Infrastructure Planning for the Zimbra Collaboration Suite
Implementation of any IT solution in an enterprise begins with design. At this stage, the IT manager will have to calculate the number of servers and their characteristics so that, on the one hand, they have enough for all users, and on the other hand, the cost-performance ratio of these servers is optimal and the cost of creating the computing infrastructure for the new information system is not struck a serious gap in the IT budget of the enterprise. Let's see how to design the infrastructure for implementation in the enterprise Zimbra Collaboration Suite.
The main feature of Zimbra in comparison with other solutions is that in the case of the ZCS, the “bottleneck” rarely becomes processor power or RAM. The main limitation usually becomes the speed of input and output of the hard disk and therefore the main attention should be paid to data storages. Officially stated minimum requirements for Zimbra in a production environment are a 4-core 64-bit processor with 2 GHz clock frequency, 10 gigabytes for system files and logs, as well as 8 GB of RAM. Usually these characteristics are enough for responsive server operation. But what if you have to introduce Zimbra for 10 thousand users? What servers and how should be implemented in this case?
Let's start with the fact that the infrastructure for 10 thousand users must be multiserver. On the one hand, the multiserver infrastructure allows Zimbra to be scalable, and on the other hand, to achieve responsive operation of the information system even with a large influx of users. It is usually quite difficult to predict how many users can accurately serve the Zimbra server, since a lot depends on the intensity of their work with calendars and e-mail, as well as on the protocol used. That is why, for example, we will implement 4 mail storages. In case of a shortage or a serious excess of power, it will be possible either to turn it off or add another one.
')
Thus, when designing infrastructure for 10,000 people, you will need to create LDAP, MTA and Proxy servers and 4 mail storages. Note that LDAP, MTA and Proxy servers can be made virtual. This will reduce the cost of server hardware and facilitate data backup and recovery, but on the other hand, in the event of a physical server failure, you risk being immediately without MTA, LDAP and Proxy. That is why the choice between physical or virtual servers should be made based on how much downtime you can afford in the case of an emergency. Mail storages will be best placed on physical servers, since it is on them that the main number of write cycles will occur, which limit the speed of Zimbra, and therefore more channels for data transfer will significantly increase Zimbra's performance.
In principle, after creating LDAP, MTA, Proxy servers, network storages and combining them into a single infrastructure, the Zimbra Collaboration Suite for 10,000 users is ready for commissioning. The scheme of this configuration will be quite simple:
The diagram shows the main system nodes and data streams that will circulate between them. With this configuration, the infrastructure will be completely unprotected against data loss, downtime associated with the failure of any of the servers, and so on. Let's look at how you can protect your infrastructure from these problems.
The main method is hardware redundancy. Additional nodes MTA and Proxy can, in case of failure of the main servers, temporarily assume the role of the main ones. Duplicating critical infrastructure nodes is almost always a great idea, but it is not always realizable to the desired extent. A vivid example is reserving servers on which mail is stored. Currently, Zimbra Collaboration Suite Open-Source Edition does not support the creation of duplicate storages, so if one of these servers fails, you will not be able to avoid downtime, and to reduce the downtime caused by the failure of the mail storage, the IT manager can deploy its backup copy server.
Since there is no built-in backup system in Zimbra OSE, we will need Zextras Backup, which supports real-time backup and external storage. Since Zextras Backup, when making full and incremental backups, puts all the data into the / opt / zimbra / backup folder, it would be wise to mount external, network or even cloud storage into it, so that if one of the servers drops actual at the time of emergency backup. You can deploy it on a backup physical server, as well as on a virtual machine and in the cloud. It would also be a good idea to install an MTA with a spam filter in front of the Zimbra Proxy server in order to reduce the amount of garbage sent to the server.
As a result, Zimbra's secure infrastructure will look something like this:
With this configuration, the Zimbra infrastructure will not only be able to ensure the provision of quality services to 10,000 users, but also in the event of a contingency situation, as soon as possible, it will eliminate its consequences.
The main feature of Zimbra in comparison with other solutions is that in the case of the ZCS, the “bottleneck” rarely becomes processor power or RAM. The main limitation usually becomes the speed of input and output of the hard disk and therefore the main attention should be paid to data storages. Officially stated minimum requirements for Zimbra in a production environment are a 4-core 64-bit processor with 2 GHz clock frequency, 10 gigabytes for system files and logs, as well as 8 GB of RAM. Usually these characteristics are enough for responsive server operation. But what if you have to introduce Zimbra for 10 thousand users? What servers and how should be implemented in this case?
Let's start with the fact that the infrastructure for 10 thousand users must be multiserver. On the one hand, the multiserver infrastructure allows Zimbra to be scalable, and on the other hand, to achieve responsive operation of the information system even with a large influx of users. It is usually quite difficult to predict how many users can accurately serve the Zimbra server, since a lot depends on the intensity of their work with calendars and e-mail, as well as on the protocol used. That is why, for example, we will implement 4 mail storages. In case of a shortage or a serious excess of power, it will be possible either to turn it off or add another one.
')
Thus, when designing infrastructure for 10,000 people, you will need to create LDAP, MTA and Proxy servers and 4 mail storages. Note that LDAP, MTA and Proxy servers can be made virtual. This will reduce the cost of server hardware and facilitate data backup and recovery, but on the other hand, in the event of a physical server failure, you risk being immediately without MTA, LDAP and Proxy. That is why the choice between physical or virtual servers should be made based on how much downtime you can afford in the case of an emergency. Mail storages will be best placed on physical servers, since it is on them that the main number of write cycles will occur, which limit the speed of Zimbra, and therefore more channels for data transfer will significantly increase Zimbra's performance.
In principle, after creating LDAP, MTA, Proxy servers, network storages and combining them into a single infrastructure, the Zimbra Collaboration Suite for 10,000 users is ready for commissioning. The scheme of this configuration will be quite simple:
The diagram shows the main system nodes and data streams that will circulate between them. With this configuration, the infrastructure will be completely unprotected against data loss, downtime associated with the failure of any of the servers, and so on. Let's look at how you can protect your infrastructure from these problems.
The main method is hardware redundancy. Additional nodes MTA and Proxy can, in case of failure of the main servers, temporarily assume the role of the main ones. Duplicating critical infrastructure nodes is almost always a great idea, but it is not always realizable to the desired extent. A vivid example is reserving servers on which mail is stored. Currently, Zimbra Collaboration Suite Open-Source Edition does not support the creation of duplicate storages, so if one of these servers fails, you will not be able to avoid downtime, and to reduce the downtime caused by the failure of the mail storage, the IT manager can deploy its backup copy server.
Since there is no built-in backup system in Zimbra OSE, we will need Zextras Backup, which supports real-time backup and external storage. Since Zextras Backup, when making full and incremental backups, puts all the data into the / opt / zimbra / backup folder, it would be wise to mount external, network or even cloud storage into it, so that if one of the servers drops actual at the time of emergency backup. You can deploy it on a backup physical server, as well as on a virtual machine and in the cloud. It would also be a good idea to install an MTA with a spam filter in front of the Zimbra Proxy server in order to reduce the amount of garbage sent to the server.
As a result, Zimbra's secure infrastructure will look something like this:
With this configuration, the Zimbra infrastructure will not only be able to ensure the provision of quality services to 10,000 users, but also in the event of a contingency situation, as soon as possible, it will eliminate its consequences.
Source: https://habr.com/ru/post/448148/
All Articles