elmau
/
iredmail-doc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Typo in en_US/cluster/0-haproxy.keepalived.glusterfs.md.

This commit is contained in:
Zhang Huangbin 2016-03-23 00:58:32 +08:00
parent ae1a82fd61
commit f28f869fe2
4 changed files with 161 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

162
en_US/cluster/haproxy.keepalived.glusterfs.md → en_US/cluster/0-haproxy.keepalived.glusterfs.md
View File

@ -2,6 +2,8 @@
[TOC] [TOC]
This tutorial was [initial published](http://www.iredmail.org/forum/topic10773.html) by user `t10` on March 13, 2016.
## TODO ## TODO
* Use clear server hostnames and IP addresses for all involved servers. * Use clear server hostnames and IP addresses for all involved servers.
@ -24,7 +26,7 @@ Build a fail-over cluster with 4 servers (2 backend servers behind HAProxy + Kee
1. Install and configure HAProxy 1. Install and configure HAProxy
1. Install and configure GlusterFS as glusterserver & glusterclient (you can 1. Install and configure GlusterFS as glusterserver & glusterclient (you can
use separate machine for glusterserver) it's better to use a new hard drive use separate machine for glusterserver) it's better to use a new hard drive
with the same capacity with the same capacity
1. Install and configure iRedMail 1. Install and configure iRedMail
1. Setup OpenLDAP replication (Master-Slave) 1. Setup OpenLDAP replication (Master-Slave)
1. Setup MariaDB replication (Master-Master) 1. Setup MariaDB replication (Master-Master)
@ -40,15 +42,15 @@ Install on 2 servers (ha1 & ha2)
192.168.1.2 ha2 192.168.1.2 ha2
192.168.1.3 mail1 192.168.1.3 mail1
192.168.1.4 mail2 192.168.1.4 mail2
``` ```
* Install KeepAlived and backup default config file: * Install KeepAlived and backup default config file:
``` ```
yum install -y keepalived yum install -y keepalived
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf_DEFAULT mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf_DEFAULT
``` ```
* on ha1: * on ha1:
``` ```
@ -64,22 +66,22 @@ vrrp_script chk_haproxy {
weight 2 # add 2 points if OK weight 2 # add 2 points if OK
} }
vrrp_instance VI_1 { vrrp_instance VI_1 {
interface eth0 # interface to monitor interface eth0 # interface to monitor
state MASTER # MASTER on ha1, BACKUP on ha2 state MASTER # MASTER on ha1, BACKUP on ha2
virtual_router_id 51 virtual_router_id 51
priority 101 # 101 on ha1, 100 on ha2 priority 101 # 101 on ha1, 100 on ha2
virtual_ipaddress { virtual_ipaddress {
192.168.1.10 # virtual ip address 192.168.1.10 # virtual ip address
} }
track_script { track_script {
chk_haproxy chk_haproxy
} }
} }
``` ```
* on ha2, update `/etc/keepalived/keepalived.conf` * on ha2, update `/etc/keepalived/keepalived.conf`
change eth0 to your existing interface* change `eth0` to your existing interface
``` ```
vrrp_script chk_haproxy { vrrp_script chk_haproxy {
@ -88,26 +90,26 @@ vrrp_script chk_haproxy {
weight 2 # add 2 points if OK weight 2 # add 2 points if OK
} }
vrrp_instance VI_1 { vrrp_instance VI_1 {
interface eth0 # interface to monitor interface eth0 # interface to monitor
state BACKUP # MASTER on ha1, BACKUP on ha2 state BACKUP # MASTER on ha1, BACKUP on ha2
virtual_router_id 51 virtual_router_id 51
priority 101 # 101 on ha1, 100 on ha2 priority 101 # 101 on ha1, 100 on ha2
virtual_ipaddress { virtual_ipaddress {
192.168.1.10 # virtual ip address 192.168.1.10 # virtual ip address
} }
track_script { track_script {
chk_haproxy chk_haproxy
} }
} }
``` ```
* activate KeepAlived service on both servers: * activate KeepAlived service on both servers:
``` ```
systemctl enable keepalived systemctl enable keepalived
systemctl start keepalived systemctl start keepalived
``` ```
* Check status of virtual IP (192.168.1.10) with command below: * Check status of virtual IP (192.168.1.10) with command below:
``` ```
@ -119,7 +121,7 @@ ip a
* Install on both servers (ha1 & ha2) * Install on both servers (ha1 & ha2)
``` ```
yum install -y haproxy yum install -y haproxy
mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg_DEFAULT mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg_DEFAULT
``` ```
@ -240,24 +242,24 @@ listen stats
* on both servers: * on both servers:
create cert for ssl redirect (to iRedMail Servers) create cert for ssl redirect (to iRedMail Servers)
``` ```
mkdir /etc/ssl/iredmail.org/ mkdir /etc/ssl/iredmail.org/
