On Wed, 25 Jul 2001, Graham Leggett wrote:
> Przemyslaw Wegrzyn wrote:
>
> > I'm going to use qmail + courier imap/pop + maildrop, maildirs++ over NFS.
> >
> > I consider using qmail-ldap, but I've heard many things about OpenLDAP
> > performace - both good and bad opinions.
> >
> > If every qmail-ldap server asks central ldap server on every delivery, I
> > guess it can probably overload OpenLDAP server.
>
> Well a mail server will have to consult some kind of database on every
> delivery anyway, otherwise it won't know what to do with the mail.
Of course ! I considered several scenarios so far:
- using db-file driven delivery, like for example vmailmgr does, and
sharing that file over NFS together with maildirs
pros: easy to implement
cons: any changes to user database requires locking this file. I want to
avoid locking over NFS
- custom qmail-users and auth mdules which asks Postgres directly (no
matter what I choose for qmail, I need postgres database too)
The modification: custom proxy daemon on every server holding
persistent connection to database, to avoid postgres reauthentication
on every query
- using qmail-ldap - but I don't know yet anything about LDAP's
performance/scalability/replication
not-this-list, but maybe someone will answer: how OpenLDAP handles
replication ? How it handles locking ? Does updating data requires
whole database lock ?
> LDAP servers are specifically designed to handle very high request
> loads, as they are optimised for many-reads-few-rights. LDAP scales very
> well - simply replicating the LDAP databases on each local machine will
> ensure the system stays up and working.
Hmm, a friend of mine is using LDAP for his not so big mail/web server. He
uses just nss/pam. He said recently that NSS performs poor on high load.
> As for it "overloading an OpenLDAP server", the only issue here is how
> big your OpenLDAP machine is, and how many machines you got. If you
> overload the server that's a RAM-and-processor problem, not an openldap
> problem. If openldap turns out to be less than reliable, or it does not
> suit your needs, install an alternative - like iPlanet Directory Server.
Well, but, given the same hardware, some technology performs better, some
worse.
> Having been involved with the design of a system that started at 1.4
> million accounts and had to scale from there, scaling to these volumes
> takes some careful planning at the outset.
Of course, that's why I subscribed this mailing list :) So far I'm in a
state of collecting information, and doing some tests.
> Work out how everything is going to grow in advance - from having
> multiple NFS servers, to multiple LDAP servers, to multiple mail servers
> - and you will not have any surprises down the line.
I've just looked through qmail-ldap FAQ - I can see that its clustering
support is done by assigning particular account to particular server. Will
it balance well, if some accounts reciver large amount of mail, while
others just one mail a week ?
Greetings
-=Czaj-nick=-
