Sun Cluster HA for Netscape Mail can be used with Netscape Messaging Server or with Netscape Mail. This section describes the steps to take when installing Netscape Messaging Server to enable it to run as the Sun Cluster HA for Netscape Mail data service. If you are using Netscape Mail, see "Netscape Mail".
The Sun Cluster HA for Netscape Mail data service is an asymmetric data service. Only one logical host in the cluster provides mail services.
The Sun Cluster HA for Netscape Mail service fault probing might cause /var/log/syslog to fill up quickly. To avoid this, disable logging of mail.debug messages in the /etc/syslog.conf file by commenting out the mail.debug entry and sending a HUP signal to the syslogd(1M) daemon.
Netscape Messaging Server introduces new concepts and features different from those included in Netscape Mail. The following sections describe these concepts and features, as well as the Netscape Messaging Server installation and configuration procedures.
Netscape Messaging Server introduces the concept of a server root, a directory which contains a complete installation of Netscape Messaging Server and configured instances for the installation, with one minor exception: the /etc/nsserver.cfg file resides outside of the server root and contains a list of all server roots on a node. Note, however, that Sun Cluster 2.2 allows only one Netscape Messaging Server instance per server root, and only one server root per logical host--hence, one instance per logical host.
At time of installation, Netscape Messaging Server requires that a configuration directory server be available to it, because during the installation, Netscape Messaging Server contacts the configuration directory server and populates it with configuration information. After initial installation, Netscape Messaging Server copies the configuration data back to its local cache, after which the external configuration directory server is no longer strictly relied upon. If the configuration directory server becomes unavailable, Netscape Messaging Server will emit warning messages stating that it is starting up with configuration data from its own local cache. These messages are expected and harmless.
If you choose to install the Netscape Directory Server to serve Netscape Messaging Server, you can make Netscape Directory Server highly available by also installing and configuring Sun Cluster HA for Netscape LDAP. For more information about Sun Cluster HA for Netscape LDAP, see "Netscape Directory Server (LDAP)".
Netscape Messaging Server includes five separate daemons: smtpd, popd, imapd, mshttpd, and stored. These daemons can be stopped and started individually, and can fail individually.
Sun Cluster HA for Netscape fault monitoring checks that daemon processes exist and that protocol services are available. During process existing checking, the fault probe periodically verifies that a daemon exists. The fault probe interprets any daemon absence as an application failure, and takes action based on the current configuration parameters. During protocol probing, the fault probe periodically checks the daemon and takes action only in response to error codes indicating a timeout. The default timeout value set by Sun Cluster HA for Netscape is 660 seconds, to prevent inadvertent failovers in situations where a server is simply slow to respond.
Because this fault monitoring model relies on a fully active mail server, you must always turn off the Sun Cluster HA for Netscape data service (using hareg -n) before you perform any administrative tasks that require a daemon to stop. Otherwise the fault probe will take action. Turn on the data service (using hareg -y) only after completing the administrative task.
Sun Cluster HA for Netscape monitors the smtpd, popd, and imapd daemons with both process existence checking (using the local probe) and protocol probing (using both local and remote probes). Sun Cluster HA for Netscape monitors the mshttpd and stored daemons with only process existence checking (using the local probe). The mshttpd and stored daemons are never checked by a remote probe. Therefore, if an mshttpd process exists but is stalled, Sun Cluster HA for Netscape will take no action; once you notice that web mail clients are unable to connect, you must restart the mshttpd process manually.
Sun Cluster HA for Netscape does not monitor any SNMP subagents.
Netscape Messaging Server requires use of a user/group directory, which was optional with Netscape Mail 3.5. The user/group directory is an LDAP directory used by the messaging server to process email. You can install and start the messaging server before configuring the user/group directory, but the messaging server depends upon access to the user/group directory after installation. Because of this dependency, the directory server that services the user/group directory should be installed on the multihost disk or on another clustered server, so as to be highly available.
The configuration directory and user/group directory can be serviced by the same directory server instance or by different instances.
The following dependencies and restrictions apply to Netscape Messaging Server on Sun Cluster 2.2.
When you install Netscape Messaging Server, the listener daemons popd, smtpd, imapd, mshttpd, and stored must be configured as active, and must be configured on their default ports. If not, the startup and fault monitoring programs will perceive the daemons as inactive, and will take action based on the current configuration parameters. Further, if these two conditions are not met, the Netscape Messaging Server instance will not start successfully. See "Fault Monitoring Behavior" for more information.
