Deploying & Running Axigen in Docker (Axigen X2 & X3)

Introduction

In order to run the Axigen mail service in a Docker container, you will need to download, deploy, and run the Axigen Docker image.

This page will show you how the Axigen Docker image works and how to use it in order to make a new mail server instance for Axigen versions X2 and X3.

Axigen Docker Image Structure

The image relies on a CentOS 8 image; on it, Axigen is installed (from RPM) and basic configuration is performed.

The disk structure obeys the RPM defined structure:

• /opt/axigen — binaries and other files

• /var/opt/axigen — data files

The /var/opt/axigen is configured as a Docker volume and must be preserved between container runs, to preserve the mail server data (configuration, mailbox data, etc.).

The following services are enabled and mapped as 'exposed' TCP ports in Docker:

• SMTP (25 - non secure, 465 - TLS)

• IMAP (143 - non secure, 993 - TLS)

• POP3 (110 - non secure, 995 - TLS)

• WEBMAIL (80 - non secure, 443 - TLS)

• WEBADMIN (9000 - non secure, 9443 - TLS)

• CLI (7000 - non secure)

• FTP (21 - non secure)

Using the Axigen Image / Container

An important point is that the Axigen instance data is not the container itself (which holds just package files — binaries and so on) but the "/var/opt/axigen" volume, which holds the actual server configuration and the server (mailbox / users) data. A container may be deleted, upgraded (new container created from a newer image), stopped, started, and the server data will be preserved, as long as the Docker volume which is mapped upon container startup is preserved.

1. Creating a New Axigen Mail Server Instance

The Axigen data volume may be mapped, upon container creation, to the Docker volume or to a host filesystem path (bind mount). The latter approach is recommended, allowing the administrator to examine the Axigen data files (storage, logs, configuration) directly from the Docker host.

The following options are used:

• -d → detach from the container (since we want it to run in the background)

• -t → allocate a pseudo-TTY to allow capturing Axigen stdout in the Docker logs

• -v → map a volume in /var/opt/axigen; <volume> may be a Docker volume or a local host path (bind mount). See the The Axigen data volume section below for more details

• -p → port mapping: map the ports exposed by the container (Axigen, in this case) to host ports. In the example above, ports 443 (WebMail), 9443 (WebAdmin), 993 (IMAPs) and 995 (POP3s), 25 (SMTP) and 465 (SMTPs) are mapped. The Axigen container also exposes other ports which may me mapped, if needed (see the Image structure section).

When the Axigen data volume (be it a Docker volume or a bind mount) is first used in the container, it will be initialized.
Upon creation, the container will also be started.

Check that the container is running:

The output should display a running container, along with the port mapping and other information:

At this point, if the WebAdmin port was mapped (-p 9443:9443), the Axigen WebAdmin interface should be accessible via the host IP: https://localhost:9443/. 

2. Stopping and Starting the Container

A running Axigen container may be stopped by using the docker stop <container_id> command, where the <container_id> is obtained from the output of the docker ps command. Axigen containers (including stopped ones) may be viewed with the docker ps -a -f ancestor=axigen command. When a container is stopped, its full state is preserved, only the Axigen process is stopped.

A stopped Axigen container may be started by using the docker start <container_id> command.

You can as well restart the container (also restarts the Axigen service) by using the  docker restart <container_id> command.

3. Updating an Axigen Image to the Latest Version Available

Use the following command to update your local axigen/axigen image to the latest version:

After an image is updated, you will need to recreate the axigen instance with an existing axigen data volume as described below.

4. Deleting a Container

The administrator may delete an Axigen container (without deleting the actual data — configuration and domains, which is stored in the Axigen data volume).

A stopped Axigen container may be deleted by using the docker rm <container_id> command. Please note that only stopped containers may be deleted.

Along with the container, all data which is not Axigen data volume (e.g. shell history, system logs) will be lost.

5. Recreating an Axigen Instance with an Existing Axigen Data Volume

If the Axigen data volume was preserved, a new container may be created using the same volume; the admin password, configuration and domain data will be preserved. The same command as for the initial instance creation is used, but providing an existing, populated Axigen data volume as the fist parameter in the -v mapping.

This method is also used for the following purposes:

• Upgrading to a newer version of Axigen

• Recreating the container ↔ host port mapping

6. The Axigen Data Volume

Using a host filesystem path (bind mount)

A directory on the host must be created. If selinux (for Linux hosts) is used, the folder must be labeled with the svirt_sandbox_file_t selinux label.

Example:

This way, the administrator may access files from the axigen var partition (logs, configurations) without accessing the Docker container itself.

More information about Docker bind mounts here: https://docs.docker.com/storage/bind-mounts/

Using a Docker Volume

A persistent Docker volume may be used. If it does not exist, it will be automatically created on the container instantiation.

More information about Docker volumes here: https://docs.docker.com/storage/volumes/