Graceful Shutdown Of Workers
When a server is told to stop, killing it instantly drops every request in flight, corrupts partial writes, and loses queued work. Graceful shutdown instead winds the system down in order so nothing in progress is lost.
The sequence matters. First the server stops accepting new work, often by closing the listening socket or rejecting fresh items. Then it lets workers drain, finishing the tasks already in progress. Only when the in flight work completes, or a shutdown deadline passes, does the process exit.
- Stop intake first Closing the door prevents the backlog from growing while you try to empty it.
- Drain in flight Existing requests run to completion so clients get real responses, not dropped connections.
- Bounded wait A shutdown deadline forces exit even if some task hangs, so shutdown itself cannot stall forever.
Workers usually learn of shutdown through a signal or a shared flag, then stop pulling new items from their queue and exit once their current item is done. Combined with cancellation, long running tasks can be told to stop early. Graceful shutdown is what makes rolling deploys and autoscaling safe.
Key idea
Graceful shutdown stops new intake, drains in flight work, then exits within a bounded deadline so nothing in progress is lost during a restart.