Quoting Clifton Royston ([EMAIL PROTECTED]):
> On Wed, Nov 27, 2002 at 11:50:14AM +0100, Jurgen Philippaerts wrote:
> > We are planning to upgrade our pop3 server (currently running on a dual
> > cpu Sun E450) to a more redundant solution.
> > with at least two qpoppers running, and using somekind of centralized
> > storage.
Why?
What perceived problem do you think you'd solve?
> > Is there something i should keep in mind ? is there anyone on this list
> > who has such a setup, and would like to share his/her experiences ?
>
> Solve the "centralized storage" bit first. With Solaris at least you
> should have a good NFS implementation.
On the server side: should. Don't. NetApp was better for several
reasons. On the client side, Solaris (and FreeBSD) do fine.
> The loadbalancing part is easy. There are probably hundreds of
> different solutions for this, hardware and software. I prefer the
> "load balancing switch" type solution, e.g. Foundry ServerIron.
Foundry good.
>
> Getting the user login data to be shared also has several solutions,
> and though I'm not that familiar with Solaris, I know your options
> there should include LDAP and NIS+ (as well as simply slaving the
> password file from the master server.)
And Radius.
------------------------------
Read up on Nick Christensen's paper on Earthlink (and tuned and tweaked
later. Sendmail has many hooks and things that were needed to do that well).
http://www.jetcafe.org/~npc/doc/mail_arch.html
The paper leaves out some details; he's got a book "Sendmail
Performance Tuning" that includes useful info about tuning for
popper too (and for that matter, just tuning in general).
In general, my experience is to make one machine REALLY REALLY good.
Ready for failover. You need all that for an HA/Failover machine.
Redundant paths to an HA-ready RAID system (dual PowerSupply, dual
RAID controllers, etc). Dual networks (different cards) out to
your LAN(s). Booting from software mirrored disks, etc.
Normally, the next step would be to have that with 2 machines
and make it an HA pair. Skip it. You've done the good part.
Leave it alone.
HA adds a level of complexity that costs more to maintain and means
that you don't just casually let an admin log in. My GirlF is
getting paged to deal with a VCS pair that keeps failing to, er,
failover. Mostly cheap disk issues. The two people who were
formally trained on VCS are gone. Nobody knows it. The GirlF and
I worked at a company that developed HA long ago. How good do you
feel that a member needs to be added to a group, but only 1 or 2
people are allowed to do that cause someone did it wrong once? HA
is inherently more complex and delicate.
If your downtime is measured in $100,000 per hour, it's worth it.
But this is *just* mail. If it's down for 20 minutes while you
pull the RAID and a boot disk to another standby machine and boot
it, you'll live.
Machines don't usually crash due to CPU or MotherBoard failures.
It's VERY RARE. Usually it's software, or disks, or cables.
Be disciplined on the software side. If you had an HA production
box, you'd also NEED an HA test box. Add that cost...