openssl genrsa -out /etc/ssl/iredmail.org/iredmail.org.key 2048 openssl genrsa -out /etc/ssl/iredmail.org/iredmail.org.key 2048
openssl req -new -key /etc/ssl/iredmail.org/iredmail.org.key -out /etc/ssl/iredmail.org/iredmail.org.csr openssl req -new -key /etc/ssl/iredmail.org/iredmail.org.key -out /etc/ssl/iredmail.org/iredmail.org.csr
openssl x509 -req -days 365 -in /etc/ssl/iredmail.org/iredmail.org.csr -signkey /etc/ssl/iredmail.org/iredmail.org.key -out /etc/ssl/iredmail.org/iredmail.org.crt openssl x509 -req -days 365 -in /etc/ssl/iredmail.org/iredmail.org.csr -signkey /etc/ssl/iredmail.org/iredmail.org.key -out /etc/ssl/iredmail.org/iredmail.org.crt
cat /etc/ssl/iredmail.org/iredmail.org.crt /etc/ssl/iredmail.org/iredmail.org.key > /etc/ssl/iredmail.org/iredmail.org.pem cat /etc/ssl/iredmail.org/iredmail.org.crt /etc/ssl/iredmail.org/iredmail.org.key > /etc/ssl/iredmail.org/iredmail.org.pem
``` ```
activate HAProxy service activate HAProxy service
``` ```
systemctl enable haproxy systemctl enable haproxy
systemctl start haproxy systemctl start haproxy
``` ```
check log if any errors check log if any errors
``` ```
tail -f /var/log/messages tail -f /var/log/messages
@ -266,9 +268,9 @@ tail -f /var/log/messages
allow http, https, haproxystat ports allow http, https, haproxystat ports
``` ```
firewall-cmd --zone=public --permanent --add-port=80/tcp firewall-cmd --zone=public --permanent --add-port=80/tcp
firewall-cmd --zone=public --permanent --add-port=443/tcp firewall-cmd --zone=public --permanent --add-port=443/tcp
firewall-cmd --zone=public --permanent --add-port=9000/tcp firewall-cmd --zone=public --permanent --add-port=9000/tcp
firewall-cmd --complete-reload firewall-cmd --complete-reload
``` ```
@ -276,7 +278,7 @@ firewall-cmd --complete-reload
### Add new hard disk and format with preferred file system ### Add new hard disk and format with preferred file system
first, add new hard drive with the same capacity*** first, add new hard drive with the same capacity
* on both servers, update `/etc/hosts`: * on both servers, update `/etc/hosts`:
@ -290,9 +292,9 @@ first, add new hard drive with the same capacity***
type 'n', and hit enter for next question, (dont forget to write) hit 'w' type 'n', and hit enter for next question, (dont forget to write) hit 'w'
``` ```
fdisk /dev/sdb fdisk /dev/sdb
/sbin/mkfs.ext4 /dev/sdb1 /sbin/mkfs.ext4 /dev/sdb1
mkdir /glusterfs1 mkdir /glusterfs1
``` ```
Update `/etc/fstab`: Update `/etc/fstab`:
@ -312,9 +314,9 @@ mount -a
type 'n', and hit enter for next question, (dont forget to write) hit 'w' type 'n', and hit enter for next question, (dont forget to write) hit 'w'
``` ```
fdisk /dev/sdb fdisk /dev/sdb
/sbin/mkfs.ext4 /dev/sdb1 /sbin/mkfs.ext4 /dev/sdb1
mkdir /glusterfs2 mkdir /glusterfs2
``` ```
Update /etc/fstab: Update /etc/fstab:
@ -334,35 +336,35 @@ mount -a
* on both servers (mail1 & mail2): * on both servers (mail1 & mail2):
``` ```
rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
wget -P /etc/yum.repos.d http://download.gluster.org/pub/gluster/glusterfs/3.7/3.7.5/CentOS/glusterfs-epel.repo wget -P /etc/yum.repos.d http://download.gluster.org/pub/gluster/glusterfs/3.7/3.7.5/CentOS/glusterfs-epel.repo
yum -y install glusterfs glusterfs-fuse glusterfs-server yum -y install glusterfs glusterfs-fuse glusterfs-server
``` ```
activate the service activate the service
``` ```
systemctl enable glusterd.service systemctl enable glusterd.service
systemctl start glusterd.service systemctl start glusterd.service
``` ```
disabling firewall disabling firewall
``` ```
systemctl stop firewalld.service systemctl stop firewalld.service
systemctl disable firewalld.service systemctl disable firewalld.service
``` ```
* on mail1: * on mail1:
``` ```
gluster peer probe mail2 gluster peer probe mail2
``` ```
* on mail2: * on mail2:
``` ```
gluster peer probe mail1 gluster peer probe mail1
``` ```
you can check status with command below: you can check status with command below:
@ -374,26 +376,26 @@ gluster peer status
* ONLY on mail1: * ONLY on mail1:
``` ```
gluster volume create mailrep-volume replica 2 mail1:/glusterfs1/vmail mail2:/glusterfs2/vmail force gluster volume create mailrep-volume replica 2 mail1:/glusterfs1/vmail mail2:/glusterfs2/vmail force
gluster volume start mailrep-volume gluster volume start mailrep-volume
``` ```
check it check it
``` ```
gluster volume info mailrep-volume gluster volume info mailrep-volume
``` ```
