pgndev
2018-Oct-17 19:01 UTC
[nsd-users] NSD4 occassionally fails to start after _server_ restart -- related to log rotation?
I've built/installed /usr/local/nsd4/sbin/nsd -v NSD version 4.1.25 Written by NLnet Labs. Copyright (C) 2001-2006 NLnet Labs. This is free software. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Runs well. On server restart, I find occassionally that NSD4's not UP. starting it manually is immediately successful. I've found, so far, no relevant errors in systemd journal or nsd logs. I did noticed, checking immediately after noticing one of these^ 'bad' restarts, systemctl status -l nsd4-custom ? nsd4-custom.service - NSD4 DNS Server Loaded: loaded (/etc/systemd/system/nsd4-custom.service; enabled; vendor preset: disabled) !!! Active: inactive (dead) since Wed 2018-10-17 11:14:41 PDT; 30min ago Process: 1367 ExecStopPost=/bin/rm -f /var/chroot/nsd4/var/db/nsd/xfrd.state (code=exited, status=0/SUCCESS) Process: 1296 ExecStop=/usr/local/nsd4/sbin/nsd-control -c /var/chroot/nsd4/etc/nsd.conf stop (code=exited, status=0/SUCCESS) Process: 1280 ExecStart=/usr/local/nsd4/sbin/nsd-control -c /var/chroot/nsd4/etc/nsd.conf start (code=exited, status=0/SUCCESS) Main PID: 1280 (code=exited, status=0/SUCCESS)>>> Warning: Journal has been rotated since unit was started. Logoutput is incomplete or unavailable. Don't know if that's 'fatal' to nsd. I launch nsd with systemd, cat /etc/systemd/system/nsd4-custom.service [Unit] Description=NSD4 DNS Server After=syslog.target network-online.target Before=nsd4-custom.target Before=unbound.service Requires=unbound.service [Service] PIDFile=/var/chroot/nsd4/var/run/nsd/nsd.pid ExecStart=/usr/local/nsd4/sbin/nsd-control -c /var/chroot/nsd4/etc/nsd.conf start ExecReload=/usr/local/nsd4/sbin/nsd-control -c /var/chroot/nsd4/etc/nsd.conf reload ExecStop=/usr/local/nsd4/sbin/nsd-control -c /var/chroot/nsd4/etc/nsd.conf stop ExecStopPost=/bin/rm -f /var/chroot/nsd4/var/db/nsd/xfrd.state [Install] WantedBy=multi-user.target and rotate logs with cat /etc/logrotate.d/nsd4 /var/log/nsd4/*.log { daily missingok rotate 14 compress delaycompress compresscmd /usr/bin/xz uncompresscmd /usr/bin/unxz create 640 nsd nsd sharedscripts dateext dateformat .%Y-%m-%d.%s postrotate /usr/local/nsd4/sbin/nsd-control log_reopen endscript } Is any of that^ problematic, possibly causal? Or is there some other place I should be looking? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.nlnetlabs.nl/pipermail/nsd-users/attachments/20181017/5ae35eca/attachment.htm>
Anand Buddhdev
2018-Oct-17 21:48 UTC
[nsd-users] NSD4 occassionally fails to start after _server_ restart -- related to log rotation?
Hello "pgnet". I have many comments about your setup. See below. [snip]>>>> Warning: Journal has been rotated since unit was started. Log > output is incomplete or unavailable. > > Don't know if that's 'fatal' to nsd.No, this is not fatal to nsd.> I launch nsd with systemd, > > cat /etc/systemd/system/nsd4-custom.service > [Unit] > Description=NSD4 DNS Server > After=syslog.target network-online.target > Before=nsd4-custom.target > Before=unbound.service > Requires=unbound.service > > [Service] > PIDFile=/var/chroot/nsd4/var/run/nsd/nsd.pid > ExecStart=/usr/local/nsd4/sbin/nsd-control -c > /var/chroot/nsd4/etc/nsd.conf start > ExecReload=/usr/local/nsd4/sbin/nsd-control -c > /var/chroot/nsd4/etc/nsd.conf reload > ExecStop=/usr/local/nsd4/sbin/nsd-control -c > /var/chroot/nsd4/etc/nsd.conf stop > ExecStopPost=/bin/rm -f /var/chroot/nsd4/var/db/nsd/xfrd.state > > [Install] > WantedBy=multi-user.targetThis is a *very* strange and convoluted way to run nsd with systemd. First of all, I can understand nsd starting before unbound. But why does nsd *require* unbound? Next, your ExecStart can just be: ExecStart=/usr/local/nsd4/sbin/nsd -c /var/chroot/nsd4/etc/nsd.conf You also don't need an ExecStop. Instead, you just need: KillMode=process so that systemd can just send a TERM signal to the main nsd process. Next, why are you removing the xfrd.state file when stopping nsd? That seems pointless. the state file is used for tracking the status of slave zones and their timers. The PIDFile option is also unnecessary with nsd.> and rotate logs with > > cat /etc/logrotate.d/nsd4 > /var/log/nsd4/*.log { > daily > missingok > rotate 14 > compress > delaycompress > compresscmd /usr/bin/xz > uncompresscmd /usr/bin/unxz > create 640 nsd nsd > sharedscripts > dateext > dateformat .%Y-%m-%d.%s > postrotate > /usr/local/nsd4/sbin/nsd-control log_reopenDon't you need the "-c /var/chroot/nsd4/etc/nsd.conf" option to nsd-control here, so that it can find the appropriate control channel to send the "log_reopen" command to? Regards, Anand