: Error: director: User test@example.com host lookup failed: Timeout because no hosts - queued for 30 secs (Ring synced for 385 secs, hash=1561836376)
Do see what I’m missing out here? Using dovecot 2.2.36 (1f10bfa63) on both the directror and IMAP backend.
thanks, Steven
Am 30.08.2021 um 19:20 schrieb Aki Tuomi aki.tuomi@open-xchange.com:
On 30/08/2021 19:09 Steven Varco dovecot.org@bbs.varco.ch wrote:
Hi All
I have a dovecot cluster with directror and two IMAP Servers behind.
Since they are in geographical different locations I would like to have users to go to a specific IMAP backend server (if both are up) and only switch to the other if one goes down (failover).
As to my current knowledge the PassDB extra field „host=„ is not suitable in this case as it would never route the client to a different backend, even if the „user specific backend“ would be down.
Is their a way in dovecot to achive this? As far as I searched the documentation I could not find any information on this so far.
If not, it may also help if I could get certain users to „initially" go to a specific backend (since director usually routes a client/user to the same backend server it initially connects) and therefore it would be interesting to know how dovecot director chooses wether a user goes to server1 or server2? And if a client already gets to server2, how to bring it „back“ to server1?
thanks in advance, Steven
Hi!
Use dovecot director tag feature. You can match users with tag= to a specific backend@tag.
Aki
From dovecot director point of view it does not make any difference if your imap clusters have only one server each. mail_hosts takes IP addresses, DNS names whatever, and you can assign tag per host if you want.
And yes, if you have only one server for a tag, then your clients are denied access.
Aki
On 31/08/2021 12:28 Steven Varco dovecot.org@bbs.varco.ch wrote:
Hi Aki
Thanks for pointing out the tag feature which sound really interesting in the first place.
However, if I understand the documentation correctly:
With tags you can use a single director ring to serve multiple backend clusters. Each backend cluster is assigned a tag name, which can be anything you want. By default everything has an empty tag. A passdb lookup can return "director_tag" field containing the wanted tag name. If there aren't any backend servers with the wanted tag, it's treated the same as if there aren't any backend servers available (= wait for 30 secs for a backend and then return temporary failure).
As of my understanding, this only helps if there are multiple IMAP _clusters_ in the doveadm ring. In my case I have only one cluster (with two IMAP _servers_) and would want to go to a specific server, failing over to another if that is unavailable. Now if I have the following scenario:
# Director Server (DEV) root@lb01 [~] # doveadm director status mail server ip tag vhosts state state changed users mx01.example.com mx01 100 up - 0 mx02.example.com mx02 100 up - 1
# IMAP Server (DEV) root@mx01 [~] # doveadm user 'test@example.com' field value uid 1025 gid 12 home /srv/mail/example.com/test mail maildir:~/Maildir maildir example.com/test/ mail_home /srv/mail/example.com/test quota_rule *:storage=20480 sieve_dir /srv/mail/example.com/test/sieve director_tag mx01
Than user 'test@example.com‘ would go to the backend host mx01.example.com, BUT, if mx01.example.com goes down, it would probably fail, because user 'test@example.com‘ wants tag „mx01“, which is now down and the only server with that tag?
By the way, I did a quick live test and it does not even seem to work, when both hosts are up, failing with the log entry on the dovecot server: Aug 31 11:11:11 lb01 dovecot: director: Error: director: User test@example.com host lookup failed: Timeout because no hosts - queued for 30 secs (Ring synced for 385 secs, hash=1561836376)
Do see what I’m missing out here? Using dovecot 2.2.36 (1f10bfa63) on both the directror and IMAP backend.
thanks, Steven
Am 30.08.2021 um 19:20 schrieb Aki Tuomi aki.tuomi@open-xchange.com:
On 30/08/2021 19:09 Steven Varco dovecot.org@bbs.varco.ch wrote:
Hi All
I have a dovecot cluster with directror and two IMAP Servers behind.
Since they are in geographical different locations I would like to have users to go to a specific IMAP backend server (if both are up) and only switch to the other if one goes down (failover).
As to my current knowledge the PassDB extra field „host=„ is not suitable in this case as it would never route the client to a different backend, even if the „user specific backend“ would be down.
Is their a way in dovecot to achive this? As far as I searched the documentation I could not find any information on this so far.
If not, it may also help if I could get certain users to „initially" go to a specific backend (since director usually routes a client/user to the same backend server it initially connects) and therefore it would be interesting to know how dovecot director chooses wether a user goes to server1 or server2? And if a client already gets to server2, how to bring it „back“ to server1?
thanks in advance, Steven
Hi!
Use dovecot director tag feature. You can match users with tag= to a specific backend@tag.
Aki
participants (4)
-
Aki Tuomi
-
dovecot@ptld.com
-
Steven Varco
-
William Edwards