Squid優化完全手冊(1)

火星人 @ 2014-03-09 , reply:0


一、 概述
squid是一款優秀的open source的代理伺服器軟體,可以運行於多種系統平台上,但是同其他商業化的產品相比,其缺點也是很明顯的,那就是它的命中率和效率相對低下.

本文主要討論在不改變硬體條件之下,通過以下手段對squid進行性能優化:

1. 編譯一個高效的、精簡的新內核;
2. 對Cache分區採用reiserfs日誌文件系統;
3. 重新編譯squid;
4. 優化squid配置;

對於優化的效果,我使用大名鼎鼎的cacheflow公司的測試工具——cfmc進行測試比較:

首先用cfmc自帶的一個腳本,從squid.conf的access.log中抽出RUL,然後以這些RUL為依據進行測試.

伺服器配置:
型號:HP LH3
CPU:PII450
內存:256MB 100MHz ECC SDRAM DIMM
硬碟:9.1GB Hot-Swap Ultra2 Hard Disk
網卡:Ethernet Express PRO 100 10/100M X 2
操作系統:RedHat 7.1

優化前測試結果:
Iteration 0: Cumulative statistics; 933 seconds elapsed
Total objects: 72599, total object size: 513211102 bytes
Average object size: 7069 bytes
Average object response time: 2707 milliseconds
Objects per second: 77.81
Bytes per second: 550065, min: 550065, max: 879873
URLs discarded due to socket or connection failures: 6955
Redirections: 1017, Cookied objects: 1036
Pragma no-cache objects: 1656, Non-200 HTTP response codes: 2505

優化后測試結果:
Iteration 0: Cumulative statistics; 688 seconds elapsed
Total objects: 72599, total object size: 403833100 bytes
Average object size: 5562 bytes
Average object response time: 1890 milliseconds
Objects per second: 105.52
Bytes per second: 586966, min: 586966, max: 995582
URLs discarded due to socket or connection failures: 16372
Redirections: 1658, Cookied objects: 1000
Pragma no-cache objects: 1454, Non-200 HTTP response codes: 3132

通過對以上測試結果的比較,我們可以看出:


優化后的Objects per second增加了35.6%,Average object response time減少了43.2%,對整體性能的提升還是比較明顯的.

二、 編譯新內核
我們採取這樣的方式來編譯內核:取消內核的模塊支持,將伺服器所有的硬體驅動編譯到內核中,此外還要注意將對reiserfs文件系統的支持也編譯到內核中,從而在提供系統性能的同時增加系統安全性.在2.4.10以上的版本中,已經內置了對reiserfs文件系統的支持.

首先從http://www.kernel.org/pub/linux/kernel/v2.4/下載linux-2.4.12.tar.gz,這是當前最新的內核.
然後解開內核文件:
tar xvzf linux-2.4.12.tar.gz
進入新生成的目錄並執行:
cd linux
make mrproper
make config

根據我的伺服器的配置,我選擇這樣編譯內核:

* Code maturity level options
Prompt for development and/or incomplete code/drivers (CONFIG_EXPERIMENTAL) [Y/n/?]
* Loadable module support
Enable loadable module support (CONFIG_MODULES) [N/y/?]
* Processor type and features
Processor family (386, 486, 586/K5/5x86/6x86/6x86MX, Pentium-Classic, Pentium-MM
X, Pentium-Pro/Celeron/Pentium-II, Pentium-III/Celeron(Coppermine), Pentium-4, K
6/K6-II/K6-III, Athlon/Duron/K7, Crusoe, Winchip-C6, Winchip-2, Winchip-2A/Winch
ip-3, CyrixIII/C3) [Pentium-Pro/Celeron/Pentium-II]
* General setup
Networking support (CONFIG_NET) [Y/n/?]
PCI support (CONFIG_PCI) [Y/n/?]
PCI access mode (BIOS, Direct, Any) [Any]
defined CONFIG_PCI_GOANY
PCI device name database (CONFIG_PCI_NAMES) [Y/n/?]
System V IPC (CONFIG_SYSVIPC) [Y/n/?]
Sysctl support (CONFIG_SYSCTL) [Y/n/?]
Kernel core (/proc/kcore) format (ELF, A.OUT) [ELF]
defined CONFIG_KCORE_ELF
* Plug and Play configuration
Plug and Play support (CONFIG_PNP) [Y/n/?]
* Block devices
Normal PC floppy disk support (CONFIG_BLK_DEV_FD) [Y/n/?]


