thanhvc
commented
13 years ago - Need to design the JMX mechanism to monitor the component which was contained in the Container.
- Access to the MServerBean to change the config at runtime.
Open thanhvc opened 13 years ago
thanhvc
commented
13 years ago thanhvc
commented
13 years ago Refer to the http://wiki.exoplatform.org/xwiki/bin/view/Kernel/JMX%20MBean%20Server?viewer=recyclebin&id=681 https://wiki.internet2.edu/confluence/display/CPD/Monitoring+Tomcat+with+JMX#MonitoringTomcatwithJMX-jconsole
Run 2 lenh: $ CATALINA_OPTS="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=8999 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Djava.rmi.server.hostname=localhost"; $ export CATALINA_OPTS;
Step 2: Chay JConsole Remote: type: localhost:8999
thanhvc
commented
13 years ago Enabling JMX on Tomcat Enabling JMX without Authentication JMX is enabled by setting some Java properties in the command used to start an application. You will need to set the CATALINA_OPTS environment variable so the correct properties get set for to Tomcat when it starts. Furthermore, the properties you set will determine if application can access the JMX interface remotely and if they need to authenticate. This section describes how to setup JMX so that applications can access the interface remotely without authenticating. Authentication should be used in production environments, this configuration should only be used for testing. The following commands show how to set the CATALINA_OPTS environment variable so that clients can connect to TCP port 8999 of the host test-idc.internet2.edu without any authentication:
$ CATALINA_OPTS="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=8999 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Djava.rmi.server.hostname=test-idc.internet2.edu"; $ export CATALINA_OPTS;
The values in bold should be set to values appropriate for your system. The property com.sun.management.jmxremote indicates that JMX should be activated. The property com.sun.management.jmxremote.port indicates that remote access is allowed and it should occur on the given port (in the example 8999). The next two properties, com.sun.management.jmxremote.ssl=false and com.sun.management.jmxremote.authenticate=false disable SSL and authentication respectively. The final property java.rmi.server.hostname indicates the name of the host on which tomcat is running (NOTE: The JMX documentation did not say this was required but I found that attempting remote access returned 'Connection failed' when this property was not set). After setting CATALINA_OPTS you need to restart Tomcat: $ CATALINA_HOME/bin/shutdown.sh $ CATALINA_HOME/bin/startup.sh
After the restart JMX is running and you may test it by following the instructions in the section titled Using JConsole to Monitor Tomcat. Enabling JMX with Password Authentication You should enable some type of authentication if you are going to run JMX on Tomcat in a non-testing environment. Simple password authentication is probably the easiest to setup. You may want to setup client SSL authentication instead but instructions for that are left to the Sun documentation. The first thing you need to do is create a password file with the user accounts that can access the monitoring information. I created a file called $CATALINA_HOME/conf/jmxremote.password but it can be located anywhere on the filesystem. The file takes the form of a username and a password separated by a space on each line. An example is below: oscars oscars admin password
The file above create two users, oscars and admin. The "oscars" account has a password "oscars" and the admin account has the password "password". The next step is to assign permissions to each account. This is done in another text file that I named $CATALINA_HOME/conf/jmxremote.access. An example of that file is below: oscars readonly admin readwrite
See the Sun documentation for more information on what the readonly and readwrite permissions means. After creating these two file you need to set the file permissions such that only the owner can read them. An example of the commands to do this are as follows: $ chmod 600 $CATALINA_HOME/conf/jmxremote.password $ chmod 600 $CATALINA_HOME/conf/jmxremote.access
The final step is to add properties to CATALINA_OPTS that initialize JMX and point to the given files. An example of the commands needed to do this are as follows: $ CATALINA_OPTS="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=8999 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=true -Djava.rmi.server.hostname=test-idc.internet2.edu -Dcom.sun.management.jmxremote.password.file=$CATALINA_HOME/conf/jmxremote.password -Dcom.sun.management.jmxremote.access.file=$CATALINA_HOME/conf/jmxremote.access"; $ export CATALINA_OPTS;
The values in bold should be set to values appropriate for your system. The property com.sun.management.jmxremote indicates that JMX should be activated. The property com.sun.management.jmxremote.port indicates that remote access is allowed and it should occur on the given port (in the example 8999). The next two properties, com.sun.management.jmxremote.ssl=false and com.sun.management.jmxremote.authenticate=false disable SSL and enable authentication respectively. The next property java.rmi.server.hostname indicates the name of the host on which tomcat is running (NOTE: The JMX documentation did not say this was required but I found that attempting remote access returned 'Connection failed' when this property was not set). The last two parameters, com.sun.management.jmxremote.password.file and com.sun.management.jmxremote.password.access, point to your password and access files, respectively. After setting CATALINA_OPTS restart Tomcat and you are ready to test JMX. See the section Using JConsole to Monitor Tomcat for information on how to test.