1241

MDaemon Clustering - Deployment requirements and how to configure nodes

MDaemon’s clustering is designed to share configurations between multiple servers.  It does not replicate mailbox or public folder data or handle the routing of traffic. 

MDaemon version 20.0.0 includes support for configuring MDaemon in clustered nodes.  MDaemon versions 19.5 and below do not support clustering.

  1. There is a primary node and secondary nodes.
    • The primary node is the only node that can be used to make configuration changes.  If you happen to make configuration changes on a secondary server, they will be over written.  Most of the UI on secondary servers has been disabled.
    • The XML-API on secondary nodes is read only.
    • Changes to email that happen on secondary nodes are sent to the primary node, and the primary node then notifies all other nodes about the change.
  2. Each node in the cluster requires its own MDaemon key.
  3. MDaemon does not handle the routing of any traffic.  A third party load balancer to handle the routing of traffic is recommended.
    • Enabling sticky sessions is required in your load balancer so that all traffic from the same IP is routed to the same host.
      • This is most important for Webmail and Remote Administration (MDRA) traffic as they are not cluster aware.  Session information for Webmail and MDRA is not passed between the nodes.  When logging in to Webmail or MDRA on a specific server, all traffic for that session needs to be routed to that server.
  4. All HTTP and XMPP traffic should be routed to the primary node.  This is the easiest and least confusing method.  There are multiple reasons for this. If you are not using items mentioned below, then you can configure it however you’d like.  Sticky sessions are still required.
    • The XMPP server is not cluster aware.  If using the IM capabilities, all XMPP traffic must go to the same server.
    • MDRA is not cluster aware. If MDRA traffic is routed to a secondary server, changes will be over written. MDRA traffic must be routed to the primary node.
    • Webmail traffic needs to be routed to the same server as XMPP traffic or the Webmail IM functionality will not work.
  5. Mailboxes must be stored in a shared path that is accessible by each node in the cluster. If using a UNC path, the MDaemon service must be ran as a user that has access to the network location.
    http://help.altn.com/mdaemon/en/index.html?service_settings.htm
    • It is a manual process to move the contents of the mailboxes and update the mailbox paths in MDaemon.
    • The new account template will be updated with the mailbox path provided in the clustering configurations
  6. Public folders must be stored in a shared path that is accessible by each node in the cluster.
    • It is a manual process to move the data to the shared location.
    • The cluster service will update the MDaemon.ini file with the public folder path provided in the Clustering configurations.
  7. Each node in the cluster needs to be on the same network.  We do not recommend using this to cluster servers that are in different locations. 
  8. Each node in the cluster needs to be running the same version of MDaemon.
  9. Dynamic screening sends all requests to the primary server, and the data from the primary server is replicated to secondary servers.
    • If the primary is offline, secondary servers use their own dynamic screening configurations which should be identical to the configuration on the primary at the time it went offline.  When the primary comes back online, any changes to DS made by the secondary servers will be over written.
    • If the primary fails, issues may arise with trying to thaw an account via email that was frozen while the primary was offline.
  10. Each node is expected to have the correct certificates installed.  Certificates need to be manually moved to each node in the cluster.
    • LetsEncrypt has not been updated to handle secondary nodes at the moment.
  11. The Lockfiles directory must be a shared location.   The Clustering Service can do this automatically.  To manually configure, edit the path in the LockFiles= key in the [Directories] section of the \MDaemon\App\MDaemon.ini file. 
  12. The \MDaemon\PEM directory must be a shared location.  Editing the PEM key in the [Directories] section of the \MDaemon\App\MDaemon.ini file.  Copy the MDaemon\PEM\ folder to the new shared location and restart MDaemon.
  13. Attachment linking cannot be used in a cluster.  If enabled, any attachments extracted by secondary servers will become inaccessible and orphaned. 
  14. All nodes in a cluster should be configured to use the same time zone and the times should be the same.  If the time zone is not the same, or if the times are off by more than 1 second, a warning will be logged in the Cluster log.

 

To configure clustering:

  1. Verify all mailbox and public folder paths exist in a network storage location.
  2. Install all appropriate certificates on each node.
  3. Install and activate MDaemon on a secondary node.
  4. On the primary node, select Setup / Cluster Service.
  5. Click Add
    • This can be slow as MDaemon is searching the network for available servers.
  6. Enter the NETBIOS name of the secondary node MDaemon is installed on.
  7. Click OK
  8. Check the Plugins / Cluster log to ensure the two servers were connected and that replication is occurring.
    • You can also go to the secondary and check Setup / Cluster Service to view the primary and secondary nodes.