Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
PM2 is a production process manager for Node.js applications with a built-in load balancer. It allows you to keep applications alive forever, to reload them without downtime, and to facilitate common system admin tasks.
Process Management
Start an application with PM2 and keep it running in the background.
pm2 start app.js
Load Balancing
Enable load balancing by starting multiple instances of the application across all CPUs.
pm2 start app.js -i max
Monitoring
Monitor all processes launched with PM2 using a terminal-based dashboard.
pm2 monit
Logging
Display logs of all processes in real-time, or target specific processes.
pm2 logs
Startup Script
Generate a startup script to resurrect PM2 and all processes on server reboot.
pm2 startup
Update Processes
Reload all processes in the cluster without downtime.
pm2 reload all
Forever is a simple CLI tool for ensuring that a given script runs continuously (i.e., forever). It is similar to PM2 but lacks some of its advanced features like application monitoring and load balancing.
Nodemon is a utility that monitors for any changes in your source and automatically restarts your server. It is often used in development environments, unlike PM2 which is tailored for production use.
StrongLoop Process Manager (strong-pm) is a production process manager for Node.js applications with features like remote deployment and performance monitoring. It is part of the StrongLoop suite, which is now owned by IBM.
Supervisor is a client/server system that allows its users to monitor and control a number of processes on UNIX-like operating systems. It is not specifically designed for Node.js and is more general-purpose.
PM2 is a production process manager for Node.js applications with a built-in load balancer. It allows you to keep applications alive forever, to reload them without downtime and to facilitate common system admin tasks.
Starting an application in production mode is as easy as:
$ pm2 start app.js
PM2 is constantly assailed by more than 1000 tests.
Official website: http://pm2.keymetrics.io/
Works on Linux (stable) & MacOSx (stable) & Windows (stable).
$ npm install pm2 -g
npm is a builtin CLI when you install Node.js - Installing Node.js with NVM
$ pm2 start app.js
Your app is now daemonized, monitored and kept alive forever.
# Install latest pm2 version
$ npm install pm2 -g
# Save process list, exit old PM2 & restore all processes
$ pm2 update
PM2 updates are seamless
# General
$ npm install pm2 -g # Install PM2
$ pm2 start app.js # Start, Daemonize and auto-restart application (Node)
$ pm2 start app.py # Start, Daemonize and auto-restart application (Python)
$ pm2 start npm -- start # Start, Daemonize and auto-restart Node application
# Cluster Mode (Node.js only)
$ pm2 start app.js -i 4 # Start 4 instances of application in cluster mode
# it will load balance network queries to each app
$ pm2 reload all # Zero Second Downtime Reload
$ pm2 scale [app-name] 10 # Scale Cluster app to 10 process
# Process Monitoring
$ pm2 list # List all processes started with PM2
$ pm2 monit # Display memory and cpu usage of each app
$ pm2 show [app-name] # Show all informations about application
# Log management
$ pm2 logs # Display logs of all apps
$ pm2 logs [app-name] # Display logs for a specific app
$ pm2 logs --json # Logs in JSON format
$ pm2 flush
$ pm2 reloadLogs
# Process State Management
$ pm2 start app.js --name="api" # Start application and name it "api"
$ pm2 start app.js -- -a 34 # Start app and pass option "-a 34" as argument
$ pm2 start app.js --watch # Restart application on file change
$ pm2 start script.sh # Start bash script
$ pm2 start app.json # Start all applications declared in app.json
$ pm2 reset [app-name] # Reset all counters
$ pm2 stop all # Stop all apps
$ pm2 stop 0 # Stop process with id 0
$ pm2 restart all # Restart all apps
$ pm2 gracefulReload all # Graceful reload all apps in cluster mode
$ pm2 delete all # Kill and delete all apps
