Knot Service Start Timeout

If I have 800,000 domains, it means that I need to have 800,000 conf and zones, In this case, if I use systemctl start knot, I got this error:

Job for knot.service failed because a timeout was exceeded. See " Systemctl status knot.service "and" journalctl -xe "for details.

Can someone give a solution? Thanks.

changed the description

This is probably nothing about Knot DNS, but configuration of systemd. Please consult systemd manual.

Just guessing: probably systemd has a timeout for service startup, in order to detect faulty service taking too long (possibly infinity) to get up and running. You might need to adjust this timeout, maybe in /etc/.../knot.service.

Please let us know after you find out ;)

Thank you for your reply, I found it and Modified it, maybe there are too many files and it is too slow to load

changed the description

OK. Could you please share what did you exactly modify and how?

Yes. It might be useful to watch the logs (using journalctl) to see what Knot is doing.

I found that the reason for the starting service timeout is that the execution of the /usr/sbin/knotc conf-check is too slow, so I manually executed this command and then used systemctl start knot to start the service

TimeoutStartSec= from systemd.service(5) seems relevant, although I haven't tried if it works with ExecStartPre option that executes the conf check. If it does, overriding this timeout might be an option.

I'm not sure how much this value is set. I suggest that if the server is just started, first execute /usr/sbin/knotc conf-check, and then start knot, after executing /usr/sbin/knotc conf-check , The system has a cache for it, start knot again, it will not fail to start.

Hi, one of our users with thousands of zones solved a similar issue by setting

TimeoutStartUSec=15min
TimeoutStopUSec=15min

Also take a look at https://www.knot-dns.cz/docs/2.9/singlehtml/index.html#async-start

Get similar issue, When I execute systemctl reload knot:

TimeoutStartUSec=0
TimeoutStopUSec=0

I think this problem is very serious because our DNS file needs to be reloaded every 5 minutes, I also enable async-start, and I found that there will be a delay when executing systemctl reload knot.

I want to use daemontools to instead of systemd

I suspect you reached the limit of maximum configuration database size. How do you install Knot DNS (from a package or from sources)?

Please note that server reload cannot be immediate as possible ongoing zone events have to be finished first!

Maybe you should use configuration database instead of configuration file as it's optimised for huge deployments and is capable to track simple configuration changes.

I install Knot DNS by yum, You mean that I need add database section, right?

No, I mean https://www.knot-dns.cz/docs/2.9/singlehtml/index.html#configuration-database

My configure files will be updated every 5 mins, so I need to delete confdb, and init it again, then knotc conf-import xxx.conf, right?

The benefit of using configuration database instead of configuration files would be that you would stop using configuration files whatsoever, and instead of modifying them, you would directly modify the configuration database via knotc interface ;)

Now my configure and zone files are generated by code, they will be updated every 5 mins, so I need to modify database for making new DNS record work

OK, then the repeated conf-import will work as you desribed, but there is not much of a benefit.

Some alterative could be not to use configuration database, and stick with configuration files like at the beginning. You just can avoid re-starting knotd by systemd (like systemctl reload knot), you just can tell knot to re-load the configuration file by knotc reload.

closed