Results 1 to 3 of 3

Thread: Debian Zimbra VServer

  1. #1
    Join Date
    Mar 2006
    Posts
    41
    Rep Power
    9

    Default Debian Zimbra VServer

    I thought I would start a thread discussing my success on running Zimbra on a VServer.

    BTW.

    The HOST machine is Debian Sarge: http://www.debian.org/

    The VServer is Linux VServer 2.0: http://linux-vserver.org/

    What is a VServer

    Mostly review the site above, but the short answer is, it allows you to run systems on the one host (or roughly physical machine) as if they were running on their own machine.

    A simple example is that you may require two quite different apache versions running on the same machine. Now this is possible already with Apache, but it is difficult with some package systems.

    Another, better example is security. You can have a 3rd party PHP scripts running on Apache in a VServer that have no access to other VServers.

    Why is this important for Zimbra

    I was very excited about installing Zimbra, and did so on a server which I ended up not being able to upgrade to a large enough specification (mostly old memory problems). So I moved to another much faster, newer machine. However this machine also supported a name server and a few hundred IP numbers, including some forwarding (mostly simple rinetd and some iptables - don't ask).

    So on and off for a week I tried to get Zimbra to play well with these other ports (which used 25, 110, 80, 443 etc, all ports Zimbra needed). I learnt alot about Zimbra, how config files some times require changing the template, sometimes LDAP and sometimes normal config files.

    Although Zimbra has in the Schema support for zimbraPop3BindPort and zimbraPop3BindAddress, only the Port works. This is represented in the "enabled" section of the Schema. So clearly it is one day meant to support it, but not right now.

    VServer gets around that problem completely, but there are some gotchas.

    WIKI

    I have started a page on the WIKI - http://wiki.zimbra.com/index.php?title=Install_VServer

    The wiki is a better place to discuss the actual process, as it will change over time. This ticket i s more of announcement and a place to capture peoples issues, especially if you don't want to directly update the WIKI.

    VServer Install

    Start with a vanilla Debian Sarge install on the host machine.
    If you have things like SSH installed, make sure that you set the bind address to the IP number of the HOST, rather than "0.0.0.0" (all) as it is by default.

    Create a sarge vserver (we will call it Zimbra).

    Start and enter the VServer

    Preparing for Zimbra

    The main thing I needed to install and manage include:

    • locales - they were not installed
    • zmsetup - set the timezone correctly
    • apt-get remove exim4*; killall exim4 - you don't want it


    You will also need to edit your /etc/hosts (which does not exist by default) and add entries like this...

    Code:
    127.0.0.1       localhost.localdomain   localhost
    1.2.3.4   zimbra.blah.com.au        zimbra
    Where 1.2.3.4 is your real IP number and blah.com.au is your host name.

    Install Zimbra

    Installing the Debian Zimbra is then easy, standard install script

    The Gotchas

    Postfix binding FROM 127.0.0.1

    This one is solved quite simply. In the postfix master.cf you change your local IPs to be the real IP of the box BUT you must also make sure that you set (eg: in Amavis) that only the local IP can connect (otherwise anyone can use your virus scanner).

    (I have not perfected the steps here yet)

    Amavis

    Covered above, you must get Postfix and Amavis talking

    I think there was some more Gotchas, I will try and review when I do a new install in the next week and update.



    Feedback

    Any feedback would be good, other people who have done it this way and issues they have found. I am starting the WIKI page, but it could do with some more work (as does most of the WIKI actually).

  2. #2
    Join Date
    Jul 2007
    Posts
    8
    Rep Power
    8

    Default

    Your wiki posting references "rfc 1918 ip address" a couple of times. For example:
    "# rfc 1918 ip addr (can use inet ip, but not recommended."
    and
    "# no loopback in vserver, use rfc1918 internal ip bound to your vserver."

    How do I determine the "rfc 1918 internal ip bound to your vserver."

  3. #3
    Join Date
    May 2007
    Posts
    12
    Rep Power
    8

    Default

    Quote Originally Posted by vclark View Post
    Your wiki posting references "rfc 1918 ip address" a couple of times. For example:
    "# rfc 1918 ip addr (can use inet ip, but not recommended."
    and
    "# no loopback in vserver, use rfc1918 internal ip bound to your vserver."

    How do I determine the "rfc 1918 internal ip bound to your vserver."
    I wrote this some time ago.

    An RFC1918 IP is an ip that follows the RFC1918 standard. (You'd do well to read the RFC, please google for it.) Earlier I indicated its best to choose some other RFC1918 IP for internal operations, since we cant use 127.0.0.1 (since thats bound to the vserver host), and we dont want some of our ports out on open internet IPs or possibly even open to internal office networks (which we'd then have to firewall and whatnot). I cant tell you what to choose out of the ranges, thats up to you, you may well have other 1918 networks in your topology, so you have to pick an appropriate one that wont conflict with the rest of your network (or open up your zimbra internal services to your network, though that's not such a huge risk as opening it up to the whole internet).

Similar Threads

  1. Zimbra shutdowns every n hours.
    By Andrewb in forum Administrators
    Replies: 13
    Last Post: 08-14-2007, 09:55 AM
  2. Removing hostname from hosts file fixed prob.
    By lemur in forum Installation
    Replies: 10
    Last Post: 06-13-2007, 07:29 PM
  3. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 10:39 AM
  4. zimbra-core missing
    By kinaole in forum Developers
    Replies: 1
    Last Post: 10-02-2006, 12:59 PM
  5. Replies: 1
    Last Post: 11-23-2005, 01:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •