Installing Zimbra Using Chef

Installing Zimbra using Chef

   KB 22827        Last updated on 2017-11-29  




0.00
(0 votes)

Overview

This article provides the details of a chef recipe (assuming chef-solo) for a fresh single server install of Zimbra.

Additional configuration of Zimbra is needed after the installation is complete (see below).

In the Oracle cloud, chef can be called automatically when an instance is created with an Orchestration.

During the Zimbra Installation process, a 60-day trial license is installed and must be updated by the Zimbra Administrator to continue using Zimbra.

Contact a local Zimbra Partner or Reseller to purchase your license. https://www.zimbra.com/partners/

Introduction

Chef-solo can be downloaded and installed on an existing Linux installation. If you choose this approach, you will want to edit the recipe and template files to adjust for parameters in your environment.

This article is based on Oracle Linux 6.6 in the Oracle Cloud. The configuration should also work on RHEL/Centos 6.x with a few minor changes.

Zimbra can be installed using a configuration file that defines needed installation parameters. The chef process uses the template feature to create the configuration file with the correct parameters. You can modify the template file to customize your automated install if you like before you run chef.

The Chef Zimbra recipe makes many assumptions about the layout of the OS and hardware... proceed with caution!!

Executing chef-solo as root

Download and customize the chef templates shown below to reflect your operating system configuration. The chef files shown in this example can be downloaded with:

wget https://wiki.zimbra.com/images/1/1a/Chef-solo.tar.zip

The instructions shown here allow you to run the complete process. As root user:

cd ~
curl -L https://www.opscode.com/chef/install.sh | bash
wget http://github.com/opscode/chef-repo/tarball/master
tar -zxf master
mv chef-chef-repo* chef-repo
rm master -f
cd chef-repo/
mkdir .chef
echo "cookbook_path [ '/root/chef-repo/cookbooks' ]" > .chef/knife.rb
knife cookbook create zimbra
wget https://wiki.zimbra.com/images/1/1a/Chef-solo.tar.zip
unzip chef-solo.tar.zip
tar xvf chef-solo.tar 

Edit the files, especially the download, extract, and install portions in the recipe, to get the latest version of Zimbra

chef-solo -c solo.rb -j web.json

Sample Default Recipe

/chef/cookbooks/zimbra/recipes/default.rb

Note: the download, extract, and install steps should be modified to point to the latest release of Zimbra

Here is a summary of the steps:

  1. Format (using Zimbra recommended parameters) a raw partition
  2. Mount the partition as /opt/zimbra and set the permissions
  3. Optimize the file system per Zimbra recommendations
  4. Modify the template file to use the parameters of the host when installing Zimbra
  5. Update the /etc/hosts file with the correct IP address and hostname needed for Zimbra installation
  6. Update the /etc/sysctl.conf file to optimize Linux memory configuration and TCP/IP parameters
  7. Download the Zimbra 8.7 binary
  8. Download a TRIAL license
  9. Extract the Zimbra binary installation files
  10. Install Zimbra prerequisite packages
  11. Install Zimbra
#
# Cookbook Name:: zimbra
# Recipe:: default
#
# Copyright 2016, Synacor, Inc.
#
# All rights reserved - Do Not Redistribute
#
# This recipe configures a local server with chef-solo and installs a full
# NEW single server instance of Zimbra. It installs with the local hostname and domain name.
# 
# **** Do NOT use this to upgrade Zimbra  ****
#
# Note: This does not install the dns-cache package.

# Assuming an unformated partition /dev/xvdc, that will host /opt/zimbra
# Format, Create, and Mount the /opt/zimbra filesystem on that partition
execute "create_optzimbra" do
  command "mkfs -t ext4 -j -O dir_index -m 2 -i 10240 -J size=400 /dev/xvdc"
  not_if  "grep xvdc /proc/mounts"
end

# Set the appropriate permissions on the directory where Zimbra will be installed
directory '/opt/zimbra' do
  owner 'root'
  group 'root'
  mode '0755'
  action :create
end

# Mount the parition on the new filesystem.
mount "/opt/zimbra" do
  device "/dev/xvdc"
  fstype "ext4"
  action [:mount, :enable]
end

# Set the attributes of the file system to optimize for writes
bash 'optimize_filesystem' do
  code <<-EOH
    chattr -R +D /opt/zimbra
    EOH
end

# Modify the Zimbra Installation File with local parameters for installation
template "/root/oracle-cloud-zcs87-config-v1.txt" do
  source "oracle-cloud-zcs87-config-v1.erb"
  owner "root"
  group "root"
  mode "0644"
end

