🔗 MultiCpuSystem
Squid-3.2 已合并实验性的多进程 SMP 支持。它的设计配置与此类似但有所不同,同时大大降低了进程实例管理的复杂性。
🔗 目录
Squid-3.1 及更早版本在多 CPU 或多核系统上的扩展性不佳。它的某些功能有所帮助,例如 DiskDaemon,或 COSS,或者将请求处理部分委托给外部辅助程序(如 Authenticators)的能力。但时至今日,Squid 仍然很大程度上受限于单核处理模型。虽然有计划最终使 Squid 能够有效利用多核系统,但通过使用经过微调的 MultipleInstances 设置,可能已经可以做些什么了。
它也面向 **专家系统管理员**。 MultipleInstances 难以管理和运行,系统集成取决于所选操作系统发行版的具体细节。
此处设置的目的是在系统上创建多个运行的 squid 进程
- 一个“前端”进程,它负责
- 认证
- 授权
- 日志记录、延迟池等。
- 内存热对象缓存
- 后端进程的负载均衡
- 重定向等。
- 一个“后端”进程集群,每个进程负责
- 磁盘缓存
- 承担繁重的网络负载
虽然此设置有望提高多核系统的整体吞吐量,但收益仍然受到限制,因为前端进程仍预计会成为瓶颈。如果有人将此投入生产,鼓励他们分享结果,以帮助其他人评估解决方案的有效性。
🔗 Squid 配置文件
对于一个包含 2 个后端的系统,有 5 个配置文件可供使用。您可以通过点击每个文件下方的文件名来下载它,无需复制粘贴。 .txt 扩展名是一个伪影,请将其删除。
🔗 acl
此文件包含所有运行实例通用的 ACL。这允许在不接触每个实例的情况下更改集群范围的参数。每个实例仍需要单独重新配置。
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 192.168.0.0/24
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
cachemgr_passwd somepassword all
🔗 通用后端参数
后端共享大部分配置,因此也将它们组合在一起是合理的。
#you want the backend to have a small cache_mem
cache_mem 4 MB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
shutdown_lifetime 3 second
#debug_options all,8
# add user authentication and similar options
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
🔗 前端
# acl are shared among instances
include /usr/local/etc/lab/common.acl.conf
http_port 3128
#add backends
cache_peer localhost parent 4001 0 carp login=PASS name=backend-1
cache_peer localhost parent 4002 0 carp login=PASS name=backend-2
#you want the frontend to have a significant cache_mem
cache_mem 512 MB
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
shutdown_lifetime 3 second
#debug_options all,8
# change /tmp to your own log directory, e.g. /var/log/squid
access_log /var/log/squid/frontend.access.log
cache_log /var/log/squid/frontend.cache.log
pid_filename /var/log/squid/frontend.pid
# add user authentication and similar options
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localnet
http_access allow localhost
http_access deny all
🔗 后端 1
# acl are shared among instances
include /usr/local/etc/lab/common.acl.conf
http_port 127.0.0.1:4001
visible_hostname backend-1
unique_hostname backend-1
cache_dir aufs /mnt/cache-1 10240 128 128
# change /var/log/squid to your own log directory
access_log /var/log/squid/backend-1.access.log
cache_log /var/log/squid/backend-1.cache.log
pid_filename /var/log/squid/backend-1.pid
include /usr/local/etc/lab/common.backend.conf
🔗 后端 2
# acl are shared among instances
include /usr/local/etc/lab/common.acl.conf
http_port 127.0.0.1:4002
visible_hostname backend-2
unique_hostname backend-2
cache_dir aufs /mnt/cache-2 10240 128 128
# change /var/log/squid to your own log directory
access_log /var/log/squid/backend-2.access.log
cache_log /var/log/squid/backend-2.cache.log
pid_filename /var/log/squid/backend-2.pid
include /usr/local/etc/lab/common.backend.conf
⚠️ Disclaimer: Any example presented here is provided "as-is" with no support
or guarantee of suitability. If you have any further questions about
these examples please email the squid-users mailing list.
类别: ConfigExample
导航:网站搜索、网站页面、分类、🔼 向上