* create folder for vmail and mount glusterfs to vmail folder * create folder for vmail and mount glusterfs to vmail folder
on mail1: on mail1:
``` ```
mkdir /var/vmail mkdir /var/vmail
mount.glusterfs mail1:/mailrep-volume /var/vmail/ mount.glusterfs mail1:/mailrep-volume /var/vmail/
``` ```
Update /etc/fstab Update /etc/fstab
``` ```
mail1:/mailrep-volume /var/vmail glusterfs defaults,_netdev 0 0 mail1:/mailrep-volume /var/vmail glusterfs defaults,_netdev 0 0
@ -408,14 +410,14 @@ mount -a
check it check it
``` ```
df -h df -h
``` ```
* on mail2: * on mail2:
``` ```
mkdir /var/vmail mkdir /var/vmail
mount.glusterfs mail2:/mailrep-volume /var/vmail/ mount.glusterfs mail2:/mailrep-volume /var/vmail/
``` ```
Update /etc/fstab: Update /etc/fstab:
@ -433,7 +435,7 @@ mount -a
check it check it
``` ```
df -h df -h
``` ```
you can test it by creating any files on one of your mail servers you can test it by creating any files on one of your mail servers
@ -459,7 +461,7 @@ ls -la /var/vmail
* install iRedMail on `mail1` first, after mail1 finish you can install it * install iRedMail on `mail1` first, after mail1 finish you can install it
to mail2 (better do not reboot after installing iRedMail, wait untill to mail2 (better do not reboot after installing iRedMail, wait untill
finish install/configure) finish install/configure)
* Dont forget to choose LDAP and using default mail folder: `/var/vmail` * Dont forget to choose LDAP and using default mail folder: `/var/vmail`
* Choose Nginx as web server * Choose Nginx as web server
@ -507,17 +509,17 @@ firewall-cmd --permanent \
--add-rich-rule='rule family="ipv4" source address="192.168.1.4/24" port protocol="tcp" port="3306" accept' --add-rich-rule='rule family="ipv4" source address="192.168.1.4/24" port protocol="tcp" port="3306" accept'
firewall-cmd --zone=iredmail --permanent --add-port=111/udp firewall-cmd --zone=iredmail --permanent --add-port=111/udp
firewall-cmd --zone=iredmail --permanent --add-port=24007/tcp firewall-cmd --zone=iredmail --permanent --add-port=24007/tcp
firewall-cmd --zone=iredmail --permanent --add-port=24008/tcp firewall-cmd --zone=iredmail --permanent --add-port=24008/tcp
firewall-cmd --zone=iredmail --permanent --add-port=24009/tcp firewall-cmd --zone=iredmail --permanent --add-port=24009/tcp
firewall-cmd --zone=iredmail --permanent --add-port=139/tcp firewall-cmd --zone=iredmail --permanent --add-port=139/tcp
firewall-cmd --zone=iredmail --permanent --add-port=445/tcp firewall-cmd --zone=iredmail --permanent --add-port=445/tcp
firewall-cmd --zone=iredmail --permanent --add-port=965/tcp firewall-cmd --zone=iredmail --permanent --add-port=965/tcp
firewall-cmd --zone=iredmail --permanent --add-port=2049/tcp firewall-cmd --zone=iredmail --permanent --add-port=2049/tcp
firewall-cmd --zone=iredmail --permanent --add-port=38465-38469/tcp firewall-cmd --zone=iredmail --permanent --add-port=38465-38469/tcp
firewall-cmd --zone=iredmail --permanent --add-port=631/tcp firewall-cmd --zone=iredmail --permanent --add-port=631/tcp
firewall-cmd --zone=iredmail --permanent --add-port=963/tcp firewall-cmd --zone=iredmail --permanent --add-port=963/tcp
firewall-cmd --zone=iredmail --permanent --add-port=49152-49251/tcp firewall-cmd --zone=iredmail --permanent --add-port=49152-49251/tcp
``` ```
reload firewall rules: reload firewall rules:
@ -608,8 +610,8 @@ systemctl restart mariadb
``` ```
create user 'replicator'@'%' identified by '12345678'; create user 'replicator'@'%' identified by '12345678';
grant replication slave on *.* to 'replicator'@'%'; grant replication slave on *.* to 'replicator'@'%';
SHOW MASTER STATUS; SHOW MASTER STATUS;
+--------------------+----------+----------------------------------------------+-------------------------------+ +--------------------+----------+----------------------------------------------+-------------------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB | | File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+--------------------+----------+----------------------------------------------+-------------------------------+ +--------------------+----------+----------------------------------------------+-------------------------------+
@ -623,18 +625,18 @@ check master status in column `File` and `Position`:
``` ```
create user 'replicator'@'%' identified by '12345678'; create user 'replicator'@'%' identified by '12345678';
grant replication slave on *.* to 'replicator'@'%'; grant replication slave on *.* to 'replicator'@'%';
slave stop; slave stop;
CHANGE MASTER TO MASTER_HOST = '192.168.1.3', MASTER_USER = 'replicator', MASTER_PASSWORD = '12345678', MASTER_LOG_FILE = 'mariadb-bin.000001', MASTER_LOG_POS = 245; CHANGE MASTER TO MASTER_HOST = '192.168.1.3', MASTER_USER = 'replicator', MASTER_PASSWORD = '12345678', MASTER_LOG_FILE = 'mariadb-bin.000001', MASTER_LOG_POS = 245;
slave start; slave start;
SHOW MASTER STATUS; SHOW MASTER STATUS;
+--------------------+----------+----------------------------------------------+-------------------------------+ +--------------------+----------+----------------------------------------------+-------------------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB | | File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+--------------------+----------+----------------------------------------------+-------------------------------+ +--------------------+----------+----------------------------------------------+-------------------------------+
| mariadb-bin.000001 | 289 | amavisd,iredadmin,iredapd,roundcubemail,sogo | test,information_schema,mysql | | mariadb-bin.000001 | 289 | amavisd,iredadmin,iredapd,roundcubemail,sogo | test,information_schema,mysql |
+--------------------+----------+----------------------------------------------+-------------------------------+ +--------------------+----------+----------------------------------------------+-------------------------------+
show slave status\G; show slave status\G;
``` ```
* change to your own master status MASTER_LOG_FILE is from `File`, MASTER_LOG_POS is from `Position` of master mail1 * change to your own master status MASTER_LOG_FILE is from `File`, MASTER_LOG_POS is from `Position` of master mail1
@ -650,10 +652,10 @@ systemctl restart mariadb
``` ```
slave stop; slave stop;
CHANGE MASTER TO MASTER_HOST = '192.168.1.4', MASTER_USER = 'replicator', MASTER_PASSWORD = '12345678', MASTER_LOG_FILE = 'mariadb-bin.000001', MASTER_LOG_POS = 289; CHANGE MASTER TO MASTER_HOST = '192.168.1.4', MASTER_USER = 'replicator', MASTER_PASSWORD = '12345678', MASTER_LOG_FILE = 'mariadb-bin.000001', MASTER_LOG_POS = 289;
slave start; slave start;
show slave status\G; show slave status\G;
exit; exit;
``` ```
* change to your own master status MASTER_LOG_FILE is from `File`, MASTER_LOG_POS is from `Position` of master mail2*. * change to your own master status MASTER_LOG_FILE is from `File`, MASTER_LOG_POS is from `Position` of master mail2*.

1
en_US/cluster/_links.md
View File

@ -1,4 +1,5 @@
Documents contributed by iRedMail users: Documents contributed by iRedMail users:
* [Build an iRedMail fail-over Cluster with KeepAlived, HAProxy, GlusterFS, OpenLDAP, Mariadb](./haproxy.keepalived.glusterfs.html), contributed by
* [An Ultra-HA, full Mult-Master E-mail cluster with iRedMail, MariaDB, and IPVS](http://pastebin.com/JcYeQBrX), contributed by Joshua Boniface. * [An Ultra-HA, full Mult-Master E-mail cluster with iRedMail, MariaDB, and IPVS](http://pastebin.com/JcYeQBrX), contributed by Joshua Boniface.

153
html/haproxy.keepalived.glusterfs.html
View File

@ -34,6 +34,7 @@
</li> </li>
</ul> </ul>
</div> </div>
<p>This tutorial was <a href="http://www.iredmail.org/forum/topic10773.html">initial published</a> by user <code>t10</code> on March 13, 2016.</p>
<h2 id="todo">TODO</h2> <h2 id="todo">TODO</h2>
<ul> <ul>
<li>Use clear server hostnames and IP addresses for all involved servers.</li> <li>Use clear server hostnames and IP addresses for all involved servers.</li>
@ -53,7 +54,7 @@
<li>Install and configure HAProxy</li> <li>Install and configure HAProxy</li>
<li>Install and configure GlusterFS as glusterserver &amp; glusterclient (you can <li>Install and configure GlusterFS as glusterserver &amp; glusterclient (you can
use separate machine for glusterserver) it's better to use a new hard drive use separate machine for glusterserver) it's better to use a new hard drive
with the same capacity </li> with the same capacity</li>
<li>Install and configure iRedMail</li> <li>Install and configure iRedMail</li>
<li>Setup OpenLDAP replication (Master-Slave)</li> <li>Setup OpenLDAP replication (Master-Slave)</li>
<li>Setup MariaDB replication (Master-Master)</li> <li>Setup MariaDB replication (Master-Master)</li>
@ -72,7 +73,7 @@
<ul> <ul>
