Deploy Zimbra 8.6 in Multi-Server setup with CentOS7

In this deployment we will have 2 Zimbra Open Source Edition servers running on the internal network. In most cases we would recommend running Zimbra MTA on the DMZ but in this deployment we already had  existing gateway scanning messages.

Order of Installation

  1. Zimbra LDAP srv
  2. Zimbra Mailbox srv
  3. Zimbra MTA srv
  4. Zimbra Proxy srv

Servers

mtasrv.demo.org 172.16.10.5 – Roles=LDAP,MTA,Proxy

mailboxsrv.demo.org 172.16.10.6 – Roles=Mailbox

Installation

On both servers
Disable selinux and firewalld

vi /etc/selinux
SELINUX=disabled
systemctl stop firewalld
systemctl disable firewalld

Set hostname and install required packages

hostnamectl set-hostname mtasrv.demo.org
yum install net-tools wget nc perl-core unzip sysstat
you need to set up an MX record for the DOMAIN, which points to the A record for the HOST, which will be the IP ADDRESS of the box running zimbra

Add following entries to your host files

vi /etc/hosts
172.16.10.5	 mtasrv.demo.org 		mtasrv
172.16.10.6	 mailboxsrv.demo.org	mailboxsrv

Download zimbra zcs-8.6.0_GA_1153.RHEL7_64.20141215151110.tgz to /root directory and untar it.

tar xzvf zcs-8.6.0_GA_1153.RHEL7_64.20141215151110.tgz

LDAP Server – mtasrv.demo.org

cd zcs-8.6.0_GA_1153.RHEL7_64.20141215151110
./install.sh

Do you agree with the terms of the software license agreement? [N] Y
Select the packages to install

Install zimbra-ldap [Y] Y

Install zimbra-logger [Y] N

Install zimbra-mta [Y] N

Install zimbra-dnscache [N] N

Install zimbra-snmp [Y] N

Install zimbra-store [Y] N

Install zimbra-apache [Y] N

Install zimbra-spell [Y] N

Install zimbra-memcached [Y] N

Install zimbra-proxy [Y] N

Follow the menu and make sure all password are set and time zone changed to required timezone.
Save configuration file

Save configuration data to a file? [Yes] Yes
Save config in file: [/opt/zimbra/config.3910] 
Saving config in /opt/zimbra/config.3910...done.
The system will be modified - continue? [No] Yes

Mailbox Server – mailboxsrv.demo.org

cd zcs-8.6.0_GA_1153.RHEL7_64.20141215151110
./install.sh

Do you agree with the terms of the software license agreement? [N] Y
Select the packages to install
Select the packages to install

Install zimbra-ldap [Y] N

Install zimbra-logger [Y] Y

Install zimbra-mta [Y] N

Install zimbra-dnscache [N] N

Install zimbra-snmp [Y] N

Install zimbra-store [Y] Y

Install zimbra-apache [Y] Y

Install zimbra-spell [Y] Y

Install zimbra-memcached [Y] N

Install zimbra-proxy [Y] N

Make sure you enter correct name for LDAP server

Common configuration
   1) Hostname:                                mailboxsrv.demo.org
   2) Ldap master host:                        mtasrv.demo.org       
   3) Ldap port:                               389                           
   4) Ldap Admin password:                     set                           
   5) LDAP Base DN:                            cn=zimbra                     
   6) Secure interprocess communications:      yes                           
   7) TimeZone:                                America/New_York              
   8) IP Mode:                                 ipv4                          
   9) Default SSL digest:                      sha256                      

Make sure you go ober the menu and make sure all passwords are set and SMTP host is set to mtasrv.demo.org
One of the important things here is to enable use of proxy. Although this can be done later, it just makes more sense to do it during install.

25) Configure for use with mail proxy:       TRUE                          
26) Configure for use with web proxy:        TRUE  

MTA Server – mtasrv.demo.org

cd zcs-8.6.0_GA_1153.RHEL7_64.20141215151110
./install.sh

Do you agree with the terms of the software license agreement? [N] Y
Do you wish to upgrade? [Y] y

Select the packages to install
    Upgrading zimbra-core
    Upgrading zimbra-ldap

Install zimbra-logger [N] n

Install zimbra-mta [N] y

Install zimbra-dnscache [N] y

Install zimbra-snmp [N] n

Install zimbra-store [N] n

Install zimbra-apache [N] n

Install zimbra-spell [N] n

Install zimbra-memcached [N] n

Install zimbra-proxy [N] n
Checking required space for zimbra-core

Installing:
    zimbra-core
    zimbra-ldap
    zimbra-mta
    zimbra-dnscache

The system will be modified.  Continue? [N] y


Make sure you review configuration menu and adjust as necessary for your environment.

Proxy Server – mtasrv.demo.org

cd zcs-8.6.0_GA_1153.RHEL7_64.20141215151110
./install.sh

Do you wish to upgrade? [Y] y

Select the packages to install
    Upgrading zimbra-core
    Upgrading zimbra-ldap

Install zimbra-logger [N] n
    Upgrading zimbra-mta
    Upgrading zimbra-dnscache

Install zimbra-snmp [N] n

Install zimbra-store [N] n

Install zimbra-apache [N] n

Install zimbra-spell [N] n

Install zimbra-memcached [N] y

Install zimbra-proxy [N] y
Checking required space for zimbra-core

Installing:
    zimbra-core
    zimbra-ldap
    zimbra-mta
    zimbra-dnscache
    zimbra-memcached
    zimbra-proxy

The system will be modified.  Continue? [N] y


Set Up the SSH Keys – both servers

 

We need to manually populate ssh keys on each server

su - zimbra
zmupdateauthkeys

Enabling Server Statistics – both servers

In order for the server statistics to display on the administration console, the syslog configuration files must be modified. On each server, as root, type

/opt/zimbra/libexec/zmsyslogsetup
vi /etc/rsyslog.conf
# Provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514
# Provides TCP syslog reception
$ModLoad imtcp
$InputTCPServerRun 514
service rsyslog restart 

Verify configuration

zmcontrol status

Setting up proxy mtasrv.demo.org

mailboxsrv.demo.org

su zimbra
/opt/zimbra/libexec/zmproxyconfig -e -m -H mailboxsrv.demo.org
/opt/zimbra/libexec/zmproxyconfig -e -w -H mailboxsrv.demo.org

mtasrv.demo.org

su zimbra
/opt/zimbra/libexec/zmproxyconfig -e -m -H mtasrv.demo.org
/opt/zimbra/libexec/zmproxyconfig -e -w -H mtasrv.demo.org
zmcontrol restart