best practice for HA cluster

classic Classic list List threaded Threaded
10 messages Options
JDN
Reply | Threaded
Open this post in threaded view
|

best practice for HA cluster

JDN

Hello

 

 

Which work method do you guys prefer for ha with postfix?

 

2 postfix nodes with f5 load balancer active passive and shared storage for the que

How can you share config between active and passive ? can we use my sql cluster for configuration sharing between the two nodes?

 

Ha proxy or ha cluster with two nodes?

 

 

 

Met vriendelijke groeten                        

Kind regards                                                 

De Petter Mattheas                                  

Technical support engineer – projects team    

IT-Department Jan De Nul Dredging N.V.

T +32 (0)53 73 95 53                                         

F +32 (0)53 21 00 31                                         

www.jandenul.com                                           

 

************************************************************
Any reaction to this e-mail or any other mail, including any
files transmitted therewith to sender's e-mail address(es)
shall be dealt with not as private, but as business
communication(s) and shall be registered as such.
************************************************************

Reply | Threaded
Open this post in threaded view
|

Re: best practice for HA cluster

Emmanuel Fusté-2
Le 08/02/2019 à 11:35, De Petter Mattheas a écrit :

>
> Hello
>
> Which work method do you guys prefer for ha with postfix?
>
> 2 postfix nodes with f5 load balancer active passive and shared
> storage for the que
>
> How can you share config between active and passive ? can we use my
> sql cluster for configuration sharing between the two nodes?
>
> Ha proxy or ha cluster with two nodes?
>
>
Complete over engineering.
For two node :
- two independent node
- MX DNS entries
- your preferred conf tool to maintain config

Never use shared storage. It will be your main source of problems.
Use properly sized and resilient nodes (raid 1/10)
I never use load balancer under 4 nodes and always a minimum of two MX
and up to four.
I always separate inbound and outbound nodes.

KISS design is the base rule for robust design.

Emmanuel.

JDN
Reply | Threaded
Open this post in threaded view
|

RE: best practice for HA cluster

JDN
Thanks for the assist.

But we need an active passive setup and a shared config, when config a gets a change be should have exact the same config.

How would you set this up ?


-----Original Message-----
From: Emmanuel Fusté <[hidden email]>
Sent: 08 February 2019 12:41
To: De Petter Mattheas <[hidden email]>; Postfix users <[hidden email]>
Subject: Re: best practice for HA cluster

Le 08/02/2019 à 11:35, De Petter Mattheas a écrit :

>
> Hello
>
> Which work method do you guys prefer for ha with postfix?
>
> 2 postfix nodes with f5 load balancer active passive and shared
> storage for the que
>
> How can you share config between active and passive ? can we use my
> sql cluster for configuration sharing between the two nodes?
>
> Ha proxy or ha cluster with two nodes?
>
>
Complete over engineering.
For two node :
- two independent node
- MX DNS entries
- your preferred conf tool to maintain config

Never use shared storage. It will be your main source of problems.
Use properly sized and resilient nodes (raid 1/10) I never use load balancer under 4 nodes and always a minimum of two MX and up to four.
I always separate inbound and outbound nodes.

KISS design is the base rule for robust design.

Emmanuel.

************************************************************
Any reaction to this e-mail or any other mail, including any
files transmitted therewith to sender's e-mail address(es)
shall be dealt with not as private, but as business
communication(s) and shall be registered as such.
************************************************************

Reply | Threaded
Open this post in threaded view
|

Re: best practice for HA cluster

Toens Bueker
De Petter Mattheas <[hidden email]> wrote:

> But we need an active passive setup and a shared config, when config a gets a change be should have exact the same config.
>
> How would you set this up ?

If you have a high available loadbalancer, you should use that to
enable active/passive (if node one fails, shift traffic to node 2).

Configuration should take place via configuration management (which
should be in place anyway).

Kind regards,
Töns
--
There is no safe distance.
JDN
Reply | Threaded
Open this post in threaded view
|

RE: best practice for HA cluster

JDN
Yeas we have F5 loadbalancer.


But how do we shift the config ? as far as i know there is no central mgmt for postfix only config files on node 1 and node 2



Met vriendelijke groeten                        
Kind regards                                                 
De Petter Mattheas                                  
Technical support engineer - projects team    
IT-Department Jan De Nul Dredging N.V.
T +32 (0)53 73 95 53                                         
F +32 (0)53 21 00 31                                         
www.jandenul.com                                           


-----Original Message-----
From: [hidden email] <[hidden email]> On Behalf Of Toens Bueker
Sent: 08 February 2019 14:27
To: Postfix users <[hidden email]>
Subject: Re: best practice for HA cluster

De Petter Mattheas <[hidden email]> wrote:

> But we need an active passive setup and a shared config, when config a gets a change be should have exact the same config.
>
> How would you set this up ?

