[Dovecot] nfs director

Cor Bosman cor at xs4all.nl
Sat Aug 28 10:18:49 EEST 2010


Noel, I think you just dont quite understand the problem the director is
solving. 

The issue is that NFS is not lock-safe over multiple servers. We have 35
imap servers accessing a central NFS cluster. (we have over a million
mailboxes) We offer IMAP to end user clients, and through webmail. This means
that users are more and more likely to have multiple mail clients open.

1) they have a mail client open at home, lets say Thunderbird or OSX Mail.
   When they go to work they leave it on, so the software keeps looking for
   mail.

2) At work, they open webmail, so they can access their private email through
   their companies firewall. They leave this webmail session open in a 
   browser tab. 

3) They also have an iphone, and it's continuously checking their mail as well.

This is not farfetched. This is normal behavior when you start offering
IMAP access. 

We of course have a hardware loadbalancer (foundry) that directs incoming
connections. But this loadbalancer does not know the 3 connections above
are from the same user. So each gets directed to a different imap server.

All these 3 sessions want to update the index files. (im current not including
dovecot LDA, which also wants to update the index files). Because of issues
inherent in NFS, the 3 imap servers that handle these connections may all
think they have an exclusive lock. They may end up writing to the index files
at the same time because of this. So the end result is a corrupt index file,
which causes problems in the clients. The chances of this happening get
higher as you have more users and more servers.

Now there is a workaround. NFS locking can be made to work better if all
processes trying to access the NFS indexes are on the same machine. So
if all 3 clients in the above example happen to end up on the same imap
server, there wouldnt be a problem. That imap server can safely say
'sorry, you cant write to the index file right now, another process is
already writing to it'.  

What the dovecot director is doing is ensuring that sessions from the same
user all get directed to the same imap server, so NFS locking works safely.

I wish my foundry could do this, so I wouldnt need the director, but alas,
it cant. If you operate a situation like im describing above, you WILL need
the director, or accept that your users may run into problems reading their
mail. 

If you dont see this problem, you either are not running the same situation
im describing, or you do have this problem but just dont know :) I am
very happy that Timo implemented this, so those of us that run this setup
and are experiencing this issue, have a way to work around it.

Regards,

Cor


More information about the dovecot mailing list