Ib qho ntawm cov haujlwm tseem ceeb thaum tsim cov txheej txheem loj Zimbra OSE yog qhov tsim nyog load ntsuas. Ntxiv rau qhov tseeb tias nws nce qhov kev ua txhaum ntawm qhov kev pabcuam, yam tsis muaj kev sib npaug ntawm kev thauj khoom nws tsis tuaj yeem ua kom ntseeg tau tias qhov kev pabcuam tib yam rau txhua tus neeg siv. Yuav kom daws tau qhov teeb meem no, load balancers yog siv - software thiab kho vajtse daws teeb meem uas redistribute thov ntawm servers. Ntawm lawv muaj cov tseem ceeb heev, zoo li RoundRobin, uas tsuas yog xa txhua qhov kev thov txuas ntxiv mus rau cov neeg rau zaub mov tom ntej hauv daim ntawv teev npe, thiab tseem muaj ntau dua, piv txwv li HAProxy, uas tau siv dav hauv cov khoom siv hluav taws xob siab vim muaj kev sib tw. tus naj npawb ntawm cov txiaj ntsig tseem ceeb. Cia peb saib seb koj tuaj yeem ua rau HAProxy load balancer thiab Zimbra OSE ua haujlwm ua ke.
Yog li, raws li cov ntsiab lus ntawm txoj haujlwm, peb tau muab Zimbra OSE infrastructure, uas muaj ob lub Zimbra Proxy, ob lub LDAP thiab LDAP Replica servers, plaub xa ntawv cia nrog 1000 mailboxes txhua thiab peb MTAs. Muab hais tias peb tab tom cuam tshuam nrog tus neeg xa ntawv, nws yuav tau txais peb hom kev khiav tsheb uas xav tau kev sib npaug: HTTP rau rub tawm tus neeg siv lub vev xaib, nrog rau POP thiab SMTP rau kev xa email. Hauv qhov no, HTTP tsheb yuav mus rau Zimbra Proxy servers nrog IP chaw nyob 192.168.0.57 thiab 192.168.0.58, thiab SMTP tsheb yuav mus rau MTA servers nrog IP chaw nyob 192.168.0.77 thiab 192.168.0.78.
Raws li twb tau hais lawm, kom ntseeg tau tias kev thov raug faib sib npaug ntawm cov servers, peb yuav siv HAProxy load balancer, uas yuav khiav ntawm Zimbra infrastructure ingress node khiav Ubuntu 18.04. Txhim kho haproxy ntawm no operating system yog ua tiav siv cov lus txib sudo apt-mus nruab haproxy. Tom qab no koj xav tau nyob rau hauv cov ntaub ntawv /etc/default/haproxy hloov parameter ENABLE = 0 rau ENABLE = 1. Tam sim no, txhawm rau kom paub tseeb tias haproxy ua haujlwm, tsuas yog nkag mus rau cov lus txib kev pabcuam haproxy. Yog tias qhov kev pabcuam no tau ua haujlwm, qhov no yuav pom tseeb los ntawm cov lus tso tawm.
Ib qho ntawm qhov tsis zoo ntawm HAProxy yog tias los ntawm lub neej ntawd nws tsis xa tus IP chaw nyob ntawm tus neeg siv khoom sib txuas, hloov nws nrog nws tus kheej. Qhov no tuaj yeem ua rau cov xwm txheej uas emails xa los ntawm cov neeg tawm tsam tsis tuaj yeem txheeb xyuas los ntawm IP chaw nyob txhawm rau ntxiv rau hauv daim ntawv teev npe dub. Txawm li cas los xij, qhov teeb meem no tuaj yeem daws tau. Ua li no koj yuav tsum hloov cov ntaub ntawv /opt/zimbra/common/conf/master.cf.in ntawm cov servers nrog Postfix thiab ntxiv cov kab hauv qab no rau nws:
26 inet n - n - 1 postscreen
-o postscreen_upstream_proxy_protocol=haproxy
466 inet n - n - - smtpd
%%uncomment SERVICE:opendkim%% -o content_filter=scan:[%%zimbraLocalBindAddress%%]:10030
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=
-o smtpd_data_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o syslog_name=postfix/smtps
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_upstream_proxy_protocol=haproxy
%%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_filter=[%%zimbraLocalBindAddress%%]:10027
%%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_options=speed_adjust
588 inet n - n - - smtpd
%%uncomment SERVICE:opendkim%% -o content_filter=scan:[%%zimbraLocalBindAddress%%]:10030
-o smtpd_etrn_restrictions=reject
-o smtpd_sasl_auth_enable=%%zimbraMtaSaslAuthEnable%%
-o smtpd_tls_security_level=%%zimbraMtaTlsSecurityLevel%%
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o smtpd_data_restrictions=
-o smtpd_helo_restrictions=
-o smtpd_recipient_restrictions=
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o syslog_name=postfix/submission
-o milter_macro_daemon_name=ORIGINATING
-o smtpd_upstream_proxy_protocol=haproxy
%%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_filter=[%%zimbraLocalBindAddress%%]:10027
%%uncomment LOCAL:postjournal_enabled%% -o smtpd_proxy_options=speed_adjustVim li no, peb yuav qhib cov chaw nres nkoj 26, 466 thiab 588, uas yuav tau txais kev nkag los ntawm HAProxy. Tom qab cov ntaub ntawv tau txais kev cawmdim, koj yuav tsum rov pib Postfix ntawm tag nrho cov servers siv zmmtactl restart command.