* Networking options
Kernel/User netlink socket (CONFIG_NETLINK) [Y/n/?]
Routing messages (CONFIG_RTNETLINK) [Y/n/?]
Network packet filtering (replaces ipchains) (CONFIG_NETFILTER) [Y/n/?]
Unix domain sockets (CONFIG_UNIX) [Y/n/?]
TCP/IP networking (CONFIG_INET) [Y/n/?]
IP: advanced router (CONFIG_IP_ADVANCED_ROUTER) [Y/n/?]
IP: policy routing (CONFIG_IP_MULTIPLE_TABLES) [Y/n/?]
IP: use netfilter MARK value as routing key (CONFIG_IP_ROUTE_FWMARK) [Y/n/?]
IP: fast network address translation (CONFIG_IP_ROUTE_NAT) [Y/n/?]
IP: equal cost multipath (CONFIG_IP_ROUTE_MULTIPATH) [Y/n/?]
* IP: Netfilter Configuration
Connection tracking (required for masq/NAT) (CONFIG_IP_NF_CONNTRACK) [Y/n/?]
FTP protocol support (CONFIG_IP_NF_FTP) [Y/n/?]
IP tables support (required for filtering/masq/NAT) (CONFIG_IP_NF_IPTABLES) [Y/n/?]
limit match support (CONFIG_IP_NF_MATCH_LIMIT) [Y/n/?]
Multiple port match support (CONFIG_IP_NF_MATCH_MULTIPORT) [Y/n/?]
Connection state match support (CONFIG_IP_NF_MATCH_STATE) [Y/n/?]
Packet filtering (CONFIG_IP_NF_FILTER) [Y/n/?]
Full NAT (CONFIG_IP_NF_NAT) [Y/n/?]
REDIRECT target support (CONFIG_IP_NF_TARGET_REDIRECT) [Y/n/?]
LOG target support (CONFIG_IP_NF_TARGET_LOG) [Y/n/?]
ATA/IDE/MFM/RLL support (CONFIG_IDE) [Y/n/?]
* IDE, ATA and ATAPI Block devices
Enhanced IDE/MFM/RLL disk/cdrom/tape/floppy support (CONFIG_BLK_DEV_IDE) [Y/n/?]
Include IDE/ATA-2 DISK support (CONFIG_BLK_DEV_IDEDISK) [Y/n/?]
Use multi-mode by default (CONFIG_IDEDISK_MULTI_MODE) [Y/n/?]
Include IDE/ATAPI CDROM support (CONFIG_BLK_DEV_IDECD) [Y/n/?]
* SCSI support
SCSI support (CONFIG_SCSI) [Y/n/?]
* SCSI support type (disk, tape, CD-ROM)
SCSI disk support (CONFIG_BLK_DEV_SD) [Y/n/?]
Maximum number of SCSI disks that can be loaded as modules (CONFIG_SD_EXTRA_DEVS) [8]
* Some SCSI devices (e.g. CD jukebox) support multiple LUNs
Enable extra checks in new queueing code (CONFIG_SCSI_DEBUG_QUEUES) [Y/n/?]


* SCSI low-level drivers
AMI MegaRAID support (CONFIG_SCSI_MEGARAID) [Y/n/?]
SYM53C8XX SCSI support (CONFIG_SCSI_SYM53C8XX) [Y/n/?]
default tagged command queue depth (CONFIG_SCSI_NCR53C8XX_DEFAULT_TAGS) [4]
maximum number of queued commands (CONFIG_SCSI_NCR53C8XX_MAX_TAGS) [32]
synchronous transfers frequency in MHz (CONFIG_SCSI_NCR53C8XX_SYNC) [80]
* Network device support
Network device support (CONFIG_NETDEVICES) [Y/n/?]
* Ethernet (10 or 100Mbit)
Ethernet (10 or 100Mbit) (CONFIG_NET_ETHERNET) [Y/n/?]
EISA, VLB, PCI and on board controllers (CONFIG_NET_PCI) [Y/n/?]
EtherExpressPro/100 support (CONFIG_EEPRO100) [Y/n/?]
* Input core support
Input core support (CONFIG_INPUT) [Y/n/?]
Keyboard support (CONFIG_INPUT_KEYBDEV) [Y/n/?]
* Character devices
Virtual terminal (CONFIG_VT) [Y/n/?]
Support for console on virtual terminal (CONFIG_VT_CONSOLE) [Y/n/?]
Standard/generic (8250/16550 and compatible UARTs) serial support (CONFIG_SERIAL) [Y/n/?]
Unix98 PTY support (CONFIG_UNIX98_PTYS) [Y/n/?]
Maximum number of Unix98 PTYs in use (0-2048) (CONFIG_UNIX98_PTY_COUNT) [8]
* File systems
Reiserfs support (CONFIG_REISERFS_FS) [Y/n/?]
ISO 9660 CDROM file system support (CONFIG_ISO9660_FS) [Y/n/?]
/proc file system support (CONFIG_PROC_FS) [Y/n/?]
/dev/pts file system for Unix98 PTYs (CONFIG_DEVPTS_FS) [Y/n/?]
* Console drivers
VGA text console (CONFIG_VGA_CONSOLE) [Y/n/?]

這裡需要說明的是:如果要使用透明代理模式,要仔細選擇Netfilter,我們還得用iptables來重定向tcp包,以滿足透明代理的要求.
假如您的伺服器配置與我的不同,只需要更改相應的硬體配置參數即可,比如CPU類型、網卡、SCSI硬碟等.

接著:
make bzImage

完成後,將 arch/i386/boot/目錄下的新內核bzImage拷貝到/boot/目錄下,並更名為opt:
cp arch/i386/boot/bzImage /boot/
mv /boot/bzImage /boot/opt



然後編輯lilo.conf如下所示:
boot=/dev/sda
map=/boot/map
install=/boot/boot.b
prompt
timeout=50
message=/boot/message
default=opt

image=/boot/vmlinuz-2.4.2-2
label=linux
initrd=/boot/initrd-2.4.2-2.img
read-only
root=/dev/sda1

image=/boot/opt
label=opt
read-only
root=/dev/sda1

執行:
# lilo
Added linux
Added opt *

好了,這樣我們就可以用新內核啟動了,您可以發現,這樣自己編譯的內核要小的多,也快得多.


責任編輯:bye2000




[火星人 via ] Squid優化完全手冊(1)已經有88次圍觀

http://www.coctec.com/docs/linux/show-post-57754.html