Eduardo Augusto Alvarenga([EMAIL PROTECTED])@2001.05.04 20:01:54 +0000:
> Hi,
>
> Anyone on the list(s) have any idea of how to make a "independent-of-another-
> servers" pop3 cluster on a group of qmail-vpopmail servers? Preferentlly on
> distinct DMZs.
quick outline:
- you want high availability, so you might want storage servers such as
a netapp f740 or up; those boxes export the fs as nfs
- you probably want toasters, so you got to implement a multi tier
architecture with more than one resource server (netboot/ldap/...)
(inbound internet side)
{mails/smtp}
|
v
mx-in[0..n]
|
v
mr[0..n]--->pop-in[0..n]<-----------\
^ | |
| | ressrv[0..n]
| v |
| netapp/storage |
| | |
| v |
\----------------popsrv[0..n]<--/
| ^
v |
{mails/pop} {mails/smtp}
(client side)
mr mail router (qmail with smtproutes for popdomains)
pop-in inbound mailer that stores Maildir boxes on storage
storage nfs storage array w/ raid, dual head or anyway redundant
ressrv resource servers with ldap for recipient/mbox mapping and
netboot server for the toasters, contains configuration for all
popsrv pop3 server for the clients to use, asks ldap for auth and has
smtp dumbfire to the mail router
the boxes all netboot from the ressource servers, the network has to be
split into 2 internal and 2 external portions, carefully meshed/crossed.
this is darn expensive but should be sufficiently resilient against
outage of each component... i omitted the mx-out stuff since this
depends on your mail routing setup. this virtually is contained in
mr[0..n] in this picture... you might think about qeueing mails via
qmqp, having an inbound server array and an outbound server array. the
outbound server array will have spool, so the spool has to be a raid,
too.
this is just a quick outline of a setup i implemented for one of the
customers of my former employer.
ideas? comments?
/k
>
> B.R.
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Eduardo Augusto Alvarenga - Analista de Suporte - #179653
> Blumenau - Santa Catarina. Tel. (47) 9102-3303
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
--
> UNiX *IS* user friendly. It's just selective about who it's friends are.
KR433/KR11-RIPE -- http://www.webmonster.de -- ftp://ftp.webmonster.de
[Key] [KeyID---] [Created-] [Fingerprint-------------------------------------]
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46
