Search squid archive

Re: squid and netdata causes squid to drop SYN?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 21/01/20 9:09 pm, Alex Rousskov wrote:

On 1/20/20 11:28 PM, Amish wrote:


2) Is calling squidclient so frequently a right thing to do by netdata?

The answer depends on what cache manager query (or queries) your netdata
is sending to Squid. Sending some queries every second is perfectly
fine, but there are other, "heavy" queries that should not be sent so
often and could, if sent with a high enough concurrency level,
effectively DoS a Squid instance. For example, queries that require
iterating all cached objects should not be sent to busy Squids.

If netdata does not document the queries it uses, you can probably use
Squid access.log to figure out what queries netdata is sending (and how
long they take).


Thanks Matus UHLAR and Alex for responses.
I have not gone in detail through netdata sources but here is whatever I could find.
Squid python code that runs HTTP query on squid: (I have never coded in python) 
https://github.com/netdata/netdata/blob/master/collectors/python.d.plugin/squid/squid.chart.py
Configuration that decides what to query. (netdata chooses one of options specified) 
https://github.com/netdata/netdata/blob/master/collectors/python.d.plugin/squid/squid.conf
It appears that it runs a query on "counters". But I dont know if that is counted as a "heavy" query or not. 


N.B. If netdata is killing the previous query when starting a new
would-be-concurrent query, then there should be no DoS conditions -- a
single "heavy" query may slow Squid down a bit but should not stall the
whole Squid instance. Thus, if netdata ensures that the number of
concurrent cache manager queries is small, then there may be a Squid bug
related to terminating an aborted query. Otherwise, one could argue that
the lack of concurrency controls is a netdata bug.
Not sure if netdata terminates previous query or not. But I do see use of keep-alive in netdata code.
And also I completely understand that this area needs to be looked upon by netdata team. I will follow up with them.
But posting here just case, a quick glance can reveal a squid bug (or buggy approach by netdata) somewhere. 

Thanks again and regards,

Amish.

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux