ISP-LDAP-HOWTO
  1. Introduction
    1. Goal
    2. Contributors/Acknowledgements
    3. Revision History
    4. Feedback
  2. Requirements
  3. Installing/Compiling
  4. Network Layout
  5. Optimizations (how to make it more scalable/faster)
    1. qmail patches
    2. LDAP replication
    3. Apache/Tux
  6. Hardware
  7. Performance

Introduction

Goal:
 Create a

mail and webhosting system using:
  • LVS - for clustering/load balancing
  • qmail-LDAP/Control - for SMTP services
  • OpenLDAP - for authentication and account directory
  • Apache - for HTTP services
  • ProFTPD - for FTP services
  • NFS/GFS -- for file storage
  • FreeRADIUS - for RADIUS authentication
  • ISPMAN - for administration/account management


Contributors/Acknowledgements:

This is a big part of a project I am doing for my employer.
Contributions/suggestions are very welcome.


Revision History:


Feedback:
 Would anyone like to setup a mailing list? (if not I will set one up)


Requirements:
Package Name Official Site
PERL 5.7.1 download
MM download
pam_ldap download
nss_ldap download
Cyrus SASL download
OpenSSL download
OpenLDAP download
FreeRADIUS download
ProFTPD download
PHP 4 download
mod_ssl download
mod_frontpage download
mod_throttle download
mod_perl download
FrontPage 2002 download
Apache 1.3.20 download
mod_log_spread download
Spread - for ^ download
ucspi-tcp download
daemontools download
qmail-1.03 download
qmail-ldap download
qmail-ldap-control download
smtp-auth download
rbltag download
webalizer download
ispman download
*dead* ispman-qmail-cyrus download


Installing/Compiling:


Network Layout:
 

--------------------------- <- external/public  network
       |           |
      director1    director2
       |           |
--------------------------- <- internal network
     |         |         |
   node1     node2     node3   ...   
     |         |         |
--------------------------- <- 'nfs' net
        |            |
      NFS1         NFS2
        |            |
         \____   ____/
              | |
              ---           <- Shared SCSI Array with 2 controllers for redundancy
pretty picture


Optimizations:

Optimizing qmail
 There are several patches and modifications that can be
made to qmail to enable it to run faster, with less memory, etc.
The authoritative place for information on running qmail in high
volume email envrionments is here.

  • big-todo patch
  • concurrency > 240 patch


Optimizing OpenLDAP
 There are several ways to optimize OpenLDAP.

The OpenLDAP FAQ's performance tuning section
might provide some valuable hints for you.
If the above link doesn't work, here are the links to follow in the FAQ:
OpenLDAP Faq-O-Matic -> OpenLDAP Software FAQ -> Configuration -> SLAPD Configuration -> Performance Tuning

You can also replicate the ldap database to each node in the cluster (you'll need slurpd for this) from your primary ldap server and reconfigure
all of the services running on the nodes to access the local ldap server.


Optimizing http services
 If you need to service a higher number of http requests than you cluster can currently handle
with Apache, you might want to use Tux to serve static content.
It's free and ~85% of the code it uses is in kernel memory space (It's FAST -- check out this article), but it requires the 2.4 kernel.


Hardware:

IDE-based nodes
Component
 Vendor
 Cost
1U casehere or here$175 or $185
Motherboard (on board ethernet)here limited quantity$114.95
may have to get here$135
Celeron 700 CPU/FANhere $63
512MB pc133 Generic DIMMhere $48
20GB ATA/100 7200 RPM WD DISKhere$79
Total$489.95

SCSI-based nodes
Component
 Vendor
 Cost
1U casehere$185
Motherboard (on board ethernet)here limited quantity$114.95
may have to get here$135
Celeron 700 CPU/FANhere $63
512MB pc133 Generic DIMMhere $48
18GB U160 15K RPM Seagate SCSI Diskhere$256
AHA19160 SCSI controllerhere $142
Total$808.95

Other Hardware
Cisco 2924-XL-EN (10/100 Switch)~$1000
Rackmount SCSI array chasis for SCSI disks~$1000

4 U chasis w/u160 cable $265 power supply for above case (it should fit...) $295 SCA hot swap tray (5 drive/3 bay) $169


Performance:
 Performace is one of the primary goals of this documentation. With that In mind
I'm going to assume that you have performed all of the optimizations that have been suggested.
Using Tux and Apache you should be able to get ~1000 tps (transactions/second) out of each node.
The performance increase should be fairly linear with the addition of more nodes.