Installation (Zimbra): Difference between revisions

From vwiki
Jump to navigation Jump to search
(Initial creation - content from Zimbra page)
 
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:
This procedure was written using Zimbra v6 installation, and the reference below, but I've also used it as a guide for v7 (the installation process hasn't changed.  Note that if you are installing on a server with a private address that is to be NAT'ed you'll need ensure that you've got [[Split_DNS_(Zimbra)|Split-DNS]] set-up, and I'd recommend a quick read through the [[Split_DNS_(Zimbra)#DNS Records|DNS requirements]] regardless.
'''Zimbra FOSS Installation Guide'''
 
This procedure was originally written for a Zimbra v6 installation, using the [http://wiki.zimbra.com/ Zimbra Wiki] site as a guide<ref>Especially http://wiki.zimbra.com/index.php?title=Ubuntu_8.04_LTS_Server_%28Hardy_Heron%29_Install_Guide</ref>.  It's since been updated whilst installing v7 (the installation process hasn't changed).  Note that if you are installing on a server with a private address that is to be [[Acronyms#N|NAT]]'ed to a publicly accessible address you'll need ensure that you've got [[Split_DNS_(Zimbra)|Split-DNS]] set-up, and I'd recommend a quick read through the [[Split_DNS_(Zimbra)#DNS Records|DNS requirements]] regardless.
   
   
Reference http://wiki.zimbra.com/index.php?title=Ubuntu_8.04_LTS_Server_%28Hardy_Heron%29_Install_Guide
== Pre-Requisites ==
* '''Working Ubuntu LTS Server installation''' - see [[Installation_(Ubuntu)|Ubuntu Installation]] for further install info, and http://www.zimbra.com/downloads/os-downloads.html for supported OS versions
** Base install with OpenSSH Server
** DNS Server - Only required if you need to use Split DNS and need to provide resolution of the internal IP address of the server (EG you don't have an existing local DNS Server under your control that you can add your Zimbra server in to)
* '''Internet/public IP address'''
** Can be shared with other services so long as there's no TCP port conflicts and you have a router that can perform the appropriate NAT'ing
*** See http://wiki.zimbra.com/wiki/Ports#External_Access for required TCP ports
* '''MX (Mail Exchange) DNS record''' pointing to public IP address
** Additionally an internal only MX record pointing to the server's internal/private IP address - only if you need to use SplitDNS


# Copy the install to the server
=== Server Specification<ref>Zimbra System Requirements for v7.1 - http://www.zimbra.com/docs/shared/7.1/system_requirements/wwhelp/wwhimpl/js/html/wwhelp.htm#href=System_Requirements_7_1.System_Requirements.html</ref> ===
#* EG <code> pscp zcs-6.0.5_GA_2213.UBUNTU8.20100202225756.tgz simons@mail:zcs-6.0.5_GA_2213.UBUNTU8.20100202225756.tgz </code>
 
{| class="vwikitable"
! Specification !! CPU        !! Memory !! Free Disk !! Comments
|-
| Eval / Test  || 1 x 1.5 GHz || 1.5 GB  || 5 GB      || Could be used for low-user count (< 10 active accounts) production environments - but certain operations will be slow.
|-
| Minimum      || 1 x 2.0 GHz || 2 GB  || 10 GB    || Absolute minimum production spec advised by Zimbra
|-
| Recommended  || 2 x 2.0 GHz || 4 GB  || 10 GB    || Recommended minimum production spec advised by Zimbra
|}
 
'''Note: Free Disk does ''not'' include allocation for mail storage''' So you will need additional free space for users data.
 
