Hello,
We are setting up a proxy, a haproxy server on CentOS 7, to our mail
services (webmail, smtp, pop3, imap, simple and with STARTTLS, or
SSL/TLS as appropriate). The load of the services is considered low. All
clients will be accessing the above services through the new proxy.
Current goal: To provide redundancy (fail-over) of the haproxy server.
I have read: http://www.serverphorums.com/read.php?10,255589 which
provides valuable information, but I would like your opinions, due to
the limitations we face (see below).
All our VPS servers are provided free of charge (we are a non-profit
scientific research foundation) by our ISP, but there are limitations:
- All our servers (DNS, Mail, Web, etc.) are hosted on VPSs (i.e.
they are VMs) on two different data centers (on our ISP's cloud),
i.e. we don't have any local physical servers available
- Each VPS server must have a single (exactly one) distinct
permanent IP Address and a single network interface
- We don't control how each VM is connected to the Internet
- We don't have any SLAs for network or VPS availability
On the good side, the uptime is very high; we rarely face downtime, yet,
we need redundancy for the rare occasions when a VM will not be
available due to hardware or network issues.
It would be enough for us to be able to use two VMs (each running
haproxy with identical configuration), one on each of the two data
centers, as an active/passive pair.
However, under the above circumstances, I find it difficult to use the
usually suggested solutions of keepalived, heartbeat, pacemaker (and any
similar software which causes IP Address changes). A common DNS name
with two A records is not a reliable solution.
So, could you please provide some opinions/advice on how to move on with
our available resources?
Thanks in advance,
Nick
We are setting up a proxy, a haproxy server on CentOS 7, to our mail
services (webmail, smtp, pop3, imap, simple and with STARTTLS, or
SSL/TLS as appropriate). The load of the services is considered low. All
clients will be accessing the above services through the new proxy.
Current goal: To provide redundancy (fail-over) of the haproxy server.
I have read: http://www.serverphorums.com/read.php?10,255589 which
provides valuable information, but I would like your opinions, due to
the limitations we face (see below).
All our VPS servers are provided free of charge (we are a non-profit
scientific research foundation) by our ISP, but there are limitations:
- All our servers (DNS, Mail, Web, etc.) are hosted on VPSs (i.e.
they are VMs) on two different data centers (on our ISP's cloud),
i.e. we don't have any local physical servers available
- Each VPS server must have a single (exactly one) distinct
permanent IP Address and a single network interface
- We don't control how each VM is connected to the Internet
- We don't have any SLAs for network or VPS availability
On the good side, the uptime is very high; we rarely face downtime, yet,
we need redundancy for the rare occasions when a VM will not be
available due to hardware or network issues.
It would be enough for us to be able to use two VMs (each running
haproxy with identical configuration), one on each of the two data
centers, as an active/passive pair.
However, under the above circumstances, I find it difficult to use the
usually suggested solutions of keepalived, heartbeat, pacemaker (and any
similar software which causes IP Address changes). A common DNS name
with two A records is not a reliable solution.
So, could you please provide some opinions/advice on how to move on with
our available resources?
Thanks in advance,
Nick