I am a user, not a developer, of knot-resolver, on ubuntu groovy.

When I look up something that has a CNAME and ask for an A record I get a SERVFAIL.  If I ask for the CNAME I get the correct answer but then I have to do another search for the A record for that.

First of all, I suspect that you're using an old version of Knot Resolver.  That begins with Groovy being unsupported by Ubuntu for more than a year already.  Generally we support just the latest version of Knot Resolver, though of course some issues found in an old version may behave the same way in the latest version.

I'm not getting any issue with www.cdc.gov here.  I'm a bit apprehensive about cdc.gov, as historically their DNS were often broken, but I haven't found any real issues with it now [1].  Still, CNAMEs are used very commonly, so if they get broken often in your case, that's certainly suspicious.  But I'd recommend starting with upgrading (the OS and) Knot Resolver.

[1] https://dnsviz.net/d/www.cdc.gov/Ywx_Rw/dnssec/

--Vladimir