Search squid archive

Re: Re: squid_kerb_auth high CPU usage

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



hi Markus,

Thanks for your quick response and the information!

"export KRB5RCACHETYPE=none" in squid init script did the job, high cpu usage is gone.

Squid Version is 2.7Stable6, Requests per second are about 20 average, i don´t know if this is low, medium or high squid load, i would guess low :)

Thanks again for your help!

Regards jay



-------- Original-Nachricht --------
> Datum: Wed, 24 Jun 2009 20:25:59 +0100
> Von: "Markus Moeller" <huaraz@xxxxxxxxxxxxxxxx>
> An: squid-users@xxxxxxxxxxxxxxx
> Betreff:   Re: squid_kerb_auth high CPU usage

> BTW What is your request/sec rate so that I can judge better if  it is a 
> general low, medium or high squid load ?
> 
> Thank you
> Markus
> 
> "J.J." <jayjayjay@xxxxxx> wrote in message 
> news:20090624140826.52200@xxxxxxxxxx
> > hi Everybody!
> >
> > i have a problem with authentication helper squid_kerb_auth.
> > It's consuming too much CPU. 15 min Load average from the squid server
> is 
> > about 5, 5 min average peaks upto 13, see top output
> >
> > top - 13:48:13 up 15:45,  5 users,  load average: 8.23, 6.21, 4.85
> > Tasks: 175 total,   2 running, 173 sleeping,   0 stopped,   0 zombie
> > Cpu(s): 11.0%us, 25.6%sy,  0.0%ni, 45.6%id, 16.3%wa,  0.2%hi,  1.3%si, 
> > 0.0%st
> > Mem:   2073876k total,  2020008k used,    53868k free,   251548k buffers
> > Swap:  2031608k total,      640k used,  2030968k free,  1029856k cached
> >
> > The Cache serves about 350 Users, OS is Fedora 10.
> >
> > From stracing a helper process i saw its opening/writing/reading from
> and 
> > to "/var/tmp/HTTP_501" , which is a 150-200k file, growing and shrinking
> > all the time, containing all the Usernames a few times.
> >
> > Kerberos as itself works as intended. I already changed number of helper
> > childs, did not help.
> >
> > I found no suspicious alerts in the cache log or other system logs, just
> > high CPU Usage.
> >
> > Does anybody know if this behaviour is OK, or how to debug it?
> >
> > This HTTP_501 file, which contains every Username more than redundant, 
> > also makes me curious, as HTTP 501 is error code for "not implemented"
> >
> > Anybody with Kerberos Config here that can help me with this?
> >
> > Thanks!
> >
> > Regards
> >
> > jay
> >
> >
> > ---krb5.conf
> >
> > [logging]
> > default = SYSLOG:VERBOSE:USER
> >
> > [libdefaults]
> > default_realm = XXXX
> > dns_lookup_realm = false
> > dns_lookup_kdc = false
> > default_keytab_name = FILE:/etc/krb5.keytab
> > clockskew = 300
> >
> > ...
> >
> > [appdefaults]
> > pam =
> > {
> > debug = false
> > ticket_lifetime = 36000
> > renew_lifetime = 36000
> > forwardable = true
> > krb4_convert = false
> > }
> >
> > -- 
> > GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT!
> > Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01
> > 
> 

-- 
GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT!
Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux