[squid-users] Squid latency at ApacheCon 2014 in comparison between Squid, NGINX, Apache Traffic Server, Varnish and Apache

Eliezer Croitoru eliezer at ngtech.co.il
Tue Feb 17 23:22:59 UTC 2015 

Hey Anna,

Thanks for the links and the detailed comments and thoughts.
In most cases I am not a friend of countering others if not really needed.
I have yet to implement VARNISH or ATS in production and the blame for 
this is strictly on me since I am a bit spoiled and a learning curve is 
not always what I seek.
I have been told more then once or twice in my past to "google" things 
which I see as a very bad habit.
Not everyone can use google to understand or learn things and a simple 
example might be a Doctor of Medicine.

Squid or any other proxy system operation requires more then some might 
have and it is the same to about writing and running a performance test.

Any of the pieces of software you have mentioned are very complex to 
understand and operate.
I assume that if someone would be willing to write a performance tests 
and comparison he would need more then basic knowledge of 
IP,HTTP,Programming, Math and many other CS related subjects and last 
but not least a bit humility.

I am unsure about me meeting the profile which allows me to say this or 
that about Mr. Call's work.

And still what I can bring to the desk is that every setup is different 
in too much levels.
Before deciding that squid CPU usage might be an issue we can make sure 
that we are looking for a tool which will provide a stable service.
I can take out of this picture a DDOS "ready" system.
There is no such thing as a bullet proof system what so ever.

Squid strives to cache any of the cachable GET requests considering the 
server side in the picture while allowing stable operations for a well 
respected period of time.
I have implemented couple times a webserver based NGINX and I have 
discovered that a human wrote this software and not god and which I 
respect very well and uses for very specific tasks.
However squid won in many cases due to it's reliability and user\admin 
friendliness.

Varnish is a very good product that can beat squid in many ways.. and If 
I had time to learn it a bit more.. I would might do that.

With all the above in mind I learned to believe that squid works very good.
Yes indeed in cases which you would run it ontop a 8 cores machine(not 
HyperThreaded) with 0 disk cache or local logging you can see that 1 
worker\process can take some load but as you rise the workers size to 6 
you will start to see miracles.
Ho and yea, squid uses md5 each time a request flows in so it takes 
CPU... also it runs a lookup for this MD5 hash.. takes CPU.

Like I would say just anyone that wants to implement a squid solution do 
first:
Run a dumb test of squid with enough workers to take the load and not 
crack( 1k per sec per worker is fine.).
Use only the default cahce ram size and default rules with no cache_dirs.
Measure the server load using the cachemgr interface.
After you got the basic load of the system tune the workers to match a 
higher load but not too high.
In this state of squid with multiple workers and RAM ONLY(defaults) 
caching you throw in the needed settings for the cache_peers.

Be aware that you might see some high CPU usage in a DDOS alert status 
and maybe even on normal operations.

Now the main issue is: How it works now with little ram and no disk 
cache at all.

I have proved in the past that for a specific client of mine nginx was a 
very bad choice while squid out of the box with a bit of tuning(max 
object size and 4 workers) gave a piece of mind to his website.

So first test then tune and only then get a conclusion that meets your 
environment.

* They are all good!! "SQUID,ATS,NGINX,VARNISH"


And Anna if you have some specific performance issues with nginx and 
considering the options feel free to contact me off-list aobut it.

All The Bests,
Eliezer

On 17/02/2015 16:58, Anna Jonna Armannsdottir wrote:
> I spent the last weeks searching but I have not found anything that
> seems to counter Mr. Call's claim. On behalf of the Squid developers and
> users, I would be wery grateful if anybody could show or demonstrate the
> contrary. Preferably with configuration.
>
> About me:
> I have been a Squid proxy admin for almost 10 years now, and also
> administrating web cluster solutions for a small university. I am
> already deploying VRRP with NGINX as a load-balancer, but me and my
> coworkers are not satisfied with its performance.
>
> Best regards,
> -- Anna Jonna Armannsdottir <annaj at hi.is> University of Iceland
> Computing Services

More information about the squid-users mailing list