When LogStash 5.X windows service STOP, doesn't close Orphan Java processes

In windows LogStash service is created using NSSM. 
NSSM takes IO redirection inputs and a flag value which determines how to signal Windows kernel and what to do when the windows service is stopped.
when we set 

nssm set logstash AppStopMethodSkip 6

It just sends the signal ^C (ctrl +c ) or stop to the Windows kernel, just like we stop a java process in command prompt using a Ctrl+c. But if the parent process spawns threads then only ^C cannot stop the child processes. Just like windows task manager's kill process tree option, in this case we need to send the WM_CLOSE signal to Windows.

For  a NSSM windows service it is done when you set 
nssm set logstash AppStopMethodSkip 5

Along, with that you need to pass an additional flag to the logstash arg param. the shutdown_watcher.rb in logstash is a listener to the shutdown event. when logstash spawns many worker processes to send different logs, then the shutdown gets stalled if ay of these worker threads have pending events to send to ElasticSearch. If you set the --pipeline.unsafe_shutdown in logstash arg, then the shutdown_watcher invokes the system.exit(-1) and terminates all workers immediately. But in the process these pending events would be lost.


Comments

Post a Comment

Popular posts from this blog

NSSM service eats 100% CPU

Image
NSSM logstash service can cause a fatal CPU hungry outage in your clients unless you override the AppExit default value. By default it comes as default 'Restart' To change it to ' Stop service ' you need to run the following command nssm set logstash AppExit Default Exit It will change the service definition as follow Other v alid exit actions are: Restart Ignore Exit Suicide  
Read more

JPA Vs SpringJDBC

Recently I conducted many interviews for my employer, one 8-9 yrs exp candidate asked me what data access object layer do we use in our project. I was thinking a bit as , like they do with persistence - polyglot persistence, we maintain different DAO technologies - JPA, proprietary JDBC, JDO, Spring JDBC. you cannot say which one is the best. It depends on the context but definitely having so many things for performing dataaccess is not advisable. In this topic I will try to explore the JPA and Spring JDBC. Spring is a life savior, it's template concept reduces the boilerplate code but still the jdbc template comes with baggages - row mapper, SQL, parameters etc. If you have good knowledge of database schema, you want to execute stored procedure, you want more handle on your code to access the db. Then go for Spring, you can debug easily and have control on your DTO. If you need to abstract away the SQL, hide complexity, write less code, dont need to execute the stored proced...
Read more

Ignite Running in Static IP multicast mode

Apache Ignite throws multicast exception in local machine when multicast is on and internet is connect. The following is an example of multicast IP discovery  <!-- Explicitly configure TCP discovery SPI to provide list of initial nodes. -->         <property name="discoverySpi">             <bean class="org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi">                 <property name="ipFinder">                      <bean class="org.apache.ignite.spi.discovery.tcp.ipfinder. multicast . TcpDiscoveryMulticastIpFinder ">                         <property name="addresses">                             <list>               ...
Read more