Memory seems to be the main choke point for Zimbra, and will run a bit faster if you can spare a bit more.  The less RAM the server has, less data can be cached into memory, and so the more disk IO that is required, and consequently the higher demand there will be on getting good IO throughput from the servers disks.<ref>Zimbra Performance Tuning - http://wiki.zimbra.com/wiki/Performance_Tuning_Guidelines_for_Large_Deployments</ref>
 
== Procedure ==
# Locate the appropriate download URL at http://www.zimbra.com/downloads/os-downloads.html, a copy the link to the download
# Download the target of the link to your server (eg here downloading to <code>tmp</code> folder
#* EG <code> wget -P /tmp/ http://files2.zimbra.com/downloads/7.2.0_GA/zcs-7.2.0_GA_2669.UBUNTU10_64.20120410002303.tgz </code>
# Uncompress the package
# Uncompress the package
#* <code> tar -xzf zcs-6.0.5_GA_2213.UBUNTU8.20100202225756.tgz </code>
#* <code> tar -xzf zcs-7.2.0_GA_2669.UBUNTU10_64.20120410002303.tgz </code>
# Start the install
# Start the install
#* <code> ./install.sh </code>
#* <code> ./install.sh </code>
#* The install ''will'' fail due to missing packages!
#* Acceprt the EULA, the install ''will'' fail due to missing packages! Note which are missing.
# Install the missing prerequisite packages
# Install the missing prerequisite packages
#* EG <code> apt-get install libpcre3 libgmp3c2 libstdc++5 sysstat </code>
#* EG <code> apt-get install libperl5.10 sysstat sqlite3</code>
# Restart the install
# Restart the install, accepting the default packages to install
# Part-way through the install will complain about your domain not having a DNS record, change the domain to your publicly registered domain (without server hostname, so <code>sandfordit.com</code> rather than <code>mail.sandfordit.com</code>
# Once the packages are installed the installer may complain about your domain not having a DNS record - <code>DNS ERROR resolving MX for ...</code>
# At the end of the install, address the unconfigured item (ie an admin password)
#* Change the domain to your publicly registered domain (without server hostname, so <code>sandfordit.com</code> rather than <code>mail.sandfordit.com</code>
#* If this fails to resolve the error, there is a problem with your network/DNS setup
# At the end of the base install, address the unconfigured item (ie an admin password)
# Write the config to disk and allow the system to be configured
 
Once the install is completed, login to administer the exchange server using a URL similar to https://your-mail-svr:7071
 
== Post Install Config ==
=== Enforce HTTPS for Clients ===
To enforce user connections using Zimbra Desktop or the web client to [[Acronyms#H|HTTPS]] use the following command as the zimbra user (EG <code> su -zimbra </code>)
zmtlsctl https
 
Requires a restart to take effect...
zmcontrol restart
 
For more info see http://wiki.zimbra.com/wiki/CLI_zmtlsctl_to_set_Web_Server_Mode


Once the install is completed, login to administer the exchange server using https://mail:7071
=== High CPU Workaround ===
Zimbra seems to have some reoccurring issues with regular high CPU spikes, some as often as every minute, caused by background maintenance tasks.  With the increasing prevalence of virtualisation, this appears to be being noticed more frequently by users, and can a reoccurring thread in the forums.  The following can aid in reducing this, which look to limit and reduce the logging retention and failed process checking that occurs.  The config changes are relatively aggressive, so you may wish to alter less from the default.
{| class="vwikitable"
! Command !! Comments !! Default
|-
| <code> zmlocalconfig -e zmmtaconfig_interval=600 </code> || Increase service failure watchdog interval to 600 secs (10 mins) || <code>60</code>
|-
| <code> zmprov mcf zimbraLogRawLifetime 7d </code> || Reduce raw log retention to 7 days || <code>31d</code>
|-
| <code> zmprov mcf zimbraLogSummaryLifetime 30d </code> || Reduce summary log retention to 30 days || <code>730d</code>
|-
| <code> zmprov ms <hostname> -zimbraServiceEnabled logger </code> || Toggles/disables the logger service - I don't do this myself, seems too drastic <br>
Replace <code><hostname></code> with [[Acronyms#F|FQDN]] of your Zimbra server <br>
To check services enabled  <code> zmprov gs <hostname> <nowiki>|</nowiki> grep zimbraServiceEnabled </code>
| Enabled
|}


