[Dovecot] Possible to split message store location?
We have a few dovecot servers all pointing to the same mail location (an NFS mount on a NAS drive).
This could lead to a possible bottleneck eventually and we were wondering if it's possible to have dovecot direct x number of users to one message store location while others get their mail on a different mount?
On Wed, 22 Sep 2010 23:03:58 -0400, Edward Carraro ednitido@gmail.com wrote:
This could lead to a possible bottleneck eventually and we were wondering if it's possible to have dovecot direct x number of users to one message store location while others get their mail on a different mount?
You can set a different maildir (or home location) in your userdb which points to a different mountpoint.
On 23/sep - 08:17, Patrick Westenberg wrote:
On Wed, 22 Sep 2010 23:03:58 -0400, Edward Carraro ednitido@gmail.com wrote:
This could lead to a possible bottleneck eventually and we were wondering if it's possible to have dovecot direct x number of users to one message store location while others get their mail on a different mount?
You can set a different maildir (or home location) in your userdb which points to a different mountpoint.
Ok, and then how to get back emails when reading from IMAP, when emails are split in different places ?
Pierre schrieb:
On 23/sep - 08:17, Patrick Westenberg wrote:
You can set a different maildir (or home location) in your userdb which points to a different mountpoint.
Ok, and then how to get back emails when reading from IMAP, when emails are split in different places ?
It works the same way. If a maildir is stored in the userdb and queried from the user_query, it overrides the mail_location set in your configuration file.
On 24/sep - 14:55, Patrick Westenberg wrote:
Pierre schrieb:
On 23/sep - 08:17, Patrick Westenberg wrote:
You can set a different maildir (or home location) in your userdb which points to a different mountpoint.
Ok, and then how to get back emails when reading from IMAP, when emails are split in different places ?
It works the same way. If a maildir is stored in the userdb and queried from the user_query, it overrides the mail_location set in your configuration file.
Yes, but I'm thinking about putting mails in different places, for instance:
unread mails are delivered to server1 read mails go to server2 old mails go to server3...
question 1: can we set more than one alternative storage place (cf alternative_storage in dovecot wiki) ? question 2: can we split deliver, then ?
I read something about replication, but does not feet my needs. Also, delivering in other places is not a pb, the issue resides in fetching the good emails. May I do it using namespaces ? How ?
On Fri, 2010-09-24 at 15:55 +0200, Pierre wrote:
Yes, but I'm thinking about putting mails in different places, for instance:
unread mails are delivered to server1 read mails go to server2 old mails go to server3...
question 1: can we set more than one alternative storage place (cf alternative_storage in dovecot wiki) ?
No.
question 2: can we split deliver, then ?
New mails are always delivered to primary storage.
Also this works only when using dbox storage format, it won't work for maildir.
Edward Carraro put forth on 9/22/2010 10:03 PM:
We have a few dovecot servers all pointing to the same mail location (an NFS mount on a NAS drive).
This could lead to a possible bottleneck eventually and we were wondering if it's possible to have dovecot direct x number of users to one message store location while others get their mail on a different mount?
There are better ways to solve a storage bottleneck than trying to split user mailboxes across different storage back ends at the IMAP server (application) level. The most obvious is tweaking, upgrading, or wholesale replacing the storage infrastructure, not just slapping another NAS box on the network and splitting users. Doing what you are asking is a bandaid, not a good permanent solution, IMO. If you're going to add another NAS box, get a decent unit that is sufficiently expandable (disks and ports) and just migrate the entire mail store to it. For that matter, if your skill set is up to it, you could build your own Linux NFS server better and cheaper.
Could you give us more details as to why you believe you have a storage bottleneck looming? Are you unable to add disks to the current NAS box to increase spindle performance and total space? Given it's 2010, I'm assuming your NAS device has at least 2 GigE ports and you are doing link aggregation/port bonding with the quality managed switch it's connected too.
That should give you ~200 MB/s full duplex bandwidth and decent packet latency, which is more than sufficient for a half dozen or more dovecot cluster servers and a couple thousand users--assuming the NAS device isn't a piece of junk.
So exactly where is this looming bottleneck?
-- Stan
On 2010-09-23 3:08 AM, Stan Hoeppner stan@hardwarefreak.com wrote:
Given it's 2010, I'm assuming your NAS device has at least 2 GigE ports and you are doing link aggregation/port bonding with the quality managed switch it's connected to
Stan - if you don't mind an OT question...