You can configure only one Netscape Messaging Server instance per server root, and only one server root per logical host--hence, one Netscape Messaging Server instance per logical host.
The Netscape Messaging Server Multiplexor feature is not supported with Sun Cluster 2.2. Because the Multiplexor requires services located outside the server root, the Multiplexor cannot be probed or failed over by Sun Cluster HA for Netscape.
Though Netscape Messaging Server supports SSL-enabled listening for some of its protocols, the separate ports using SSL are not fault probed by Sun Cluster HA for Netscape. Basic restart and failover is supported, however, for any Netscape Messaging Server instances listening on SSL-enabled ports.
Netscape Messaging Server supports SMTP plug-ins--shared libraries that you can install and configure to be used by Netscape Messaging Server for customized SMTP processing. If you configure Netscape Messaging Server to use SMTP plug-ins, then be sure to protect the shared libraries with Sun Cluster. Do this by placing the libraries on the shared disk, preferably within the Netscape Messaging Server server root tree, or by placing the libraries on local disks on each potential master node.
Netscape Messaging Server supports sophisticated access control on a service-by-service basis for its TCP-based services (IMAP, POP, HTTP, and SMTP). You can enable this feature by creating filters to screen access to servers. However, if you create filters, do so with care so that you do not prevent root on any potential master from connecting to any of the Netscape Messaging Server protocol servers. If root is prevented from connecting to any of the protocol servers, the data service probe that tests protocol service availability will fail, triggering Sun Cluster HA for Netscape to take action based on the current configuration parameters. This behavior will continue indefinitely until the filter in question is removed or the probe terminated. Make sure that root access is enabled from all nodes that are potential masters of the protocol servers.
Use the following procedure to install Netscape Messaging Server with Sun Cluster.
Install Netscape Messaging Server on only one cluster node. You will install all components into one server root residing on the shared disk (see "Server Root Concept"). This server root automatically becomes available to other nodes as necessary, in case of failover or switchover.
Cluster-specific guidelines are included where applicable. You must have root privileges to perform the installation.
In the examples throughout this procedure, the logical host name is hahost1, the Netscape Messaging Server instance name is nms, and the LDAP instance name is ldap.
Configure a user account on the cluster.
Perform the following command from the cluster console. Choose any name for the user account. The default is mailsrv.
# useradd -c nms_userid -d /export/mailsrv -g nobody -m mailsrv |
Install Netscape Messaging Server using the scinstall(1M) command.
See Chapter 3, Installing and Configuring Sun Cluster Software for details about using scinstall(1M).
# scinstall |
From only one cluster node, start the Netscape Messaging Server setup script from the install directory.
# ./setup ... Welcome to the Netscape Server Family installation program This program will install Netscape Server products and the Netscape Console on your computer. It is recommended that you have "root" privilege to install the software. During the installation: - Press "Return" to choose the default and go to the next screen - Type "Control-B" to go back to the previous screen - Type "Control-C" to cancel the installation program - Enter comma-separated list of numbers, e.g. 1, 2, 3, for selection of multiple items. Would you like to continue with setup? [Yes]: Y BY INSTALLING THIS SOFTWARE YOU ARE CONSENTING TO BE BOUND BY AND ARE BECOMING A PARTY TO THE AGREEMENT FOUND IN THE LICENCE.TXT FILE. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, PLEASE DO NOT INSTALL OR USE THIS SOFTWARE Do you agree to the license terms? [No]: Y |
Choose to install the Netscape Servers.
The Netscape Servers are required. The Netscape Console is optional.
Please select what you would like to install: 1. Netscape Servers Install Netscape Servers and the integrated Netscape Console onto your computer. 2. Netscape Console This will install the Netscape Console as a stand-alone Java application on your desktop or laptop. To accept the default shown in brackets, press the Return key. Please select the component you want to install [1]: 1 |
Select Custom installation.
Please select the installation type for this installation: 1. Express installation Allow you to quickly install the servers using the most. common options and pre-defined defaults. Useful for quick evaluation of the products. 2. Typical installation Allow you to specify common defaults and options. 3. Custom installation Allow you to specify more advanced options. This is only recommended for experienced server administrators. To accept the default shown in brackets, press the Return key. Choose your installation type [2]: 3 |
Specify an install directory on the logical host.
Do not accept the default. Specify a location on the logical host.
This program will extract the server files from the distribution media and install them into a directory you specify. This directory is called the server root and will contain the server programs, the Administration Server, and the server configuration files. To accept the default shown in brackets, press the Return key. Server root [/usr/netscape/server4]: /hahost1/nsm |
Select the Netscape Server Family components.