To enforce https for Zimbra Desktop clients use the following commands (requires a restart to take effect)...
Additionally its common to tune down the frequency of scheduled tasks (edit config file with <code> crontab -e </code>, some lines in table below truncated with <code>...</code>)
<pre>
{| class="vwikitable"
su - zimbra
! Original !! Change to !! Comments
zmtlsctl https
|-  
</pre>
| <code> */2 * * * * /opt/zimbra/libexec/zmstatuslog </code> || <code> */60 * * * * /opt/zimbra/libexec/zmstatuslog </code> || Reduce status logging to hourly (from every 2 mins)
Will cause a bigger CPU spike on the hour.
|-
| <code> 00,10,20,30,40,50 * * * * /opt/zimbra/libexec/zmlogprocess ...</code> || <code> */15 * * * * /opt/zimbra/libexec/zmlogprocess ...</code> || Reduce log processing to every 15 mins
|}


==== High CPU Workaround ====
=== Reduce AV Memory Usage ===
Zimbra seems to have some real issues with constant high CPU spikes every minute, to limit reduce the logging retention and failed process checking.
Anti-virus spawns a number of threads so that it can concurrently process incoming and outgoing email.  If your server isn't expected to under much load and/or you're not too worried about mail queueing waiting to be scanned you can reduce the number of instances of amavisd that get spawned.
<pre>
su - zimbra
zmlocalconfig -e zmmtaconfig_interval=6000
zmprov mcf zimbraLogRawLifetime 7d
zmprov mcf zimbraLogSummaryLifetime 30d
/opt/zimbra/libexec/zmlogprocess


crontab -e
The default is 10 processes.  Reducing the number of process may reduce the amount of RAM used by AV scanning may allow other components of the system to use more RAM, effectively improving the responsiveness of the server, at the expense of reducing the speed of email delivery.  However,you may find that each process is now using more RAM so overall usage hasn't decreased.
*/60 * * * * /opt/zimbra/libexec/zmstatuslog
</pre>


* <code> zmlocalconfig -e zmmtaconfig_interval=6000 </code>
Log in to your server and as the zimbra user edit <code>/opt/zimbra/conf/amavisd.conf.in</code> and change the <code>$max_servers</code> config line.  No less than 2 is recommended, eg
** Increase service failure watchdog interval to 6000 secs
* <code>$max_servers = 5; </code>


'''Above seems to help, but doesn't fix things...!'''
== References ==
Additionally, to disable the logging process, maybe (uncomplete)
<references />
<pre>
su - zimbra
hostname                # Gives your server's hostname
zmprov ms <hostname> -zimbraServiceEnabled logger
</pre>


[[Category:Zimbra]]
[[Category:Zimbra]]

Latest revision as of 21:32, 7 September 2014

Zimbra FOSS Installation Guide

This procedure was originally written for a Zimbra v6 installation, using the Zimbra Wiki site as a guide[1]. It's since been updated whilst installing v7 (the installation process hasn't changed). Note that if you are installing on a server with a private address that is to be NAT'ed to a publicly accessible address you'll need ensure that you've got Split-DNS set-up, and I'd recommend a quick read through the DNS requirements regardless.

Pre-Requisites

  • Working Ubuntu LTS Server installation - see Ubuntu Installation for further install info, and http://www.zimbra.com/downloads/os-downloads.html for supported OS versions
    • Base install with OpenSSH Server
    • DNS Server - Only required if you need to use Split DNS and need to provide resolution of the internal IP address of the server (EG you don't have an existing local DNS Server under your control that you can add your Zimbra server in to)
  • Internet/public IP address
  • MX (Mail Exchange) DNS record pointing to public IP address
    • Additionally an internal only MX record pointing to the server's internal/private IP address - only if you need to use SplitDNS

Server Specification[2]

Specification CPU Memory Free Disk Comments
Eval / Test 1 x 1.5 GHz 1.5 GB 5 GB Could be used for low-user count (< 10 active accounts) production environments - but certain operations will be slow.
Minimum 1 x 2.0 GHz 2 GB 10 GB Absolute minimum production spec advised by Zimbra
Recommended 2 x 2.0 GHz 4 GB 10 GB Recommended minimum production spec advised by Zimbra

Note: Free Disk does not include allocation for mail storage So you will need additional free space for users data.

