The mailing list for listmasters using Sympa

[Miles Fidelman <address@concealed>]

Steve Shipway wrote:
> > I'm still struggling to find an SMTP through other channels.  But for this
> > group,
> > I wonder if anybody has a good approach in clustering Sympa for failover?
> We've decided on using VMware site recovery manager and replicated SAN
> volumes, as this is the easiest solution for us (we already use it for many
> other systems).

Which is equivalent to what we're doing now - but with Xen virtual 
machines and DRBD disk replication.  But a bit of a pain each time we 
have to upgrade our systems - hence my attempt to find something easier, 
as we approach our next update.

> First, set up a replicated MySQL cluster for the database.  You may not be
> able to use an NDB backend, since it limits certain SQL commands, foreign keys
> and so on.  We've not tested the Sympa database against the NDB limitations,
> but if it is compatible, then an NDB cluster would work.  Multiple frontends
> and backends, and hide multiple frontends behind a failover load balancer.
> So, now you have an HA database.
I was thinking of trying PostGres streaming replication - but same thing.

> Then you can set up two identical Sympa systems, which will be in
> active/passive mode.  If you have an HA fileserver, you could set the list
> archive and the list_data path on a shared NFS filesystem; else you can set up
> a periodic copy from prod to standby, but then you'd lose archives written
> while in failover, and you would probably have to make the configuration
> read-only while in failover.

This is that part that I'm wondering about.  We don't have a separate 
fileserver - so we'd need to do some kind of copying of queues, 
archives, and other directories used by Sympa - and that's the issue 
that concerns me -- because there's so much asynchronous activity going 
on.  I'm wondering if there are any hooks in Sympa processing that allow 
for some kind of fine-grained checkpointing.

> The two web interfaces (if you're running a web interface on the standby
> server) can sit behind a load balancer in active/standby.
>
> The SMTP should be set up the either MX records giving the primary higher
> priority, or else with port 25 behind a load balancer in active/standby  so
> that mails only go to the second in a failover situation.  If you have the
> archive on a shared filesystem, or do not use archives, then you could have
> them running active/active.

In some sense, this really is a lot like a load-balancing challenge - 
how would one set up load balancing across two Sympa servers, in such a 
way that each one knows what the other one is doing - to avoid 
duplication of outgoing traffic, and to support takeover.
> I think this should work, but we have not tested it.  In particular, there
> might be locking issues between separate servers handling the same
> distribution table in the database.  If this is a problem, you could always
> make failover manual, and just start up your standby Sympa (and associated
> postfix and httpd) when necessary.  Unless you have a big need for the web
> interface to be HA this should be enough for email distribution?
I'm thinking I'll probably keep postfix and Sympa in a VM, and continue 
to replicate their disk space - it sure is the simple way.

Thanks!

Miles

--
In theory, there is no difference between theory and practice.
In practice, there is.   .... Yogi Berra