The Netscape Server Family Core Components, Netscape Administration Services, and Netscape Messaging Suite are required. See your Netscape documentation for more information about these features.
The Netscape Directory Suite components are optional, but you must have a directory server available for the configuration directory if you do not plan to install Netscape Directory Suite now. Step 14 requires specification of a directory server instance for the configuration directory. See "Dependence on a Configuration Directory Server" for more information.
Netscape Server Family components: Components with a number in () contain additional subcomponents which you can select using subsequent screens. 1. Netscape Server Family Core Components (3) 2. Netscape Directory Suite (2) 3. Administration Services (2) 4. Netscape Messaging Suite (3) Specify the components you wish to install [All]: 1, 3, 4 |
Select the Netscape Server Family Core Components you want to install.
See your Netscape documentation for more information about these features.
Netscape Server Family Core Components components: Components with a number in () contain additional subcomponents which you can select using subsequent screens. 1. Netscape Server Family Core Components 2. Netscape Core Java classes 3. Java Runtime Environment Specify the components you wish to install [1, 2, 3]: 1 |
Select the Directory Suite components you want to install.
See your Netscape documentation for more information about these features.
Netscape Directory Suite components: Components with a number in () contain additional subcomponents which you can select using subsequent screens. 1. Netscape Directory Server 2. Netscape Directory Server Console Specify the components you wish to install [1, 2]: |
Select the Administration Services components you want to install.
See your Netscape documentation for more information about these features.
Administration Services components: Components with a number in () contain additional subcomponents which you can select using subsequent screens. 1. Netscape Administration Server 2. Netscape Console Specify the components you wish to install [1, 2]: |
Select the Netscape Messaging Suite components you want to install.
Netscape Messaging Server is required. Multiplexor and Mailstone Tools are optional. See your Netscape documentation for more information about these features.
Netscape Messaging Suite components: Components with a number in () contain additional subcomponents which you can select using subsequent screens. 1. Netscape Messaging Server 2. Netscape Messaging Multiplexor 3. Netscape Messaging Server Mailstone Tools Specify the components you wish to install [1]: 1 |
Specify the logical host name and domain name of the node.
Specify the fully qualified name of the logical host.
Enter the fully qualified domain name of your machine. A fully qualified domain name is of the type <hostname>.<domainname> (e.g. foobar.widget.com). To accept the default shown in brackets, press the Return key. Machine's name [ ]: hahost1.eng.sun.com |
Create UNIX users and groups.
Specify your preferences. No cluster-specific requirements exist for this step.
Choose a UNIX user and group to run individual Netscape server as. It is recommended that this user should have no privileges in the rest of the system. The Administration Server will give this group some permissions in the server root to perform server-specific operations. You should create this user and group using your native UNIX system utilities if they do not already exist. Example for this user: nobody or nsuser or your choice... Example for this group: nobody or nsgroup or your choice... To accept the default shown in brackets, press the Return key. System User [nobody]: System Group [nobody]: |
If you did not specify a configuration directory server in Step 2, install the Netscape Configuration Directory Server now.
See "Dependence on a Configuration Directory Server" for more information.
Netscape server information is stored in the Netscape configuration directory server, which you may have already set up. If so, you should configure this server to be managed by the configuration server. To do so, the following information about the configuration server is required: the fully qualified host name of the form <hostname>.<domainname>(e.g. hostname.domain.com), the port number, the suffix, and the DN and password of a user having permission to write the configuration information, usually the Netscape configuration directory administrator. If you want to install this software as a standalone server, or if you want this instance to serve as your Netscape configuration directory server, press Enter. Do you want to register this software with an existing Netscape configuration directory server? [No]: |
Specify the directory server you will use to store data.
This screen appears only if you are installing Netscape Directory Server (that is, if your selection includes item 2, Netscape Directory Suite, in Step 7). If you answer no, the user/group directory is placed on the directory server you are installing now. If you answer yes, a series of screens will prompt you for more information about an alternate directory.
If you already have a directory server you want to use to store your data, such as user and group information, answer Yes to the following question. You will be prompted for the host, port, suffix, and bind DN to use for that directory server. If you want this directory server to store your data, answer No. Do you want to use another directory to store your data? [No]: |
Specify the listener port.
Specify the same port used as the LDAP listener port.