Tom qab ntawd, cia peb pib teeb tsa HAProxy. Txhawm rau ua qhov no, ua ntej tsim cov ntawv luam theej ntawm cov ntaub ntawv teeb tsa cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.bak. Tom qab ntawd qhib cov ntaub ntawv los ntawm cov ntawv nyeem /etc/haproxy/haproxy.cfg thiab pib ntxiv qhov tsim nyog nqis rau nws ib kauj ruam. Thawj qhov thaiv yuav ntxiv ib tus neeg rau zaub mov uas siv lub cav, teeb tsa qhov siab tshaj plaws tso cai ntawm kev sib txuas ib txhij, nrog rau kev qhia lub npe thiab pab pawg ntawm cov neeg siv uas cov txheej txheem ua tiav yuav yog.
global
user daemon
group daemon
daemon
log 127.0.0.1 daemon
maxconn 5000
chroot /var/lib/haproxyDaim duab ntawm 5000 ib txhij sib txuas tau tshwm sim vim li cas. Txij li thaum peb muaj 4000 lub thawv xa ntawv hauv peb cov txheej txheem, peb yuav tsum xav txog qhov muaj peev xwm uas lawv txhua tus yuav nkag mus rau lawv cov email ua haujlwm tib lub sijhawm. Tsis tas li ntawd, nws yog ib qho tsim nyog yuav tsum tau tso tseg me me thaum lawv cov lej nce.
Tam sim no cia peb ntxiv ib qho thaiv nrog qhov chaw pib:
defaults
timeout client 1m
log global
mode tcp
timeout server 1m
timeout connect 5sQhov thaiv no teev lub sijhawm siab tshaj plaws rau cov neeg siv khoom thiab cov neeg rau zaub mov kom kaw qhov kev sib txuas thaum nws tas sijhawm, thiab tseem teeb tsa hom kev ua haujlwm ntawm HAProxy. Nyob rau hauv peb cov ntaub ntawv, lub load balancer ua hauj lwm nyob rau hauv TCP hom, uas yog, nws tsuas yog kis tau TCP pob ntawv yam tsis tau soj ntsuam lawv cov ntsiab lus.
Tom ntej no peb yuav ntxiv cov cai rau kev sib txuas ntawm ntau qhov chaw nres nkoj. Piv txwv li, yog tias qhov chaw nres nkoj 25 siv rau kev sib txuas SMTP thiab xa ntawv, ces nws ua rau kev nkag siab rau kev xa mus rau nws mus rau MTAs muaj nyob rau hauv peb cov infrastructure. Yog tias qhov kev sib txuas nyob ntawm chaw nres nkoj 80, qhov no yog qhov kev thov http uas yuav tsum tau xa mus rau Zimbra Proxy.
Txoj cai rau chaw nres nkoj 25:
frontend smtp-25
bind *:27
default_backend backend-smtp-25
backend backend-smtp-25
server mta1 192.168.0.77:26 send-proxy
server mta2 192.168.0.78:26 send-proxyTxoj cai rau chaw nres nkoj 465:
frontend smtp-465
bind *:467
default_backend backend-smtp-465
backend backend-smtp-465
server mta1 192.168.0.77:466 send-proxy
server mta2 192.168.0.78:466 send-proxyTxoj cai rau chaw nres nkoj 587:
frontend smtp-587
bind *:589
default_backend backend-smtp-587
backend backend-smtp-587
server mail1 192.168.0.77:588 send-proxy
server mail2 192.168.0.78:588 send-proxyTxoj cai rau chaw nres nkoj 80:
frontend http-80
bind *:80
default_backend http-80
backend http-80
mode tcp
server zproxy1 192.168.0.57:80 check
server zproxy2 192.168.0.58:80 checkTxoj cai rau chaw nres nkoj 443:
frontend https
bind *:443
default_backend https-443
backend https-443
mode tcp
server zproxy1 192.168.0.57:80 check
server zproxy2 192.168.0.58:80 checkThov nco ntsoov tias nyob rau hauv cov cai rau xa TCP pob ntawv mus rau MTA, nyob ib sab ntawm lawv qhov chaw nyob muaj qhov ntsuas. xa-proxy. Qhov no yog qhov tsim nyog yog li ntawd, raws li cov kev hloov pauv uas peb tau ua dhau los rau Postfix chaw, tus IP chaw nyob ntawm nws tus neeg xa khoom raug xa nrog TCP pob ntawv.
Tam sim no tias tag nrho cov kev hloov pauv tsim nyog tau ua rau HAProxy, koj tuaj yeem rov pib qhov kev pabcuam siv cov lus txib kev pabcuam haproxy rov pib dua thiab pib siv nws.
Rau tag nrho cov lus nug ntsig txog Zextras Suite, koj tuaj yeem tiv tauj Tus Neeg Sawv Cev ntawm Zextras Ekaterina Triandafilidi los ntawm e-mail [email tiv thaiv]
Tau qhov twg los: www.hab.com