Re: [squid-users] 100% CPU Load problem with squid 3.3.8

I don't see any logic here. Are you sure your squid is started not by root?
Is replacing 'root' by 'squid' or '*' solves issue as well?

On 09/11/2013 07:19 AM, Mohsen Dehghani wrote:
> Thanks everybody
>
> [The problem resolved]
> After adding following lines to /etc/security/limits.conf
> root soft nofile 60000
> root hard nofile 60000
>
> but I am eager to know the rationale behind it, cuz squid runs as user
> "proxy" not "root"
>
>
> -----Original Message-----
> From: Eliezer Croitoru [mailto:eliezer_at_ngtech.co.il]
> Sent: Tuesday, September 10, 2013 9:10 PM
> To: squid-users_at_squid-cache.org
> Subject: Re: [squid-users] 100% CPU Load problem with squid 3.3.8
>
> It seems like an endless loop that causes this effect..
> I dont think it's related in any way to squid directly but more to the
> setup..
>
> If we can make a real order and debug the problem I will be happy to try to
> assist you.
>
> please share your iptables, route, ulimit -sA, ulimit -hA and any other
> information you do think is right for the cause and the solution.
>
> if you can share the uname -a output and "cat /proc/cpuinfo|grep model"
> also "free -m", "vmstat", the next script:
> PID=`ps aux |grep squid-1|grep -v grep|awk '{print $2}'`;ls /proc/$PID/fd/
> |wc
>
> which should show how many FD are being used by the first squid process.
> let's try out best and see what is the result..
>
> we will might fine the reason on the first or second try.
>
> Eliezer
> On 09/10/2013 11:34 AM, Mohsen Dehghani wrote:
>> I have compiled and installed squid 3.3.8.
>> I have about 160Mbps bandwidth and about 18000 http request per minute.
>> The problem is that as soon as I redirect traffic to squid, its cpu
>> usage reaches 100% and it hangs and even "squidclient" will not work.
>>
>> What is weird is that when I remove traffic from squid, CPU usage does
>> not go down immediately, but with a delay of about 2 or 3 minutes!
>> While in version 3.1.19(which previously I was using), as soon as I
>> remove traffic from squid, its cpu usage goes down. By the way in
>> 3.1.19, CPU usage never exceeded 30%.
>>
>> When I debug , I see some lines saying: WARNING! Your cache is running
>> out of filedescriptors
>>
>> I don't know this is the cause or not. But I've already compiled squid
>> with
>> 65536 filedescriptors
>>
>> I have disabled disk swap for testing, but the problem yet exists.
>>
>> Any help is appreciated
>>
>> I have attached my compile options and config
>>
>> _______________________________________
>>
>> #squid -v
>> Squid Cache: Version 3.3.8
>> configure options: '--prefix=/usr/local/squid' '--build=x86_64-linux-gnu'
>> '--enable-storeio=ufs,aufs,diskd' '--enable-follow-x-forwarded-for'
>> '--with-filedescriptors=65536' '--with-large-files'
>> '--with-default-user=proxy' '--enable-linux-netfilter'
>> 'build_alias=x86_64-linux-gnu' --enable-ltdl-convenience
>>
>>
>> ###config:####
>> acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
>> acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
>> acl SSL_ports port 443
>> acl Safe_ports port 80 # http
>> acl Safe_ports port 21 # ftp
>> acl Safe_ports port 443 # https
>> acl Safe_ports port 70 # gopher
>> acl Safe_ports port 210 # wais
>> acl Safe_ports port 1025-65535 # unregistered ports
>> acl Safe_ports port 280 # http-mgmt
>> acl Safe_ports port 488 # gss-http
>> acl Safe_ports port 591 # filemaker
>> acl Safe_ports port 777 # multiling http
>> acl CONNECT method CONNECT
>>
>> shutdown_lifetime 3 second
>> wccp2_router 172.22.122.254
>> wccp_version 2
>> wccp2_rebuild_wait on
>> wccp2_forwarding_method 2
>> wccp2_return_method 2
>> wccp2_assignment_method 2
>> # wccp2_service standard 0
>> wccp2_service dynamic 80
>> wccp2_service dynamic 90
>> wccp2_service_info 80 protocol=tcp flags=src_ip_hash priority=240
>> ports=80 wccp2_service_info 90 protocol=tcp
>> flags=dst_ip_hash,ports_source
>> priority=240 ports=80
>>
>> http_port 3129 tproxy
>> qos_flows local-hit=0x18
>> cache_mem 2000 MB
>> maximum_object_size_in_memory 10 MB
>>
>> access_log none
>>
>> snmp_port 3401
>> acl snmppublic snmp_community golabi
>> snmp_access allow snmppublic trusted
>> http_access deny !Safe_ports
>>
>> http_access deny CONNECT !SSL_ports
>>
>> http_access allow localhost manager
>> http_access deny manager
>> http_access allow localnet
>> http_access allow localhost
>>
>> http_access deny all
>>
>> http_port 3128
>>
>> coredump_dir /usr/local/squid/var/cache/squid
>> refresh_pattern ^ftp: 1440 20% 10080
>> refresh_pattern ^gopher: 1440 0% 1440
>> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
>> refresh_pattern . 0 20% 4320
>>
>>
>
>
Received on Wed Sep 11 2013 - 09:25:56 MDT