[squid-users] logfileHandleWrite: daemon:/var/log/squid/access.log: error writing ((32) Broken pipe)

Alex Rousskov rousskov at measurement-factory.com
Tue Sep 6 13:28:39 UTC 2022


On 9/6/22 07:41, roee klinger wrote:

> It is also important to know that I am running multiple Squid instances 
> on the same machine, they are all getting the error at the same time

What external event(s) happen at that time? Something is probably 
sending a signal to the logging daemon process. It would be good to know 
what that something (and that signal) is. Your syslog or cache.log might 
contain more info. Analyzing the timing/schedule of these problems may 
also be helpful in identifying the trigger.


> Is a possible workaround that might be just replacing the line with 
> this? 

 > access_log /var/log/squid/access2.log

As you know, this configuration (in this deprecated spelling or with and 
explicit "stdio:" prefix) will result in Squid workers writing to the 
log file directly instead of asking the logging daemon. This will, 
naturally, get rid of the pipe between workers and their daemons, and 
the associated broken pipe error.

> or will this cause a problem?

Impossible to say for sure without knowing whether your workers benefit 
from the anticipated performance advantages of avoiding blocking file 
I/O _and_ whether those advantages are real (in your environment). Too 
many variables and too many unknowns. I would treat this as an important 
(and potentially disruptive) configuration change and carefully test the 
outcome.


HTH,

Alex.


