Command line
The command line for invoking kdb+ has the form:
q [file] [-option [parameters] … ]
Options: -b blocked -q quiet mode -c console size -r replicate -C HTTP size -s slaves -e error traps -t timer ticks -E TLS Server Mode -T timeout -g garbage collection -u disable syscmds -l log updates -u usr-pwd local -L log sync -U usr-pwd -m memory domain -w workspace -o UTC offset -W start week -p listening port -z date format -P display precision
.z.x (argv),
.z.X (raw command line)
file
This is either the script to load (*.q, *.k, *.s), or a file or a directory.
$ q sp.q
KDB+ 3.5t 2017.02.28 Copyright (C) 1993-2017 Kx Systems
m32/ 4()core 8192MB sjt mint.local 192.168.0.39 NONEXPIRE
+`p`city!(`p$`p1`p2`p3`p4`p5`p6`p1`p2;`london`london`london`london`london`lon..
(`s#+(,`color)!,`s#`blue`green`red)!+(,`qty)!,900 1000 1200
+`s`p`qty!(`s$`s1`s1`s1`s2`s3`s4;`p$`p1`p4`p6`p2`p2`p4;300 200 100 400 200 300)
q)
-b (blocked)
Syntax: -b
Block client write-access to a kdb+ database.
~/q$ q -b
q)aa:([]bb:til 4)
q)\p 5001
q)
and in another task
q)h:hopen 5001
q)h"count aa"
4
q)h"aa:10#aa"
'noupdate
q)
Use \_ to check if client write-access is blocked:
~/q$ q -b
..
q)\_
1
-c (console size)
Syntax: -c r c
Set console maximum rows and columns, default 25 80.
\c system command for detail
-C (HTTP size)
Syntax: -C r c
Set HTTP display maximum rows and columns.
\C system command for detail
-e (error traps)
Syntax: -e [0|1|2]
Sets error-trapping mode. The default is 0 (off).
\e system command for detail
-E (TLS Server Mode)
Syntax: -E x (since V3.4)
| x | mode |
|---|---|
| 0 | plain |
| 1 | plain & TLS |
| 2 | TLS only |
Knowledge Base: SSL/TLS
-g (garbage collection)
Syntax: -g [0|1]
Sets garbage-collection mode:
- 0 for deferred (default)
- 1 for immediate
\g system command for detail
-l (log updates)
Syntax: -l
Log updates to filesystem.
-L (log sync)
Syntax: -L
As -l, but sync logging.
-m (memory-domain)
Syntax: -m path
Memory can be backed by a filesystem, allowing use of DAX-enabled filesystems (e.g. AppDirect) as a non-persistent memory extension for kdb+.
This command-line option directs kdb+ to use the filesystem path specified as a separate memory domain. This splits every thread’s heap into two:
| domain | description |
|---|---|
| 0 | regular anonymous memory, active and used for all allocs by default |
| 1 | filesystem-backed memory |
The .m namespace is reserved for objects in memory domain 1, however names from other namespaces can reference them too, e.g. a:.m.a:1 2 3
-o (UTC offset)
Syntax: -o N
Sets local time offset as N hours from UTC, or minutes if abs[N]>23
(Affects .z.Z)
\o system command for detail
-p (listening port)
Syntax: -p [rp,][hostname:][portnumber|servicename]
Kdb+ will listen to portnumber or the port number of servicename on all interfaces, or on hostname only if specified.
The port must be available and the process must have permission for the port.
The default is 0 (no listening port).
Optional parameter rp allows multiple sockets (kdb+ processes) to listen on the same IP address and port combination. The kernel then load-balances incoming connections across the processes. (Since V3.5.)
\p system command for detail
-P (display precision)
Syntax: -P N
Display precision for floating-point numbers, i.e. the number of digits shown.
\P system command for detail
-q (quiet mode)
Syntax: -q
Quiet, i.e. no startup banner text or session prompts. Typically used where no console is required.
~/q$ q
KDB+ 3.5t 2017.02.28 Copyright (C) 1993-2017 Kx Systems
…
q)2+2
4
q)
and with -q
~/q$ q -q
2+2
4
.z.q (quiet mode)
-r (replicate)
Syntax: -r :host:port[:user[:password]]
Replicate from :host:port.
-s (slaves)
Syntax: -s N
Number of slave threads or processes available for parallel processing.
\s system command for detail
-t (timer ticks)
Syntax: -t N
Period in milliseconds between timer ticks. Default is 0, for no timer.
\t system command for detail
-T (timeout)
Syntax: -T N
Timeout in seconds for client queries, i.e. maximum time a client call will execute. Default is 0, for no timeout.
\T system command for detail
-u (disable syscmds)
Syntax: -u 1
Disables system commands from a remote (signals 'access). As such, this includes disabling exit via "\\" from a remote.
Weak protection
This option offers only a simple protection against “wrong” queries.
For example, setting a system command in .z.ts and starting the timer still works. The right system command could for example expose a terminal, so the user running the database could be fully impersonated and compromised from then on.
-u (usr-pwd local)
Syntax: -u file
Sets a password file; no access above start directory
The password file is a text file with one credential on each line. (No trailing blank line/s.)
user1:password1
user2:password2
The password can be
- plain text
- an MD5 hash of the password
- an SHA-1 hash of the password (since V3.7t 2019.10.22)
q)raze string md5 "this is my password"
"210d53992dff432ec1b1a9698af9da16"
q)raze string -33!"mypassword" / -33! calculates sha1
"91dfd9ddb4198affc5c194cd8ce6d338fde470e2"
Internal function -33!
-U (usr-pwd)
Syntax: -U file
As -u, but without access restrictions.
-w (workspace)
Syntax: -w N
Workspace limit in MB for the heap per thread. Default is 0: no limit.
\w system command for detail
Reference: .Q.w
Domain-local Since V3.7t 2019.10.22 this command is no longer thread-local, but memory domain-local: it sets the limit for domain 0.
Other ways to limit resources
On Linux systems, administrators might prefer cgroups as a way of limiting resources.
On Unix systems, memory usage can be constrained using ulimit, e.g.
$ ulimit -v 262144 -W (start week)
Syntax: -W N
Set the start-of-week offset, where 0 is Saturday. The default is 2, i.e Monday.
\W system command for detail
-z (date format)
Syntax: -z [0|1]
Set the format for "D"$ date parsing: 0 for mm/dd/yyyy and 1 for dd/mm/yyyy.
xkcd.com