Postgres utilizing 100% CPU on EC2 Instance? Why? How to fix?

Question

I am facing same issue regularly which happens 1-3 times in a month and mostly on weekends.

To explain, CPU utilization is exceeding past 100% from last 32 hours.

• EC2 Instance is t3.medium
• Postgres version is 10.6
• OS : Amazon Linux 2

I have tried gather all the information I could get using command provided in reference https://severalnines.com/blog/why-postgresql-running-slow-tips-tricks-get-source

But didn't found any inconsistency or leak in my database, although while checking for process consuming all CPU resources I found following command is the culprit running for more than 32 hours.

/var/lib/postgresql/10/main/postgresql -u pg_linux_copy -B

This command is running from 3 separate processes at the moment and running from last 32 hours, 16 hours & 16 hours respectively.

Searching about about this didn't even returned a single result on google which is heartbreaking.

If I kill the process, everything turns back to normal.

What is the issue and what can I do to prevent this from happening again in future?

Answer 1

I was recently contacted by AWS EC2 Abuse team regarding my instance involved in some intrusion attack to some other server.

To my surprise, I found out that as I had used very week password root for default postgres account for my database and also had the postgres port public, the attacker silently gained access to instance and used my instance to try gaining access to another instance.

I am still not sure, how was he able to try ssh command by gaining access to master database account.

To summarise, One reason for unusual database spikes on server could be someone attacking your system.