I have built a few edge servers using squid, one was discussed here. I just realized that I haven’t wrote down how I did it. So here it is :
note: squid 2.6 introduce a new syntax for httpd acceleration. This guide is specific to squid 2.6 or later. (httpd_accel directives are not used in this guide)
1. Install squid
Prefereably using your distro’s package management software (example: “aptitude install squid” on Debian-based distro, or “yum install squid” on Fedora)
But in certain cases you may wish to download the latest version, which you may download from http://www.squid-cache.org/Download/
When I wrote this, 2.6 is the latest stable version.
But you may wish to install version 3.0 instead, for example; if you’re going to install squid as a proxy server, and you wish to save bandwidth by making all of its outgoing requests to specify compression.
However, at this time, squid version 3.0 is not of production quality yet. You have been warned.
Anyway, if you install squid from source, it’s usually as easy as :
## prepare directories
## setup the correct permissions
chown -R nobody:nobody /usr/local/squid/var/logs/
chown -R nobody:nobody /usr/local/squid/var/cache/
2. Setup squid.conf
Here’s the minimum settings required to make squid work as an edge server :
http_port 80 accel defaultsite=www.myaccelerateddomain.com vhost
cache_peer www.myaccelerateddomain.com parent 1234 0 no-query originserver login=PASS
http_access allow all
icp_access allow all
### Disk cache: 4096 MB, 16 top directories max, 256 second-level directories max
cache_dir ufs /usr/local/squid/var/cache 4096 16 256
You may need to change more options, but in most cases, these would be enough.
Some optimizations :
== cache_mem 512 MB : set the cache memory to 512 MB. Adjust to your own situation.
== collapsed_forwarding on : imagine when there are 50 requests for the same page that’s not in the squid’s cache yet. Normally, squid will pass all of them to the webserver. But with this option turned on, squid will pass just one request to the webserver, get the result, and then reply to all 50 of them. Very nice.
== maximum_object_size 4096 KB : More than this, and we’ll be using up the cache disk space faster than we’d like.
== maximum_object_size_in_memory 1024 KB : More than this, and we’ll be using up the cache memory faster than we’d like.
== access_log /usr/local/squid/var/logs/access.log combined : this gives most details in the logfile, but will eat up disk space faster
3. Move webserver from port 80
In the squid.conf above, we specified that the webserver will be listening on port 1234 instead.
So make the necessary adjustments to your webserver’s settings.
4. Restart webserver, and then start squid
Restart your webserver, and then start squid with :
## create the cache directories first
## start squid
5. Done !
That’s it, now squid will be answering all the requests for your webserver, and will only forward the requests to the webserver if necessary.
6. Problems ?
- Some Linux distros by default can only have max 1024 files opened simultaneously. When you have squid running in a busy server, this limit can be very quickly exceeded. When that happened, your server will lock up in a rather spectacular way. Yes, you definitely don’t want this to happen to your server.
Fortunately, this can be easily fixed, by typing ulimit -n [some numbers]. Example; ulimit -n 4000 will increase the open file limit to 4000.
- Make it all automatic : To avoid doing these again and again, insert the following lines in the startup script (probably /etc/rc.local or something like that) :
ulimit -n 4000
- Squid still will NOT cache your pages?
Sometimes this can be caused by lack of any hint from webserver/PHP, making squid unsure whether to cache this page or not — and to be on the safe side, it default to NOT caching the page.
To assure squid that it’s okay to cache, put the following lines in the right place of your Apache configuration file :
ExpiresDefault “access plus 1 week”
Finally, enjoy ! Your server will now serve incoming slashdotting / digg / other kind of massive incoming traffic without breaking a sweat.