Re: [squid-dev] Converting squid to library
On 05/08/18 18:57, Manju Prabhu wrote: > Hi Amos, > Sure, thanks. > > Initially, I am planning to try to use f-stack. Something, similar > to > https://github.com/F-Stack/f-stack/blob/master/doc/F-Stack_Nginx_APP_Guide.md > F-stack provides wrappers around POSIX APIs.\ > So, apart from squid and open-ssl, would I need to re-build anything else? > AFAIK that is all. Assuming that what you asked for is actually what you need. Reading that f-stack reference and the root f-stack documentation I am getting the distinct idea that what it is referring to as "networking" is a series of WebSocket or HTTP messages to deliver custom application data around with transfer protocols compression (eg HTTP/2 HPACK) pretending to be faster "packet speed". Is that correct? and you are actually needing Squid as the agent to relay those messages (er, "packets") ? Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev
Re: [squid-dev] Converting squid to library
Hi Amos, Sure, thanks. Initially, I am planning to try to use f-stack. Something, similar to https://github.com/F-Stack/f-stack/blob/master/doc/F-Stack_Nginx_APP_Guide.md F-stack provides wrappers around POSIX APIs. So, apart from squid and open-ssl, would I need to re-build anything else? Thanks, Manju On Thu, Aug 2, 2018 at 3:16 AM, Amos Jeffries wrote: > On 02/08/18 18:32, Manju Prabhu wrote: > > Hi, > > I plan to use Squid for ssl-proxy in my project. However, I have my own > > data-path and TCP stack I want to try it out with for performance > > reasons. The TCP stack could be in user-space for example, if I use DPDK. > > > > * Is there any potential pitfalls if I embark on this task? > > The first one is that Squid is is a collection of binaries and processes > working together to process traffic. Not suitable for being a library. > > > > * Is it better to convert squid to a library and link it to my process > > along with DPDK (Option A)? Or is it better to try to link DPDK to squid > > (Option B)? > > Neither if you can avoid it. Option B only if you have to. > > Squid uses POSIX API for I/O. So if you are providing POSIX API from > your TCP stack it should be as simple as building Squid with the > appropriate ./configure CXXFLAGS, CFLAGS, and LDADD build options to > link your stacks library/objects. > > If you have done some non-standard API you will have to write a mapping > between it and POSIX functions. Doing that in your own code simplifies > things considerably - especially for your codes prospects being used > widely, but it can be patched into Squid if necessary. > > Also, many TLS/SSL I/O operations are done through the system TLS/SSL > library. Not by Squid at all. So there is additional complication > rebuilding that library against your stack before Squid can use it. > Having the standard POSIX API which both can access is much easier and > better than any custom API. > > > > > * With squid I see that separate threads are created to manage > > certificate mimicking etc. Do all of that get complicated with Option A? > > Not threads. Processes. Squid is running independent > binaries/interpreters, and forking itself sometimes as well. Thus your > Option A is not an option. > > > > > > I apologize in advance for some open ended questions. Please point me to > > the right forum if these questions are not valid here. > > > > This is the right place. > > Amos > ___ > squid-dev mailing list > squid-dev@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-dev > ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev
Re: [squid-dev] Converting squid to library
On 02/08/18 18:32, Manju Prabhu wrote: > Hi, > I plan to use Squid for ssl-proxy in my project. However, I have my own > data-path and TCP stack I want to try it out with for performance > reasons. The TCP stack could be in user-space for example, if I use DPDK. > > * Is there any potential pitfalls if I embark on this task? The first one is that Squid is is a collection of binaries and processes working together to process traffic. Not suitable for being a library. > * Is it better to convert squid to a library and link it to my process > along with DPDK (Option A)? Or is it better to try to link DPDK to squid > (Option B)? Neither if you can avoid it. Option B only if you have to. Squid uses POSIX API for I/O. So if you are providing POSIX API from your TCP stack it should be as simple as building Squid with the appropriate ./configure CXXFLAGS, CFLAGS, and LDADD build options to link your stacks library/objects. If you have done some non-standard API you will have to write a mapping between it and POSIX functions. Doing that in your own code simplifies things considerably - especially for your codes prospects being used widely, but it can be patched into Squid if necessary. Also, many TLS/SSL I/O operations are done through the system TLS/SSL library. Not by Squid at all. So there is additional complication rebuilding that library against your stack before Squid can use it. Having the standard POSIX API which both can access is much easier and better than any custom API. > * With squid I see that separate threads are created to manage > certificate mimicking etc. Do all of that get complicated with Option A? Not threads. Processes. Squid is running independent binaries/interpreters, and forking itself sometimes as well. Thus your Option A is not an option. > > I apologize in advance for some open ended questions. Please point me to > the right forum if these questions are not valid here. > This is the right place. Amos ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev
[squid-dev] Converting squid to library
Hi, I plan to use Squid for ssl-proxy in my project. However, I have my own data-path and TCP stack I want to try it out with for performance reasons. The TCP stack could be in user-space for example, if I use DPDK. * Is there any potential pitfalls if I embark on this task? * Is it better to convert squid to a library and link it to my process along with DPDK (Option A)? Or is it better to try to link DPDK to squid (Option B)? * With squid I see that separate threads are created to manage certificate mimicking etc. Do all of that get complicated with Option A? I apologize in advance for some open ended questions. Please point me to the right forum if these questions are not valid here. Thanks, Manju ___ squid-dev mailing list squid-dev@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-dev