Discussion:
Postfix active/active mail cluster
joe digital
2008-03-22 20:29:01 UTC
Permalink
Hi, We would like to build a postfix & Dovecot active/active mail cluster with a shared data backend (ocfs2 or gfs). Has anyone done this with or without the use of front end load balancers (done with DNS?). If so can you let me know if there is any documentation out there or email threds explaining this proccess or setup?


thank you,


____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
Mehmet CELIK
2008-03-22 23:14:18 UTC
Permalink
Hi, of course, you can do this. so, each node on *LVS will respond active. But, this is different from storage subject. The IMAP don't be problem. But, the SMTP can be a problem. Because, you have dynamic ip on the RBL checks. For this, you must use smtp gateway. All outgoing smtp traffic must be from a single IP.

LVS: Linux Virtual Server
-- Mehmet CELIKIstanbul/TURKEY


Date: Sat, 22 Mar 2008 13:29:01 -0700From: ***@yahoo.comTo: linux-***@redhat.comSubject: [Linux-cluster] Postfix active/active mail cluster




Hi, We would like to build a postfix & Dovecot active/active mail cluster with a shared data backend (ocfs2 or gfs). Has anyone done this with or without the use of front end load balancers (done with DNS?). If so can you let me know if there is any documentation out there or email threds explaining this proccess or setup?


thank you,

Never miss a thing. Make Yahoo your homepage.
_________________________________________________________________
Test your Star IQ
http://club.live.com/red_carpet_reveal.aspx?icid=redcarpet_HMTAGMAR
Gordan Bobic
2008-03-23 01:33:36 UTC
Permalink
Post by Mehmet CELIK
Hi, of course, you can do this. so, each node on *LVS will respond
active.
Not much point - DNS load balancing works just fine for a mail server.
Or you can use the cluser resource manager to migrate the IP of a downed
node to another node.
Post by Mehmet CELIK
But, this is different from storage subject. The IMAP don't be
problem. But, the SMTP can be a problem. Because, you have dynamic ip on
the RBL checks. For this, you must use smtp gateway. All outgoing smtp
traffic must be from a single IP.
I don't remember anyone saying that dynamic IPs are used. Just because
the mail cluster has a different IP for each host doesn't make them
dynamic. RBLs that block dynamic IPs largely only block
dial-up/broadband dynamic IP ranges, and I don't thing the original
poster ever suggested that this is the sort of range the mail cluster
he's building will be on.

There is no RFC that states that all mail from a domain must come from
one IP. Having multi-homed mail servers with multiple IPs is perfectly
RFC compliant. Google do it, for example, as do many other mail service
providers. The main issue with this is that there are people who use
fundamentally broken anti-spam measures like greylisting, which fall
over flat on their face when consecutive delivery attempts come from
different IPs. Breaking your mail cluster scalability to work around
someone's broken mail system is, IMO, not the correct solution.

However, as I mentioned in the other post on this thread, if you make
the mail spool local rather than shared, then the outgoing mail will not
bounce between the nodes - it will remain on the same node until
successfully delivered (or bounced). This works around the problem of
broken mail systems.

Gordan
Mehmet CELIK
2008-03-23 09:00:00 UTC
Permalink
This post might be inappropriate. Click to display it.
Gordan Bobic
2008-03-23 14:18:10 UTC
Permalink
As I said, I wouldn't bother with LVS, but there's no harm in doing so.
It just means you either have to use a fail-over pair of load balancers
in front of your mail cluster, or have each machine in the mail cluster
act as a fail-over load balancer and distribute connections to all the
machines (including itself). It just sounds like an unnecessary
complication.

And the outgoing mail going through a smart-host is a bottleneck on a
properly tuned system - it means that you have multiple machines to
handle incoming mail, but only one to handle outgoing mail. An "equal
peers" solution is far more scaleable.

