squid SMP notes

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

squid SMP notes

senor

It is unclear to me how the more recent 'multiple instance' configuration compares with that of 'SMP Scaling'.


Is there a short and sweet description of pros and cons or is the multiple instance simply the new way? The wiki pages vary in detail of implementation but don't directly state any advantage of one over the other. Further confusing me is my need to consider SSL Interception, ssl_crtd helpers and ecap. To be clear, I'm not looking for configuration help. Just some advice on which to pursue so I'm not rethinking the whole thing 6 months down the road.

Thank you for any help.



_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: squid SMP notes

Alex Rousskov
On 11/30/2016 11:10 PM, senor wrote:

> It is unclear to me how the more recent 'multiple instance'
> configuration compares with that of 'SMP Scaling'.
>
> Is there a short and sweet description of pros and cons or is the
> multiple instance simply the new way? The wiki pages vary in detail of
> implementation but don't directly state any advantage of one over the
> other. Further confusing me is my need to consider SSL Interception,
> ssl_crtd helpers and ecap. To be clear, I'm not looking for
> configuration help. Just some advice on which to pursue so I'm not
> rethinking the whole thing 6 months down the road.


SMP Squid is usually the correct way to deploy a single Squid on a
single beefy machine. "Multiple instances" is the correct way to host
multiple/different/independent Squids on a single machine. In some
cases, multiple Squid instances include SMP Squid instances! The two
features are essentially orthogonal.

Multiple Squid instances are also used (and abused) as a workaround for
various current SMP Squid limitations, which is where the confusion is
often coming from. If you think of a high-level description of what you
want to do, treating Squid as a black box "proxy", then you should be
able to classify your particular use case as a "ideally, a single Squid"
or "multiple/different/independent Squids" and go from there.

[ If you know Apache web server (httpd), then temporary consider
thinking of Squid as an Apache web server configured to proxy traffic.
Does your environment require multiple Apache servers or a single one?
Similar to Squid, Apache supports SMP scale, but that is a _secondary_
question. ]

Some of the current SMP Squid limitations are important and do require
either workarounds or development, but "multiple instance" propaganda
often comes from folks who do not understand SMP or have non-technical
phobias/biases against it. Often, those folks are far more vocal than
those who understand what is going on, so it is easy to get the wrong
impression that "multiple instances" is "more recent" or "the future".

SMP Squid is gradually getting better, with fewer exceptions that
require workarounds, including workarounds that involve multiple
instances. Multiple instances support is also getting better. Again,
each orthogonal feature targets a completely different problem area.

The above summary was true for several years, and I expect it to remain
accurate for the foreseeable future.


Sorry, I cannot provide detailed answers to your other good questions
right now.


HTH,

Alex.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: squid SMP notes

Eliezer Croitoru
In reply to this post by senor
May I ask about the purpose of the proxy? Caching or ACL?

Eliezer

----
http://ngtech.co.il/lmgtfy/
Linux System Administrator
Mobile: +972-5-28704261
Email: [hidden email]


From: squid-users [mailto:[hidden email]] On
Behalf Of senor
Sent: Thursday, December 1, 2016 8:11 AM
To: [hidden email]
Subject: [squid-users] squid SMP notes

It is unclear to me how the more recent 'multiple instance' configuration
compares with that of 'SMP Scaling'.

Is there a short and sweet description of pros and cons or is the multiple
instance simply the new way? The wiki pages vary in detail of implementation
but don't directly state any advantage of one over the other. Further
confusing me is my need to consider SSL Interception, ssl_crtd helpers and
ecap. To be clear, I'm not looking for configuration help. Just some advice
on which to pursue so I'm not rethinking the whole thing 6 months down the
road.
Thank you for any help.


_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: squid SMP notes

senor
On 12/7/2016 13:43, Eliezer Croitoru wrote:

> May I ask about the purpose of the proxy? Caching or ACL?
>
> Eliezer
>
> ----
> http://ngtech.co.il/lmgtfy/
> Linux System Administrator
> Mobile: +972-5-28704261
> Email: [hidden email]
>
>
> From: squid-users [mailto:[hidden email]] On
> Behalf Of senor
> Sent: Thursday, December 1, 2016 8:11 AM
> To: [hidden email]
> Subject: [squid-users] squid SMP notes
>
> It is unclear to me how the more recent 'multiple instance' configuration
> compares with that of 'SMP Scaling'.
>
> Is there a short and sweet description of pros and cons or is the multiple
> instance simply the new way? The wiki pages vary in detail of implementation
> but don't directly state any advantage of one over the other. Further
> confusing me is my need to consider SSL Interception, ssl_crtd helpers and
> ecap. To be clear, I'm not looking for configuration help. Just some advice
> on which to pursue so I'm not rethinking the whole thing 6 months down the
> road.
> Thank you for any help.
>
>
A combination of ACL, eCAP and caching is my goal. At the moment I'm
trying to make sense out of the statistics so I have metrics to guide
me. So now it's just a matter of comparing the various possible
configurations.

Is there a tool or option to log statistics in machine readable format?
SNMP doesn't expose as much as I'd like and cachemgr output needs to be
gawked down to something like a csv file but still account for kids?

Also, is ssl_crtd disk DB ok to share among workers or do they each need
their own? I just realized I forgot to give the workers their own DB but
it seems to be working. Although not under load.

I really appreciate the help.
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: squid SMP notes

Alex Rousskov
On 12/08/2016 01:07 AM, senor wrote:
> is ssl_crtd disk DB ok to share among workers

Yes, certificate generators support database sharing.

Alex.

_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users