<li>Install KeepAlived and backup default config file:</li> <li>Install KeepAlived and backup default config file:</li>
</ul> </ul>
<pre><code>yum install -y keepalived <pre><code>yum install -y keepalived
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf_DEFAULT mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf_DEFAULT
</code></pre> </code></pre>
@ -91,47 +92,47 @@ mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf_DEFAULT
weight 2 # add 2 points if OK weight 2 # add 2 points if OK
} }
vrrp_instance VI_1 { vrrp_instance VI_1 {
interface eth0 # interface to monitor interface eth0 # interface to monitor
state MASTER # MASTER on ha1, BACKUP on ha2 state MASTER # MASTER on ha1, BACKUP on ha2
virtual_router_id 51 virtual_router_id 51
priority 101 # 101 on ha1, 100 on ha2 priority 101 # 101 on ha1, 100 on ha2
virtual_ipaddress { virtual_ipaddress {
192.168.1.10 # virtual ip address 192.168.1.10 # virtual ip address
} }
track_script { track_script {
chk_haproxy chk_haproxy
} }
} }
</code></pre> </code></pre>
<ul> <ul>
<li>on ha2, update <code>/etc/keepalived/keepalived.conf</code></li> <li>on ha2, update <code>/etc/keepalived/keepalived.conf</code></li>
</ul> </ul>
<p>change eth0 to your existing interface* </p> <p>change <code>eth0</code> to your existing interface</p>
<pre><code>vrrp_script chk_haproxy { <pre><code>vrrp_script chk_haproxy {
script &quot;killall -0 haproxy&quot; # check the haproxy process script &quot;killall -0 haproxy&quot; # check the haproxy process
interval 2 # every 2 seconds interval 2 # every 2 seconds
weight 2 # add 2 points if OK weight 2 # add 2 points if OK
} }
vrrp_instance VI_1 { vrrp_instance VI_1 {
interface eth0 # interface to monitor interface eth0 # interface to monitor
state BACKUP # MASTER on ha1, BACKUP on ha2 state BACKUP # MASTER on ha1, BACKUP on ha2
virtual_router_id 51 virtual_router_id 51
priority 101 # 101 on ha1, 100 on ha2 priority 101 # 101 on ha1, 100 on ha2
virtual_ipaddress { virtual_ipaddress {
192.168.1.10 # virtual ip address 192.168.1.10 # virtual ip address
} }
track_script { track_script {
chk_haproxy chk_haproxy
} }
} }
</code></pre> </code></pre>
<ul> <ul>
<li>activate KeepAlived service on both servers:</li> <li>activate KeepAlived service on both servers:</li>
</ul> </ul>
<pre><code>systemctl enable keepalived <pre><code>systemctl enable keepalived
systemctl start keepalived systemctl start keepalived
</code></pre> </code></pre>
<ul> <ul>
@ -144,7 +145,7 @@ systemctl start keepalived
<ul> <ul>
<li>Install on both servers (ha1 &amp; ha2)</li> <li>Install on both servers (ha1 &amp; ha2)</li>
</ul> </ul>
<pre><code>yum install -y haproxy <pre><code>yum install -y haproxy
mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg_DEFAULT mv /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg_DEFAULT
</code></pre> </code></pre>
@ -265,33 +266,33 @@ listen stats
<ul> <ul>
<li>on both servers:</li> <li>on both servers:</li>
</ul> </ul>
<p>create cert for ssl redirect (to iRedMail Servers) </p> <p>create cert for ssl redirect (to iRedMail Servers)</p>
<pre><code>mkdir /etc/ssl/iredmail.org/ <pre><code>mkdir /etc/ssl/iredmail.org/
openssl genrsa -out /etc/ssl/iredmail.org/iredmail.org.key 2048 openssl genrsa -out /etc/ssl/iredmail.org/iredmail.org.key 2048
openssl req -new -key /etc/ssl/iredmail.org/iredmail.org.key -out /etc/ssl/iredmail.org/iredmail.org.csr openssl req -new -key /etc/ssl/iredmail.org/iredmail.org.key -out /etc/ssl/iredmail.org/iredmail.org.csr
openssl x509 -req -days 365 -in /etc/ssl/iredmail.org/iredmail.org.csr -signkey /etc/ssl/iredmail.org/iredmail.org.key -out /etc/ssl/iredmail.org/iredmail.org.crt openssl x509 -req -days 365 -in /etc/ssl/iredmail.org/iredmail.org.csr -signkey /etc/ssl/iredmail.org/iredmail.org.key -out /etc/ssl/iredmail.org/iredmail.org.crt
cat /etc/ssl/iredmail.org/iredmail.org.crt /etc/ssl/iredmail.org/iredmail.org.key &gt; /etc/ssl/iredmail.org/iredmail.org.pem cat /etc/ssl/iredmail.org/iredmail.org.crt /etc/ssl/iredmail.org/iredmail.org.key &gt; /etc/ssl/iredmail.org/iredmail.org.pem
</code></pre> </code></pre>
<p>activate HAProxy service </p> <p>activate HAProxy service</p>
<pre><code>systemctl enable haproxy <pre><code>systemctl enable haproxy
systemctl start haproxy systemctl start haproxy
</code></pre> </code></pre>
<p>check log if any errors </p> <p>check log if any errors</p>
<pre><code>tail -f /var/log/messages <pre><code>tail -f /var/log/messages
