blob: 514f6c07b4d513706683840a3bba4390a2e65842 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
.. SPDX-License-Identifier: GPL-3.0-or-later
.. _mod-watchdog:
Watchdog
========
This module cooperates with Systemd watchdog to restart the process in case
the internal event loop gets stuck. The upstream Systemd unit files are configured
to use this feature, which is turned on with the ``WatchdogSec=`` directive
in the service file.
As an optional feature, this module can also do an internal DNS query to check if resolver
answers correctly. To use this feature you must configure DNS name and type to query for:
.. code-block:: lua
watchdog.config({ qname = 'nic.cz.', qtype = kres.type.A })
Each single query from watchdog must result in answer with
RCODE = NOERROR or NXDOMAIN. Any other result will terminate the resolver
(with SIGABRT) to allow the supervisor process to do cleanup, gather coredump
and restart the resolver.
It is recommended to use a name with a very short TTL to make sure the watchdog
is testing all parts of resolver and not only its cache. Obviously this check
makes sense only when used with very reliable domains; otherwise a failure
on authoritative side will shutdown resolver!
`WatchdogSec` specifies deadline for supervisor when the process will be killed.
Watchdog queries are executed each `WatchdogSec / 2` seconds.
This implies that **half** of `WatchdogSec` interval must be long enough for
normal DNS query to succeed, so do not forget to add two or three seconds
for random network timeouts etc.
The module is loaded by default. If you'd like to disable it you can unload it:
.. code-block:: lua
modules.unload('watchdog')
Beware that unloading the module without disabling watchdog feature in supervisor
will lead to infinite restart loop.
|
