A Dovecot active-active deployment keeps IMAP and POP3 access available on multiple nodes so client connections can be spread across servers without relying on a single active instance during maintenance or node failures.
In a Pacemaker cluster managed by pcs, Dovecot can be modeled as a systemd resource and cloned so each node runs its own dovecot.service instance. Pacemaker monitors the unit and restarts it when the service stops, while client traffic distribution stays outside the cluster via a load balancer or DNS.
Service active-active does not replicate mailbox data on its own. Mailbox storage, authentication backends, UID/GID mapping, and TLS material must match across nodes, and shared-storage environments may require Dovecot tuning to reduce index corruption risk before handing start/stop control to the cluster.
Steps to set up Dovecot active-active with PCS:
- Confirm the cluster is online with quorum.
$ sudo pcs status Cluster name: clustername Cluster Summary: * Stack: corosync (Pacemaker is running) * Current DC: node-01 (version 2.1.6-6fdc9deea29) - partition with quorum * Last updated: Thu Jan 1 04:43:11 2026 on node-01 * Last change: Thu Jan 1 04:43:09 2026 by root via cibadmin on node-01 * 3 nodes configured * 0 resource instances configured Node List: * Online: [ node-01 node-02 node-03 ] Full List of Resources: * No resources Daemon Status: corosync: active/enabled pacemaker: active/enabled pcsd: active/enabled
- Confirm mailbox storage is shared with a consistent mount path on every node.
$ sudo doveconf -n | grep '^mail_location' mail_location = maildir:/var/vmail/%d/%n $ findmnt -n /var/vmail /var/vmail tmpfs tmpfs rw,relatime
Active-active without shared or replicated mailbox data can present different mailbox state per node and may corrupt Dovecot index files.
- Identify the Dovecot service unit name.
$ systemctl list-unit-files --type=service | grep -E '^dovecot\.service' dovecot.service disabled enabled
- Create the Dovecot service resource.
$ sudo pcs resource create dovecot_service systemd:dovecot op monitor interval=30s
Related: How to create a Pacemaker resource
- Clone the Dovecot service resource across nodes.
$ sudo pcs resource clone dovecot_service
- Verify the cloned resource status.
$ sudo pcs status resources * Clone Set: dovecot_service-clone [dovecot_service]: * Started: [ node-01 node-02 node-03 ] - Disable automatic dovecot.service startup on each node.
$ sudo systemctl disable dovecot Synchronizing state of dovecot.service with SysV service script with /usr/lib/systemd/systemd-sysv-install. Executing: /usr/lib/systemd/systemd-sysv-install disable dovecot Synchronizing state of dovecot.service with SysV service script with /usr/lib/systemd/systemd-sysv-install. Executing: /usr/lib/systemd/systemd-sysv-install disable dovecot Synchronizing state of dovecot.service with SysV service script with /usr/lib/systemd/systemd-sysv-install. Executing: /usr/lib/systemd/systemd-sysv-install disable dovecot
Pcs-managed starts still work for disabled systemd units.
- Confirm Dovecot is listening on expected mail ports on each node.
$ sudo ss -lntp | grep -E ':(143|993|110|995)\b' LISTEN 0 100 0.0.0.0:995 0.0.0.0:* users:(("dovecot",pid=184664,fd=23)) LISTEN 0 100 0.0.0.0:993 0.0.0.0:* users:(("dovecot",pid=184664,fd=38)) LISTEN 0 100 0.0.0.0:143 0.0.0.0:* users:(("dovecot",pid=184664,fd=37)) LISTEN 0 100 0.0.0.0:110 0.0.0.0:* users:(("dovecot",pid=184664,fd=22)) - Update client routing to distribute traffic across active nodes.
- Run a failover test with client distribution enabled.
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
