Need your input: squid proxy high availability

[ianw1974]

I believe shortly, I'll be looking to build a squid proxy server. This isn't new to me as such, since I've done this already.

 

My main issue is that I have to provide high availability, but also, needs to be fast at the same time. So here are my thoughts. I'd be happy if you could let me know what you think, or suggest something if you like too :P

 

It's supposed to run for 5000 users. My main problems are memory and i/o requests, so have to try and spread the load. Of course, I can do this with squid by building a hierachy of parent/child servers. This would help to alleviate this problem. The server I'm thinking of will be a P4 2.8GHz or something similar. Processor doesn't seem to be too important, only at startup to read the cache. At least 2GB of ram, unless it should be more. SCSI architecture, because I need the disks to be as fast as possible, and SATA wouldn't cut it compared to SCSI. I'm thinking of 2 x 72GB drives for this. Mirroring or Raid5 would slow the system down, so was opting for Raid0 as I've read this is supposed to be very fast too, so would look like 1 x 144GB instead of 2 x 72GB. I read someone was using a 36GB cache for 3000 users, so maybe 100GB would be enough to cover the users, and leave enough free space to ensure the system doesn't crash.

 

My next problem was that if I just have a standard squid hierachy with a parent and child server, if one of them died, then I would need to change the browsers to another IP. This was when I thought of using a cluster with virtual IP. That way, the two servers could be a part of a cluster, one configured as parent and one as child. The cluster would sort the single IP, and squid would then allocate to parent/child based on the load of either server. If one server should fail for some hardware reason, the other server would still be working and hopefully still provide access to the cache.

 

I have to test what happens if the parent dies, to see if the cache will still work with the child only, so if anyone knows about this, that would be great also.

 

Look forward to your input :)

[paul]

i'd go for the cluster idea.

 

I'm in the (long term) process of doing this with apache

http://www.ultramonkey.org/

seem like the easy answer.

[ianw1974]

Since the problem of squid in hierachy mode I had another idea, which might be better.

 

Cluster of two servers running two squid instances as two separate squid servers rather than combined parent/child. Then using Linux Virtual Server to provide the load-balancing between the two servers.

 

The LVS would sit between the clients and the proxy servers, thus sorting out my problem with making sure of continued availability of the proxy servers should one fail. Of course, the LVS could fail, so still got a slight problem, but I'm not going to go overboard on the HA thing. There's always a place to stop, else it just gets too complicated and expensive :P

 

This solves my problem of the parent/child aspect, that I had in my first post I think. I'm not worried about the LVS too much, so hope this is stable enough :P and the LVS will load balance for the two squid servers, meaning my squid config is nice and simple.