[squid-users] Question about shutdown_lifetime behavior.

Amos Jeffries squid3 at treenet.co.nz
Wed May 2 02:06:32 UTC 2018 

On 02/05/18 05:17, Cody Herzog wrote:
> Thanks very much for the quick response, Amos.
> 
>  
> 
> For my use case, I would like Squid to exit when all client connections
> have been closed or when the timeout occurs, whichever comes first.
> 

Then Squids behaviour already matches your requirements. The "or when
timeout occurs" is shutdown_lifetime and you do not have to do anything.

> 
> My instances of Squid may be handling several persistent WebSocket
> connections, and I don't want to disrupt those. I will occasionally need
> to perform maintenance, so I want a safe way to stop Squid without
> disrupting user activity.
> 

Nod. It will also likely be handling CONNECT tunnels for other things.
Be aware that these connections can last indefinitely - some have been
known to last on a timescale of several weeks.

If your maintenance is with squid.conf or things loaded by it use "squid
-k reconfigure" instead of a restart cycle. Squid can reload its config
fine with just a pause for any active clients - your netstat approach
could be useful to pick a time with minimal connections to reload the
config.

> 
> I am using a fairly simple Squid configuration, with no caching, so I
> suspect that I can simply monitor the number of active Squid TCP
> connections using 'netstat', and then execute the second shutdown
> command when I detect that all those connections are closed.
> 

Since WebSockets is part of your situation netstat will almost certainly
not work as well as you suspect. These connections can be very
surprising in their lifetimes.


> 
> I've been using the following command to count the number of active
> Squid TCP connections of port 443, which is the only port I use:
> 
>  
> 
> netstat -nat | grep ".*:443.*:" | grep ESTABLISHED | wc -l
> 
>  
> 
> That seems to give me what I want.
> 

Hmm, you might be able to get more useful info from the Squid
filedescriptors report.
  squidclient mgr:filedescriptors


>  
> 
> Is it possible that bad things could happen by stopping Squid when I see
> that all the TCP connections have closed?

Should not be any bad things if you just use -k shutdown (twice). Squid
will take the time it needs for a clean (but immediate) shutdown so long
as you only do it twice, not more and do not use "kill" command.

Amos

More information about the squid-users mailing list