$ pm2 delete 0 # Delete app with id 0
# Startup/Boot management
$ pm2 startup # Detect init system, generate and configure pm2 boot on startup
$ pm2 save # Save current process list
$ pm2 resurrect # Restore previously save processes
$ pm2 unstartup # Disable and remove startup system
$ pm2 update # Save processes, kill PM2 and restore processes
$ pm2 generate # Generate a sample json configuration file
# Deployment
$ pm2 deploy app.json prod setup # Setup "prod" remote server
$ pm2 deploy app.json prod # Update "prod" remote server
$ pm2 deploy app.json prod revert 2 # Revert "prod" remote server by 2
# Module system
$ pm2 module:generate [name] # Generate sample module with name [name]
$ pm2 install pm2-logrotate # Install module (here a log rotation system)
$ pm2 uninstall pm2-logrotate # Uninstall module
$ pm2 publish # Increment version, git push and npm publish
Once applications are started you can list and manage them easily:
Listing all running processes:
$ pm2 list
Managing your processes is straightforward:
$ pm2 stop <app_name|id|'all'|json_conf>
$ pm2 restart <app_name|id|'all'|json_conf>
$ pm2 delete <app_name|id|'all'|json_conf>
To make sure it re-evaluates enviroment variables in your json_conf
use
$ pm2 restart <json_conf>
To have more details on a specific process:
$ pm2 describe <id|app_name>
When an application is started with the -i <instance_number> option, the Cluster Mode is enabled.
The Cluster Mode start <instance_number> and automatically load balance HTTP/TCP/UDP between each instance. This allows to increase overall performance depending to the number of CPUs availabe.
Seamlessly supported by all major Node.js frameworks and any Node.js applications without any code change:
Main commands:
$ pm2 start app.js -i max # Enable load-balancer and start 'max' instances (cpu nb)
$ pm2 reload all # Zero second dowtime reload
$ pm2 scale <app_name> <instance_number> # Increase / Decrease process number
More informations about how PM2 make clustering easy
Monitoring all processes launched:
$ pm2 monit
Displaying logs of a specified process or all processes, in real time. Standard, Raw, JSON and formated output are available.
$ pm2 logs ['all'|app_name|app_id] [--json] [--format] [--raw]`
Examples:
$ pm2 logs APP-NAME # Display APP-NAME logs
$ pm2 logs --json # JSON output
$ pm2 logs --format # Formated output
$ pm2 flush # Flush all logs
$ pm2 reloadLogs # Reload all logs
PM2 can generate and configure a startup script to keep PM2 and your processes alive at every server restart.
Supports init systems like: systemd (Ubuntu 16, CentOS, Arch), upstart (Ubuntu 14/12), launchd (MacOSx, Darwin), rc.d (FreeBSD).
# Auto detect init system + generate and setup PM2 boot at server startup
$ pm2 startup
# Manually specify the startup system
# Can be: systemd, upstart, launchd, rcd
$ pm2 startup [platform]
# Disable and remove PM2 boot at server startup
$ pm2 unstartup
To save/freeze a process list on reboot:
$ pm2 save
PM2 embeds a simple and powerful module system. Installing a module is straightforward:
$ pm2 install <module_name>
Here are some PM2 compatible modules (standalone Node.js applications managed by PM2):
pm2-logrotate auto rotate logs of PM2 and applications managed
pm2-webshell expose a fully capable terminal in browsers
pm2-server-monit monitor your server health
If you manage your NodeJS app with PM2, Keymetrics makes it easy to monitor and manage apps across servers. Feel free to try it:
Discover the monitoring dashboard for PM2
Thanks in advance and we hope that you like PM2!
PM2 is made available under the terms of the GNU Affero General Public License 3.0 (AGPL 3.0). If you use the PM2 API contact us for a possible LGPL license.
2.4.4
FAQs
Production process manager for Node.JS applications with a built-in load balancer.
The npm package pm2 receives a total of 1,910,388 weekly downloads. As such, pm2 popularity was classified as popular.
We found that pm2 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.