> INFO -
> Versions:
> 
>     Squid Cache: Version 4.10
>     Ubuntu 20.04.4 LTS
> 
> 
> Example squid.conf:
> 
>     visible_hostname squid2
> 
>     access_log daemon:/var/log/squid/access2.log squid
> 
>     cache_log /var/log/squid/cache2.log
> 
>     pid_filename /var/run/squid2.pid
> 
> 
>     acl localnet src 0.0.0.1-0.255.255.255# RFC 1122 "this" network (LAN)
> 
>     acl localnet src 10.0.0.0/8 <http://10.0.0.0/8> # RFC 1918 local
>     private network (LAN)
> 
>     acl localnet src 100.64.0.0/10 <http://100.64.0.0/10># RFC 6598
>     shared address space (CGN)
> 
>     acl localnet src 169.254.0.0/16 <http://169.254.0.0/16> # RFC 3927
>     link-local (directly plugged) machines
> 
>     acl localnet src 172.16.0.0/12 <http://172.16.0.0/12># RFC 1918
>     local private network (LAN)
> 
>     acl localnet src 192.168.0.0/16 <http://192.168.0.0/16> # RFC 1918
>     local private network (LAN)
> 
>     acl localnet src fc00::/7 # RFC 4193 local private network range
> 
>     acl localnet src fe80::/10# RFC 4291 link-local (directly plugged)
>     machines
> 
>     acl SSL_ports port 443
> 
>     acl Safe_ports port 80# http
> 
>     acl Safe_ports port 21# ftp
> 
>     acl Safe_ports port 443 # https
> 
>     acl Safe_ports port 70# gopher
> 
>     acl Safe_ports port 210 # wais
> 
>     acl Safe_ports port 1025-65535# unregistered ports
> 
>     acl Safe_ports port 280 # http-mgmt
> 
>     acl Safe_ports port 488 # gss-http
> 
>     acl Safe_ports port 591 # filemaker
> 
>     acl Safe_ports port 777 # multiling http
> 
>     acl CONNECT method CONNECT
> 
>     http_access deny !Safe_ports
> 
>     http_access deny CONNECT !SSL_ports
> 
>     http_access allow localhost manager
> 
>     http_access deny manager
> 
>     # include /etc/squid/conf.d/*
> 
>     http_access allow localhost
> 
>     acl aws src *censored*
> 
>     http_access allow aws
> 
>     # http_access deny all
> 
>     tcp_outgoing_address *censored*
> 
>     http_port 10002
> 
>     coredump_dir /var/spool/squid
> 
>     refresh_pattern ^ftp: 144020% 10080
> 
>     refresh_pattern ^gopher:14400%1440
> 
>     refresh_pattern -i (/cgi-bin/|\?) 0 0%0
> 
>     refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 0% 0
>     refresh-ims
> 
>     refresh_pattern \/Release(|\.gpg)$ 0 0% 0 refresh-ims
> 
>     refresh_pattern \/InRelease$ 0 0% 0 refresh-ims
> 
>     refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 0% 0 refresh-ims
> 
>     refresh_pattern . 0 20% 4320
> 
> 
>     shutdown_lifetime 1 seconds
> 
>     logfile_rotate 0
> 
>     max_filedescriptors 16384
> 
>     dns_nameservers 8.8.8.8 8.8.4.4 1.1.1.1
> 
>     cache deny all
> 
>     cache_dir null /tmp
> 
>     via off
> 
>     forwarded_for off
> 
>     request_header_access From deny all
> 
>     request_header_access Server deny all
> 
>     request_header_access WWW-Authenticate deny all
> 
>     request_header_access Link deny all
> 
>     request_header_access Cache-Control deny all
> 
>     request_header_access Proxy-Connection deny all
> 
>     request_header_access X-Cache deny all
> 
>     request_header_access X-Cache-Lookup deny all
> 
>     request_header_access Via deny all
> 
>     request_header_access X-Forwarded-For deny all
> 
>     request_header_access Pragma deny all
> 
>     request_header_access Keep-Alive deny all
> 
>     dns_v4_first on
> 
> 
> Example service file:
> 
>     ## Copyright (C) 1996-2020 The Squid Software Foundation and
>     contributors
> 
>     ##
> 
>     ## Squid software is distributed under GPLv2+ license and includes
> 
>     ## contributions from numerous individuals and organizations.
> 
>     ## Please see the COPYING and CONTRIBUTORS files for details.
> 
>     ##
> 
> 
>     [Unit]
> 
>     Description=Squid Web Proxy Server
> 
>     Documentation=man:squid(8)
> 
>     After=network.target network-online.target nss-lookup.target
> 
> 
>     [Service]
> 
>     Type=forking
> 
>     PIDFile=/var/run/squid2.pid
> 
>     ExecStartPre=/usr/sbin/squid --foreground -z -f /etc/squid/squid2.conf
> 
>     ExecStart=/usr/sbin/squid -sYC -f /etc/squid/squid2.conf
> 
>     ExecReload=/bin/kill -HUP $MAINPID
> 
>     KillMode=mixed
> 
> 
>     [Install]
> 
>     WantedBy=multi-user.target
> 
> 
> 
> Permissions:
> 
>     ➜  ls -alt /etc/squid/
>     total 128
>     drwxr-xr-x   2 root root 4096 Sep  6 11:33 .
>     -rw-r--r--   1 root root 2831 Sep  6 11:33 squid7.conf
>     drwxr-xr-x 116 root root 4096 Sep  6 11:33 ..
>     -rw-r--r--   1 root root 2830 Sep  6 11:33 squid2.conf
>     -rw-r--r--   1 root root 2836 Sep  6 11:33 squid13.conf
>     -rw-r--r--   1 root root 2836 Sep  6 11:32 squid23.conf
>     -rw-r--r--   1 root root 2836 Sep  6 11:32 squid19.conf
>     -rw-r--r--   1 root root 2832 Sep  6 11:32 squid1.conf
>     -rw-r--r--   1 root root 2836 Sep  6 11:32 squid17.conf
>     -rw-r--r--   1 root root 2832 Sep  6 11:31 squid4.conf
>     -rw-r--r--   1 root root 2834 Sep  6 11:31 squid21.conf
>     -rw-r--r--   1 root root 2833 Sep  6 11:31 squid25.conf
>     -rw-r--r--   1 root root 2834 Sep  6 11:31 squid12.conf
>     -rw-r--r--   1 root root 2832 Sep  6 11:31 squid3.conf
>     -rw-r--r--   1 root root 2836 Sep  6 11:30 squid10.conf
>     -rw-r--r--   1 root root 2835 Sep  6 11:30 squid11.conf
>     -rw-r--r--   1 root root 2833 Sep  6 11:30 squid18.conf
>     -rw-r--r--   1 root root 2830 Sep  6 11:30 squid8.conf
>     -rw-r--r--   1 root root 2830 Sep  6 11:30 squid6.conf
>     -rw-r--r--   1 root root 2833 Sep  6 11:30 squid28.conf
>     -rw-r--r--   1 root root 2830 Sep  6 11:25 squid9.conf
>     -rw-r--r--   1 root root 2836 Sep  6 11:25 squid24.conf
>     -rw-r--r--   1 root root 2835 Sep  6 11:25 squid22.conf
>     -rw-r--r--   1 root root 2837 Sep  6 11:25 squid20.conf
>     -rw-r--r--   1 root root 2836 Sep  6 11:25 squid16.conf
>     -rw-r--r--   1 root root 2835 Sep  6 11:25 squid15.conf
>     -rw-r--r--   1 root root 2836 Sep  6 11:25 squid14.conf
>     -rw-r--r--   1 root root 2831 Sep  6 11:25 squid5.conf
>     -rw-r--r--   1 root root 2833 Sep  6 11:25 squid27.conf
>     -rw-r--r--   1 root root 2835 Sep  6 11:25 squid26.conf
>     -rw-r--r--   1 root root 2835 Sep  6 11:25 squid30.conf
>     -rw-r--r--   1 root root 2835 Sep  6 11:25 squid29.conf
> 
> 
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users



More information about the squid-users mailing list