1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
|
<!DOCTYPE html>
<html class="writer-html5" lang="en" >
<head>
<meta charset="utf-8" /><meta name="generator" content="Docutils 0.19: https://docutils.sourceforge.io/" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Deployment Scenarios — Cyrus IMAP 3.10.2 documentation</title>
<link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
<link rel="stylesheet" href="../../../_static/css/theme.css" type="text/css" />
<link rel="stylesheet" href="../../../_static/graphviz.css" type="text/css" />
<link rel="stylesheet" href="../../../_static/cyrus.css" type="text/css" />
<script data-url_root="../../../" id="documentation_options" src="../../../_static/documentation_options.js"></script>
<script src="../../../_static/jquery.js"></script>
<script src="../../../_static/underscore.js"></script>
<script src="../../../_static/_sphinx_javascript_frameworks_compat.js"></script>
<script src="../../../_static/doctools.js"></script>
<script src="../../../_static/sphinx_highlight.js"></script>
<script src="../../../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../../../genindex.html" />
<link rel="search" title="Search" href="../../../search.html" />
<link rel="next" title="Databases" href="databases.html" />
<link rel="prev" title="Configuration Guide" href="../deployment.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="../../../index.html" class="icon icon-home">
Cyrus IMAP
</a>
<div class="version">
3.10.2
</div>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../../../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<p class="caption" role="heading"><span class="caption-text">Cyrus IMAP</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../../download.html">Download</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../quickstart.html">Quickstart Guide</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../overview.html">Overview</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../../../setup.html">Setup</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../../developer/compiling.html">Compiling</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../installing.html">Installing Cyrus</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../download/upgrade.html">Upgrading to 3.10</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="../deployment.html">Configuration Guide</a><ul class="current">
<li class="toctree-l3 current"><a class="current reference internal" href="#">Deployment Scenarios</a><ul>
<li class="toctree-l4"><a class="reference internal" href="#single-server-deployments">Single Server Deployments</a></li>
<li class="toctree-l4"><a class="reference internal" href="#multi-server-deployments">Multi Server Deployments</a></li>
</ul>
</li>
<li class="toctree-l3"><a class="reference internal" href="#cyrus-murder-server-aggregation">Cyrus Murder: Server aggregation</a><ul>
<li class="toctree-l4"><a class="reference internal" href="#the-discrete-murder">The Discrete Murder</a></li>
<li class="toctree-l4"><a class="reference internal" href="#the-unified-murder">The Unified Murder</a></li>
<li class="toctree-l4"><a class="reference internal" href="#the-shared-murder">The Shared Murder</a></li>
</ul>
</li>
<li class="toctree-l3"><a class="reference internal" href="#cyrus-replication">Cyrus Replication</a></li>
<li class="toctree-l3"><a class="reference internal" href="#hosted-environments">Hosted Environments</a></li>
<li class="toctree-l3"><a class="reference internal" href="databases.html">Databases</a></li>
<li class="toctree-l3"><a class="reference internal" href="mailbox_creation_distribution.html">Mailbox Creation Distribution</a></li>
<li class="toctree-l3"><a class="reference internal" href="known_protocol_limitations.html">Known Protocol Limitations</a></li>
<li class="toctree-l3"><a class="reference internal" href="authentication_and_authorization.html">Authentication and Authorization</a></li>
<li class="toctree-l3"><a class="reference internal" href="performance_recommendations.html">Performance Recommendations</a></li>
<li class="toctree-l3"><a class="reference internal" href="storage.html">Storage Considerations</a></li>
<li class="toctree-l3"><a class="reference internal" href="supported-platforms.html">Supported Platforms and System Requirements</a></li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../operations.html">Operations</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../developers.html">Developers</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../support.html">Support/Community</a></li>
