Checklist
There is some things that you must have before being able to run James on your Kubernetes Cluster.
MUST have
Those are absolutely necessary if you want at least James to start without crashing.
-
Setup RabbitMQ and create James user in it.
-
Create a Kubernetes namespace for James deployment.
-
A
distributed
version of James image. -
An ObjectStorage compatible with S3 APIs.
-
Configure JWT keys, keystores.
-
Adding the proper
mailetcontainer.xml
file with other conf files in James Helm package
With those you should be able to startup James for first tests without having it crashing. However it’s still not enough to have it fully functional.
Should have
-
Cassandra nodes deployed.
-
Put valid Cassandra keyspaces in the configuration.
-
Have an appropriate email domain (Contact your Domain Service Provider)
-
Create your Domain SPF and DKIM Record. See document [here](https://james.apache.org/howTo/)
-
OpenSearch nodes deployed.
-
DNS registered entries for JMAP, IMAP, SMTP, Webadmin.
-
Enable Ingress and create the secret for TLS certificate used by Ingress.
-
Preproduction: Usually, we use cert-manager to request a Let’s Encrypt Certificate. Remember to use the full chain certificate. You can verify that your certificate works well with
openssl
before adding the name of that secret to your James values. -
Production: Some certificates belonging to the client should exist already. See that with the team.
-
-
Change IMAP ports to NodePort if your Cloud Provider Load Balancer has short idle timeout and we need longer connections for performance reasons (and the RFC for IMAP states also we need 30 minutes for the timeout).
-
Use an external LB (ie. HA Proxy) to redirect traffic towards James IMAP service NodePort IPs and ports.
After setup operations
When all of this is working, normally your chain mail should be able to work. To check it you can:
-
Use a mail client (ThunderBird, Outlook, …) to test James IMAP.
-
Send a mail internally from one test account to an other.
-
Send a mail from James to an external mail provider (your Gmail, Yahoo account for example).
-
Send a mail from an external provider to James.
-
Use services like mail-tester to check your score.