</code></pre> </code></pre>
<p>allow http, https, haproxystat ports</p> <p>allow http, https, haproxystat ports</p>
<pre><code>firewall-cmd --zone=public --permanent --add-port=80/tcp <pre><code>firewall-cmd --zone=public --permanent --add-port=80/tcp
firewall-cmd --zone=public --permanent --add-port=443/tcp firewall-cmd --zone=public --permanent --add-port=443/tcp
firewall-cmd --zone=public --permanent --add-port=9000/tcp firewall-cmd --zone=public --permanent --add-port=9000/tcp
firewall-cmd --complete-reload firewall-cmd --complete-reload
</code></pre> </code></pre>
<h2 id="glusterfs">GlusterFS</h2> <h2 id="glusterfs">GlusterFS</h2>
<h3 id="add-new-hard-disk-and-format-with-preferred-file-system">Add new hard disk and format with preferred file system</h3> <h3 id="add-new-hard-disk-and-format-with-preferred-file-system">Add new hard disk and format with preferred file system</h3>
<p>first, add new hard drive with the same capacity*** </p> <p>first, add new hard drive with the same capacity</p>
<ul> <ul>
<li>on both servers, update <code>/etc/hosts</code>:</li> <li>on both servers, update <code>/etc/hosts</code>:</li>
</ul> </ul>
@ -303,9 +304,9 @@ firewall-cmd --complete-reload
<li>add new disk on <code>mail1</code>:</li> <li>add new disk on <code>mail1</code>:</li>
</ul> </ul>
<p>type 'n', and hit enter for next question, (dont forget to write) hit 'w'</p> <p>type 'n', and hit enter for next question, (dont forget to write) hit 'w'</p>
<pre><code>fdisk /dev/sdb <pre><code>fdisk /dev/sdb
/sbin/mkfs.ext4 /dev/sdb1 /sbin/mkfs.ext4 /dev/sdb1
mkdir /glusterfs1 mkdir /glusterfs1
</code></pre> </code></pre>
<p>Update <code>/etc/fstab</code>:</p> <p>Update <code>/etc/fstab</code>:</p>
@ -320,9 +321,9 @@ mkdir /glusterfs1
<li>add new disk on mail2:</li> <li>add new disk on mail2:</li>
</ul> </ul>
<p>type 'n', and hit enter for next question, (dont forget to write) hit 'w'</p> <p>type 'n', and hit enter for next question, (dont forget to write) hit 'w'</p>
<pre><code>fdisk /dev/sdb <pre><code>fdisk /dev/sdb
/sbin/mkfs.ext4 /dev/sdb1 /sbin/mkfs.ext4 /dev/sdb1
mkdir /glusterfs2 mkdir /glusterfs2
</code></pre> </code></pre>
<p>Update /etc/fstab:</p> <p>Update /etc/fstab:</p>
@ -337,31 +338,31 @@ mkdir /glusterfs2
<ul> <ul>
<li>on both servers (mail1 &amp; mail2):</li> <li>on both servers (mail1 &amp; mail2):</li>
</ul> </ul>
<pre><code>rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm <pre><code>rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-5.noarch.rpm
wget -P /etc/yum.repos.d http://download.gluster.org/pub/gluster/glusterfs/3.7/3.7.5/CentOS/glusterfs-epel.repo wget -P /etc/yum.repos.d http://download.gluster.org/pub/gluster/glusterfs/3.7/3.7.5/CentOS/glusterfs-epel.repo
yum -y install glusterfs glusterfs-fuse glusterfs-server yum -y install glusterfs glusterfs-fuse glusterfs-server
</code></pre> </code></pre>
<p>activate the service </p> <p>activate the service</p>
<pre><code>systemctl enable glusterd.service <pre><code>systemctl enable glusterd.service
systemctl start glusterd.service systemctl start glusterd.service
</code></pre> </code></pre>
<p>disabling firewall </p> <p>disabling firewall</p>
<pre><code>systemctl stop firewalld.service <pre><code>systemctl stop firewalld.service
systemctl disable firewalld.service systemctl disable firewalld.service
</code></pre> </code></pre>
<ul> <ul>
<li>on mail1:</li> <li>on mail1:</li>
</ul> </ul>
<pre><code>gluster peer probe mail2 <pre><code>gluster peer probe mail2
</code></pre> </code></pre>
<ul> <ul>
<li>on mail2:</li> <li>on mail2:</li>
</ul> </ul>
<pre><code>gluster peer probe mail1 <pre><code>gluster peer probe mail1
</code></pre> </code></pre>
<p>you can check status with command below:</p> <p>you can check status with command below:</p>
@ -371,23 +372,23 @@ systemctl disable firewalld.service
<ul> <ul>
<li>ONLY on mail1:</li> <li>ONLY on mail1:</li>
</ul> </ul>
<pre><code>gluster volume create mailrep-volume replica 2 mail1:/glusterfs1/vmail mail2:/glusterfs2/vmail force <pre><code>gluster volume create mailrep-volume replica 2 mail1:/glusterfs1/vmail mail2:/glusterfs2/vmail force
gluster volume start mailrep-volume gluster volume start mailrep-volume
</code></pre> </code></pre>
<p>check it </p> <p>check it</p>
<pre><code>gluster volume info mailrep-volume <pre><code>gluster volume info mailrep-volume
</code></pre> </code></pre>
<ul> <ul>
