Hi,
I've just move my squid 3.1.16 web caches over to using rsyslog
( Ubuntu 10.4 LTS OS) to move log files over to a centralised syslog
server for storage in a mysql database. Most of the time it works just
fine. Unfortunately I do seem to be seeing some blocking occurring
where a cache isn't accepting new inbound client connections. I've got
6 webcaches configured in 2 clusters of 3. When a problem occurs, I
can see about 50 - 100 concurrent connections on caches with the
problem, and 10 - 12K connections on the remaining normaly operating
ones. A restart of the rsyslog daemon on a problematic cache cures the
problem for a while, but it can come back.
From my squid.conf file
logformat hsyslog %tg,%ts.%tu,%>a,%la,150.237.199.249,%ul,%rm,HTTP/%rv,
%>Hs,%<st,%tr,%ru,%Ss:%Sh
# TAG: access_log
# These files log client request activities. Has a line every
HTTP or
# ICP request. The format is:
# access_log <filepath> [<logformat name> [acl acl ...]]
# access_log none [acl acl ...]]
#
# Will log to the specified file using the specified format (which
# must be defined in a logformat directive) those entries which
match
# ALL the acl's specified (which must be defined in acl clauses).
# If no acl is specified, all requests will be logged to this
file.
#
# To disable logging of a request use the filepath "none", in
which case
# a logformat name should not be specified.
#
# To log the request via syslog specify a filepath of "syslog":
#
# access_log syslog[:facility.priority] [format [acl1
[acl2 ....]]]
# where facility could be any of:
# authpriv, daemon, local0 .. local7 or user.
#
# And priority could be any of:
# err, warning, notice, info, debug.
#access_log /logs/access.log hcommon
access_log syslog:local0.info hsyslog
and from the rsyslog.d directory
$WorkDirectory /logs/rsyslog # where to place spool files
$ActionQueueFileName fwdRule1 # unique name prefix for spool files
$ActionQueueMaxDiskSpace 5g # space limit (use as much as possible)
$ActionQueueSaveOnShutdown on # save messages to disk on shutdown
$ActionQueueType LinkedList # run asynchronously
$ActionResumeRetryCount -1 # infinite retries if host is down
# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional
*.* @@150.237.85.216:514
Squid build with
#!/bin/bash
ulimit -SHn 49152
./configure --enable-snmp --enable-basic-auth-helpers="PAM" --
enable-cachemgr-hostname=wwwcache2-west.hull.ac.uk --enable-htcp --
enable-cache-digests --enable-async-io --prefix=/usr/local/squid --
with-pthreads --enable-removal-policies --enable-ssl -with-openssl=/
usr/local/ssl --disable-linux-netfilter -with-large-files --with-
maxfd=49152 --with-dl --enable-icmp --enable-poll --disable-ident-
lookups --enable-truncate --disable-delay-pools --disable-ipv6 --
disable-loadable-modules
root@wwwcache2-west:/usr/local/src/squid-3.1.16#
Anything I can change in the build to stop this blocking from happennig?
Rgds
Alex
==========
Time for another Macmillan Cancer Support event. This time its the 12
day Escape to Africa challenge
View route at http://maps.google.co.uk/maps/ms?ie=UTF8&hl=en&msa=0&msid=203779866436035016780.00049e867720273b73c39&z=8
Please sponsor me at http://www.justgiving.com/Alex-Sharaz