Squids
From Wikitech
(Difference between revisions)
m (current squids) |
(→French squids: documentation of installation) |
||
| Line 29: | Line 29: | ||
==French squids== | ==French squids== | ||
| − | * 3 600MHz Celeron 1U machines with 20GB HDD and 128MB RAM (''now upgraded to 640MB'') - HP Web Hosting Server Appliance sa1100 - specs: [http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentGroup=NT_CT_Specifications&locale=en_US&docIndexId=178991&taskId=101&prodTypeId=15351&prodSeriesId=62929] | + | * Hardware |
| − | * 2 serial ports, 2 NICs, no graphics card | + | ** 3 600MHz Celeron 1U machines with 20GB HDD and 128MB RAM (''now upgraded to 640MB'') - HP Web Hosting Server Appliance sa1100 - specs: [http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp?contentGroup=NT_CT_Specifications&locale=en_US&docIndexId=178991&taskId=101&prodTypeId=15351&prodSeriesId=62929] |
| − | * Debian | + | ** 2 serial ports, 2 NICs, no graphics card |
| − | * names are ''chloe'', ''bleuenn'', and ''ennael'' | + | ** Debian |
| − | * | + | * Network connectivity |
| − | * serial cables | + | ** Dexlan 5-port switch (port 1=uplink, ports 2-4=squids, port 5=free); all cables straight; |
| − | * | + | ** names are ''chloe'' (212.85.150.132), ''bleuenn'' (212.85.150.133), and ''ennael'' (212.85.150.131); |
| + | ** addresses 212.85.150.130 and 212.85.150.134 may also be used to connect other machines (laptop for maintenance...); | ||
| + | * null-modem serial cables run from ttyS1 on one machine to ttyS0 on another; getty running on ttyS0 on each machine, to allow communication using minicom; order (caller to listener) is chloe → ennael → bleuenn → chloe; | ||
| + | * rack space provided by [http://www.lost-oasis.fr/ Lost Oasis] inside the [http://www.telecity.fr/france.htm Telecity colocation] in [[:en:Aubervilliers|Aubervilliers]] near the northern city limits of [[:en:Paris|Paris]]. | ||
| + | * Contact: [[:en:User:Med|Med]] | ||
== New squid setup == | == New squid setup == | ||
Revision as of 22:29, 18 December 2004
Contents |
- Current squid machines: browne, maurus, rabanus, will
- to add new IPs for squid:
- add the IPs in /var/named/master/wikipedia.zone in the obvious places (on zwinger)
- make sure to update the serial number in the zone file!
- run rndc reload to make it update - no need to restart named
- some useful commands:
- dig ANY en.wikipedia.org @zwinger.wikipedia.org
- dig +short ANY en.wikipedia.org
IPs of virtual ethernet interfaces
- to find out the IPs, run host en.wikipedia.org and host cache.wikimedia.org
- Used to be assigned at boot time, but this can lead to problems with duplicated IP addresses.
- According to damyta, should use 255.255.255.255 for netmask for the IPs of virtual eth interfaces - otherwise there can be routing confusion.
- We've been using this configuration for months now and it works fine. -- Jeronim 10:41, 19 Sep 2004 (UTC)
-
You must ping through the switch via a virtual interface which you have just brought up (using ping -I), to update the switch's idea of who has what IP. When pinging with -I207.142.131.248 or similar, use suda as the ping target; pinging the broadcast address does not always work.- Can use script takeip in /home/wikipedia/bin to take over an IP if a squid goes down.
- To take down a virtual eth interface, /sbin/ifconfig eth0:n down
- TODO: set up heartbeat for automatic IP takeover.
Things to check when it goes crazy
- check to see if access.log (probably in /var/log/squid) has reached 2GB in size. If it has, logrotate it or at least rename it.
Logs
Currently on yongle in /var/backup/archiv, and/or on zwinger in /home/wikipedia/logs/archiv/
French squids
- Hardware
- 3 600MHz Celeron 1U machines with 20GB HDD and 128MB RAM (now upgraded to 640MB) - HP Web Hosting Server Appliance sa1100 - specs: [1]
- 2 serial ports, 2 NICs, no graphics card
- Debian
- Network connectivity
- Dexlan 5-port switch (port 1=uplink, ports 2-4=squids, port 5=free); all cables straight;
- names are chloe (212.85.150.132), bleuenn (212.85.150.133), and ennael (212.85.150.131);
- addresses 212.85.150.130 and 212.85.150.134 may also be used to connect other machines (laptop for maintenance...);
- null-modem serial cables run from ttyS1 on one machine to ttyS0 on another; getty running on ttyS0 on each machine, to allow communication using minicom; order (caller to listener) is chloe → ennael → bleuenn → chloe;
- rack space provided by Lost Oasis inside the Telecity colocation in Aubervilliers near the northern city limits of Paris.
- Contact: Med
New squid setup
#!/bin/sh echo 'getting squid from browne' scp -r root@browne.wikimedia.org:/usr/local/squid /usr/local echo 'getting config' scp -r root@zwinger.wikimedia.org:/home/gwicke/squid/newsquid.conf /usr/local/squid/etc/squid.conf echo 'create a shortcut to /usr/local/bin/squid' ln -s /usr/local/squid/bin/RunCache /usr/local/bin/squid #squid user/group is already existing on all servers #echo 'setting up the squid user' #adduser --system --no-create-home --disabled-login squid #echo 'setting up the squid group' #addgroup --system --no-create-home squid echo 'creating /var/spool/squid and /var/log/squid' mkdir /var/spool/squid chown -R squid:squid /var/spool/squid mkdir /var/log/squid chown -R squid:squid /var/log/squid mkdir /var/log/squid/outgoing chown -R squid:squid /var/log/squid/outgoing echo 'edit the configuration' vim /usr/local/squid/etc/squid.conf echo 'initializing cache dirs' /usr/local/squid/sbin/squid -z echo 'getting log rotation scripts' scp root@zwinger.wikimedia.org:/home/gwicke/squid/crontab /root scp root@browne.wikimedia.org:/usr/local/bin/preplogs_for_move /usr/local/bin/preplogs_for_move scp root@browne.wikimedia.org:/etc/logrotate.d/squid /etc/logrotate.d/squid # don't overwrite root's crontab, as there maybe something important in there # crontab -u root /root/crontab
- log transfer from /var/log/squid/outgoing/* to /home/wikipedia/logs/incoming/{hostname}/
to investigate
- Selectively remove Squid-2 cache contents: http://www.wa.apana.org.au/~dean/squidpurge/