</ul>
<p class="caption" role="heading"><span class="caption-text">Cyrus SASL</span></p>
<ul>
<li class="toctree-l1"><a class="reference external" href="http://www.cyrusimap.org/sasl">Cyrus SASL</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../../../index.html">Cyrus IMAP</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="../../../index.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item"><a href="../../../setup.html">Setup</a></li>
<li class="breadcrumb-item"><a href="../deployment.html">Configuration Guide</a></li>
<li class="breadcrumb-item active">Deployment Scenarios</li>
<li class="wy-breadcrumbs-aside">
<a href="https://github.com/cyrusimap/cyrus-imapd/blob/master/docsrc/imap/concepts/deployment/deployment_scenarios.rst" class="fa fa-github"> Edit on GitHub</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<section id="deployment-scenarios">
<h1>Deployment Scenarios<a class="headerlink" href="#deployment-scenarios" title="Permalink to this heading"></a></h1>
<p>Depending on the target use of Cyrus IMAP, different features and architectures may be used to make optimal use of the Cyrus IMAP features. This chapter briefly touches different deployment scenarios.</p>
<section id="single-server-deployments">
<h2>Single Server Deployments<a class="headerlink" href="#single-server-deployments" title="Permalink to this heading"></a></h2>
<p>In a deployment scenario with a single server, use this checklist to make sure you get the right scalability and functionality;</p>
<ul class="simple">
<li><p>In the foreseeable future, might this deployment run for multiple domain name spaces?</p></li>
<li><p>Is this deployment going to close in on it's maximum capacity?</p></li>
<li><p>Is high-availability required?</p></li>
</ul>
<p>If the answer to all of these questions is a consistent no, then please continue with the Installation Guide.</p>
</section>
<section id="multi-server-deployments">
<h2>Multi Server Deployments<a class="headerlink" href="#multi-server-deployments" title="Permalink to this heading"></a></h2>
<p>A variety of options are available to scale up the deployment of Cyrus IMAP beyond a single server. Each of them has their own set of features, advantages, disadvantages and consequences on day-to-day administration, migration and capacity planning and support. Please consider a deployment that requires scaling up carefully.</p>
<section id="cyrus-imap-murder">
<h3>Cyrus IMAP Murder<a class="headerlink" href="#cyrus-imap-murder" title="Permalink to this heading"></a></h3>
<p>A Cyrus IMAP Murder groups Cyrus IMAP servers together, allowing the addition and removal of individual Cyrus IMAP servers to and from the group. Functionally, a Cyrus IMAP Murder consists of the following three components;</p>
<ul class="simple">
<li><p>one or more frontends, receiving the connections from the clients, authenticating them and depending on the type of Cyrus IMAP Murder, referring the client to the correct backend server, or proxying the connection.</p></li>
<li><p>one or more backends, holding the actual mailbox spool(s).</p></li>
<li><p>a master update server, where the information on the location and Access Control of the mailboxes is kept.</p></li>
</ul>
<p>In a Cyrus IMAP Murder, access to mailboxes, regardless of which backend they reside on, is transparent to the user. As such, this particular type of deployment would be recommended for organizations that;</p>
<ul class="simple">
<li><p>(are likely to) grow a single Cyrus IMAP server beyond the capacity of said server,</p></li>
<li><p>require shared mailboxes and user mailboxes to be shared regardless of any limitations to whether or not they reside on the same backend server,</p></li>
</ul>
<p>Different types of Cyrus IMAP Murder deployments exist. Please see <a class="reference internal" href="#id1">Cyrus_IMAP_Murder</a> for a review of your options.</p>
</section>
<section id="imap-proxy">
<h3>IMAP Proxy<a class="headerlink" href="#imap-proxy" title="Permalink to this heading"></a></h3>
<p>An IMAP proxy like NGINX could sit in front of a number of stand-alone Cyrus IMAP servers, proxying client connections through to the correct stand-alone Cyrus IMAP server for a user.</p>
<p>Note that in this type of setup, it is the user authentication that directs the proxy to the correct stand-alone Cyrus IMAP server. As such, shared mailboxes can only exist on the stand-alone Cyrus IMAP server to which the user is proxied -- in other words, on which the user's own mailbox is supposed to exist.</p>
