From the host:
ps aux | grep java
me#my-host:~/elastic-search-group$ ps aux | grep java
smmsp 20473 106 6.3 4664740 257368 ? Ssl 17:48 0:09 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -Xms256m -Xmx1g -Djava.awt.headless=true -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -XX:+HeapDumpOnOutOfMemoryError -XX:+DisableExplicitGC -Dfile.encoding=UTF-8 -Djna.nosys=true -Des.path.home=/usr/share/elasticsearch -cp /usr/share/elasticsearch/lib/elasticsearch-2.3.4.jar:/usr/share/elasticsearch/lib/* org.elasticsearch.bootstrap.Elasticsearch start
Then exec into the container:
docker exec -it 473 /bin/bash
And look at the processes:
root#473c4548b06f:/usr/share/elasticsearch# ps aux | grep java
elastic+ 1 14.0 6.3 4671936 257372 ? Ssl 17:48 0:10 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java -Xms256m -Xmx1g -Djava.awt.headless=true -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -XX:+HeapDumpOnOutOfMemoryError -XX:+DisableExplicitGC -Dfile.encoding=UTF-8 -Djna.nosys=true -Des.path.home=/usr/share/elasticsearch -cp /usr/sh
From the host:
sudo kill -9 20473
ends up killing the docker container.
Now, I may be mistaken, but I thought there was complete process segregation? Is this supposed to bleed out to the host?
The container is isolated from the host, the host is not isolated from the container. So from the host, you can see the files, network connections, network interfaces, processes, etc, that are used inside the container. But from the container, you can only see what's in the container (barring any privilege escalation configured in the run command).
Related
I am using linux server where 3 instances of tomcat are running for 3 different applications.
While I'm running following command in the terminal,
ps -ef | grep tomcat
I'm getting 3 different PIDs.
12244 1 0 May27 ? 00:02:08 /opt/shs/zulu13.28.11-ca-jdk13.0.1-linux_x64/bin/java -Djava.util.logging.config.file=/app/shs/wag2/tomcat/server1/apache-tomcat-9.0.27/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Dfile.encoding=UTF-8 -Xms1024m -Xmx4096m -XX:+UseParallelGC -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Dignore.endorsed.dirs= -classpath /app/shs/wag2/tomcat/server1/apache-tomcat-9.0.27/bin/bootstrap.jar:/app/shs/wag2/tomcat/server1/apache-tomcat-9.0.27/bin/tomcat-juli.jar -Dcatalina.base=/app/shs/wag2/tomcat/server1/apache-tomcat-9.0.27 -Dcatalina.home=/app/shs/wag2/tomcat/server1/apache-tomcat-9.0.27 -Djava.io.tmpdir=/app/shs/wag2/tomcat/server1/apache-tomcat-9.0.27/temp org.apache.catalina.startup.Bootstrap start
2687 1 2 May27 pts/3 00:01:00 /opt/shs/zulu13.28.11-ca-jdk13.0.1-linux_x64/bin/java -Djava.util.logging.config.file=/app/shs/wag1/tomcat/server1/apache-tomcat-9.0.27/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Dfile.encoding=UTF-8 -Xms1024m -Xmx4096m -XX:+UseParallelGC -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Dignore.endorsed.dirs= -classpath /app/shs/wag1/tomcat/server1/apache-tomcat-9.0.27/bin/bootstrap.jar:/app/shs/wag1/tomcat/server1/apache-tomcat-9.0.27/bin/tomcat-juli.jar -Dcatalina.base=/app/shs/wag1/tomcat/server1/apache-tomcat-9.0.27 -Dcatalina.home=/app/shs/wag1/tomcat/server1/apache-tomcat-9.0.27 -Djava.io.tmpdir=/app/shs/wag1/tomcat/server1/apache-tomcat-9.0.27/temp org.apache.catalina.startup.Bootstrap start
29534 2 0 May27 ? 00:05:12 /opt/shs/zulu13.28.11-ca-jdk13.0.1-linux_x64/bin/java -Djava.util.logging.config.file=/app/shs/wag3/tomcat/server1/apache-tomcat-9.0.27/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Dfile.encoding=UTF-8 -Xms1024m -Xmx4096m -XX:+UseParallelGC -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Dignore.endorsed.dirs= -classpath /app/shs/wag3/tomcat/server1/apache-tomcat-9.0.27/bin/bootstrap.jar:/app/shs/wag3/tomcat/server1/apache-tomcat-9.0.27/bin/tomcat-juli.jar -Dcatalina.base=/app/shs/wag3/tomcat/server1/apache-tomcat-9.0.27 -Dcatalina.home=/app/shs/wag3/tomcat/server1/apache-tomcat-9.0.27 -Djava.io.tmpdir=/app/shs/wag3/tomcat/server1/apache-tomcat-9.0.27/temp org.apache.catalina.startup.Bootstrap start
Now I'm not able to understand which PID I need to kill for a particular tomcat to restart.
