Dear Joe,Jamie et all,
Reading through several tickets I noticed that 'it's trivial to do so but we haven't implemented this yet' is the state of what i am going to ask; nevertheless I will be asking this anyway :)
We have one Virtualmin PRO machine, our primairy machine that handles web and email. We also have one Virtualmin GPL machine, currently serving a few handsynced domains and setup to do additional mail hosting (exact copy of the PRO machine only not a PRO license thus).
Currently I have to sync the creation of users and homedirectories (and included quotas) by hand. Our users live in LDAP, and that is already synced between the two hosts.
I am wondering whether there is something available that users the webmin clustering to not only put a user in LDAP, but also create the homedirectories on the other machine(s) as well (provisioning). In addition it would be awesome when the quota's are also taken along. I could do that most likely with the before and after scripts, but it would probably mean that I need to do something as root and ssh.. and if possible I would like to prevent that and rely on the API calls where possible.
Can you tell me the state of something like this and whether or not I would need to fix this up myself?
Thanks a lot in advance! Remko
Comments
Submitted by andreychek on Mon, 06/24/2013 - 09:23 Comment #1
Howdy -- yeah, outside of using something like a SAN or NAS, I think your best bet would be to use a script to execute a command when the user is created... and have that script login to your secondary server and create the homedir.
A few alternatives that some folks use, depending on their circumstances --
You can always schedule rsync to run regularly, if you wanted to synchronize files and directories.
A lot of users use Virtualmins Backup and Restore to for building a secondary server... they generate Virtualmin backups, send those to the other server, and restore those backups on that system.
There is the option of using Webmin -> Clustering -> Cluster Copy Files, though all that does is copy files on a particular schedule using Webmin.
Submitted by jrhosting on Mon, 06/24/2013 - 12:18 Comment #2
Hi Andrey,
It's only needed to create the homedirectories and according quota. One of the benefits is that we can 'select' who is going to use which server (e.g. mail1 and mail2, and web1 and web2 running on both the machines, or mail3, mail4, etc). Since the accounts already exists in LDAP (created by webmin/virtualmin).
There is no need to synchronise files and directories, nor do we need to restore a backup periodically (we test that offsite on a VM where we reinstall everything and unpack the backups);
What I would like to avoid is using different then the Virtualmin software; to make sure the knowledge is in the same application. I saw on the API that I can do a --create-domain and --dir to have the proper directories be created. That is not possible for an email user right?
Thanks in advance! Remko
p.s. I also need to consider how we can do proper mailrouting with LDAP by setting mailNextHop or something for domains, but that is a different story =)
Submitted by andreychek on Tue, 06/25/2013 - 14:52 Comment #3
After talking to Jamie, it doesn't sound like we have a simple, pre-existing way to solve that problem.
You may need to use the post user/domain creation and modification scripts in order to create the users and setup the quotas on the remote systems.
I know you said you didn't need the files sync'd, but our only other thought there would be to export your /home directory via NFS from your primary server to this other server.
Submitted by jrhosting on Wed, 06/26/2013 - 11:01 Comment #4
Hi Andrey,
If the machines were in a consistent way connected via one storageserver then that would be an option indeed. But that isn't the case. We rent our servers and cannot predict were we wil get our resources from :)
But given the situation it just doesn't seem possible to use the virtualmin API (pro to gpl) and that I need root access from remote to get such a configuration going. I will have a look wether we actually want that or not, I dont think so :)
Thanks Remko