On 29/04/2015 9:18 a.m., Brendan Kearney wrote:
> i have 2 squid instances behind HAProxy, balanced using leastconn. each
> proxy server has a NFS mount under /etc/squid/acls/ where external acls
> are kept. because the NFS mount is common to both instances, i only
> need to make an update in one place and both proxies will get the
> update. when i put this together, i wanted a means of reconfiguring
> squid in some sort of automated fashion, based on if the acl files (or
> their contents) were changed.
>
> below is the script i came up with for that. i call the script from
> root's crontab once every 5 minutes (mind the wrap):
>
> */5 * * * * /root/bin/SquidReconfigure #reconfigure squid if ACL files
> have been updated
>
> the script will create a temp file and write the time of last
> modification in seconds since Epoch to the temp file for tracking. if
> the value changes, the temp file is updated and a flag is set to
> indicate that a reconfigure is warranted. when the reconfigure is
> performed, it logs via logger/syslog that a refresh was performed.
>
> the logic is tested and running on my boxes and works nicely for my
> needs. because i am a small environment and can deal with the fact the
> proxies are performing these actions at the same time, i don't need to
> stagger the offset for each server. if your reconfigure action takes a
> long time, you may want to consider what options you have in order to
> continue providing functionally available services.
>
> #!/bin/bash
>
> aclDir=/etc/squid/acl
> statFile=/tmp/squidStats
> reconfigure=0
>
> for aclFile in $(ls $aclDir)
> do
> previous=$(grep ^$aclFile\ $statFile |awk '{print $2}')
> current=$(stat -t $aclDir/$aclFile -c %Y)
>
> if [ $current != $previous ]
> then
> #echo -e $aclFile' \t'"change found"
> # mind the wrap on the below line
> sed -i -e "s/$aclFile\ $previous/$aclFile\ $current/" $statFile
> #echo -e $aclFile' \t'"settting marker"
> reconfigure=1
> fi
> done
>
> if [ $reconfigure = 1 ]
> then
> #echo "reconfiguring squid"
> squid -k reconfigure
> logger -t '(squid-1)' -p 'local4.notice' Squid ACL Refresh
> fi
I'd be using -k check in that setup instead of -k reconfigure. Check
only reconfigures the runnign process if the config is still operational.
Or, you can also script with the squidclient command line tool to send
mgr:reconfigure requests to the proxy. (with a squid -k parse beforehand)
Or, you can set the file(s) on a filesystem trigger so the script only
ever runs when the are changed.
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
