[squid-users] Recommended Multi-CPU Configuration

[Amos Jeffries]

On 3/08/2016 4:14 p.m., Michael Pelletier wrote:
> I filter 7 Gbps of Internet with AD integration.
> 
> To do this I have 28 CentOS VMs running in VMWare which are load balanced
> (explicit and implicit traffic) The load balancer is also CentOS ipvs.
> 

There are some 'rule of thumb' details that affect this type of
installation;

 * ensuring that UFS based cache_dir (if any) do not share physical disk
spindles. When using VM and other virtualised layers this can be very
tricky to enforce.
 - if you can enforce is Squid will use that spindle to the hardware limits.
 - if you can't enforce it and any two Squid instances end up sharing
their load capacity more than halves, and the disk lifetime is greatly
reduced as disk I/O contention causes controller issues.

* ensuring that heavily loaded Squid do not share their CPU core with
other services. And core "threads" being (near) useless for Squid itself.
 - VM overheads themselves are to be avoided as much as possible. You
may find the container approach better for Squid performance.

* avoiding NTLM. It doubles the traffic load on the frontend compared to
any other auth type.


With special regards to VMs - some versions of VM tools have been shown
that cloning the VM does something to greatly reduce its I/O capacities.
If you have to use them at all a "clean install" type setup (eg. with
ansible) is better to use than cloning an image. YMMV.

HTH
Amos