The directory server usually listens to network port 389. You may accept this as the default by pressing Enter. If you want the directory server to listen to a different port, enter the port number and press Enter. Only the superuser may use port numbers less than 1024. Directory server network port [389]: |
Specify the unique identifier for this directory server instance.
Each instance of a directory server requires a unique identifier. Press Enter to accept the default, or type in another name and press Enter. Directory server identifier [phys-hahost1]: ldap-hahost1 |
Specify an administrator ID.
Please enter the administrator ID for the Netscape configuration directory server. This is the ID typically used to log in to the console. You will also be prompted for the password. Netscape configuration directory server admin ID [admin]: root Password: Password (again): |
Specify the suffix (the root of your directory tree).
The suffix is the root of your directory tree. You may have more than one suffix. Suffix [o=sun.com]: |
Specify the administrative user.
Certain directory server operations require an administrative user. This user is referred to as the Directory Manager and typically has a bind Distinguished Name (DN) of cn=Directory Manager. Press Enter to accept the default value, or enter another DN. In either case, you will be prompted for the password for this user. The password must be at least 8 characters long. Directory Manager DN [cn=Directory Manager]: Password: Password (again): |
Specify the Administrative Domain name, if you are using this feature.
The Administration Domain is a part of the configuration directory server used to store information about Netscape software. If you are managing multiple software releases at the same time, or managing information about multiple domains, you may use the Administration Domain to keep them separate. If you are not using administrative domains, press Enter to select the default. Otherwise, enter some descriptive, unique name for the administration domain, such as the name of the organization responsible for managing the domain. Administration Domain [sun.com]: |
Configure replication on this directory server.
Replication is used to duplicate all or part of a directory server to another directory server. This can be used for failsafe purposes, to ensure that the directory data is always online and up-to-date in case one server goes down. It is also useful for distributing directory data from a central main repository to remote directory servers. Do you want to configure this directory server to use replication? [No]: |
Install sample entries.
You may install some sample entries in this directory instance. These entries will be installed in a separate suffix and will not interfere with the normal operation of the directory server. Do you want to install the sample entries? [No]: |
Populate the directory instance with data.
You may wish to populate your new directory instance with some data. You may already have a file in LDIF format to use or some suggested entries can be added. If you want to import entries from an LDIF file, you may type in the full path and filename at the prompt. If you want the install program to add the suggested entries, type the word suggest at the prompt. The suggested entries are common container entries under your specified suffix, such as ou=People and ou=Groups, which are commonly used to hold the entries for the persons and groups in your organization. If you do not want to add any of these entries, type the word none at the prompt. Type the full path and filename, the word suggest, or the word none [suggest]: |
Enable or disable schema checking.
If you are going to import an old database immediately after or during installation, and you think you may have problems with your old schema, you may want to turn off schema checking until after the import. If you choose to do this, schema checking will remain off until you manually turn it back on. Netscape recommends that you turn it back on as soon as possible. Do you want to disable schema checking? [No]: |
Specify a port number for the Administration Server.
Choose any free port.
The Administration Server is separate from any of your application servers since it listens to a different port and access to it is restricted. Pick a port number between 1024 and 65535 to run your Administration Server on. You should NOT use a port number which you plan to run an application server on, rather, select a number which you will remember and which will not be used for anything else. The default in brackets was randomly selected from the available ports on your system. To accept the default, press return. Administration port [15956]: |
Configure an IP address for the Administration Server.
If you want to configure the Administration Server to bind to a specific IP address rather than the default IP address of the current host, enter the address below. To accept the default shown in brackets, press the Return key. IP address: |
Specify root as the Server Administrator ID.
Server administration is restricted to people who know the Server Administrator user ID and password, and to people who access the server from a host you specify. When you access the Administration Server, it will prompt you for the Server Administrator user ID and password. Please select a user ID and password. Server Administrator ID [admin]: root |
Specify a user for the Administration Server.
The Administration Server program runs as a certain user on your system. This user should be different than the one which your application servers run as. Only the user you select will be able to write to your configuration files. If you run the Administration Server as "root", you will be able to use the Server Administration screen to start and stop your application servers. Run Administration Server as [root]: |
Create a new server instance.
This installer allows you to create a new server instance now. You will need to have the following information handy, in order to create a server instance. 1. Unix user account for the server to run as 2. User account to be notified of messages sent to 'postmaster' Do you wish to create a new server instance at this time? [yes]: yes |
Specify a default domain for the Messaging Server.
The Messaging Server needs a default domain. This information is used by the server when performing functions like routing and serving messaging clients. Enter the default domain you wish Messaging Server to use [sunsoft.eng.sun.com]: sun.com |
Specify the fully qualified logical host name as the default host.
