Migrating from single 32bit server to multi-64bit setup

[telefunken]

Hi,

I'm planning to upgrade my company's zimbra installation and I need some "sanity checking" of my plan.

Background:

We have been running Zimbra NE for about four years with great success ( ), but the hardware is getting old, and it is only capable of 32bits.
Due to the need of migrating to 64bits I've been waiting with the upgrade from 6.X to 7.X aswell.

The plan:

While moving to 64bits I would also like to create a more redundant setup, so a multi-server install is probably required.

1. Upgrade current install to latest 7.X GA release
2. Install three new servers, one mailbox server running services store, spell (apache), logger and SNMP. Two MTA servers running services MTA, LDAP and SNMP.
3. When the new servers are up and running, use the migration wizard from the backend to copy all accounts from the old server to the new setup.

My first real question is if this is a sane setup? My idea is to put the second MTA server on another site, connected to the primary via VPN. This is why I also want a local LDAP replica, if the primary site goes completely offline.
I'm guessing that the LDAP replica will contain all information needed for the secondary MTA to properly be able to receive or reject emails while the primary site is offline?
Will zimbra handle this scenario at all or will it brake?

My second question is if it is possible to use the migration wizard to import all relevant data from the old zimbra server? Will I get all emails as well as calendar, contacts, briefcases, notes and tasks?

Of course I could test all this in a test-env, but I more or less need to do that in my spare time, so any pointers and help that can reduce my need for testing is greatly appriciated!

[LMStone]

Quote:

Originally Posted by telefunken

Hi,

I'm planning to upgrade my company's zimbra installation and I need some "sanity checking" of my plan.

Background:

We have been running Zimbra NE for about four years with great success ( ), but the hardware is getting old, and it is only capable of 32bits.
Due to the need of migrating to 64bits I've been waiting with the upgrade from 6.X to 7.X aswell.

The plan:

While moving to 64bits I would also like to create a more redundant setup, so a multi-server install is probably required.

1. Upgrade current install to latest 7.X GA release
2. Install three new servers, one mailbox server running services store, spell (apache), logger and SNMP. Two MTA servers running services MTA, LDAP and SNMP.
3. When the new servers are up and running, use the migration wizard from the backend to copy all accounts from the old server to the new setup.

My first real question is if this is a sane setup? My idea is to put the second MTA server on another site, connected to the primary via VPN. This is why I also want a local LDAP replica, if the primary site goes completely offline.
I'm guessing that the LDAP replica will contain all information needed for the secondary MTA to properly be able to receive or reject emails while the primary site is offline?
Will zimbra handle this scenario at all or will it brake?

My second question is if it is possible to use the migration wizard to import all relevant data from the old zimbra server? Will I get all emails as well as calendar, contacts, briefcases, notes and tasks?

Of course I could test all this in a test-env, but I more or less need to do that in my spare time, so any pointers and help that can reduce my need for testing is greatly appriciated!

Zimbra is not architected to work across slow WAN connections like that. If you want a backup MX you can configure a non-Zimbra Postfix box of your own to function as a backup MX, or, you can subscribe to a number of services which provide backup MX capabilities. We run our own Postfix box in a second data center, but many here on the forums have used various mail forwarding services effectively too.

Having said that, if the volume of mail is so great that it is impacting responsiveness of the web UI, then breaking out the MTA function to a second server is a good solution. But, since your kit is old, I wouldn't do that until after getting onto new 64-bit kit as you may not need to.

Alternatively, we have been experimenting with adding more CPU cores and RAM to (virtualized) heavily loaded single-server installations and have found this is nearly as effective as adding a dedicated MTA server -- and a lot less costly.

Hope that helps,
Mark

[telefunken]

Quote:

Originally Posted by LMStone

Zimbra is not architected to work across slow WAN connections like that. If you want a backup MX you can configure a non-Zimbra Postfix box of your own to function as a backup MX, or, you can subscribe to a number of services which provide backup MX capabilities. We run our own Postfix box in a second data center, but many here on the forums have used various mail forwarding services effectively too.

Having said that, if the volume of mail is so great that it is impacting responsiveness of the web UI, then breaking out the MTA function to a second server is a good solution. But, since your kit is old, I wouldn't do that until after getting onto new 64-bit kit as you may not need to.

Alternatively, we have been experimenting with adding more CPU cores and RAM to (virtualized) heavily loaded single-server installations and have found this is nearly as effective as adding a dedicated MTA server -- and a lot less costly.

Hope that helps,
Mark

Thank you for your reply!

If I can't use zimbra as a backup MTA, I dont see any reason to brake it out of the main server at all. We have had no real performance issues so far running on 4GB of ram and dual quad-core cpu's.
The new solution will be virtualized, and I can add more memory and cpus if needed. (Thinking about 8GB ram and two or four cores to start with)

However my second question about the actual migration still stands, do you (or anyone else) have any input on that?

[LMStone]

Quote:

Originally Posted by telefunken

Thank you for your reply!

If I can't use zimbra as a backup MTA, I dont see any reason to brake it out of the main server at all. We have had no real performance issues so far running on 4GB of ram and dual quad-core cpu's.
The new solution will be virtualized, and I can add more memory and cpus if needed. (Thinking about 8GB ram and two or four cores to start with)

However my second question about the actual migration still stands, do you (or anyone else) have any input on that?

Sounds like a small system? I was referring to single-server systems with > 1K mailboxes and email flows > 5K per hour.

Re the actual migration, if you search for AJ Cody's Server-to-Server wiki page, you'll see what you need. It will seem daunting at first, but having done a bunch of them it's fairly straightforward -- with just a few very critical steps.

May I suggest taking a look at that document, and then if something isn't clear or doesn't seem applicable, post back here and we'll address those specifics?

Happy Holidays,
Mark

[bofh]

actually havin mta seperated wont make no sense
if your mailflow is that great the biggest impakt is the mailbox server anyway
it would only make sense if you wanna tune up the mailboxd to run as fast as possible with a min on services

however it could also make sense to have the mtas on a smaller vhost on the same machine - as a jail - for security or to avoid performance impact on the mailbox server if mtas are getting into trouble (like exxesive spam and virus filtering(dos etc)


however - 2 different setups (wihtout redundancy) make more sense
1: have 2 mailbox server one with mta and littl less user another mailbox only
that way the main impact of mailboxd is a bit splittet and an fail would not affect all users
2: make one mta seperated - one or 2 mailbox server


to add redundancy over WAN there is a way - you need a complete ident server and can replicate the logs - theres a wiki solution which do that for foss
however i didnt testet it and cant say anything about the relyability

in any case question is how fast is the wan connect

edit: in todays world mta itself has the smallest resource needs - only maybe amavis with fiultering may have an impact but in your setup you wont even see a difference in the systemload if oyu split the mtas form the mailbox