Linux
설치
- 설치해야 할 패키지:
- openssl : yum -y install openssl
- openssl-dev (or libssl-dev)
- gcc
- make
- perl
- vim (다른 편집기도 사용 가능)
- squid 3.0(http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE19.tar.gz) 압축 풀기
wget http://www.squid-cache.org/Versions/v3/3.0/squid-3.0.STABLE19.tar.gz
tar zxvf squid-3.0.STABLE19.tar.gz -
cd squid-3.0.STABLE19 64비트 OS :export CFLAGS="-O2 -pipe -m64 -march=core2 -fomit-frame-pointer -s"32비트 OS : export CFLAGS="-O2 -pipe -m32 -fomit-frame-pointer -s"64비트 OS :32비트 OS :export CXXFLAGS="-O2 -pipe -m32 -fomit-frame-pointer -s"64비트 OS :export LDFLAGS="-m64 -s -Wl,-O1"32비트 OS :export LDFLAGS="-m32 -s -Wl,-O1"-
./configure -prefix=/usr/local/squid --with-pthreads --enable-storeio=ufs,aufs --enable-removal-policies=lru,heap --enable-ssl --with-large-files -
make 실행warning 등으로 인한 실패시make SQUID_CFLAGS=-O2 SQUID_CXXFLAGS=-O2 AM_CFLAGS=O2 AM_CXXFLAGS=-O2 - 루트(root) 사용자 권한으로 실행 :
make install
- /usr/local/squid 쓰기 가능한지 체크
구성
- /usr/local/squid/etc/squid.conf 파일 내용 아래와 같이 대체
(참조 : http://www.squid-cache.org/Versions/v3/3.0/cfgman/)
- Replace all references of <jazz.server.host.address> with the hostname of the server you wish to proxy.
- Replace all references of <jazz.server.host.port> with the port name that your jazz server listens upon.
- Replace all references of <proxy.host.address> with the hostname of your proxy machine.
- Replace all references of <proxy.port> with the port of your proxy machine.
- Replace all references of <memory.cache> with the amount of RAM
that you want to allocate to squid's caching. This must be less than the
available memory on the machine.
- Replace all references of <disk.cache.size> in MBytes with the amount of diskspace you want ot allocate to squid. This must be less than the available disk space in "/usr/local/squid/var/cache".
- server.pem과 privkey.pem 파일을 /usr/local/squid/etc 아래로 복사
- 인증서 만들기
- openssl req -new -keyform PEM -x509 -out server.pem
- openssl rsa -in privkey.pem -out privkey.pem.new
- cp privkey.pem.new privkey.pem
- cp server.pem /usr/local/squid/etc/
- cp privkey.pem /usr/local/squid/etc/
cd /usr/local/squid/sbin- 캐시 디렉토리(/usr/local/squid/var/cache) 구조화/초기화 실행 :
./squid -z -
프락시서버 데몬 실헹 : ./squid
cache_store_log none
cache_peer <jazz.server.host.address> parent <jazz.server.host.port> 0 no-query originserver name=httpsAccel ssl
(앞줄 계속) login=PROXYPASS sslflags=DONT_VERIFY_PEER
cache_peer_access httpsAccel allow all
coredump_dir /usr/local/squid/var/cache
http_access allow all
https_port <proxy.port> cert=/usr/local/squid/etc/server.pem accel key=/usr/local/squid/etc/privkey.pem vhost
refresh_pattern . 0 20% 4320
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_dir aufs /usr/local/squid/var/cache <disk.cache.size> 256 256
cache_mem <memory.cache> MB
cachemgr_passwd disable all
maximum_object_size 1048576 KB
maximum_object_size_in_memory 16384 KB
buffered_logs on
visible_hostname <proxy.host.address>
<예>
cache_store_log none
cache_peer x.x.x.x parent 9443 0 no-query originserver name=httpsAccel ssl login=PROXYPASS sslflags=DONT_VERIFY_PEER
cache_peer_access httpsAccel allow all
coredump_dir /usr/local/squid/var/cache
http_access allow all
https_port 9443 cert=/usr/local/squid/etc/server.pem accel key=/usr/local/squid/etc/privkey.pem vhost
refresh_pattern . 0 20% 4320
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_dir aufs /home/SquidCache 131072 256 256
cache_swap_low 70
cache_swap_high 97
cache_mem 4096 MB
cachemgr_passwd disable all
maximum_object_size 1048576 KB
maximum_object_size_in_memory 16384 KB
buffered_logs on
visible_hostname x.x.x.x
If things are not working properly, check the var/logs/cache.log for errors
you will see TCP_HIT and TCP_MISS logging in the access.log which will indicate whether or not the cache is being hit
![[레벨:9]](http://jazzlab.net/jazz/modules/point/icons/default/9.gif "포인트:8442point (67%), 레벨:9/30"){kind=icon}
풍차캐시 파일 헤더 정보 예
/tent/com.ibm.team.filesystem/FileItem/_6M0l8L-TEd6JcY1jAFpNtg/_i80CZr-eEd69xa1g3HWcug/YcVfeELBBPGO8IGd5etTAWNShNhHZA_KqKxI40
4N-UQ
Server: Apache-Coyote/1.1
Cache-Control: public, s-maxage=31104000
Expires: Thu, 28 Oct 2010 02:34:51 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
ETag: "immutable"
Content-Type: application/octet-stream
Content-Length: 8089
Date: Mon, 02 Nov 2009 02:34:51 GMT
Connection: close
풍차프락시 캐시 서버 16GB/8GB
cache_replacement_policy heap GDSF
memory_replacement_policy heap GDSF
cache_dir aufs /usr/local/squid/var/cache 102400 256 256
cache_mem 12288 MB (8GB인 경우 6144 MB)
cache_store_log none
cache_peer xxx.xxx.xxx.xxx parent 9443 0 no-query originserver name=httpsAccel ssl login=PROXYPASS sslflags=DONT_VERIFY_PEER
cache_peer_access httpsAccel allow all
coredump_dir /usr/local/squid/var/cache
http_access allow all
https_port 9443 cert=/usr/local/squid/etc/server.pem accel key=/usr/local/squid/etc/privkey.pem vhost
refresh_pattern . 0 20% 4320
cachemgr_passwd disable all
maximum_object_size 1024 MB
maximum_object_size_in_memory 16 MB
buffered_logs on
visible_hostname xxx.xxx.xxx.xxx
cache_swap_low 90
cache_swap_high 95
풍차SQUID 쓰레드 수
[root@localhost etc]# ps -eLf | grep squid
root 12203 1 12203 0 1 Nov12 ? 00:00:00 ./squid
nobody 12205 12203 12205 0 17 Nov12 ? 02:34:33 (squid)
nobody 12205 12203 12211 0 17 Nov12 ? 00:00:29 (squid)
nobody 12205 12203 12212 0 17 Nov12 ? 00:00:29 (squid)
nobody 12205 12203 12213 0 17 Nov12 ? 00:00:28 (squid)
nobody 12205 12203 12214 0 17 Nov12 ? 00:00:28 (squid)
nobody 12205 12203 12215 0 17 Nov12 ? 00:00:28 (squid)
nobody 12205 12203 12216 0 17 Nov12 ? 00:00:28 (squid)
nobody 12205 12203 12217 0 17 Nov12 ? 00:00:29 (squid)
nobody 12205 12203 12218 0 17 Nov12 ? 00:00:28 (squid)
nobody 12205 12203 12219 0 17 Nov12 ? 00:00:29 (squid)
nobody 12205 12203 12220 0 17 Nov12 ? 00:00:28 (squid)
nobody 12205 12203 12221 0 17 Nov12 ? 00:00:29 (squid)
nobody 12205 12203 12222 0 17 Nov12 ? 00:00:28 (squid)
nobody 12205 12203 12223 0 17 Nov12 ? 00:00:28 (squid)
nobody 12205 12203 12224 0 17 Nov12 ? 00:00:28 (squid)
nobody 12205 12203 12225 0 17 Nov12 ? 00:00:28 (squid)
nobody 12205 12203 12226 0 17 Nov12 ? 00:00:28 (squid)
root 28245 28189 28245 0 1 17:41 pts/0 00:00:00 grep squid
풍차Preferred RAID Configuration for Proxy Cache Server
RAID 0 - 가장 속도가 빠르다고... 캐시므로 미러링은 덜 고려한다고...
풍차커맨드 배치 파일
Login.bat
@echo OFF
Set StartTime=%time%
@echo ON
C:\Jazz\scmtools\eclipse\scm.exe login -r https://xxx.xxx.xxx.xxx:9443/jazz -u xxxx -P xxxx -n proxy1 >>login.log
@echo OFF
Set EndTime=%time%
echo %StartTime% >>login.log
echo %EndTime% >>login.log
ListWorkspaces.bat
@echo OFF
Set StartTime=%time%
@echo ON
C:\Jazz\scmtools\eclipse\scm.exe list workspaces -r proxy1 >>listWorkspaces.log
@echo OFF
Set EndTime=%time%
echo %StartTime% >>listWorkspaces.log
echo %EndTime% >>listWorkspaces.log
(1015) "JKLee"
(1016) "build on MAIN Integration Stream"
share.bat
@echo OFF
Set StartTime=%time%
@echo ON
C:\Jazz\scmtools\eclipse\scm.exe share -r proxy1 1015 component-name1 to-be-shared-path1 >>share.log
@echo OFF
Set EndTime=%time%
echo %StartTime% >>share.log
echo %EndTime% >>share.log
LoadWorkspace.bat
@echo OFF
Set StartTime=%time%
@echo ON
C:\Jazz\scmtools\eclipse\scm.exe load -r proxy1 1016 --all >>loadWorkspace.log
@echo OFF
Set EndTime=%time%
echo %StartTime% >>loadWorkspace.log
echo %EndTime% >>loadWorkspace.log
Squid Log Files
http://wiki.squid-cache.org/SquidFaq/SquidLogs
/usr/local/squid/var/logs/cache.log
You need to rotate your log files with a cron job. For example in /etc/crontab:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR
#sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * command to be executed
0 0 * * * /usr/local/squid/sbin/squid -k rotate