Pro Tips — Graceful Shutdown Architecture and Zero-Downtime Deployment Setup

In production, if you forcibly disconnect active incoming requests during a deployment restart, it leads to severe data loss or aborted payment transactions. A Graceful Shutdown configuration is absolutely necessary to prevent this.

1. Enabling Graceful Shutdown

Starting from Spring Boot 2.3, you can easily enable the built-in Graceful Shutdown feature. When this is active and a termination signal (SIGTERM) is received, the application rejects new HTTP requests (HTTP 503) but waits for currently processing requests to finish within a specific timeout.

server:
  shutdown: graceful # The default is 'immediate'.

spring:
  lifecycle:
    timeout-per-shutdown-phase: 30s # Maximum wait time

2. Integrating with Kubernetes (k8s) and Load Balancers

Simply turning on the framework feature isn't enough. When Spring starts rejecting new requests, the L4 Load Balancer or Kubernetes Service must immediately recognize this and route incoming traffic to other healthy nodes.

Enable Spring Actuator probes to expose the application's lifecycle status continuously.

management:
  endpoint:
    health:
      probes:
        enabled: true
  health:
    livenessstate:
      enabled: true
    readinessstate:
      enabled: true

• livenessProbe: Determines if the server is dead (triggers a container restart upon failure).
• readinessProbe: Determines if the application is ready to accept incoming traffic (temporarily removes the node from the load balancer target group upon failure).

Once the shutdown process begins, the readiness status immediately changes to OUT_OF_SERVICE, resulting in the load balancer withdrawing traffic routing to this node instantly.

tip

When writing deployment scripts, ensure you send a "SIGTERM (kill -15)" signal instead of "SIGKILL (kill -9)". Graceful Shutdown will NOT execute on a SIGKILL. Both docker stop and standard Kubernetes pod termination events emit SIGTERM by default.