Gordan
Post by Mehmet CELIK
Thanx for information. Just, I said be carrefull. My organization is below.
LVS -> 78.189.X.X {25,143}
MAIL1 -> 78.189.X.X {25,143}
MAIL2 -> 78.189.X.X {25,143}
MAIL3 -> 78.189.X.X {25,143}
SMTPGW -> 78.189.Y.Y {All outgoing traffic}
sh $ host -t ptr 78.189.Y.Y
Y.Y.189.78.in-addr.arpa domain name pointer xxxx.exampledomain.com
--
Mehmet CELIK
Istanbul/TURKEY
Post by Mehmet CELIK
Date: Sun, 23 Mar 2008 01:33:36 +0000
Subject: Re: [Linux-cluster] Postfix active/active mail cluster
Post by Mehmet CELIK
Hi, of course, you can do this. so, each node on *LVS will respond
active.
Not much point - DNS load balancing works just fine for a mail server.
Or you can use the cluser resource manager to migrate the IP of a downed
node to another node.
Post by Mehmet CELIK
But, this is different from storage subject. The IMAP don't be
problem. But, the SMTP can be a problem. Because, you have dynamic
ip on
Post by Mehmet CELIK
Post by Mehmet CELIK
the RBL checks. For this, you must use smtp gateway. All outgoing smtp
traffic must be from a single IP.
I don't remember anyone saying that dynamic IPs are used. Just because
the mail cluster has a different IP for each host doesn't make them
dynamic. RBLs that block dynamic IPs largely only block
dial-up/broadband dynamic IP ranges, and I don't thing the original
poster ever suggested that this is the sort of range the mail cluster
he's building will be on.
There is no RFC that states that all mail from a domain must come from
one IP. Having multi-homed mail servers with multiple IPs is perfectly
RFC compliant. Google do it, for example, as do many other mail service
providers. The main issue with this is that there are people who use
fundamentally broken anti-spam measures like greylisting, which fall
over flat on their face when consecutive delivery attempts come from
different IPs. Breaking your mail cluster scalability to work around
someone's broken mail system is, IMO, not the correct solution.
However, as I mentioned in the other post on this thread, if you make
the mail spool local rather than shared, then the outgoing mail will not
bounce between the nodes - it will remain on the same node until
successfully delivered (or bounced). This works around the problem of
broken mail systems.
Gordan
--
Linux-cluster mailing list
https://www.redhat.com/mailman/listinfo/linux-cluster
------------------------------------------------------------------------
In a rush? Get real-time answers with Windows Live Messenger.
<http://www.windowslive.com/messenger/overview.html?ocid=TXT_TAGLM_WL_Refresh_realtime_042008>
------------------------------------------------------------------------
--
Linux-cluster mailing list
https://www.redhat.com/mailman/listinfo/linux-cluster
Jose Miguel Parrella Romero
2008-03-23 00:08:02 UTC
Permalink
Post by joe digital
Hi, We would like to build a postfix & Dovecot active/active mail
cluster with a shared data backend (ocfs2 or gfs). Has anyone done this
with or without the use of front end load balancers (done with DNS?).
If so can you let me know if there is any documentation out there or
email threds explaining this proccess or setup?
My organization is actually operating two Postfix/Dovecot clusters using
these tools (and running on top of Debian 4.0), and I know at least two
other organizations who are using the same tools for the same objective.

We use GFS as the shared storage (served via FC) and LVS in order to
balance the load between the nodes. We also use Heartbeat for high
availability of the directors.

The load balancing can also be done with a DNS round-robin; in a first
thought I can't find any problems that would arise in both SMTP and IMAP
using well-established desktop applications and proper service
configuration.

I can't point you to specific documents, though we used some ideas from
the Ultramonkey methodology [1] and the GFS FAQ [2] -- I'd advise you to
get your GFS working in two or more nodes and then work on the load
balancing, first using DNS round-robin and then with ldirector.

Jose

[1] http://www.ultramonkey.org/3/topologies/hc-ha-lb-overview.html
[2] http://sources.redhat.com/cluster/gfs/faq.html
Gordan Bobic
2008-03-23 01:35:58 UTC
Permalink
Post by Jose Miguel Parrella Romero
We use GFS as the shared storage (served via FC) and LVS in order to
balance the load between the nodes.
What's the point? With enough users, DNS based load balancing works
pretty well. Certainly no worse than LVS.
Post by Jose Miguel Parrella Romero
We also use Heartbeat for high availability of the directors.
Isn't that a tad redundant with RH cluster's built in resource managemer?

Gordan
Jose Miguel Parrella Romero
2008-03-23 14:38:58 UTC
Permalink
Post by Gordan Bobic
What's the point? With enough users, DNS based load balancing works
pretty well. Certainly no worse than LVS.
Besides trying a different technology, there was no specific point in
using LVS. As I stated in my previous mail, DNS can do the trick very
well IMHO (and we actually use DNS round-robin for slave LDAPs)

In the directors we host non-mail services for the nodes such as DNS and
LDAP, and statistics software as well.
Post by Gordan Bobic
Isn't that a tad redundant with RH cluster's built in resource managemer?
Yes. We don't use the other functionalities of Red Hat Cluster Suite,
but this could well be considered in order to reuse the two directors as
nodes. Thanks for your comments.

Jose
Gordan Bobic
2008-03-23 14:44:45 UTC
Permalink
Post by Jose Miguel Parrella Romero
Isn't that [heartbeat] a tad redundant with RH cluster's built in resource managemer?
Yes. We don't use the other functionalities of Red Hat Cluster Suite,
but this could well be considered in order to reuse the two directors as
nodes.
If you're planning to use RHC _only_ for GFS, then maybe you would be
better off with OCFS2. That is an FS-only solution.

Gordan
Brieseneck, Arne, VF-Group
2008-03-25 15:18:28 UTC
Permalink
Hi all,

Has anybody done a comparison between GFS2 and OCFS2 regarding
performance and stability?



I am familiar with GFS2 (setup,... etc) but I don't know how to set up a
OCFS2 right now. I'd like to do it to have comparable results ceteris
paribus.


THX
Arne

Gordan Bobic
2008-03-23 01:23:31 UTC
Permalink
Post by joe digital
Hi, We would like to build a postfix & Dovecot active/active mail
cluster with a shared data backend (ocfs2 or gfs). Has anyone done this
with or without the use of front end load balancers (done with DNS?).
Yes, I have deployed just such a thing using Postfix, Dovecot and GFS. I
set up authentication via a MySQL user database. User maildirs were
shared on a separate GFS volume, and the root volume was shared between
all the machines in the cluster (5) using Open Shared Root.

Local storage was used for:
1) /tmp
2) /var/lib/mysql (MySQL was multi-master replicated using round-robin
replication)
3) postfix incoming mail spool
4) /boot
5) OSR initrd disk backing

Load balancing was done via DNS. The system was based on CentOS 5.
Storage was SAN for root and maildirs and DAS for the above.

Gordan
Loading...