[squid-users] Fwd: Sqid uses all RAM / killed by OOM
Alex Rousskov
rousskov at measurement-factory.com
Mon Jul 25 21:18:17 UTC 2022
On 7/25/22 16:33, ngtech1ltd at gmail.com wrote:
> Ronny was trying to use 5.2 on Ubuntu 22.04 as an upgrade from 20.04.
> The issue was that probably for the same traffic on 20.04 with another version of squid
> it consumed a lot of RAM.
> My first suggestion was to upgrade into latest 5.6 but since 22.04 uses OpenSSL 3.x Squid 5.6
> would not compile on it.
I suspect Squid will compile just fine, just not with the default build
options and/or default OpenSSL install:
* If the default install of OpenSSL on 22.04 still provides deprecated
OpenSSL v1 APIs, then it may be possible to build Squid with that by
telling the compiler not to treat warnings as errors (i.e. remove
-Werror from CXXFLAGS).
* Otherwise, it is not very difficult to install any modern OpenSSL
version from OpenSSL sources and build Squid with that.
> The referenced patch is for OpenSSL 3.x compatibility and not a memory leak.
Thank you for clarifying that. If there is a high quality patch that
adds OpenSSL v3 support to Squid v5, then it is fine to use that patch
as a short-term workaround, of course. I do not have such a patch.
> What I didn't understood is first: how can 4.17 can be compiled on 22.04
I do not know the answer, but perhaps Squid v4.17 does not enable some
of the warnings that v5 does?
> and if it compiles is there still some memory leak?
I doubt OpenSSL upgrade can stop a serious memory leak, but it is not
impossible. Some leak-sensitive code was modified/improved when adding
support to OpenSSL v3.
Alex.
> I believe it's too soon to upgrade into 22.04 and I would suggest to use another OS for now.
> From what I have seen Ubuntu doesn't have more support than other OS for now so..
>
> The only thing I can offer is to use some RPM based OS which can use my packages.
>
> Eliezer
>
> ----
> Eliezer Croitoru
> NgTech, Tech Support
> Mobile: +972-5-28704261
> Email: ngtech1ltd at gmail.com
> Web: https://ngtech.co.il/
> My-Tube: https://tube.ngtech.co.il/
>
> -----Original Message-----
> From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of Alex Rousskov
> Sent: Monday, 25 July 2022 23:05
> To: squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] Fwd: Sqid uses all RAM / killed by OOM
>
> On 7/25/22 01:59, Ronny Preiss wrote:
>
>> Can someone support me regarding my question about compiling squid 5.6
>> on ubuntu 22.04?
>
> There is probably some misunderstanding: You are expecting some kind of
> a patch for Squid v5.6, but I do not know what patch you are talking
> about. I am aware of one important bug fix that was added to Squid v5
> after v5.6 release[1], but that fix is not targeting any memory leaks
> (it may still fix some as a side effect though).
>
> I also do not recall any known memory leaks in v5.6, but perhaps I have
> forgotten something we fixed in master/v6 long time ago -- until [1], it
> was not possible to run v5 in production deployments I dealt with, so I
> can easily forget or miss some old v5 details.
>
> If you believe that your Squid v5.6 is leaking memory, try [1]. If that
> does not help, you may need to create a bug report on Bugzilla and start
> collecting the necessary details to confirm the leak and identify what
> is leaking.
>
> [1] https://github.com/squid-cache/squid/commit/c999621.diff
>
>
> HTH,
>
> Alex.
>
>
>
>> Since my previous attempts also have the "memory leak" on ubuntu 22.04
>> and squid 5.6 problem again.
>>
>> Kind regards Ronny
>>
>> ---------- Forwarded message ---------
>> Von: *Ronny Preiss* <ronny.preiss at gmail.com <mailto:ronny.preiss at gmail.com>>
>> Date: Mo., 11. Juli 2022 um 08:54 Uhr
>> Subject: Sqid uses all RAM / killed by OOM
>> To: <squid-users at lists.squid-cache.org
>> <mailto:squid-users at lists.squid-cache.org>>
>>
>>
>> Hello all,
>>
>> I have the following problem with squid 5.2 on ubuntu 22.04.
