On Tue, 2008-09-16 at 10:04 +0200, Paweł Tęcza wrote: > Svetozar Mihailov pisze: > > Hello all, > > Hello Svetozar, > > Sorry for the late response, but recently I've not had much free time > to watch this mailing list. > > > 2.2 I do not want to use load balancer because if load balancer dies > > everything stop. I will implement monitoring (ping?) daemon, which will > > add/remove servers to dns if some of them dies. Is there recomended > > minimal TTL for dns records in this case? > > Yes, it's true that only one load balancer is not good idea. Hence, you > should have two redundant load balancers or second backup load balancer > on the alert. > > In my opinion a load balancer is a base element of modern and high > availability cluster in these days. Below is a short list of the most > important advantages of the load balancer: > > 1. Network traffic load balancing > > My administrator experience is that DNS based load balancing sucks. > It's not a blame of architecture of domain names system. It's because of > stupid Windows hosts. They ignore setting of DNS TTL and cache resolved > IP addresses, so you can't stop them to connect with your cluster nodes > when you want to reboot them, for example. Of course, you can move IP > addresses between machines, but I don't like that manual job. > > If you want to switch the network traffic when you upgrade a distro > on one of your nodes or do some tests, then you should use some free > load balancer. Your jobs will be invisible for your users! We use > Keepalived in our clustered mail system and I can recommend it for you > if you prefer Linux. > > 2. Security > > What do you do when some evil people make DoS attack on your cluster? > Probably you drop or reject their IP address on all nodes of the > cluster. Yes, you can do it in that way, but it's not quick and handy. > If you have load balancer(s), then you can cut off aggressors on only > one (or two) machine(s) and the problem is resolved. > > I hope it will be helpful for you or another Courier admins. > > My best regards, > > Pawel Tecza >
Hello Pawel, Thanks for answer. Anyway things was changed a little. Now I have cluster from 6 hardware nodes ( Q6600, 8G ram, CentOS 5.2 ) using iscsi gfs2 shared storage plus quorum disk also on iscsi. So I can shutdown 5 nodes, and cluster will be quorate with single node. Courier runs on 4 xen virtual machines. This 4 virtual machines are Courier cluster. Each virtual machine uses 1Gb ram, so I can run all of them on one hardware node only. Virtual machines are setup as cluster services in failover domains. If some of them dies will be automatically restarted. If hardware node dies, virtual machine will be restarted on another hardware node. I setup xen with live migration so I can easy live relocate running virtual machines to another hardware node before shutdown some of them. Also I have another virtual machine in Courier cluster, which is not listed in dns. I use it for testing before apply changes to public machines. Hardware nodes does not have IP address at all on external interfaces, so no one can ever reach them. Hardware nodes can be accessed only from internal network, which have private IP's. This also apply to mysql database. Admin interface is well protected also in similar way. Of course I can run Courier directly on hardware nodes and configure public IP addresses as cluster resource. But in this case if hardware node dies I lose everything in /var/spool/courier. And users will be not happy, me too. I of course prefer Linux. In fact I do not use anything else. And windows dns cache is not problem, because windows machines do not work long enough without reboot. Everything is up and running now. I make final fine tune to entire system. This is storage speed from virtual machine: [EMAIL PROTECTED] mail]# dd if=/dev/zero of=zt bs=1024 count=1000000 1000000+0 records in 1000000+0 records out 1024000000 bytes (1.0 GB) copied, 7.80421 seconds, 131 MB/s I just need to finish fight with spamassassin and sync current mail storage ( about 900Gb ) to new storage and go in production. After this I will try to make few changes to courier. Most important for me is to modify auth protocol to include sender IP address. With this change my already modified mysql backend will log spammers ip directly to mysql and after few weeks my local rbl dns will be good as public ones. Same logging I must do for spam/virus filters. Best regards, Svetozar Mihailov ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
