squid3 cache server compilation installation and high hit ratio configuration example
- 2020-05-13 03:57:59
- OfStack
Today, I conducted a small pressure test on my varnish. Of the 8000 concurrency in 40s, not one failed, and it is estimated that I can bear more concurrency. Let alone varnish, I recently found a configuration file of squid with a high hit rate, which is certainly the configuration file of squid3.0.
System: centos 5. x
Need software: squid 3.0. STABLE25. tar. gz
1. Download squid
wget http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE25.tar.gz
tar zxf squid-3.0.STABLE25.tar.gz && cd squid-3.0.STABLE25
2. Compile squid
./configure --prefix=/usr/local/squid \
--enable-async-io=100 \
--with-pthreads \
--enable-storeio="aufs,diskd,ufs" \
--enable-removal-policies="heap,lru" \
--enable-icmp \
--enable-delay-pools \
--enable-useragent-log \
--enable-referer-log \
--enable-kill-parent-hack \
--enable-arp-acl \
--enable-default-err-language=Simplify_Chinese \
--enable-err-languages="Simplify_Chinese English" \
--disable-poll \
--disable-wccp \
--disable-wccpv2 \
--disable-ident-lookups \
--disable-internal-dns \
--enable-basic-auth-helpers="NCSA" \
--enable-stacktrace \
--with-large-files \
--disable-mempools \
--with-filedescriptors=65536 \
--enable-ssl \
--enable-x-accelerator-var
make
make install
make install-pinger
3. The configuration squid
cp /usr/local/squid/etc/squid.conf /usr/local/squid/etc/squid.conf.old
>/usr/local/squid/etc/squid.conf
ln -s /usr/local/squid/etc/squid.conf /etc/squid.conf
squid.conf:
#accel listen port
http_port 80 accel vhost vport
#accel domain
cache_peer xx.xx.xx.xx parent 80 0 no-query originserver no-digest name=a
cache_peer_domain a blog.slogra.com
#acl
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 8080
acl LanSrc src all
acl LanDst dst all
acl LanDstDM dstdomain blog.slogra.com
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow LanSrc
http_access allow LanDst
http_access allow LanDstDM
http_access deny all
#base
visible_hostname blog.slogra.com
cache_mgr rocdk890@gmail.com
cache_effective_user squid
cache_effective_group squid
error_directory /usr/local/squid/share/errors/Simplify_Chinese
icon_directory /usr/local/squid/share/icons
mime_table /usr/local/squid/etc/mime.conf
cache_replacement_policy lru
#cache_dir
cache_dir aufs /var/cache1 32768 64 64
cache_dir aufs /var/cache2 32768 64 64
cache_mem 2048 MB
max_open_disk_fds 0
#maximum_object_size 512 KB
#maximum_object_size_in_memory 256 KB
maximum_object_size 20 MB
maximum_object_size_in_memory 8 MB
#keepalived
client_persistent_connections off
server_persistent_connections on
#persistent_request_timeout 60 seconds
#memory_pools on
#memory_pools_limit 64 MB
forwarded_for on
log_icp_queries off
via off
httpd_suppress_version_string off
ie_refresh off
tcp_recv_bufsize 32 KB
#acl webservices rep_header Server -i ^linuxtoneWS ^Apache ^nginx
#broken_vary_encoding allow webservices
#hidden the squid header
#reply_header_access Server deny all
#reply_header_access X-Cache deny all
#reply_header_access Warning deny all
#reply_header_access Expires deny all
#reply_header_access Cache-Control deny all
#reply_header_access age deny all
#reply_header_access All deny all
ipcache_size 1024
ipcache_low 90
ipcache_high 95
memory_replacement_policy lru
hosts_file /etc/hosts
request_header_max_size 128 KB
#deny cache
hierarchy_stoplist cgi-bin ? \.php
acl QUERY urlpath_regex cgi-bin\? \.php
cache deny QUERY
#request_body_max_size 0 KB
refresh_pattern ^ftp: 60 20% 10080
refresh_pattern ^gopher: 60 0% 1440
refresh_pattern . 0 20% 1440
refresh_pattern -i \.css$ 360 50% 2880 reload-into-ims
refresh_pattern -i \.js$ 1440 50% 2880 reload-into-ims
refresh_pattern -i \.html$ 720 50% 1440 reload-into-ims
refresh_pattern -i \.jpg$ 1440 90% 2880 ignore-reload
refresh_pattern -i \.gif$ 1440 90% 2880 ignore-reload
refresh_pattern -i \.swf$ 1440 90% 2880 ignore-reload
refresh_pattern -i \.jpg$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.png$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.bmp$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.doc$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.ppt$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.xls$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.pdf$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.rar$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.zip$ 1440 50% 2880 ignore-reload
refresh_pattern -i \.txt$ 1440 50% 2880 ignore-reload
quick_abort_min 20 KB
quick_abort_max 20 KB
quick_abort_pct 95
connect_timeout 1 minute
negative_ttl 0 minutes
read_timeout 30 seconds
pconn_timeout 120 seconds
shutdown_lifetime 5 seconds
strip_query_terms off
#snmp
#snmp_port 3401
#acl snmppublic snmp_orgmunity snsimg
#snmp_access allow snmppublic localhost
#snmp_access deny all
icp_port 0
# logfile
emulate_httpd_log on
#logformat combined %{X-Forwarded-For}>h %ui %un [%tl] " %rm %ru HTTP/%rv " %Hs %<st " %{Referer}>h " " %{User-Agent}>h " %Ss:%Sh
#access_log none
#access_log /data/logs/access.log combined
logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt
access_log /var/log/squid/access.log squid
#cache_store_log /var/log/squid/store.log
cache_store_log /dev/null
cache_log /var/log/squid/cache.log
logfile_rotate 12
# MISCELLANEOUS
store_objects_per_bucket 15
client_db off
4. Create a directory
/usr/sbin/groupadd squid
/usr/sbin/useradd -g squid squid
mkdir -p /var/log/squid
chown -R squid:squid /var/log/squid
mkdir -p /var/{cache1,cache2}
chown -R squid:squid /var/{cache1,cache2}
Initializes the cache directory of squid
/usr/local/squid/sbin/squid -z
Start the squid
/usr/local/squid/sbin/squid -D
If you don't like this way of booting, you can find an squid booting script for yourself, which is not displayed here. When squid is up and running, you can use the following command to check the hit ratio:
/usr/local/squid/bin/squidclient -p 80 mgr:info
Okay, so you're going to have to search for the other squid commands, and that's it.