From 99540cd90be51a5375d80752f7c5de11fc0486ee Mon Sep 17 00:00:00 2001 From: Hans Cornelis Date: Tue, 23 Oct 2018 10:47:26 +0200 Subject: [PATCH] - Added kubernetes CNI support for Mailu Signed-off-by: Hans Cornelis --- docs/kubernetes/mailu/configmap.yaml | 5 +++++ docs/kubernetes/mailu/index.rst | 15 +++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/docs/kubernetes/mailu/configmap.yaml b/docs/kubernetes/mailu/configmap.yaml index 4f8dad81..8a24ee5d 100644 --- a/docs/kubernetes/mailu/configmap.yaml +++ b/docs/kubernetes/mailu/configmap.yaml @@ -53,6 +53,11 @@ # This way we can make use of the advantages of the cert-manager deployment KUBERNETES_INGRESS: "true" + # POD_ADDRESS_RANGE is normally provided by default with Kubernetes + # Only use this value when you are using Flannel, Calico or a special kind of CNI + # Provide the IPs of your network interface or bridge which is used for VXLAN network traffic + # POD_ADDRESS_RANGE: 10.2.0.0/16,10.1.6.0/24 + ################################### # Optional features ################################### diff --git a/docs/kubernetes/mailu/index.rst b/docs/kubernetes/mailu/index.rst index ef12eb58..80af3ead 100644 --- a/docs/kubernetes/mailu/index.rst +++ b/docs/kubernetes/mailu/index.rst @@ -191,3 +191,18 @@ This problem can be easily fixed by running following commands: kubectl -n mailu-mailserver exec -it maolu-imap-... /bin/sh chmod 777 /data/main.db + +If the login problem still persists, or more specific, happens now and then and you see some Auth problems on your webmail or mail client, try following steps: + +- Add ``auth_debug=yes`` to the ``/overrides/dovecot.conf`` file and delete the pod in order to start a new one, which loads the configuration +- Depending on your network configuration you could still see some ``allow_nets check failed`` results in the logs. This means that the IP is not allowed a login +- If this is happening your network plugin has troubles with the Nginx Ingress Controller using the ``hostNetwork: true`` option. Known cases: Flannel and Calico. +- You should uncomment ``POD_ADDRESS_RANGE`` in the ``configmap.yaml`` file and add the IP range of your pod network bridge (the range that sadly has failed the ``allowed_nets`` test) +- Delete the IMAP pod and wait for it to restart + +.. code:: bash + + kubectl -n mailu-mailserver get po + kubectl -n mailu-mailserver delete po/mailu-imap... + +Happy mailing! \ No newline at end of file