How to deploy Zimbra ZCS Open Source Edition on Amazon EC2

This guide should help you deploy Zimbra ZCS 7.1.3_GA on an Ubuntu 10.04 instance with Amazon EC2.

Prerequisites

1) Ensure you have set up Amazon EC2 CLI scripts …

Download tools from here http://aws.amazon.com/developertools/351

Generate certificates in the security credentials section of AWS control panel

Set up environment variables in your .bash_profile (using your key paths, and your preferred EC2 region)

export EC2_PRIVATE_KEY=/path/to/ec2-private-key.pem
export EC2_CERT=/path/to/ec2-cert.pem
export EC2_URL=https://eu-west-1.ec2.amazonaws.com

2) Ensure you have imported your public ssh key (replace paul-public-key with whatever label you want to use)

for r in us-east-1 us-west-1 ap-southeast-1 eu-west-1; do ec2-import-keypair --region $r paul-public-key --public-key-file ~/.ssh/id_rsa.pub ; done

3) Setup an elastic IP, and then create DNS entries for your mail server, that point to that IP. Let’s assume you are going to call your mail server mail1.example.com, you will need records in example.com’s zone for:

mail1 CNAME ec2-xxx-xxx-xxx-xxx.eu-west-1.compute.amazonaws.com.
mail1 MX 10 mail1

Where xxx-xxx-xxx-xxx is your elastic IP. For other domains, you can then point their MX records to mail1.example.com.

4) Setup a security group for your Zimbra server with the desired ports open (25,80,443, 110, 143, 389, 443, 993, 995, 7071, 7110, 7995, 7143, 7993 etc… ).

ec2-create-group "Zimbra ZCS" -d "Zimbra Collaboration Suite Group"
ec2-authorize "Zimbra ZCS" -P icmp -t -1:-1
ec2-authorize "Zimbra ZCS" -P tcp -p 22
ec2-authorize "Zimbra ZCS" -P tcp -p 25
ec2-authorize "Zimbra ZCS" -P tcp -p 80
ec2-authorize "Zimbra ZCS" -P tcp -p 7071

Instructions

1) Launch a new instance. Replace paul-public-key with the name of your public key (this will need to have been imported into AWS previously). The -g switch refers to your security group. We are using 100GB as the main disk size, as by default they are too small for a Zimbra installation.

// This will launch a new launch instance of Ubuntu 10.04 LTS
ec2-run-instances -t m1.large -g "Zimbra ZCS" -k paul-public-key -b "/dev/sda1=:100:false" ami-cc0e3cb8 --region eu-west-1

2) SSH in and resize the filesystem to the full disk size. Run ec2-describe instances to find your new instance’s IP address, then ssh in to it and resize the file system.

ssh ubuntu@your-instance-public-ip
sudo su -
resize2fs /dev/sda1

3) Assign the elastic IP you chose earlier

// Check your instances ID
ec2-describe-instances
// Associate the address to the instance
ec2-associate-address ELASTIC_IP_ADDRESS -i INSTANCE_ID

4) Set up hostname on the system

echo 'mail1.example.com' > /etc/hostname
echo '127.0.0.1 mail1.example.com mail1' >> /etc/hosts
hostname mail1.example.com

Then check it works with..

hostname --fqdn

IMPORTANT: The commands above specify 127.0.0.1 as the IP for the system’s hostname in /etc/hosts. You need all 3 fields listed in /etc/hosts (eg. 127.0.0.1 mail1.example.com mail1) – otherwise LDAP install fails as it tries to connect to resolved elastic IP. In addition, use a CNAME for the public DNS MX records hostname instead of A record, then when it is resolved internally, it should get a local IP, which should assist postfix with LMTP lookups. If you don’t do this you will get issues – http://wiki.zimbra.com/wiki/Incoming_Mail_Problems – A crude fix is to open port 7025 in the security group, but the CNAME is better.
4) Download Zimbra

cd /root/ 
mkdir zimbra
cd zimbra
// Download the appropriate version for your Linux distribution (and architecture, e.g. 64 bit)
wget http://files.zimbra.com/downloads/7.1.3_GA/zcs-7.1.3_GA_3346.UBUNTU10_64.20110928134610.tgz
tar -xvzf zcs-7.1.3_GA_3346.UBUNTU10_64.20110928134610.tgz

5) Install dependencies

apt-get install libperl5.10 sysstat sqlite3

6) Install Zimbra (this takes about 10-15 minutes)

./install.sh

Keep all default settings and proceed with install

When it complains “DNS ERROR – none of the MX records for mail1.example.com resolve to this host” say No to change domain name.

Set password… at menu (make a note of it).

Apply changes.

You can login to the web interface with:

u: [email protected]
p: whatever you set in the install script

http://mail1.example.com/
https://mail1.example.com:7071/zimbraAdmin/

Try sending a test e-mail to [email protected] – you should be able to log in to the web interface and view it.

References:

http://alestic.com/index.html – Ubuntu Image List

http://www.zimbra.com/downloads/os-downloads.html – Zimbra Downloads

http://elijahpaul.co.uk/2011/09/installing-zimbra-7-0-zcs-on-ubuntu-10-04-lts-using-amazon-aws/