# Update hosts file with IP address and hostname
template "/etc/hosts" do
  source "hosts.erb"
  owner "root"
  group "root"
  mode 0644
end

# Update sysctl.conf file with Zimbra Parameters
template "/etc/sysctl.conf" do
  source "sysctl.erb"
  owner "root"
  group "root"
  mode 0644
end

# Download the Zimbra Binary
remote_file "/root/zcs-NETWORK-8.7.11_GA_1854.RHEL6_64.20170531151956.tgz" do
  source "https://files.zimbra.com/downloads/8.7.11_GA/zcs-NETWORK-8.7.11_GA_1854.RHEL6_64.20170531151956.tgz"
  mode 0644
end

# Download a Zimbra License
remote_file "/root/ZCSLicense.xml" do
  source "https://license.zimbra.com/zimbraLicensePortal/public/STLicense?IssuedToName=Oracle&IssuedToEmail=noone@zimbra.com"
  mode 0644
end

execute 'extract_zimbra_tar' do
  cwd "/root"
  command "tar xzf /root/zcs-NETWORK-8.7.11_GA_1854.RHEL6_64.20170531151956.tgz"
end

# Install a Zimbra recommended package
package "libreoffice-headless" do
   action :install
end 

# Run the Zimbra Install Script
execute "install" do
  cwd "/root/zcs-NETWORK-8.7.11_GA_1854.RHEL6_64.20170531151956"
  command "bash /root/zcs-NETWORK-8.7.11_GA_1854.RHEL6_64.20170531151956/install.sh -l /root/ZCSLicense.xml /root/oracle-cloud-zcs87-config-v1.txt"
end

Sample Chef Setup Files

/chef/solo.rb

file_cache_path "/root/chef-solo"
cookbook_path "/root/chef-repo/cookbooks"

/chef/solo/web.json

{
   "run_list": [ "recipe[zimbra]" ]
}

/chef/cookbooks/zimbra/metadata.rb

name             'zimbra'
maintainer       'Your Name'
maintainer_email 'youremail@yourcompany.com'
license          'All rights reserved'
description      'Installs/Configures zimbra'
long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
version          '0.1.0'

Sample Template Files

Chef utilizes oahi, a tool that exposes characteristics of an OS installation, to allow dynamic substitution of OS parameters into configuration files for execution by the chef process. Variables are defined in the format

<%= node['parameter'] %>

Here are the template files

/chef/cookbooks/zimbra/templates/default/hosts.erb

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
<%= node['ipaddress'] %>	<%= node['fqdn'] %>	<%= node['hostname'] %>

If you are going to use this OUTSIDE the Oracle linux environment, be sure to use a template that matches the sysctl.conf of your installation!!

Note: The Zimbra specific parameters are at the bottom of the file. I could have used the file append method for chef-solo but there were several comments in forums about it being riskier.

/chef/cookbooks/zimbra/templates/default/sysctl.erb


# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled.  See sysctl(8) and
# sysctl.conf(5) for more details.

# Controls IP packet forwarding
net.ipv4.ip_forward = 0

# Controls source route verification
net.ipv4.conf.default.rp_filter = 1

# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0

# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0

# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1

# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1

# Disable netfilter on bridges.
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536

# Controls the maximum size of a message, in bytes
kernel.msgmax = 65536

# Controls the maximum shared segment size, in bytes

# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 4294967296

kernel.panic = 10
xen.independent_wallclock = 1

# Zimbra Parameters
net.ipv4.tcp_fin_timeout=15
net.ipv4.tcp_tw_reuse=1
net.ipv4.tcp_tw_recycle=1
vm.swappiness=0

This file was actually created by a normal Zimbra installation was modified for this process.