If you have a high available loadbalancer, you should use that to enable active/passive (if node one fails, shift traffic to node 2).

Configuration should take place via configuration management (which should be in place anyway).

Kind regards,
Töns
--
There is no safe distance.
************************************************************
Any reaction to this e-mail or any other mail, including any
files transmitted therewith to sender's e-mail address(es)
shall be dealt with not as private, but as business
communication(s) and shall be registered as such.
************************************************************

Reply | Threaded
Open this post in threaded view
|

Re: best practice for HA cluster

Curtis Maurand
You could use Unison to keep the config folders in sync.  Open source. runs on just about everything.

February 8 2019 8:59 AM, "De Petter Mattheas" <[hidden email]> wrote:

> Yeas we have F5 loadbalancer.
>
> But how do we shift the config ? as far as i know there is no central mgmt for postfix only config
> files on node 1 and node 2
>
> Met vriendelijke groeten                        
> Kind regards                                                  
> De Petter Mattheas                                  
> Technical support engineer - projects team    
> IT-Department Jan De Nul Dredging N.V.
> T +32 (0)53 73 95 53                                          
> F +32 (0)53 21 00 31                                          
> www.jandenul.com                                            
>
> -----Original Message-----
> From: [hidden email] <[hidden email]> On Behalf Of Toens Bueker
> Sent: 08 February 2019 14:27
> To: Postfix users <[hidden email]>
> Subject: Re: best practice for HA cluster
>
> De Petter Mattheas <[hidden email]> wrote:
>
>> But we need an active passive setup and a shared config, when config a gets a change be should have
>> exact the same config.
>>
>> How would you set this up ?
>
> If you have a high available loadbalancer, you should use that to enable active/passive (if node
> one fails, shift traffic to node 2).
>
> Configuration should take place via configuration management (which should be in place anyway).
>
> Kind regards,
> Töns
> --
> There is no safe distance.
> ************************************************************
> Any reaction to this e-mail or any other mail, including any
> files transmitted therewith to sender's e-mail address(es)
> shall be dealt with not as private, but as business
> communication(s) and shall be registered as such.
> ************************************************************
Reply | Threaded
Open this post in threaded view
|

Re: best practice for HA cluster

Toens Bueker
In reply to this post by Toens Bueker
De Petter Mattheas <[hidden email]> wrote:

> Yeas we have F5 loadbalancer.
> But how do we shift the config? as far as i know there is no central mgmt for postfix only config files on node 1 and node 2

I would use cfengine3 to enforce a config (ideally the same config)
on both nodes (which would be up an running at the same time) every
five minutes. Changes to the config would be done on the policy hub
and then automatically pulled from the nodes and enforced locally.

If you have some other form of config management in place, it could be
used in a similar fashion.

Kind regards,
Töns
--
There is no safe distance.
Reply | Threaded
Open this post in threaded view
|

Re: best practice for HA cluster

Harald Koch-2
In reply to this post by Emmanuel Fusté-2
On Fri, Feb 8, 2019, at 06:40, Emmanuel Fusté wrote:
>
> Never use shared storage. It will be your main source of problems.

Recognizing that shared storage is always a headache:

How do you handle the situation where your active node crashes with queued, undelivered messages?

--
Harald Koch
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: best practice for HA cluster

Emmanuel Fusté-2
Le 08/02/2019 à 15:58, Harald Koch a écrit :
> On Fri, Feb 8, 2019, at 06:40, Emmanuel Fusté wrote:
>> Never use shared storage. It will be your main source of problems.
> Recognizing that shared storage is always a headache:
>
> How do you handle the situation where your active node crashes with queued, undelivered messages?
>
No, fix the problem or at last move and rebuild the queue on another
node. What are you calling crashes ?
After 15 years of postfix exploitation, I never have to do it.
And the only time we lost emails was on a shared storage, so we killed
it usage nine years ago.
More cheap, more simple, more serviceable, more robust.

Emmanuel.


Reply | Threaded
Open this post in threaded view
|

Re: best practice for HA cluster

Wietse Venema
In reply to this post by Harald Koch-2
Harald Koch:
> On Fri, Feb 8, 2019, at 06:40, Emmanuel Fust? wrote:
> >
> > Never use shared storage. It will be your main source of problems.
>
> Recognizing that shared storage is always a headache:
>
> How do you handle the situation where your active node crashes with queued, undelivered messages?
>

By making the file system redundant.

redundant MX service (each MX service has multiple Postfix queues)

redundant file system (each file system has multiple file servers)

redundant storage (each file server uses RAID)

Depending on budget, create the above in multiple geographical
locations, or replace some of the above with single instances.

        Wietse