Frequently Asked Questions

What is Knock Daemon?

Knock Daemon is a lightweight python daemon backed by a managed supervision infrastructure.

Knock Daemon runs locally on your servers and works locally. The only outbound traffic is toward our supervision infrastructure, using encryption (https) and optimized protocol (json/gzip).

We only work locally inside your server. We only read data inside your server. We modify nothing inside your server.

Knock Daemon buffers json protocol in-memory (limited in size). It emits json requests at regular intervals.

We choose to keep json buffer in memory without flushing to disk. Many reasons to this, but mainly we want to avoid using disk space on your server. It also keeps daemon code path simple (KISS).

Knock Daemon is python based, gevent/co-routine backed (single threaded), has light memory, cpu and network footprints. Our goal is clear : monitor servers with the lowest footprint possible.

Why Knock Daemon?

We spent years handling servers and softwares in high performance, high traffic production platforms.

Setting up supervision on different kind of servers is often painful. You have to think what is running. You have to adapt supervision to newly installed or removed software components. This is often manual, time consuming and error proof.

We decided to address this using a daemon which auto-discover services to monitor, with - almost - zero-configuration required. For instance, if you add nginx on some servers, the daemon will adapt to that.

More over, having a platform of hundreds of servers requires an overview of this platform. That's why we support - in standard - "aggregated" probes, which gives you a dashboard of your platform.

Bug reporting

You may open bugs or enhancements requests within the daemon source code repository :

Please provide as much details as possible (os details, daemon logs, strace logs, repro steps...).

Unittests, with mocks, are a must.

Alerts and Notifications

Alerts thresholds are managed by Knock. We will not accept custom thresholds requests at this stage.

Notifications will be sent to the two emails you have to specify. Please refer to : How notifications behave.

Please note that everything in Knock works in UTC / GMT time zone.

Supported operating systems

Official support :

  • Debian 8 (jessie), amd64
  • Debian 7 (wheezy), amd64
  • Ubuntu 11.10 to 15.10, amd64
  • Raspbian (jessie), armhf
  • Centos Linux 7 and related distributions, x86-64
  • Red Hat Enterprise Linux (REHL) 7 and related distributions, x86-64

Beta support :

  • Windows Vista or greater, Windows Server 2008 or greater, x86-64, via NT Service and WMI / Win32 apis

Experimental support :

  • Debian 9 (stretch), amd64
  • Ubuntu 16.04 and greater, amd64

Supported probes

We currently support for all operating systems :

  • Native operating system probes (Cpu, Load, Network, Sockets, Partitions, Memory...)

We currently support for all Linux operating systems (Windows support will come later) :

  • Varnish, Apache, Nginx, Uwsgi, Php-Fpm
  • Mysql, MongoDb, Redis, Memcached

Some of them require configurations on your end. Please refer to : How to monitor.

Windows notes

Windows installer

Windows installer is provided as an MSI file build with Wix Installer.

At this stage, the MSI file is not yet signed by a code signing certificate, this will be fixed soon.

The installer will ask for your Knock namespace and namespace api key during install or upgrade.

Though covered by massive unit tests, the Windows daemon and the Windows installer are still in beta stage. In case of any issues, contact us.

Windows paths and logs

After MSI installation, binary and configuration files are located at "C:\Program Files (x86)\Knock\KnockDaemon\" or equivalent.

Knock Daemon NT service flush some logs toward Application event log.

Lifecycle event logs are written at short intervals after service start, then each hour later on.

Complete logs files are available at "C:\Windows\system32\config\systemprofile\AppData\Local\knockdaemon\" or equivalent (refer to Event logs entries to locate your current log file).

There is one log file per day, with 7 days retention.

Windows clock synchronization

By default, clock synchronization on windows is done once a week or once a day. This will result in progressive time shifting and time difference alerts.

To decrease time synchronization intervals to one hour:

  • Open registry using "regedit"
  • Locate HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpClient, key SpecialPollInterval. Decimal value is in seconds.
  • To synchronize clock every hour, change it to decimal value 3600.
  • You may have to recycle Windows time service afterwards.

And do not forget to engage automatic clock synchronization under Windows clock settings.

Windows swap

Windows like swap and use swap, even if you have lot of memory free and/or cached.

You may experience swap usage alerts even on normal conditions.

Windows swappiness cannot be configured, a solution is to disable swap, or increase disk swap size to mitigate these alerts.