The Messaging Server needs a default host name. This information is used by the server when performing functions like routing and serving messaging clients. Enter the host name you wish Messaging Server to use [hahost1.eng.sun.com]: <return> |
Specify a name for this instance of the Messaging Server.
The Messaging Server needs a server ID in the current server root. You will refer to the server instance you are creating using this server ID. The server administration utilities and configuration information depend on this information. Enter the server ID you wish Messaging Server to use [msg-phys-hahost1]: nms-hahost1 |
Specify the Messaging Server user that you created in Step 2.
The Messaging Server runs as a non-privileged user. This account must exist on this system. It is recommended that this user be a member of the Netscape server group you defined earlier in this installation (i.e. nobody). Enter the user you wish Messaging Server to run as [mailsrv]: |
Specify the postmaster account, LDAP distinguished name, and email address.
See your Netscape Messaging Server documentation for guidelines about the postmaster account.
The Messaging Server needs a postmaster account for the Users/ Groups Directory Server that you are using. ldap://hahost1.domain.sun.com:389/o=sun.com The installer will create a postmaster account now. Error and informational messages will be sent by the Messaging Server to this account. Press any key to continue: <return> ... Enter the postmaster's DN [cn=postmaster, o=sun.com]: <return> ... Enter the postmaster's e-mail address: postmaster@hahost1.domain.sun.com |
Accept the default ports for SMTP, IMAP, POP3, and Webmail.
The Messaging Server needs a port number for the SMTP daemon to listen to. The standard network port is 25. However, you can choose other ports. Enter the SMTP port you wish Messaging Server to use [25]:<return> ... Enter the IMAP port you wish Messaging Server to use [143]:<return> ... Enter the POP3 port you wish Messaging Server to use [110]:<return> ... Enter the Webmail port you wish Messaging Server to use [80]: <return> |
Specify a directory for mail queuing.
The Messaging Server needs a directory where mail is queued before it is delivered to individual mailboxes or other servers. This directory should be secure enough to prevent undesirable eavesdropping or tampering. Enter the queue directory you wish the Messaging Server to use [/hahost1/nms/msg-nms/queue]: |
Specify a directory for creation of mailboxes.
The Messaging Server needs a directory where mailboxes are created for user accounts and e-mail messages are stored. This directory should be secure enough to prevent undesirable eavesdropping or tampering and large enough to hold the e-mail messages of all the user accounts you intend to create on this server. Enter the store directory you wish the Messaging Server to use [/hahost1/nms/msg-nms-hahost1/store/partition/primary]: |
Create a Webmail end user administration account.
The Messaging Server requires a Webmail end user administration account. This account will exist in the Users/Groups Directory Server and must have privileges to manage the Webmail preferences of any user. Enter the name and password of the end user administrator. NOTE: If this account doesn't exist, it will be created and the required privileges will be given to the account. Webmail end user admin's uid: [webmail]: Password: Password (again): |
Specify which server instances should start after installation.
The server instances the installer will create are listed below. Choose the server instances you wish to start after the installation. Enter 'none' if you want none of the servers to be started. 1. msg-nms-hahost1Which server instances do you wish to start up? [All]: |
Verify the Messaging Server parameters.
Listed below are all the parameters you specified that create a Messaging Server instance. Please check to make sure they are correct.Press '^B' to go back to the dialogs you visited and correct them if necessary When you are done, press enter to continue. Domain : sun.com Hostname : hahost1.domain.sun.com Server ID : msg-nms-hahost1 Server User : mailsrv SMTP Port : 25 IMAP Port : 143 POP3 Port : 110 Webmail Port : 80 Queue Directory : /hahost1/nms/msg-nms-hahost1/queue Store Directory : /hahost1/nms/msg-nms-hahost1/store/part <enter> ... |
The setup program now uses the parameters you specified to set up and start the Netscape Messaging Server components you configured.
Decide whether to retain the installation cache, install.inf.
... The installation cache "install.inf" generated by the setup program is located in the server root's setup directory. This file can be used as a silent installation script for installation of similar servers on other machines. It, however, may contain sensitive information such as user IDs and passwords you have entered.Would you like to remove it? [Yes]: No |
Stop the Messaging Server manually.
Run this command from the node currently mastering the server root on the shared disk.
# cd /hahost1/nms/nms_instancename # ./stop-msg |
Proceed to "Configuring the Sun Cluster HA for Netscape Data Services".