So I'm trying to setup a config much like the one documented here for squid v3.5.26: https://wiki.squid-cache.org/ConfigExamples/SmpCarpCluster The frontend which is bumping the ssl connections however is throwing the error: 2017/08/25 17:11:40 kid1| Set Current Directory to /var/spool/squid 2017/08/25 17:11:40 kid1| Starting Squid Cache version 3.5.26 for x86_64-redhat-linux-gnu... 2017/08/25 17:11:40 kid1| Service Name: squid 2017/08/25 17:11:40 kid1| Process ID 13817 2017/08/25 17:11:40 kid1| Process Roles: worker 2017/08/25 17:11:40 kid1| With 16384 file descriptors available 2017/08/25 17:11:40 kid1| Initializing IP Cache... 2017/08/25 17:11:40 kid1| DNS Socket created at [::], FD 12 2017/08/25 17:11:40 kid1| DNS Socket created at 0.0.0.0, FD 13 2017/08/25 17:11:40 kid1| Adding domain lab.ppops.net from /etc/resolv.conf 2017/08/25 17:11:40 kid1| Adding nameserver 10.21.43.21 from /etc/resolv.conf 2017/08/25 17:11:40 kid1| Adding nameserver 10.21.44.254 from /etc/resolv.conf 2017/08/25 17:11:40 kid1| Adding nameserver 10.21.44.255 from /etc/resolv.conf 2017/08/25 17:11:40 kid1| helperOpenServers: Starting 5/10 'ssl_crtd' processes 2017/08/25 17:11:40 kid1| storeDirWriteCleanLogs: Starting... 2017/08/25 17:11:40 kid1| Finished. Wrote 0 entries. 2017/08/25 17:11:40 kid1| Took 0.00 seconds ( 0.00 entries/sec). FATAL: Ipc::Mem::Segment::open failed to shm_open(/squid-ssl_session_cache.shm): (2) No such file or directory Squid Cache (Version 3.5.26): Terminated abnormally. CPU Usage: 0.033 seconds = 0.023 user + 0.010 sys Maximum Resident Size: 52512 KB Page faults with physical i/o: 0 I've verified that /dev/shm is mounted and based on the list of files in there, clearly squid is able to create files there, so it's not a Linux/shm config issue. my frontend.conf: # BEGIN CONFIG http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=100MB cert=/etc/squid/ssl_cert/myCA.pem ssl_bump bump all sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/squid/ssl_db -M 4MB sslcrtd_children 10 sslproxy_session_cache_size 100 MB # add user authentication and similar options here http_access allow manager localhost http_access deny manager # add backends - one line for each additional worker you configured # NOTE how the port number matches the kid number cache_peer localhost parent 4002 0 carp login=PASS name=backend-kid2 cache_peer localhost parent 4003 0 carp login=PASS name=backend-kid3 #you want the frontend to have a significant cache_mem cache_mem 10 GB # change /tmp to your own log directory, e.g. /var/log/squid access_log /var/log/squid/frontend.access.log cache_log /var/log/squid/frontend.cache.log # the frontend requires a different name to the backend(s) visible_hostname frontend.company.com forwarded_for transparent #END CONFIG So here's the funny thing... this worked fine until I enabled ssl-bumping on the backends (I was debugging some problems and on a whim I tried enabling it). That didn't solve my problem and so I disabled ssl bumping on the backends. And that's when this SHM error started happening with my frontend. Re-enabling ssl-bump on the backends fixes the SHM error, but I don't think that would be a correct config? Seems like there's some stale state being left on the filesystem which is causing this problem, but I'm at a loss to figure out where/what it is. -- Aaron Turner https://synfin.net/ Twitter: @synfinatic My father once told me that respect for the truth comes close to being the basis for all morality. "Something cannot emerge from nothing," he said. This is profound thinking if you understand how unstable "the truth" can be. -- Frank Herbert, Dune _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
