question on setting up a secodary whm/cpanel VPS

[zombo]

I came along with one whm/cpanel VPS for many years but want to start to escape the VPS failures or network blackouts that happen occasionlly. So I got a secondary VPS with the same features and now I slowly start learning to increase data availability combining both systems.

My main servers /home directory is rsynched to the second VPS once a day during off-peak time. /home includes webspace, mails, mail accounts, etc. Further, I have an IP-based DNS failover system that redirects http (port 80) requests to its corresponding (rsynced) IP on VPS-2. Clients are informed that they shall not ftp changes to their webspace otherwise it will be lost when we return to VPS-1

My question is regarding eMail services. I would like to offer my clients the possibility to use VPS-2 as mailserver for incoming mail as well as for outgoing mail during a downtime. In case they do not use VPS-2 mails should go to VPS-1 as soon as it becomes available again. I have entered a higher value MX record into the DNS of VPS-2, so mails go to VPS-2 and will be stored there until VPS-1 comes back online.

domain.com. 86400 IN MX 10 mail.domain.com. [this is VPS-1]
domain.com. 86400 IN MX 15 mail2.domain.com. [this is VPS-2]

I have chosen the whm/cpanel DNS feature "MX backup - configure server as a backup mail exchanger. Mail will be held until a lower number mail exchanger is available". I hope that clients can also retrieve mail from there during VPS-1 failures.

Now I am asking those who already tried to achieve something similar: Do you see anything missing with this setting, any drawbacks, did I overlook something essential, into which problems will I probably run?

 

[tdens]

This will not work the way you want it to. Google for mailserver UIDL files. Doing this will present the client with an older version of the server-side UIDL file when you fail over, so if customers keep mail on the server, new mail won't be seen, and then when you fail back, the scenario is even worse since mail that arrived as your backup mail server doesn't appear to sync back *and* you'll have the same issue with UIDL. The correct way to do this is to have /home shared to both servers via a SAN or NAS. That said, I've been told by cpanel that this isn't suggested or supported. I'm still working out how to deal with this on my own upcoming installation.

 

[zombo]

Hi, thank you for jumping in here. I greatly appreciate sharing thoughts with you.

A SAN or NAS available safely from both servers would, off course, greatly improve the situation. The two servers could then even work in a round robin setting to reduce load. But that is not available at a similar price of 2 whm/cpanel VPS's.

My backup VPS-2 uses the mx backup feature which is built into whm/cpanel (version 10.30), so mails received during failover will be sent to VPS-1 as soon as it becomes available again and there it is simply new mail.
I do the sync in off-peek server time. As long as VPS1 is down, no overwriting by sync can occur since VPS tries fetching data and cannot connect.
I told all customers to use POP3 only at the price of getting better service availability. With POP3 I think there will be no uidl problem. I anyway discourage people to use IMAP as a message and data repository, but thats a different subject.

So I can improve on service availability with the drawback that clients who do not keep to the rule "use POP3 only and never leave read mail on the server" might have problems. Clients who keep to the rule will not have problems.

What remains inconvenient:
- clients have to setup a second mail account to access the second server if they need to.
- if clients load up data into their webspace it will be gone again after sync from VPS1 when it comes back online.
- the DNS propagation can take uncomfortably long, even if the web failover system reacts reasonable quick.

I'd be glad to read any more improvement thoughts ...

 

[tdens]

POP3 uses UIDL as well. That said, if your customers stick with POP3 and don't leave messages on the server, issues would probably be minimal.

 

[zombo]

So this is just to let those who were listening in know that the above setting may not be perfect but works and is an improvement which causes peace of mind, especially in situations where there are bigger server problems or connectivity problems in the datacenter. My double VPS setting is now working since a couple of weeks without trouble.
Failover DNS produces service interruption for a short while, of which I am notified immediately. The DNS implied downtime is acceptable for us since customers can be notified and are not left in the dark. Also mail stays available.
Next step will be mySQL replication to the VPS-databases; not with tcpdump that needs mySQL to be stopped, but by building replication into the applications we are using. Another adventure ...

 

[zombo]

I'd like to add one important thing in case someone wants to do the same; I wrote that I rsync my /home directory to a secondary VPS and that works fine, however I forgot to mention ist is very important not to rsync the /home/virtfs file to the second server. That is why I use the rsync command with the --exclude-from=myexcludedirs option. myexcludedirs is a simple textfile near my rsync-shellscript in which I have put (each directory name in one single line, nothing else)
.cpan
.cpanm
.cpcpan
cpbackuptmp
cpeasyapache
virtfs
That saved me a *lot* of trouble.