</section>
</section>
</section>
<section id="cyrus-murder-server-aggregation">
<span id="id1"></span><h1>Cyrus Murder: Server aggregation<a class="headerlink" href="#cyrus-murder-server-aggregation" title="Permalink to this heading"></a></h1>
<section id="the-discrete-murder">
<h2>The Discrete Murder<a class="headerlink" href="#the-discrete-murder" title="Permalink to this heading"></a></h2>
<p>A <em>discrete</em> murder - also known as a standard murder - characteristically uses separate frontend and backend servers. At the time of this writing, this is the recommended type of Cyrus IMAP Murder for deployments that require;</p>
<ul class="simple">
<li><p>load-balancing and/or high availability of their Cyrus IMAP deployments,</p></li>
<li><p>the ability to take frontends out of rotation, and bring frontends (back) in to rotation without impact on the availability of mailbox spools.</p></li>
<li><p>Authentication to take place before a connection is created or proxied to servers with data, such as would be the case of a perimeter network proxy,</p></li>
<li><p>Have very large numbers of mailboxes, (this one's because of the mupdate RAM consumption)</p></li>
</ul>
<p>It is worth noting that in a <em>discrete</em> murder, backends only know of the mailboxes that reside in their local mailbox spool(s). Since the user's subscription database is kept on the backend server that hosts their mailbox, should the deployment require that all users can subscribe to all mailboxes that they have permission to in the murder, the setting <code class="docutils literal notranslate"><span class="pre">allowallsubscribe</span></code> needs to be set to <code class="docutils literal notranslate"><span class="pre">true</span></code> (1). This, however, allows users to subscribe to non-existent mailboxes.</p>
</section>
<section id="the-unified-murder">
<h2>The Unified Murder<a class="headerlink" href="#the-unified-murder" title="Permalink to this heading"></a></h2>
<p>A <em>unified</em> murder characteristically joins the functional aspects of a server being frontend and backend together onto one single Cyrus IMAP server. A Cyrus IMAP server in a unified murder can thus perform both as a frontend as well as a backend. All backends would thus have all information on all mailboxes on all other backends.</p>
<p>At the time of this writing, but subject to change in the near future, a participating node in a Cyrus IMAP Unified Murder cannot be made a dedicated frontend. This creates a disadvantage over a <em>discrete</em> murder, as the frontend function cannot be taken out of rotation without also losing the backend function.</p>
<p>Because in using mailbox creation and transfer routines a participating node cannot be excluded from selection for or availability of the (new) location of the (new) mailbox, no guarantee can exists the participating node does not hold any mailboxes. Short of a deployment specific interface to creating and transferring mailboxes that provides such guarantee, as a logical consequence, to shoot a participating node in a Cyrus IMAP Unified Murder in the head, all mailboxes must be transferred to other backends prior to service shutdown, or the availability of the mailboxes is impacted.</p>
<p>The unified murder also has some great advantages. Since all backends know about all mailboxes in the murder, administrators can choose to not permit subscriptions to non-existent folders. In a discrete murder, where backends know only of the mailboxes in the local mailbox spool(s), such permission is (often) required.</p>
</section>
<section id="the-shared-murder">
<h2>The Shared Murder<a class="headerlink" href="#the-shared-murder" title="Permalink to this heading"></a></h2>
<p><em>To be written</em></p>
</section>
</section>
<section id="cyrus-replication">
<h1>Cyrus Replication<a class="headerlink" href="#cyrus-replication" title="Permalink to this heading"></a></h1>
<p><em>To be written</em></p>
</section>
<section id="hosted-environments">
<h1>Hosted Environments<a class="headerlink" href="#hosted-environments" title="Permalink to this heading"></a></h1>
<p><em>To be written</em></p>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="../deployment.html" class="btn btn-neutral float-left" title="Configuration Guide" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="databases.html" class="btn btn-neutral float-right" title="Databases" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>© Copyright 1993–2025, The Cyrus Team.</p>
</div>
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>
|
