Results 1 to 7 of 7

Thread: zimbra-proxy tests and questions

  1. #1
    stephenwilley is offline Member
    Join Date
    Feb 2008
    Posts
    14
    Rep Power
    7

    Default zimbra-proxy tests and questions

    At the moment:

    1 server doing everything

    Going to:

    2 x MTA/LDAP
    2 x Mailbox
    1 x Zimbra-proxy (with http reverse proxying)

    Question:

    1) Does zimbra-proxy need to be installed on the mailbox (target) servers as well, or just on the 1 zimbra-proxy (source) dedicated machine?

    Tests:

    Since we're using our 1 server setup in production, I can't break that right now. I've trying the proxy setup seperately as follows:

    Built a mailbox server (and installed zimbra-proxy on it)
    Built the zimbra-proxy box (just installed core and proxy on it)
    Used all the default settings for ports in the config and when asked for a master LDAP server, pointed it at our 1 live server

    I read this page: http://www.zimbra.com/docs/ne/latest...Proxy.7.1.html and tried various permutations including running the enable (with -w) line on both the proxy and the mailbox servers. I notice that the zimbraMailReferMode is set to 'wronghost' on the 1 live server (it's set to 'reverse-proxied' on the new ones) and if I change it, bad things happen so I have to change it back (which is why I'm guessing you have to install zimbra-proxy on 'target' nodes too).

    I've created a user account on the new mailbox server and if I try to log into it through the proxy URL, it works, but still changes the address bar to the name of the mailbox server.

    Is this all just not going to work until all the machines in my setup have zimbra-proxy installed? I was hoping to be able to see it work before I went and changed our production setup.

    I've read this back and tried to explain things properly, but it doesn't seem to read very well. If I can clarify anything, please let me know. Thanks for any help.

    BTW - zmprov doesn't run on the machine that just has core and proxy installed. It gives the following error (but the zmproxyinit command still works and outputs three prov> thingies):

    ERROR: zclient.IO_ERROR (invoke Connection refused, server: localhost) (cause: java.net.ConnectException Connection refused)

  2. #2
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,316
    Rep Power
    13

    Default

    The answer to the initial question is : you need to setup zimbra-proxy only on the proxy machine.

    Do you have any firewall between the proxy and the mailstores ?

  3. #3
    stephenwilley is offline Member
    Join Date
    Feb 2008
    Posts
    14
    Rep Power
    7

    Default

    Looking at the logs, it appears to be because I haven't set zimbraPublicServiceHostname as required in the docs. Unfortunately, this isn't something I can test without downtime, as at the moment, all our REST URLs simply point to our one active server. Obviously the new proxy has a different name during testing and I can't break existing shared calendars etc.

    I guess I'll take the plunge on a weekend instead.

    Two questions though:

    1) I can't run zmprov as zimbra on a server that only has zimbra-proxy and zimbra-core installed. It gives the following error:
    ERROR: zclient.IO_ERROR (invoke Connection refused, server: localhost) (cause: java.net.ConnectException Connection refused)
    I'll submit this to zimbra support but if anyone's got any ideas...

    2) The proxy docs require that I run:
    /opt/zimbra/bin/zmprov modifyServer mailbox_server_name zimbraMailReferMode reverse-proxied zimbraMailPort 8080 zimbraMailSSLPort 8443 zimbraMailMode http but that returns the error:
    ERROR: service.INVALID_REQUEST (invalid request: port 8443 conflict between zimbraMailSSLProxyPort and zimbraMailSSLPort on server mailbox_server_name)
    Do I just run instead?:
    /opt/zimbra/bin/zmprov modifyServer mailbox_server_name zimbraMailReferMode reverse-proxied
    Again, I'll submit this to support.

  4. #4
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,316
    Rep Power
    13

    Default

    Quote Originally Posted by stephenwilley View Post
    1) I can't run zmprov as zimbra on a server that only has zimbra-proxy and zimbra-core installed. It gives the following error:
    ERROR: zclient.IO_ERROR (invoke Connection refused, server: localhost) (cause: java.net.ConnectException Connection refused)
    I'll submit this to zimbra support but if anyone's got any ideas...
    Use "zmprov -l", it gets zmprov to talk to the LDAP server directly.

    Quote Originally Posted by stephenwilley View Post
    2) The proxy docs require that I run:
    /opt/zimbra/bin/zmprov modifyServer mailbox_server_name zimbraMailReferMode reverse-proxied zimbraMailPort 8080 zimbraMailSSLPort 8443 zimbraMailMode http but that returns the error:
    ERROR: service.INVALID_REQUEST (invalid request: port 8443 conflict between zimbraMailSSLProxyPort and zimbraMailSSLPort on server mailbox_server_name)
    Do I just run instead?:
    /opt/zimbra/bin/zmprov modifyServer mailbox_server_name zimbraMailReferMode reverse-proxied
    Again, I'll submit this to support.
    You're sure you ran this on the mailbox server, not proxy ?
    Last edited by Klug; 08-08-2008 at 04:19 AM.

  5. #5
    stephenwilley is offline Member
    Join Date
    Feb 2008
    Posts
    14
    Rep Power
    7

    Default

    Yeah, it was run on the mailbox server. I've just been looking at the number of bugs that have been fixed (or are being fixed) in 5.0.9. I know it's beta so maybe it's a bit premature to be looking at this as a production solution.

    I think I'll wait to upgrade to 5.0.9 before moving forward too much with the proxy stuff.

    Thanks for your help.

    Stephen

  6. #6
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,316
    Rep Power
    13

    Default

    I made additional tries/tests and hit the same problem.

    As soon as I add a zimbra-proxy to my ZCS infrastructure and tries to set zimbraMailSSLPort (or zimbraMailPort or zimbraPOP3Port, etc) I get the same error.

    It seems that, as soon as there's a zimbra-proxy in the infrastructure, the mailbox servers get their zimbraMailSSLProxyPort (and all zimbra*ProxyPort attributes) filled with values.
    These values are the same than the default ports, thus the error message !

    I had to change the values for all the zimbra*ProxyPort on the mailbox server to other values (7143, 7443, etc)...

    You should definitely open a case by Zimbra's support and a related bug...

  7. #7
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,316
    Rep Power
    13

    Default

    I ended up in getting everything to work on my own.
    The man problem is the documentation (not up to date and not correct for 5.0.8).

    Read this : [SOLVED] zimbra-proxy limitations

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 1
    Last Post: 05-23-2008, 05:53 AM
  2. ZCS 4 Webinar -- 10/5/06
    By GregA in forum Webinars
    Replies: 21
    Last Post: 01-03-2007, 03:33 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •