Merge ~athos-ribeiro/ubuntu-docker-images/+git/squid:5.2-22.04-nofile-fix into ~ubuntu-docker-images/ubuntu-docker-images/+git/squid:5.2-22.04

Proposed by Athos Ribeiro
Status: Merged
Merged at revision: 7ecd273915826693aa06073c0ac5a286aa574d10
Proposed branch: ~athos-ribeiro/ubuntu-docker-images/+git/squid:5.2-22.04-nofile-fix
Merge into: ~ubuntu-docker-images/ubuntu-docker-images/+git/squid:5.2-22.04
Diff against target: 13 lines (+2/-0)
1 file modified
Dockerfile (+2/-0)
Reviewer Review Type Date Requested Status
Bryce Harrington Approve
Sergio Durigan Junior Pending
Canonical Server Pending
Review via email: mp+424521@code.launchpad.net

Description of the change

This is a fix for LP: #1978272, as discussed in the bug.

Once this is accepted, I will file a similar MP for the remaining supported branches.

A straightforward verification for this, should look like the following:

In a clean Ubuntu installation, install squid and squidclient. Then, verify the service is up and running with the default configuration.

Then, proceed to check the running instance max file descriptors:

# squidclient mgr:info | grep descriptors
File descriptor usage for squid:
 Maximum number of file descriptors: 1024
 Available number of file descriptors: 1017
 Reserved number of file descriptors: 100

We get 1024. As shown discussed in LP: #1978272, this value is the system-wide systemd default for all services.

Now, when doing the same using the ROCK image, from an Ubuntu host:

# squidclient mgr:info | grep descriptors
File descriptor usage for squid:
 Maximum number of file descriptors: 1048576
 Available number of file descriptors: 1048567
 Reserved number of file descriptors: 100

We now get 1048576, which is real value set for the system, as seen in
$ cat /proc/1/limits | grep 'open files'

Note that this value may vary depending on the distribution you are running.

Finally, applying the proposed patch and verifying the value for the new image, we get:

# squidclient mgr:info | grep descriptors
File descriptor usage for squid:
 Maximum number of file descriptors: 1024
 Available number of file descriptors: 1015
 Reserved number of file descriptors: 100

Which matches the default Ubuntu service behavior.

To post a comment you must log in.
Revision history for this message
Wen-Ding Zeng (wdzeng) wrote (last edit ):

Hi,

I noticed that there is a missing '#' to comment the message in Athos's [fix](https://git.launchpad.net/~athos-ribeiro/ubuntu-docker-images/+git/squid/commit?id=f12bcf7688f3045a04e3439cc9fa805c9fa809e6), which made squid failed to parse the config. After commenting out the message, the program ran like a charm on Fedora host in docker container. [Here](https://code.launchpad.net/~wdzeng/ubuntu-docker-images/+git/squid/+ref/5.2-22.04-nofile-fix) is a fix for that.

Lacking experiences of contributing to open sourced projects, I am not sure if it is polite to open another MR, or should ask Athos to merge my fix into his branch. Sorry for that.

In addition, the bug #1978272 affects branches `4.13-21.10`, `4.13-21.04` and `4.10-20.04` as well. I have examined that the fix worked in those branches. After this MR is merged, the fix should be cherry-picked to those branches.

Thank you very much!

Revision history for this message
Athos Ribeiro (athos-ribeiro) wrote :

Hi Wen!

Thanks for verifying the issue and thanks for pointing the missing character :)

I have fixed the issue and pushed the changes to this same branch.

I will proceed to file the MPs for the other branches, cherry-picking this change as you suggested.

Revision history for this message
Bryce Harrington (bryce) wrote :

LGTM, +1

(If you've already pushed this change, can set to Merged)

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/Dockerfile b/Dockerfile
2index 8db1ae5..a6bae5c 100644
3--- a/Dockerfile
4+++ b/Dockerfile
5@@ -12,6 +12,8 @@ RUN set -eux; \
6 rm -rf /var/lib/apt/lists/*; \
7 # Change default configuration to allow local network access \
8 sed -i 's/^#http_access allow localnet$/http_access allow localnet/' /etc/squid/conf.d/debian.conf; \
9+ echo "# Set max_filedescriptors to avoid using system's RLIMIT_NOFILE. See LP: #1978272" > /etc/squid/conf.d/rock.conf; \
10+ echo 'max_filedescriptors 1024' >> /etc/squid/conf.d/rock.conf; \
11 # smoketest
12 /usr/sbin/squid --version; \
13 # create manifest \

Subscribers

People subscribed via source and target branches