Memory seems to be the main choke point for Zimbra, and will run a bit faster if you can spare a bit more. The less RAM the server has, less data can be cached into memory, and so the more disk IO that is required, and consequently the higher demand there will be on getting good IO throughput from the servers disks.[3]

Procedure

  1. Locate the appropriate download URL at http://www.zimbra.com/downloads/os-downloads.html, a copy the link to the download
  2. Download the target of the link to your server (eg here downloading to tmp folder
  3. Uncompress the package
    • tar -xzf zcs-7.2.0_GA_2669.UBUNTU10_64.20120410002303.tgz
  4. Start the install
    • ./install.sh
    • Acceprt the EULA, the install will fail due to missing packages! Note which are missing.
  5. Install the missing prerequisite packages
    • EG apt-get install libperl5.10 sysstat sqlite3
  6. Restart the install, accepting the default packages to install
  7. Once the packages are installed the installer may complain about your domain not having a DNS record - DNS ERROR resolving MX for ...
    • Change the domain to your publicly registered domain (without server hostname, so sandfordit.com rather than mail.sandfordit.com
    • If this fails to resolve the error, there is a problem with your network/DNS setup
  8. At the end of the base install, address the unconfigured item (ie an admin password)
  9. Write the config to disk and allow the system to be configured

Once the install is completed, login to administer the exchange server using a URL similar to https://your-mail-svr:7071

Post Install Config

Enforce HTTPS for Clients

To enforce user connections using Zimbra Desktop or the web client to HTTPS use the following command as the zimbra user (EG su -zimbra )

zmtlsctl https

Requires a restart to take effect...

zmcontrol restart

For more info see http://wiki.zimbra.com/wiki/CLI_zmtlsctl_to_set_Web_Server_Mode

High CPU Workaround

Zimbra seems to have some reoccurring issues with regular high CPU spikes, some as often as every minute, caused by background maintenance tasks. With the increasing prevalence of virtualisation, this appears to be being noticed more frequently by users, and can a reoccurring thread in the forums. The following can aid in reducing this, which look to limit and reduce the logging retention and failed process checking that occurs. The config changes are relatively aggressive, so you may wish to alter less from the default.

Command Comments Default
zmlocalconfig -e zmmtaconfig_interval=600 Increase service failure watchdog interval to 600 secs (10 mins) 60
zmprov mcf zimbraLogRawLifetime 7d Reduce raw log retention to 7 days 31d
zmprov mcf zimbraLogSummaryLifetime 30d Reduce summary log retention to 30 days 730d
zmprov ms <hostname> -zimbraServiceEnabled logger Toggles/disables the logger service - I don't do this myself, seems too drastic

Replace <hostname> with FQDN of your Zimbra server
To check services enabled zmprov gs <hostname> | grep zimbraServiceEnabled

Enabled

Additionally its common to tune down the frequency of scheduled tasks (edit config file with crontab -e , some lines in table below truncated with ...)

Original Change to Comments
*/2 * * * * /opt/zimbra/libexec/zmstatuslog */60 * * * * /opt/zimbra/libexec/zmstatuslog Reduce status logging to hourly (from every 2 mins)

Will cause a bigger CPU spike on the hour.

00,10,20,30,40,50 * * * * /opt/zimbra/libexec/zmlogprocess ... */15 * * * * /opt/zimbra/libexec/zmlogprocess ... Reduce log processing to every 15 mins

Reduce AV Memory Usage

Anti-virus spawns a number of threads so that it can concurrently process incoming and outgoing email. If your server isn't expected to under much load and/or you're not too worried about mail queueing waiting to be scanned you can reduce the number of instances of amavisd that get spawned.

The default is 10 processes. Reducing the number of process may reduce the amount of RAM used by AV scanning may allow other components of the system to use more RAM, effectively improving the responsiveness of the server, at the expense of reducing the speed of email delivery. However,you may find that each process is now using more RAM so overall usage hasn't decreased.

Log in to your server and as the zimbra user edit /opt/zimbra/conf/amavisd.conf.in and change the $max_servers config line. No less than 2 is recommended, eg

  • $max_servers = 5;

References