Hi. i have 3 servers running, the web server, mail server and DNS server. they are all running at the same time. Right now i was planning to upgrade my system and change my web hosting control panel to VIRTUALMIN.
I want to ask if it is possible for virtualmin to work with 3 servers with a single license and how do i configure virtualmin to integrate this 3 servers.
tnx
Howdy Jim,
There’s a couple of FAQs to get you started:
http://www.virtualmin.com/faq/one-faq?faq_id=1511#1832
http://www.virtualmin.com/faq/one-faq?faq_id=1511#59197
In short, databases are easy and fully supported on another system. Mail and spam, not so much. DNS, yes, though you still run BIND on the primary to handle distributing the domain data to the servers doing the work.
To run databases on other machines, you just need them configured correctly–you can use Webmin or Virtualmin for that, or nothing at all. So no license question comes up there, if you want to do it with Webmin or from the command line.
To run a backup forward and hold (and I suppose you could use it for your spam and AV filtering, if you reversed the MX record priority order, so that it came first) server, you need Virtualmin on the mail server, but I believe it can be the GPL version.
To run DNS on any number of other boxes, you just need Webmin on those boxes. There’s a short guide about setting up additional DNS servers here:
http://www.virtualmin.com/support/documentation/virtualmin-dns-slaves/
A named process still runs on your primary server, because there’s no better (smaller/faster) way to distribute the name service data (we’d end up re-writing half of BIND’s methods for distributing the data in Webmin, and that would be foolish–it’d end up using the same amount of resources as just using BIND for its intended purpose). The real work will be done by the slave servers, if you set them as the name servers at your registrar.
There is one caveat to getting name service load off of your primary: Don’t set it up to do recursive queries! If your BIND is acting as a caching nameserver for clients it’ll balloon up quite large (mine is 140MB). But for just servicing your domains it’ll be small (a few MB, depending on number of domains).
We’ll be doing more work on the “mail on another machine” problem as time goes by. There’s a few issues with it, that we’d like to solve in an elegant manner:
The hostname will no longer be the same across web and webmail or we could leave the Usermin instance and other webmail clients running on the primary machine and use IMAP to talk to the mail server, but then we’re leaving a large percentage of the load on the primary (webmail clients are pretty heavy). So, we either have to introduce a new hostname (mail.domain.tld) for use for webmail, or we have to leave a heavy part of the mail task on the primary machine.
Syncing users. If we leave webmail running on the primary, then we have to have all mailbox users on both machines. This is actually relatively easy, since Webmin supports syncing of usernames and passwords…but FTP/SSH becomes a mildly confusing issue.
Spam and AV configuration. Right now, Virtualmin can control these at the system level, the domain level, and the user level. If we move mail off, it makes it much more difficult to have this level of granularity. In reality, if ever a really good spam and AV solution becomes available, we could ignore this problem and just turn it on for everyone. SpamAssassin gives too many false positives in several circumstances to do this now. ClamAV is safe to run for everyone. I’ve only seen a couple of false positives in several years of running it on a dozen or so servers with hundreds of users. So, I guess if we find a really good spam solution that actually works, requires no per-user configuration, requires no per-user training, and doesn’t generate an unacceptable number of false positives in any situation we expect to encounter, we can forget this problem. So, ideally, SpamAssassin will actually get good, or we’ll find something else that is good. (NOTE:I know there are good tools in existence. But they all require training on a per-user basis to be good. This isn’t an acceptable solution.)
Thanks for the timely and comprehensive response Joe. It looks like moving MYSQL will be my next step in scaling up.
Still, I’ve been wondering how type of performance hit I’ll run into with the database hosted else where.
Informal testing shows that between two machines at the same data center with the same hosting company shows ping times averaging .271ms verse 58.271ms when I ping my home machine.
As fast as that is, will it result in a noticeable slow down with regards web page generation? Will I need to do anything between the two machines to establish an always on faster connection?
I suppose before switching, i’d need to copy the database over from master to slave.
Lastly, while I like the MYSQL option, I see Mail/Spam/Anti virus as having the advantage that speed isn’t as critical in that list of features compared with serving web pages. The speed between Apache/MySQL seems to be much more critical than the speed between mail/spam/antivirus.
Anyway, thanks to the tip, I’ll try it out when the need arises.
(bump) Just wondering if this worked out - and scaling by moving mysql to a different server worked out and did result in a performance gain?
Thanks!
I believe that the division of services across multiple servers is an important issue for scalability and reliability of a good system of web hosting.
I am working on LDAP and NFS, but the thing that I would ever delegated to improve performance and reliability is email.
It would be interesting to assess the possibility to interact Virtualmin with an external e-mail system via API, as vpopmaild supports for example.
Virtualmin is licensed per-server (a single additional "hot spare" backup server or development server is also permitted). You need one license per production system that runs Virtualmin.
In what way would you like your 3 servers integrated? We have a product in private beta called VM2 designed to manage many Virtualmin systems of any type (Xen, EC2, Zones, vservers, or physical servers at this time). It might be what you’re after.