Skip to main content

amazon ec2 - AWS EC2 Mailserver Failover Strategies done right

I'm researching in this topic really hard the last few days and i just want to discuss this with a few specific questions - i did not find any suitable thread here that is covering my needs and especially, that is quite actual - the most posts about this topic are around 2010 when, i guess, the last time AWS had a big failure (a whole region in murica was down when i remember right)



The current state:



We're running a Mailserver based on Ubuntu with Postfix/Dovecot/Horde, reading all mailbased configs out of a MySQL database. This is running as an EC2 instance with an EBS Storage where the OS and currently also the mails are stored. So far so good, but we're a startup and not just a private person who needs this server - so it is a Mailservice for our customers, super critical and verry important for us. After a few fails and downtimes in the first year, i will dramatically improve the setup - so i thought about "redundancy", basically..



The requirement:



The server must be "redundant" in some way, a fail of a single EC2 instance should not break the whole service anymore.




My research so far and options i see to solve:




  • Copy the instance into another region for example and build a "real" redundancy, a little bit old fashioned but that's what i learned back in school - using the new server as an MX-Backup configured through a second MX-Entry in DNS with lower priority. Problems here: Solving the data-redundancy -> i need to use rsync and db-replication for example to sync both servers. Not the option i want to implement because it can be super-tricky...


  • Service-Driven Solution, just using the AWS Possibilities right. I should use RDS for database and S3 for storage. So, if i have all the mails in the storage cloud (S3) and all the config-database-data in the db-cloud (RDS) -> the instance itself gets super flexible. This will give me the possibility to run several instances of that type in the same moment - so i can use ELB of EC2 to handle the load, starting new instances and detect failovers if one instance dies!! On the other side, my critical data spots, db and mailstorage would be service-driven, so i have not to think about failovers, downtime and most important, about scaleability anymore! So far the absolutely best solution i can imagine, but i see some serious problems.




Final Questions:





  • I never saw a good integration of S3 directly into the filesystem of Ubuntu - the experience i made is, that after few days of permanent run, the mount can disappear suddenly and with no reason and on the other side, multiple mounted S3 "drives" will replicate their data very very slow - i can understand that because it's a global cloud service but... How should this work? Imagine multiple running mailserver-instances, each using the same S3-drive -> so it is a requirement to replicate the maildata in an instant! So how we can "implement" a service-driven mailstorage that is really working with AWS? Has anyone ever made something like this? I just read everywhere "yeah so, you have to use aws services to solve that" but i can't find real implementations of that with mail.


  • Would an EBS-Based solution be better? So each running instance will have its own, dedicated drive to store, super-available and fast and again i will make an rsync setup to sync each other... Big contra here, huge costs.. each instance must have a huge EBS because everyone have to store ALL mails -> bullshit ^^




Is there any other failover scenario with AWS which i don't know yet? Sorry for the long text but i wanted to share all my thoughts so far... Thanks for reading if anyone does! :)

Comments

Post a Comment

Popular posts from this blog

iLO 3 Firmware Update (HP Proliant DL380 G7)

The iLO web interface allows me to upload a .bin file ( Obtain the firmware image (.bin) file from the Online ROM Flash Component for HP Integrated Lights-Out. ) The iLO web interface redirects me to a page in the HP support website ( http://www.hp.com/go/iLO ) where I am supposed to find this .bin firmware, but no luck for me. The support website is a mess and very slow, badly categorized and generally unusable. Where can I find this .bin file? The only related link I am able to find asks me about my server operating system (what does this have to do with the iLO?!) and lets me download an .iso with no .bin file And also a related question: what is the latest iLO 3 version? (for Proliant DL380 G7, not sure if the iLO is tied to the server model)
Post a Comment
Read more

linux - Awstats - outputting stats for merged Access_logs only producing stats for one server's log

I've been attempting this for two weeks and I've accessed countless number of sites on this issue and it seems there is something I'm not getting here and I'm at a lost. I manged to figure out how to merge logs from two servers together. (Taking care to only merge the matching domains together) The logs from the first server span from 15 Dec 2012 to 8 April 2014 The logs from the second server span from 2 Mar 2014 to 9 April 2014 I was able to successfully merge them using the logresolvemerge.pl script simply enermerating each log and > out_putting_it_to_file Looking at the two logs from each server the format seems exactly the same. The problem I'm having is producing the stats page for the logs. The command I've boiled it down to is /usr/share/awstats/tools/awstats_buildstaticpages.pl -configdir=/home/User/Documents/conf/ -config=example.com awstatsprog=/usr/share/awstats/wwwroot/cgi-bin/awstats.pl dir=/home/User/Documents/parced -month=all -year=all...
Post a Comment
Read more

linux - How can I get my mediawiki to stop thinking I have cookies disabled?

I've searched half a day for how to resolve this issue, and can't figure it out. Shortly after I made my wiki a simple private wiki according to the instructions at Mediawiki's website, it started giving me this weird login error message: Wiki uses cookies to log in users. You have cookies disabled. Please enable them and try again. If I remove those private wiki settings, the error disappears, even if I try logging in. But I need it to be a private wiki for only my team. So what do I do? Here's what I've done so far. Just to be safe, after ever change, I try rebooting Apache using: sudo /etc/init.d/apache2 restart In my php.ini file, I have the following set: session.save_path = "/var/lib/php5" session.cookie_secure = secure session.cookie_path = /tmp session.cookie_domain = my server's internal URL (should I even set this? this field was blank before, but not commented out) session.referer_check = Off I ran the following to ensure that the fold...
Post a Comment
Read more