Installation v8 (Zimbra)

From vwiki
Revision as of 11:53, 5 June 2022 by Sstrutt (talk | contribs) (Initial creation from v6/v7 page (still WIP))
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Zimbra FOSS Installation Guide

Note that if you are installing on a server with a private address that is to be NAT'ed to a publicly accessible address you'll need ensure that you've got Split-DNS set-up, and I'd recommend a quick read through the DNS requirements regardless.

Pre-Requisites

  • Working Ubuntu LTS Server installation - see Ubuntu Installation for further install info together with https://www.zimbra.com/downloads/zimbra-collaboration-open-source/ (will redirect you to a trail registration page that you need to complete 1st, have never been contacted by them)
    • Base install with OpenSSH Server
    • DNS Server - Only required if you need to use Split DNS and need to provide resolution of the internal IP address of the server (EG you don't have an existing local DNS Server under your control that you can add your Zimbra server in to)
  • Internet/public IP address
  • MX (Mail Exchange) DNS record pointing to public IP address
    • Additionally an internal only MX record pointing to the server's internal/private IP address - only if you need to use SplitDNS

Server Specification[1]

Specification CPU Memory Free Disk Comments
Minimum 1 x 2.0 GHz 4 GB 10 GB Below Zimbra minimum spec, but workable for a small number of accounts (eg <10 active mailboxes)
Recommended 2 x 2.0 GHz 8 GB 10 GB Recommended minimum production spec advised by Zimbra

Note: Free Disk does not include allocation for mail storage So you will need additional free space for users data.

Memory seems to be the main choke point for Zimbra, and will run a bit faster if you can spare a bit more. The less RAM the server has, less data can be cached into memory, and so the more disk IO that is required, and consequently the higher demand there will be on getting good IO throughput from the servers disks.[2]

Procedure

  1. Locate the appropriate download URL at https://www.zimbra.com/try/zimbra-collaboration-open-source/, aand copy the link to the download
  2. Download the target of the link to your server
  3. Uncompress the package
    • tar xzf zcs-8.8.15_GA_4179.UBUNTU20_64.20211118033954.tgz
  4. Change directory into the folder and start the install (needs to be run as root, using sudo works)
    • EG cd zcs-8.8.15_GA_4179.UBUNTU20_64.20211118033954
    • ./install.sh
    • Accept the EULA, update your /etc/hosts file if required and restart
  5. When prompted accept using Zimbra's package repository
  6. Accept the default packages except zimbra-dnscache (unless you know of any others you specifically want to exclude as well)
  7. Answer Y to the The system will be modified. Continue? query
    • The install will proceed, note that some steps take longer and the install script might appear to hang occasionally
  8. Once the packages are installed the installer may complain about your domain not having a DNS record - DNS ERROR resolving MX for ...
    • Change the domain to your publicly registered domain (without server hostname, so sandfordit.com rather than mail.sandfordit.com
    • If this fails to resolve the error, there is a problem with your network/DNS setup
    • If this is a new server that you don't want to receive inbound email immediately create a low priority MX record temporarily
  9. At the end of the base install, address the unconfigured item (ie an admin password)
  10. Write the config to disk and allow the system to be configured

Once the install is completed, login to administer the exchange server using a URL similar to https://your-mail-svr:7071

Post Install Config

Enforce HTTPS for Clients

To enforce user connections using Zimbra Desktop or the web client to HTTPS use the following command as the zimbra user (EG su -zimbra ) 

zmtlsctl https

Requires a restart to take effect... 

zmcontrol restart

For more info see http://wiki.zimbra.com/wiki/CLI_zmtlsctl_to_set_Web_Server_Mode

High CPU Workaround

Zimbra seems to have some reoccurring issues with regular high CPU spikes, some as often as every minute, caused by background maintenance tasks. With the increasing prevalence of virtualisation, this appears to be being noticed more frequently by users, and can a reoccurring thread in the forums. The following can aid in reducing this, which look to limit and reduce the logging retention and failed process checking that occurs. The config changes are relatively aggressive, so you may wish to alter less from the default.

Command Comments Default
zmlocalconfig -e zmmtaconfig_interval=600 Increase service failure watchdog interval to 600 secs (10 mins) 60
zmprov mcf zimbraLogRawLifetime 7d Reduce raw log retention to 7 days 31d
zmprov mcf zimbraLogSummaryLifetime 30d Reduce summary log retention to 30 days 730d
zmprov ms <hostname> -zimbraServiceEnabled logger Toggles/disables the logger service - I don't do this myself, seems too drastic

Replace <hostname> with FQDN of your Zimbra server
To check services enabled zmprov gs <hostname> | grep zimbraServiceEnabled

Enabled

Additionally its common to tune down the frequency of scheduled tasks (edit config file with crontab -e , some lines in table below truncated with ...)

Original Change to Comments
*/2 * * * * /opt/zimbra/libexec/zmstatuslog */60 * * * * /opt/zimbra/libexec/zmstatuslog Reduce status logging to hourly (from every 2 mins)

Will cause a bigger CPU spike on the hour.

00,10,20,30,40,50 * * * * /opt/zimbra/libexec/zmlogprocess ... */15 * * * * /opt/zimbra/libexec/zmlogprocess ... Reduce log processing to every 15 mins

Reduce AV Memory Usage

Anti-virus spawns a number of threads so that it can concurrently process incoming and outgoing email. If your server isn't expected to under much load and/or you're not too worried about mail queueing waiting to be scanned you can reduce the number of instances of amavisd that get spawned.

The default is 10 processes. Reducing the number of process may reduce the amount of RAM used by AV scanning may allow other components of the system to use more RAM, effectively improving the responsiveness of the server, at the expense of reducing the speed of email delivery. However,you may find that each process is now using more RAM so overall usage hasn't decreased.

Log in to your server and as the zimbra user edit /opt/zimbra/conf/amavisd.conf.in and change the $max_servers config line. No less than 2 is recommended, eg

  • $max_servers = 5;

References

  1. Zimbra System Requirements for v8.5 - https://www.zimbra.com/open-source-email-overview/ (will redirect you to a trail registration page, no financial info or commitment required)
  2. Zimbra Performance Tuning - http://wiki.zimbra.com/wiki/Performance_Tuning_Guidelines_for_Large_Deployments
Retrieved from ‘https://vwiki.co.uk/index.php?title=Installation_v8_(Zimbra)&oldid=2745