Hello,
I am exploring options to make our existing SMTP infrastructure more
elastic using containerization, potentially by running SMTP workloads on
Kubernetes. Our current system works well, but as we are building hooks
for automated and more robust scaling, I am evaluating whether moving
parts of the SMTP stack to Kubernetes would bring tangible benefits.
I am specifically looking for advice and real-world experience around
"containerising Postfix and running it in production", possibly under
Kubernetes.
Our current architecture, at a high level, looks like this:
clients → LB → HAProxy → SMTP inbound/outbound instances (Postfix +
policyd + milters) → after-queue milter → other MTA / LMTP
If we introduce containerization, it would start from HAProxy onwards.
Some of the challenges I can see upfront:
* Postfix maintains mail queues, which makes it a stateful service.
Using StatefulSets in Kubernetes seems like a possible way to address this.
* For SMTP outbound, each instance requires a stable, reputable public
IP. This is a constraint, but something we believe could be solved
with the right setup.
* Postfix-to-milter connection behavior: once a milter connection
breaks, Postfix does not re-establish it mid-session. We recently
discussed this on the mailing list, and one possible mitigation is using
451 responses, as described here:
https://www.mail-archive.com/[email protected]/msg106876.html
Given this context, my questions are:
* Has anyone run Postfix in containers (Docker / Kubernetes) for
production workloads at a reasonable scale? If yes, how was it done?
* Are there any critical challenges or failure modes beyond the ones
mentioned above?
* Are there recommended architectures, or specific do’s and don’ts,
when running Postfix in containers?
* If this approach is generally not recommended, what are the main
bottlenecks or design reasons?
I have skipped some obvious aspects (for example, graceful shutdown and
startup of containers), assuming those can be handled with standard
mechanisms.
Any guidance, experiences, or pointers would be greatly appreciated.
Thanks in advance.
Ankit Kulkarni
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