The installation process stores the file in /opt/zimbra/config.{some number}

/chef/cookbooks/zimbra/templates/default/oracle-cloud-zcs87-config-v1.erb

AVDOMAIN="<%= @node['domain'] %>"
AVUSER="admin@<%= @node['domain'] %>"
CREATEADMIN="admin@<%= @node['domain'] %>"
CREATEDOMAIN="<%= @node['domain'] %>"
DEFAULTLICENSEFILE="/opt/zimbra/conf/ZCSLicense.xml"
DOCREATEADMIN="yes"
DOCREATEDOMAIN="yes"
DOTRAINSA="yes"
ENABLEDEFAULTBACKUP="yes"
EXPANDMENU="no"
HOSTNAME="<%= @node['fqdn'] %>"
HTTPPORT="8080"
HTTPPROXY="TRUE"
HTTPPROXYPORT="80"
HTTPSPORT="8443"
HTTPSPROXYPORT="443"
IMAPPORT="7143"
IMAPPROXYPORT="143"
IMAPSSLPORT="7993"
IMAPSSLPROXYPORT="993"
INSTALL_WEBAPPS="service zimlet zimbra zimbraAdmin"
JAVAHOME="/opt/zimbra/common/lib/jvm/java"
LDAPBESSEARCHSET="set"
LDAPHOST="<%= @node['fqdn'] %>"
LDAPPORT="389"
LDAPREPLICATIONTYPE="master"
LDAPSERVERID="2"
LICENSEFILE="/opt/zimbra/conf/ZCSLicense.xml"
MAILPROXY="TRUE"
MODE="https"
MYSQLMEMORYPERCENT="30"
POPPORT="7110"
POPPROXYPORT="110"
POPSSLPORT="7995"
POPSSLPROXYPORT="995"
PROXYMODE="https"
REMOVE="no"
RUNARCHIVING="no"
RUNAV="yes"
RUNCBPOLICYD="no"
RUNDKIM="yes"
RUNSA="yes"
RUNVMHA="no"
SERVICEWEBAPP="yes"
SMTPDEST="admin@<%= @node['domain'] %>"
SMTPHOST="<%= @node['fqdn'] %>"
SMTPNOTIFY="yes"
SMTPSOURCE="admin@<%= @node['domain'] %>"
SNMPNOTIFY="yes"
SNMPTRAPHOST="<%= @node['fqdn'] %>"
SPELLURL="http://<%= @node['fqdn'] %>:7780/aspell.php"
STARTSERVERS="yes"
UIWEBAPPS="yes"
UPGRADE="no"
USESPELL="yes"
VERSIONUPDATECHECKS="TRUE"
ZIMBRA_REQ_SECURITY="yes"
ldap_dit_base_dn_config="cn=zimbra"
mailboxd_directory="/opt/zimbra/mailboxd"
mailboxd_keystore="/opt/zimbra/mailboxd/etc/keystore"
mailboxd_server="jetty"
mailboxd_truststore="/opt/zimbra/common/lib/jvm/java/jre/lib/security/cacerts"
mailboxd_truststore_password="changeit"
postfix_mail_owner="postfix"
postfix_setgid_group="postdrop"
ssl_default_digest="sha256"
zimbraBackupReportEmailRecipients="admin@<%= @node['fqdn'] %>"
zimbraBackupReportEmailSender="admin@<%= @node['fqdn'] %>"
zimbraFeatureBriefcasesEnabled="Enabled"
zimbraFeatureTasksEnabled="Enabled"
zimbraIPMode="ipv4"
zimbraMailProxy="TRUE"
zimbraPrefTimeZoneId="America/Denver"
zimbraReverseProxyLookupTarget="TRUE"
zimbraVersionCheckNotificationEmail="admin@<%= @node['domain'] %>"
zimbraVersionCheckNotificationEmailFrom="admin@<%= @node['domain'] %>"
zimbraVersionCheckSendNotifications="TRUE"
zimbraWebProxy="TRUE"
zimbra_ldap_userdn="uid=zimbra,cn=admins,cn=zimbra"
zimbra_require_interprocess_security="1"
INSTALL_PACKAGES="zimbra-core zimbra-ldap zimbra-logger zimbra-mta zimbra-snmp zimbra-store zimbra-apache zimbra-spell zimbra-convertd zimbra-memcached zimbra-proxy "

Additional Zimbra Configuration after installation

  1. Login to the new server with ssh and set the Zimbra Admin Password
  2. zmprov sp admin@hostname.oracle-cloud-domain.internal Y0urN3wP@$$
    
  3. Login to the Admin Console to
    1. Activate the license or install your license file from Zimbra and activate it.
    2. Configure Zimbra with your domain name and accounts.
    3. OPTIONAL: Install a commercial certificate
  4. If needed, create an account with an outbound SMTP service such as Sendgrid, Mailjet, or Mailgun. Configure the Zimbra MTA service to relay outbound mail through that service.
  5. Add a separate backup partition (created with a separate storage orchestration), mount it in the instance, and modify the zimbra backup configuration to point to this partition.
  6. Update your DNS and MX records when you are ready to cutover.

Troubleshooting

Refer to the chef documentation or your cloud provider documentation to determine where the chef log files are stored. On Oracle Linux 6.6 in the Oracle Cloud, they are in /var/log/chef.log

Verified Against: ZCS 8.7.0 Date Created: 7/1/2016
Article ID: https://wiki.zimbra.com/index.php?title=Installing_Zimbra_Using_Chef Date Modified: 2017-11-29



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search