<li>create folder for vmail and mount glusterfs to vmail folder</li> <li>create folder for vmail and mount glusterfs to vmail folder</li>
</ul> </ul>
<p>on mail1:</p> <p>on mail1:</p>
<pre><code>mkdir /var/vmail <pre><code>mkdir /var/vmail
mount.glusterfs mail1:/mailrep-volume /var/vmail/ mount.glusterfs mail1:/mailrep-volume /var/vmail/
</code></pre> </code></pre>
<p>Update /etc/fstab </p> <p>Update /etc/fstab</p>
<pre><code>mail1:/mailrep-volume /var/vmail glusterfs defaults,_netdev 0 0 <pre><code>mail1:/mailrep-volume /var/vmail glusterfs defaults,_netdev 0 0
</code></pre> </code></pre>
@ -396,14 +397,14 @@ mount.glusterfs mail1:/mailrep-volume /var/vmail/
</code></pre> </code></pre>
<p>check it</p> <p>check it</p>
<pre><code>df -h <pre><code>df -h
</code></pre> </code></pre>
<ul> <ul>
<li>on mail2:</li> <li>on mail2:</li>
</ul> </ul>
<pre><code>mkdir /var/vmail <pre><code>mkdir /var/vmail
mount.glusterfs mail2:/mailrep-volume /var/vmail/ mount.glusterfs mail2:/mailrep-volume /var/vmail/
</code></pre> </code></pre>
<p>Update /etc/fstab:</p> <p>Update /etc/fstab:</p>
@ -415,7 +416,7 @@ mount.glusterfs mail2:/mailrep-volume /var/vmail/
</code></pre> </code></pre>
<p>check it</p> <p>check it</p>
<pre><code>df -h <pre><code>df -h
</code></pre> </code></pre>
<p>you can test it by creating any files on one of your mail servers</p> <p>you can test it by creating any files on one of your mail servers</p>
@ -442,7 +443,7 @@ mount.glusterfs mail2:/mailrep-volume /var/vmail/
<li> <li>
<p>install iRedMail on <code>mail1</code> first, after mail1 finish you can install it <p>install iRedMail on <code>mail1</code> first, after mail1 finish you can install it
to mail2 (better do not reboot after installing iRedMail, wait untill to mail2 (better do not reboot after installing iRedMail, wait untill
finish install/configure) </p> finish install/configure)</p>
</li> </li>
<li> <li>
<p>Dont forget to choose LDAP and using default mail folder: <code>/var/vmail</code></p> <p>Dont forget to choose LDAP and using default mail folder: <code>/var/vmail</code></p>
@ -489,17 +490,17 @@ firewall-cmd --permanent \
--add-rich-rule='rule family=&quot;ipv4&quot; source address=&quot;192.168.1.4/24&quot; port protocol=&quot;tcp&quot; port=&quot;3306&quot; accept' --add-rich-rule='rule family=&quot;ipv4&quot; source address=&quot;192.168.1.4/24&quot; port protocol=&quot;tcp&quot; port=&quot;3306&quot; accept'
firewall-cmd --zone=iredmail --permanent --add-port=111/udp firewall-cmd --zone=iredmail --permanent --add-port=111/udp
firewall-cmd --zone=iredmail --permanent --add-port=24007/tcp firewall-cmd --zone=iredmail --permanent --add-port=24007/tcp
firewall-cmd --zone=iredmail --permanent --add-port=24008/tcp firewall-cmd --zone=iredmail --permanent --add-port=24008/tcp
firewall-cmd --zone=iredmail --permanent --add-port=24009/tcp firewall-cmd --zone=iredmail --permanent --add-port=24009/tcp
firewall-cmd --zone=iredmail --permanent --add-port=139/tcp firewall-cmd --zone=iredmail --permanent --add-port=139/tcp
firewall-cmd --zone=iredmail --permanent --add-port=445/tcp firewall-cmd --zone=iredmail --permanent --add-port=445/tcp
firewall-cmd --zone=iredmail --permanent --add-port=965/tcp firewall-cmd --zone=iredmail --permanent --add-port=965/tcp
firewall-cmd --zone=iredmail --permanent --add-port=2049/tcp firewall-cmd --zone=iredmail --permanent --add-port=2049/tcp
firewall-cmd --zone=iredmail --permanent --add-port=38465-38469/tcp firewall-cmd --zone=iredmail --permanent --add-port=38465-38469/tcp
firewall-cmd --zone=iredmail --permanent --add-port=631/tcp firewall-cmd --zone=iredmail --permanent --add-port=631/tcp
firewall-cmd --zone=iredmail --permanent --add-port=963/tcp firewall-cmd --zone=iredmail --permanent --add-port=963/tcp
firewall-cmd --zone=iredmail --permanent --add-port=49152-49251/tcp firewall-cmd --zone=iredmail --permanent --add-port=49152-49251/tcp
</code></pre> </code></pre>
<p>reload firewall rules:</p> <p>reload firewall rules:</p>
@ -578,8 +579,8 @@ firewall-cmd --zone=iredmail --permanent --add-port=49152-49251/tcp
<li>on mail1, login as MariaDB root user, then execute sql commands below:</li> <li>on mail1, login as MariaDB root user, then execute sql commands below:</li>
</ul> </ul>
<pre><code>create user 'replicator'@'%' identified by '12345678'; <pre><code>create user 'replicator'@'%' identified by '12345678';