Given your obvious expertise in the Enterprise Storage arena (enjoyed reading some of your past posts on the subject, though much of it was over my head) - what would you recommend as a 'quality managed switch' that doesn't break the bank? I'd like to get one that doesn't require a CISCO CCNA to configure/manage (relatively easy to understand Web UI)...
All I'm looking for is a way to provide some separate VLANs with ACLs - specifically, I need one VLAN that is our general internal LAN, one VLAN that is totally segregated (to provide Guest Wireless internet-only access), and one VLAN for our Accountants, that blocks access from other workstations on the internal network, but allows the users on it to access resources on the internal network.
Thanks,
--
Best regards,
Charles
Charles Marcus put forth on 9/23/2010 6:57 AM:
Stan - if you don't mind an OT question...
I'll give it a shot.
Given your obvious expertise in the Enterprise Storage arena (enjoyed reading some of your past posts on the subject, though much of it was over my head) - what would you recommend as a 'quality managed switch' that doesn't break the bank? I'd like to get one that doesn't require a CISCO CCNA to configure/manage (relatively easy to understand Web UI)...
Experience with enterprise storage doesn't necessarily make one an ethernet switch expert, especially considering that the vast majority of my storage network experience is with fiber channel networks. Fiber channel switch configuration and management has little, if anything, in common with ethernet. I do have a little ethernet experience, as most IT folk do. But WRT iSCSI SANs, the few I've done used dedicated switches on a separate storage network, so there was no reason to implement VLANs. My VLAN experience is rather limited.
All I'm looking for is a way to provide some separate VLANs with ACLs - specifically, I need one VLAN that is our general internal LAN, one VLAN that is totally segregated (to provide Guest Wireless internet-only access), and one VLAN for our Accountants, that blocks access from other workstations on the internal network, but allows the users on it to access resources on the internal network.
It sounds like you're attempting to solve a security problem with a technology primarily designed to allow moving equipment from one network segment to another--VLAN. VLANs function primarily at OSI layer 2. The only ACL functionality here is based on MAC addresses. In your "guest wireless" case, VLANs gain you almost nothing. What a VLAN _can_ give you in this case is the ability to restrict a given layer 3 IP subnet to one VLAN which only has access to the the wireless APs and internet router.
_However_, you can do the same thing with an IP router and proper use of DCHP. You can also do the same for the internal networks you mentioned, with a router and DHCP. It seems that using VLANs to solve your problem is a "poor rich man's" solution. By that I mean VLANs are a "poor" technical solution in this case, and you must be "rich" to buy all the layer 2 gear vs. implementing a single router, which can be a Linux server with iptables rules and a dhcpd running on it. This would also give you much richer functionality and control.
In summary, you don't need VLAN capable switches to do what you want, and if you went this route, it's a suboptimal solution. An IP router/dchp server can do the job better and with much greater flexibility/functionality.
The one hitch in all of this is that you'll need two different WEP/WAP keys assigned to each AP, and the combination of the AP and DHCP server will need to assign an IP from the proper subnet pool to regular users and guest users based on which key they auth with. I've never set this up before but I know it can be done as colleagues have done it. It may or may not require replacing all of your current APs. It depends on whether your APs can do multiple keys and subnets.
Acquiring VLAN capable managed switched with an easy to use GUI is the least of your worries Charles. The difficult aspect of setting up what you want to do is in the education and planning stage. Whether the gear you end up using has a GUI or not is the least of your worries. :(
What you describe is not an easy setup at all. And it can't be solved with better switches. Your DHCP server will play a big role in this. If you choose to go the VLAN switch route, you will most likely need to replace all your APs with new units that do VLANs, and it would probably be a very smart idea to get the APs and switches from the same vendor.
Or, you can just put in a new router/dhcp server and be done with all this. The learning curve here could be just as steep, but you'd save a boat load of cash compared to replacing all your switches and APs.
-- Stan
On 9/23/2010 7:55 PM, Stan Hoeppner wrote:
Charles Marcus put forth on 9/23/2010 6:57 AM:
Stan - if you don't mind an OT question...
I'll give it a shot.
<snip>
Thanks Stan - good comments and will take some time to digest...
participants (6)
-
Charles Marcus
-
Edward Carraro
-
Patrick Westenberg
-
Pierre
-
Stan Hoeppner
-
Timo Sirainen