0

I am in the process of setting up an email server through kubernetes. I managed to get postfix up and running and now am trying to setup dovecot. As I am expecting a bit of traffic for dovecot I want to run several instances which all have to be synchronized. I thought of 2 options:

Option 1: Run dovecot as a stateful set. That would make sense but I have not been able to find a solution that will allow me to run a full synchronization between the different instances. I was looking at xtrabackup and galera but both are for databases rather than the application I am looking for.

Option 2: Run dovecot as a deployment and use the same storage share to ensure all pods share the same data (email storages). That way I am able to use load balancing for dovecot.

Questions:

  • Which solution should I use?

If Option 1:

  • Can you point out where I can find examples or documentation for keeping the different instances synchronized?

If Option 2:

  • Can you point me to example configs or documentation how to use the same storage for several instances?

THX

realShadow
  • 71
  • 1
  • 10
  • It appears the Dovecot has a [native replication system](https://wiki.dovecot.org/Replication). It seems like that's what you should be using. – larsks Oct 08 '22 at 16:42
  • @larsks sweet. I didn't find that but now that you pointed that out, that is freaking awesome. Thanks. – realShadow Oct 09 '22 at 01:30
  • Is your issue resolved?if yes, can you post the procedure you've followed as a solution and accept it – Sai Chandra Gadde Dec 13 '22 at 14:04
  • @SaiChandraGadde I solved my challenge by building my own side container using lsync. I deployed the solution in my dev environment but have to thoroughly test all functionality. It will probably take me another moth or so. I decided against the native replication as you can only do that with 2 instances but I have at the very minimum 3 running at all times. That's why my solution is a bit more complicated but flexible too. – realShadow Dec 14 '22 at 16:06
  • @realShadow can you post this as a answer and accept it for better community reach. – Sai Chandra Gadde Dec 15 '22 at 15:31

1 Answers1

0

It took me quite some time but I have worked out a solution for my case. Dovecot has a built in synchronization tool. Unfortunately that limits your "master" nodes to 2. It is not possible to run more syncs. That's why I am not using it.

There are 2 steps to my implementation:

1. The synchronization

I am running the pods in a stateful set. That way the names of the pods are more predictable. I created a side container running lsyncd (check out my repo for more details on how I build the container). Whoever wrote that tool, you are a genius THANK YOU. During startup of the pods I am providing some details to an init container such as how many instances I intend to run, namespace and service, and the structure of the ssh sync LUA file. This information is required for lsyncd to know what to sync with. I pass the LUA config into the container and add the names of the pods that will be available for the sync to the LUA script. As I said I needed name predictability. Once that init container is complete, the LUA script is built and ready for use in the lsyncd container.

2. startup of the containers

once this "prep" work is done the containers start up. The lsyncd container gets a separate 100MB shared pvc (outside the mail storage) in order to exchange the SSH keys between the containers. Assuming you are running 3 instances of dovecot, a process inside the lsyncd container creates a key, stores it on this pvc and saves it in the appropriate folder to allow the sync. The process is pretty much the same as logging into ssh with a key instead of a password. The startup script checks for the availability of the keys until all of them are found and stores them where needed. Once that is complete, each of the lsyncd containers creates a file with its number to signal key integration is complete and once these files match the number of instances the keys are deleted. At that point the lsyncd sync is ready and setup. At last the dovecot container is starting and completes the startup process.

Should you have any questions please feel free to post here and I'll get back as soon as I can.

realShadow
  • 71
  • 1
  • 10