Connection Leak Detection

Tools and patterns.

Overview

Connection leak detection catches applications that fail to return database or HTTP connections to the pool. Each leak ties up a connection that the pool will never reclaim; eventually the pool exhausts and every request blocks waiting for a connection that no longer exists. The discipline is in framework-level leak detection (HikariCP’s leakDetectionThreshold, Pgx pool diagnostics), pool monitoring with depth alerts, and per-codepath tracing to find which call site is failing to release.

• Tools and patterns. Pool monitoring, connection age tracking, framework-level leak detectors; the layers stack to catch leaks at different stages.
• Pool exhaustion alerting. Per-pool utilization alarms; surfaces saturation before requests start blocking.
• Long-held connection detection. Per-connection age threshold; connections held longer than the threshold are leak candidates.
• Per-codepath instrumentation plus framework leak detector. Per-codepath trace identifies the leaking call site; HikariCP, Pgx, and equivalent pools support framework-level leak detection that produces stack-trace evidence.

The approach

The practical approach is to monitor pool utilization and queue depth as first-class metrics, set per-connection age thresholds that trigger leak alerts, enable framework-level leak detection (HikariCP leakDetectionThreshold and equivalent), trace per-codepath connection acquisition so the leaking call site is identifiable, and document the per-service leak threshold so the rules are predictable.

• Pool monitoring. Per-pool utilization plus queue depth; surfaces saturation before requests start blocking.
• Connection age threshold. Age above N seconds triggers alert; the threshold is shorter than the longest legitimate transaction.
• Framework leak detector. HikariCP leakDetectionThreshold or equivalent; produces stack-trace evidence pointing to the leaking call site.
• Per-codepath trace plus documented policy. Per-codepath connection acquisition traced; per-service leak threshold committed for operational review.

Why this compounds

Connection leak discipline compounds across services. Each leak caught early prevents an incident the team would otherwise debug at 3am; each framework-level detector teaches the team where their connection-acquisition patterns are fragile; the operational maturity to catch leaks before they exhaust the pool grows quarter over quarter.

• Reduced incidents. Leaks caught before pool exhaustion; the page never fires because the leak surfaces in dev or staging.
• Application quality. Leaks reveal code paths needing review; the fix usually exposes a missing try-with-resources or a forgotten close.
• Operational maturity. Pool monitoring scales to all services; new services inherit the monitoring as a default.
• Institutional knowledge. Each leak teaches application patterns; the team learns which library patterns are leak-prone.

Connection leak detection is an operational discipline that pays off across years. Nova AI Ops integrates with pool telemetry, surfaces leak patterns, and supports the team’s application discipline.