grant replication slave on *.* to 'replicator'@'%'; grant replication slave on *.* to 'replicator'@'%';
SHOW MASTER STATUS; SHOW MASTER STATUS;
+--------------------+----------+----------------------------------------------+-------------------------------+ +--------------------+----------+----------------------------------------------+-------------------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB | | File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+--------------------+----------+----------------------------------------------+-------------------------------+ +--------------------+----------+----------------------------------------------+-------------------------------+
@ -592,18 +593,18 @@ SHOW MASTER STATUS;
<li>on mail2:</li> <li>on mail2:</li>
</ul> </ul>
<pre><code>create user 'replicator'@'%' identified by '12345678'; <pre><code>create user 'replicator'@'%' identified by '12345678';
grant replication slave on *.* to 'replicator'@'%'; grant replication slave on *.* to 'replicator'@'%';
slave stop; slave stop;
CHANGE MASTER TO MASTER_HOST = '192.168.1.3', MASTER_USER = 'replicator', MASTER_PASSWORD = '12345678', MASTER_LOG_FILE = 'mariadb-bin.000001', MASTER_LOG_POS = 245; CHANGE MASTER TO MASTER_HOST = '192.168.1.3', MASTER_USER = 'replicator', MASTER_PASSWORD = '12345678', MASTER_LOG_FILE = 'mariadb-bin.000001', MASTER_LOG_POS = 245;
slave start; slave start;
SHOW MASTER STATUS; SHOW MASTER STATUS;
+--------------------+----------+----------------------------------------------+-------------------------------+ +--------------------+----------+----------------------------------------------+-------------------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB | | File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
+--------------------+----------+----------------------------------------------+-------------------------------+ +--------------------+----------+----------------------------------------------+-------------------------------+
| mariadb-bin.000001 | 289 | amavisd,iredadmin,iredapd,roundcubemail,sogo | test,information_schema,mysql | | mariadb-bin.000001 | 289 | amavisd,iredadmin,iredapd,roundcubemail,sogo | test,information_schema,mysql |
+--------------------+----------+----------------------------------------------+-------------------------------+ +--------------------+----------+----------------------------------------------+-------------------------------+
show slave status\G; show slave status\G;
</code></pre> </code></pre>
<ul> <ul>
@ -618,10 +619,10 @@ show slave status\G;
<li>on mail1, login as MariaDB root user:</li> <li>on mail1, login as MariaDB root user:</li>
</ul> </ul>
<pre><code>slave stop; <pre><code>slave stop;
CHANGE MASTER TO MASTER_HOST = '192.168.1.4', MASTER_USER = 'replicator', MASTER_PASSWORD = '12345678', MASTER_LOG_FILE = 'mariadb-bin.000001', MASTER_LOG_POS = 289; CHANGE MASTER TO MASTER_HOST = '192.168.1.4', MASTER_USER = 'replicator', MASTER_PASSWORD = '12345678', MASTER_LOG_FILE = 'mariadb-bin.000001', MASTER_LOG_POS = 289;
slave start; slave start;
show slave status\G; show slave status\G;
exit; exit;
</code></pre> </code></pre>
<ul> <ul>

4
html/index.html
View File

@ -153,11 +153,9 @@
<li><a href="./pureftpd.openldap.centos.html">Virtual Mail And FTP Hosting With iRedMail And Pure-FTPd</a></li> <li><a href="./pureftpd.openldap.centos.html">Virtual Mail And FTP Hosting With iRedMail And Pure-FTPd</a></li>
</ul> </ul>
<h3 id="cluster">Cluster</h3> <h3 id="cluster">Cluster</h3>
<ul>
<li><a href="haproxy.keepalived.glusterfs.html">Build an iRedMail fail-over Cluster with KeepAlived, HAProxy, GlusterFS, OpenLDAP, Mariadb</a></li>
</ul>
<p>Documents contributed by iRedMail users:</p> <p>Documents contributed by iRedMail users:</p>
<ul> <ul>
<li><a href="./haproxy.keepalived.glusterfs.html">Build an iRedMail fail-over Cluster with KeepAlived, HAProxy, GlusterFS, OpenLDAP, Mariadb</a>, contributed by </li>
<li><a href="http://pastebin.com/JcYeQBrX">An Ultra-HA, full Mult-Master E-mail cluster with iRedMail, MariaDB, and IPVS</a>, contributed by Joshua Boniface.</li> <li><a href="http://pastebin.com/JcYeQBrX">An Ultra-HA, full Mult-Master E-mail cluster with iRedMail, MariaDB, and IPVS</a>, contributed by Joshua Boniface.</li>
</ul> </ul>
<h3 id="troubleshooting-and-debug">Troubleshooting and Debug</h3> <h3 id="troubleshooting-and-debug">Troubleshooting and Debug</h3>