Articles‎ > ‎Squid‎ > ‎

Web accelerator using squid

We have weird traffic pattern for one product which is pretty much random request for very big (several TB) content base. Running traditional cache in this situation is impossible because Linux/UNIX file system (pretty much any kind of) hits the ceiling when d-entry cache fills memory. Directory lookups becomes a real issue when number of files reaches 6-7 digit numbers. Thats where custom file storage comes to help. After trying COSS with little success (it was not quite stable in 2.6) I tried varnish but inability of varnish to keep persistent cache (which is fixed right now I believe) made it unattractive. So I returned to COSS after 2.7 came out and it appeared to be working great and in fact it was so much greater than native storage that I forgot my experiments with varnish and run squid right now with 4-digit number of requests per minute per server with almost no server load and manageable disk IO. I will probably revisit varnish someday when persistent cache gets into stable state - but beware - you need serious kernel tuning before you turn varnish into production, by default it tends to dump dirty pages in very big chunks during which it does not serve requests....

So here is working squid web accelerator config using several COSS files (to keep cache block size small). If you can distribute COSS files over different spindles  to get even higher performance. Note that we use "digest_generation off", because enabling it causes short squid outages every hour, since we don't exchange digest with any peers we don't need that feature.

visible_hostname www.mydomain.com
#debug_options ALL,2
http_port 80 vhost
icp_port 0
incoming_rate 15
digest_generation off
cache_peer 10.10.10.111 parent 8080 0 no-query no-digest default originserver name=wwwbackend
#acl www_domain dstdomain  .mydomain.com
acl www_domain dstdom_regex -i  ^www.*\.mydomain\.com\.?$
cache_peer_access wwwbackend allow www_domain
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
cache_mem 2 GB
maximum_object_size 5 MB
#maximum_object_size_in_memory 1 MB
maximum_object_size_in_memory 6 KB
#memory_replacement_policy heap GDSF
cache_dir coss /opt/squid/coss1 50000 block-size=4096 max-size=131072 membufs=400 max-stripe-waste=8192
cache_dir coss /opt/squid/coss2 50000 block-size=4096 max-size=131072 membufs=400 max-stripe-waste=8192
cache_dir coss /opt/squid/coss3 50000 block-size=4096 max-size=131072 membufs=400 max-stripe-waste=8192
cache_dir coss /opt/squid/coss4 50000 block-size=4096 max-size=131072 membufs=400 max-stripe-waste=8192
cache_dir coss /opt/squid/coss5 50000 block-size=4096 max-size=131072 membufs=400 max-stripe-waste=8192
cache_dir coss /opt/squid/coss6 50000 block-size=4096 max-size=131072 membufs=400 max-stripe-waste=8192
cache_swap_log /opt/squid/%s.swap
#cache_dir null /tmp
logformat mydomain %>a %{True-Client-IP}>h [%tl] "%rm %ru HTTP/%rv" %Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh %tr
access_log syslog:LOG_LOCAL5 mydomain
#access_log syslog:LOG_LOCAL5 squid
#access_log /var/log/squid/access.log squid
cache_store_log none
hosts_file /etc/hosts
authenticate_cache_garbage_interval 1 day
strip_query_terms off
refresh_pattern .               518400  80%     518400 ignore-reload ignore-private
forward_timeout 1 minute
connect_timeout 15 seconds
read_timeout 1 minute
request_timeout 15 seconds
persistent_request_timeout 5 seconds
shutdown_lifetime 5 seconds
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443          # https
acl SSL_ports port 563          # snews
acl SSL_ports port 873          # rsync
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl Safe_ports port 631         # cups
acl Safe_ports port 873         # rsync
acl Safe_ports port 901         # SWAT
acl purge method PURGE
acl CONNECT method CONNECT
acl snmp_mydomain snmp_community open_sesame
snmp_port 3401
snmp_access allow snmp_mydomain
snmp_access deny all
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow www_domain
http_access allow localhost
http_access deny all
http_reply_access allow all
icp_access deny all
header_access Cookie deny all
cache_effective_group proxy
client_db off
never_direct allow all
#### launch squid guard if you want to rewrite some URLs.
#redirect_program /usr/bin/squidGuard -c /etc/squid/squidGuard.conf
#redirect_children 120

This is config for 2.7, make sure to create COSS files of correct size with before you start it with this command:
dd if=/dev/zero bs=1048576 count=50000 of=/opt/squid/cossX where X is number. Note that you cannot increase COSS file size here without changing of block size so better add another one for cache expansion.
Comments