Can you please help me to resolve this. Thanks.
Looks like three tomcat process running on the server. Which tomcat do you want to kill?
Below is the Pid of each tomcat:
/app/shs/wag2/tomcat/server1/apache-tomcat-9.0.27/ 12244
/app/shs/wag1/tomcat/server1/apache-tomcat-9.0.27/ 2687
/app/shs/wag3/tomcat/server1/apache-tomcat-9.0.27 29534
Even you can use jcmd command to print out the process ID of all the JVM processes.
$ jcmd -l
418 sun.tools.jcmd.JCmd -l
$ jstat -gcutil -t 10 250ms 1
10 not found
I am aware of the bug in jdk related to attaching jstat as root to a process running as a different user.
Here, this docker container has one user root and as can be seen below from the ps command, cassandra is running under root.
$ whoami
root
I have tried to do the following:
$ sudo -u root jcmd -l
Any help is appreciated.
Docker container is debian:jessie
running java version:
openjdk version "1.8.0_66-internal"
Here's the output of ps -ef:
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 17:40 ? 00:00:00 /bin/bash /run.sh
root 10 1 11 17:40 ? 00:02:25 java -ea -javaagent:/usr/share/c
root 375 0 0 17:49 ? 00:00:00 bash
root 451 375 0 18:00 ? 00:00:00 ps -ef
Aside: jstack successfully dumps out the stack traces of the threads.
I know at least two possible reasons why this can happen.
Java is run with -XX:+PerfDisableSharedMem option. This option helps sometimes to reduce JVM safepoint pauses, but it also makes JVM invisible to jps and jstat. This is a very likely case, because you are running Cassandra, and recent Cassandra has this option ON by default.
Java process has a different mount namespace, so that /tmp of Java process is not physically the same directory as /tmp of your shell. The directory /tmp/hsperfdata_root must be accessible in order to use jps or jstat. This is also a plausible reason since you are using docker containers.
I installed tftpd-hpa and tftp in Ubuntu 12.04 LTS.
when I check the status of tftpd-hpa with service command, it shows running.
zlf#ubuntu:~$ service tftpd-hpa status
tftpd-hpa start/running
But when I check its process, there is no running PID to show.
zlf#ubuntu:~$ ps -ef |grep ftp
zlf 5607 5397 0 15:02 pts/1 00:00:00 grep --color=auto ftp
zlf#ubuntu:~$ ps -ef |grep hpa
zlf 5609 5397 0 15:02 pts/1 00:00:00 grep --color=auto hpa
what happened? Is tftpd-hpa not a process or other reason?
By the way, I test tftpd-hpa by localhost, it doesn't work.
zlf#ubuntu:~$ tftp localhost
tftp> get test
Transfer timed out.
TFTP requests are probably handled by inetd/xinetd.
When I start Cassandra server, two processes start running.
Is this the normal behavior of Cassandra?
Below is the result set with two different process IDs:
5362 jsvc.exec -user cassandra -home /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/../ -pidfile /var/run/cassandra.pid -errfile &1 -outfile /var/log/cassandra/output.log -cp /usr/share/cassandra/lib/antlr-3.2.jar:/usr/share/cassandra/lib/avro-1.4.0-fixes.jar:/usr/share/cassandra/lib/avro-1.4.0-sources-fixes.jar:/usr/share/cassandra/lib/commons-cli-1.1.jar:/usr/share/cassandra/lib/commons-codec-1.2.jar:/usr/share/cassandra/lib/commons-lang-2.4.jar:/usr/share/cassandra/lib/compress-lzf-0.8.4.jar:/usr/share/cassandra/lib/concurrentlinkedhashmap-lru-1.3.jar:/usr/share/cassandra/lib/guava-r08.jar:/usr/share/cassandra/lib/high-scale-lib-1.1.2.jar:/usr/share/cassandra/lib/jackson-core-asl-1.9.2.jar:/usr/share/cassandra/lib/jackson-mapper-asl-1.9.2.jar:/usr/share/cassandra/lib/jamm-0.2.5.jar:/usr/share/cassandra/lib/jline-0.9.94.jar:/usr/share/cassandra/lib/json-simple-1.1.jar:/usr/share/cassandra/lib/libthrift-0.7.0.jar:/usr/share/cassandra/lib/log4j-1.2.16.jar:/usr/share/cassandra/lib/metrics-core-2.0.3.jar:/usr/share/cassandra/lib/servlet-api-2.5-20081211.jar:/usr/share/cassandra/lib/slf4j-api-1.6.1.jar:/usr/share/cassandra/lib/slf4j-log4j12-1.6.1.jar:/usr/share/cassandra/lib/snakeyaml-1.6.jar:/usr/share/cassandra/lib/snappy-java-1.0.4.1.jar:/usr/share/cassandra/lib/snaptree-0.1.jar:/usr/share/cassandra/apache-cassandra-1.1.5.jar:/usr/share/cassandra/apache-cassandra-thrift-1.1.5.jar:/usr/share/cassandra/apache-cassandra.jar:/usr/share/cassandra/stress.jar:/usr/share/java/jna.jar:/etc/cassandra:/usr/share/java/commons-daemon.jar -Dlog4j.configuration=log4j-server.properties -XX:HeapDumpPath=/var/lib/cassandra/java_1351664352.hprof -XX:ErrorFile=/var/lib/cassandra/hs_err_1351664352.log -ea -javaagent:/usr/share/cassandra/lib/jamm-0.2.5.jar -XX:+UseThreadPriorities -XX:ThreadPriorityPolicy=42 -Xms1024M -Xmx1024M -Xmn256M -XX:+HeapDumpOnOutOfMemoryError -Xss160k -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -XX:+CMSParallelRemarkEnabled -XX:SurvivorRatio=8 -XX:MaxTenuringThreshold=1 -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -Djava.net.preferIPv4Stack=true -Dcom.sun.management.jmxremote.port=7199 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false org.apache.cassandra.thrift.CassandraDaemon
5363 jsvc.exec -user cassandra -home /usr/lib/jvm/java-6-openjdk-amd64/jre/bin/../ -pidfile /var/run/cassandra.pid -errfile &1 -outfile /var/log/cassandra/output.log -cp /usr/share/cassandra/lib/antlr-3.2.jar:/usr/share/cassandra/lib/avro-1.4.0-fixes.jar:/usr/share/cassandra/lib/avro-1.4.0-sources-fixes.jar:/usr/share/cassandra/lib/commons-cli-1.1.jar:/usr/share/cassandra/lib/commons-codec-1.2.jar:/usr/share/cassandra/lib/commons-lang-2.4.jar:/usr/share/cassandra/lib/compress-lzf-0.8.4.jar:/usr/share/cassandra/lib/concurrentlinkedhashmap-lru-1.3.jar:/usr/share/cassandra/lib/guava-r08.jar:/usr/share/cassandra/lib/high-scale-lib-1.1.2.jar:/usr/share/cassandra/lib/jackson-core-asl-1.9.2.jar:/usr/share/cassandra/lib/jackson-mapper-asl-1.9.2.jar:/usr/share/cassandra/lib/jamm-0.2.5.jar:/usr/share/cassandra/lib/jline-0.9.94.jar:/usr/share/cassandra/lib/json-simple-1.1.jar:/usr/share/cassandra/lib/libthrift-0.7.0.jar:/usr/share/cassandra/lib/log4j-1.2.16.jar:/usr/share/cassandra/lib/metrics-core-2.0.3.jar:/usr/share/cassandra/lib/servlet-api-2.5-20081211.jar:/usr/share/cassandra/lib/slf4j-api-1.6.1.jar:/usr/share/cassandra/lib/slf4j-log4j12-1.6.1.jar:/usr/share/cassandra/lib/snakeyaml-1.6.jar:/usr/share/cassandra/lib/snappy-java-1.0.4.1.jar:/usr/share/cassandra/lib/snaptree-0.1.jar:/usr/share/cassandra/apache-cassandra-1.1.5.jar:/usr/share/cassandra/apache-cassandra-thrift-1.1.5.jar:/usr/share/cassandra/apache-cassandra.jar:/usr/share/cassandra/stress.jar:/usr/share/java/jna.jar:/etc/cassandra:/usr/share/java/commons-daemon.jar -Dlog4j.configuration=log4j-server.properties -XX:HeapDumpPath=/var/lib/cassandra/java_1351664352.hprof -XX:ErrorFile=/var/lib/cassandra/hs_err_1351664352.log -ea -javaagent:/usr/share/cassandra/lib/jamm-0.2.5.jar -XX:+UseThreadPriorities -XX:ThreadPriorityPolicy=42 -Xms1024M -Xmx1024M -Xmn256M -XX:+HeapDumpOnOutOfMemoryError -Xss160k -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -XX:+CMSParallelRemarkEnabled -XX:SurvivorRatio=8 -XX:MaxTenuringThreshold=1 -XX:CMSInitiatingOccupancyFraction=75 -XX:+UseCMSInitiatingOccupancyOnly -Djava.net.preferIPv4Stack=true -Dcom.sun.management.jmxremote.port=7199 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false org.apache.cassandra.thrift.CassandraDaemon
Yes, this is normal. We use jsvc to daemonize cleanly.
If you define your JAVA_OPTS as such
JAVA_OPTS: -Dprogram.name=run.sh -server -Xms2048m -Xmx4096 -server -Xms128m -Xmx512m -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Djava.net.preferIPv4Stack=true
What would be the priority -Xms and -Xmx parameter? The larger 1st one or the last one?
Thanks,