>> Squid consumes all ram and the entire SWAP. When swap and ram are
>> completely full, the OOM killer strikes and terminates the process.
>>
>> We use three internal child proxy servers with keepalived and haproxy as
>> load balancers. From our ISP we use a parent upstream proxy for external
>> internet traffic.
>> As an operating system we have so far Ubuntu 20.04.4 with squid 4.1 in
>> use. This constellation works flawlessly.
>>
>> Now I want to update the Server to Ubuntu 22.04 and squid 5.2. But with
>> Ubuntu 22.04 and squid 5.2 the above mentioned problem with the OOM
>> Killer occurs.
>> The new machine has only the OS and squid installed.
>>
>> Who can help me with a solution?
>>
>> With kind regards
>> Ronny
>>
>> Attached the squid configuration and the VMWare specs.
>>
>> ### VM Specs ###
>> OS: Ubuntu 22.04 Server
>> CPU: 4x (Intel(R) Xeon(R) CPU E5-2690 v3 @ 2.60GHz)
>> RAM: 4 GB
>> VMWare: ESXi 7.0 U2
>>
>> ### CONFIG ###
>> acl 10.172.xxx.xxx/18 <http://10.172.128.0/18> src 10.172.xxx.xxx/18
>> <http://10.172.128.0/18>
>> acl 172.16.xxx.xxx/12 <http://172.16.0.0/12> src 172.16.xxx.xxx/12
>> <http://172.16.0.0/12>
>> acl 192.168.xxx.xxx/16 <http://192.168.0.0/16> src 192.168.xxx.xxx/16
>> <http://192.168.0.0/16>
>>
>> acl Safe_ports port 80
>> acl Safe_ports port 21
>> acl Safe_ports port 443
>> acl Safe_ports port 70
>> acl Safe_ports port 210
>> acl Safe_ports port 1025-65535
>> acl Safe_ports port 280
>> acl Safe_ports port 488
>> acl Safe_ports port 591
>> acl Safe_ports port 777
>>
>> http_access allow 10.172.xxx.xxx/18 <http://10.172.128.0/18> Safe_ports
>> http_access allow 172.16.xxx.xxx/12 <http://172.16.0.0/12> Safe_ports
>> http_access allow 192.168.xxx.xxx/16 <http://192.168.0.0/16> Safe_ports
>>
>> http_access allow localhost manager
>> http_access allow localhost
>> http_access deny manager
>> http_access deny all
>>
>> include /etc/squid/conf.d/*
>> http_port 10.172.xxx.xxx:3128 <http://10.172.128.34:3128>
>>
>> cache_peer 10.210.xxx.xxx parent 8080 0
>> cache_dir ufs /var/spool/squid 3000 16 256
>> cache_effective_user proxy
>> cache_effective_group proxy
>>
>> coredump_dir /var/spool/squid
>>
>> refresh_pattern ^ftp: 1440 20% 10080
>> refresh_pattern ^gopher: 1440 0% 1440
>> refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
>> refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
>> refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
>> refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
>> refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
>> refresh_pattern . 0 20% 4320
>>
>> never_direct allow all
>> max_filedescriptors 40960
>> dns_nameservers 10.244.xxx.xxx
>>
>> ### DMESG ###
>>
>> [256929.150801]
>> oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/system.slice/squid.service,task=squid,pid=26390,uid=13
>> [256929.150822] Out of memory: Killed process 26390 (squid)
>> total-vm:9691764kB, anon-rss:3657748kB, file-rss:2320kB, shmem-rss:0kB,
>> UID:13 pgtables:18932kB oom_score_adj:0
>> [256929.510641] oom_reaper: reaped process 26390 (squid), now
>> anon-rss:0kB, file-rss:0kB, shmem-rss:0kB
>>
>>
>>
>> _______________________________________________
>> squid-users mailing list
>> squid-users at lists.squid-cache.org
>> http://lists.squid-cache.org/listinfo/squid-users
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
More information about the squid-users
mailing list