Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Production process manager for Node.JS applications with a built-in load balancer.
PM2 is a production process manager for Node.js applications with a built-in load balancer. It allows you to keep applications alive forever, to reload them without downtime, and to facilitate common system admin tasks.
Process Management
Start an application with PM2 and keep it running in the background.
pm2 start app.js
Load Balancing
Enable load balancing by starting multiple instances of the application across all CPUs.
pm2 start app.js -i max
Monitoring
Monitor all processes launched with PM2 using a terminal-based dashboard.
pm2 monit
Logging
Display logs of all processes in real-time, or target specific processes.
pm2 logs
Startup Script
Generate a startup script to resurrect PM2 and all processes on server reboot.
pm2 startup
Update Processes
Reload all processes in the cluster without downtime.
pm2 reload all
Forever is a simple CLI tool for ensuring that a given script runs continuously (i.e., forever). It is similar to PM2 but lacks some of its advanced features like application monitoring and load balancing.
Nodemon is a utility that monitors for any changes in your source and automatically restarts your server. It is often used in development environments, unlike PM2 which is tailored for production use.
StrongLoop Process Manager (strong-pm) is a production process manager for Node.js applications with features like remote deployment and performance monitoring. It is part of the StrongLoop suite, which is now owned by IBM.
Supervisor is a client/server system that allows its users to monitor and control a number of processes on UNIX-like operating systems. It is not specifically designed for Node.js and is more general-purpose.
PM2 is a production process manager for Node.js applications with a built-in load balancer. It allows you to keep applications alive forever, to reload them without downtime and to facilitate common system admin tasks.
Starting an application in production mode is as easy as:
$ pm2 start app.js
PM2 is constantly assailed by more than 1800 tests.
Official website: https://pm2.keymetrics.io/
Works on Linux (stable) & macOS (stable) & Windows (stable). All Node.js versions are supported starting Node.js 12.X.
With NPM:
$ npm install pm2 -g
You can install Node.js easily with NVM or FNM.
You can start any application (Node.js, Python, Ruby, binaries in $PATH...) like that:
$ pm2 start app.js
Your app is now daemonized, monitored and kept alive forever.
Once applications are started you can manage them easily:
To list all running applications:
$ pm2 list
Managing apps is straightforward:
$ pm2 stop <app_name|namespace|id|'all'|json_conf>
$ pm2 restart <app_name|namespace|id|'all'|json_conf>
$ pm2 delete <app_name|namespace|id|'all'|json_conf>
To have more details on a specific application:
$ pm2 describe <id|app_name>
To monitor logs, custom metrics, application information:
$ pm2 monit
The Cluster mode is a special mode when starting a Node.js application, it starts multiple processes and load-balance HTTP/TCP/UDP queries between them. This increase overall performance (by a factor of x10 on 16 cores machines) and reliability (faster socket re-balancing in case of unhandled errors).
Starting a Node.js application in cluster mode that will leverage all CPUs available:
$ pm2 start api.js -i <processes>
<processes>
can be 'max'
, -1
(all cpu minus 1) or a specified number of instances to start.
Zero Downtime Reload
Hot Reload allows to update an application without any downtime:
$ pm2 reload all
More informations about how PM2 make clustering easy
With the drop-in replacement command for node
, called pm2-runtime
, run your Node.js application in a hardened production environment.
Using it is seamless:
RUN npm install pm2 -g
CMD [ "pm2-runtime", "npm", "--", "start" ]
Read More about the dedicated integration
PM2 allows to monitor your host/server vitals with a monitoring speedbar.
To enable host monitoring:
$ pm2 set pm2:sysmonit true
$ pm2 update
Monitor all processes launched straight from the command line:
$ pm2 monit
To consult logs just type the command:
$ pm2 logs
Standard, Raw, JSON and formated output are available.
Examples:
$ pm2 logs APP-NAME # Display APP-NAME logs
$ pm2 logs --json # JSON output
$ pm2 logs --format # Formated output
$ pm2 flush # Flush all logs
$ pm2 reloadLogs # Reload all logs
To enable log rotation install the following module
$ pm2 install pm2-logrotate
PM2 can generate and configure a Startup Script to keep PM2 and your processes alive at every server restart.
Init Systems Supported: systemd, upstart, launchd, rc.d
# Generate Startup Script
$ pm2 startup
# Freeze your process list across server restart
$ pm2 save
# Remove Startup Script
$ pm2 unstartup
More about Startup Scripts Generation
# Install latest PM2 version
$ npm install pm2@latest -g
# Save process list, exit old PM2 & restore all processes
$ pm2 update
PM2 updates are seamless
If you manage your apps with PM2, PM2+ makes it easy to monitor and manage apps across servers.
Feel free to try it:
Discover the monitoring dashboard for PM2
Thanks in advance and we hope that you like PM2!
PM2 is made available under the terms of the GNU Affero General Public License 3.0 (AGPL 3.0). For other licenses contact us.
FAQs
Production process manager for Node.JS applications with a built-in load balancer.
The npm package pm2 receives a total of 1,928,879 weekly downloads. As such, pm2 popularity was classified as popular.
We found that pm2 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.