I have following issue with Knot: when I try to stop it by command
/etc/init.d/knot stop then the daemon is still running. If i run command
knotc stop then it's stopped but immediately run again. If I kill it by
command kill, it's the same...
As I found the /etc/init.d/knot is not working at all and Knot is
probably run during boot by /etc/init/knot.conf and I'm not able to
control it. The "unkillable" proccess is named /usr/sbin/knotd -c
My environment: Debian 7 AMD64, OpenVZ container, kernel
2.6.32-openvz-042stab092.2-amd64, Knot 1.5.0-1
I tried to install Knot on another older machine where is Debian 7 too
but upgraded from 6 and it's KVM virtual machine. There it works
correctly via init.d script and the proccess is named /usr/sbin/knotd
*-d* -c /etc/knot/knot.conf
Do you have an idea why it's working on older machine correctly and on
the second with OpenVZ not?
Thanks for any help.
Hello Knot folk,
I'm building Knot RPM packages for use on CentOS 7, and I have to write
systemd unit files. Before I write anything, I'd love to hear from
others who may already have done such work, to learn from it. Let me
describe my ideas.
On my existing Knot servers running on CentOS 6 with upstart, I have 2
upstart scripts, viz. knot.conf, and knot-instance.conf. The knot.conf
upstart script looks in /etc/knot for .conf files, and for each one,
runs knot-instance with the config file as a parameter. This way, a
simple "start knot" will start all instances.
In systemd, there is better support for instances, so I want to create a
knot@.service template unit, and a knot.target target unit. Then, I can
create new instances with "systemctl enable knot(a)conf1.conf" and
"systemctl enable knot(a)conf2.conf". Finally, running "systemctl start
knot.target" should start all configured instances. Does this sound
I would also like to know about Knot's built-in support for systemd. I
can't find any documentation about it. Could one of the devs please
describe what Knot actually does if it's compiled with systemd support?
Would you mind adding this information to the online documentation?
Today, CZ.NIC Labs are releasing Knot DNS version 1.5.1!
Let's discuss bugfixes first. Most notably, we've fixed a bug in
automatic DNSSEC signing: domain names in RDATA were not lowercased
before signing, resulting in bogus signatures. Other interesting
bugfixes include proper handling of DDNS prerequisites and some TSIG and
EDNS corner cases.
As for the new features, we've added a basic support for logging using
systemd journal. At the moment, log messages related to zone have the
ZONE field set, which means that you can easily filter log messages
based on zone name criteria. We plan to add more fields in the future to
allow more fine-grained filtering. We're looking forward to your
suggestions in this area.
Moreover, we've improved DDNS performance for large zones by grouping
incoming updates together and executing them as a bulk. This partially
mitigates problems with RCU and copying the zone structure, but dynamic
updates' running time is still proportional to size of the zone and not
to the size of the actual updates. Improving this is one of our top
priorities, and code in this release will help us to do so.
Finally, we've improved and unified format of logging messages. Most
notable, each logging message concerning a zone is now prepended with
[zone name]. If you parse the output of log files, be sure to update
Further, we now enforce a more strict policy for DNSSEC signing keys:
at least one active pair of KSK and ZSK keys of the same algorithm must
be present at all times, or Knot will refuse to sign the zone.
Be sure to let us know if you run into any problems. Have a nice day and
thanks for using Knot DNS!
Jan Kadlec, Knot DNS
CZ.NIC Labs http://www.knot-dns.cz
Americká 23, 120 00 Praha 2, Czech Republic