From Passion to Profession
  • Home
  • Notes
  • Projects
  • Resources
    • Discovery Log
    • Books I Read
    • Blogs I Visit
    • Tools I Use
  • Home
  • Notes
  • Projects
  • Resources
    • Discovery Log
    • Books I Read
    • Blogs I Visit
    • Tools I Use

Enable JMX Agent for JVM

9/6/2013

0 Comments

 
With JMX agent enabled for a JVM, you can use a JMX Client (JConsole or VisualVM) to tap into your JVM to monitor its performance and memory usage at runtime. Your java runtime is not enabled with JMX by default unless you explicitly specify to turn it on.
On the JVM side (target server), in general, you can enable the JMX (Java Management Extensions) agent by starting JVM with the following Java System Properties (via java -D):

  java.rmi.server.hostname=ineedabargain.com // without this, on linux, jconsole will fail to connect
  com.sun.management.jmxremote.authenticate=false // default is true if not set  
  com.sun.management.jmxremote.password.file=<password file location>   //2
  com.sun.management.jmxremote.ssl=false
  com.sun.management.jmxremote.port=<portNum>


[1] false, if no authentication is needed. true (default), if require JMX Client to access JMX Agent with username and password.
[2] Password file defines the password of each role/user. Only applicable if authenticate is set to true. What the actual role/user can do is defined in another file called access file. Default location/value is JRE_HOME/lib/management/jmxremote.password. 

JMX Client Accesses JMX Agent without Authentication


When starting up your Java app, for example, the following system properties enable JMX agent without requiring username password when accessed from a JMX client:
java ⋯⋯ -Djava.rmi.server.hostname=ineedabargain.com -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.port=1234 ⋯⋯

JMX Client Accesses JMX Agent with Authentication

If you'd like to require JMX client to access JMX Agent with username and password. To achieve this, leave com.sun.management.jmxremote.authenticate=true, com.sun.management.jmxremote.password.file=<pwd file location>, then set up a file-based password authentication file on the Agent side according to this doc: make a password file copy from the template file, then make the file (jmxremote.password) only readable and writable by the user that runs java so others won't be able to see the password.
su <user that runs java app>
cp /usr/java/default/jre/lib/management/jmxremote.password.template /home/tomcat/jmxremote.passwordcd ~
chmod 600 jmxremote.password   
emacs jmxremote.password       

Put the password you'd like to use in place of <password> in the jmxremote.password file. The predefined role/user are named monitorRole and controlRole. Access JMX Agent as controlRole also allows you analyze threads and profile CPU & memory, whereas monitorRole can not. Their access rights are defined in a predefined Access file somewhere. I simply leave the name of the role/user unchanged, and just change the password.
# specify actual password instead of the text password 
monitorRole <password>
controlRole <password>

When starting up your Java app, for example, the following system properties enable JMX agent requiring username password when accessed from a JMX client:
java ⋯⋯ -Djava.rmi.server.hostname=ineedabargain.com -Dcom.sun.management.jmxremote.authenticate=true -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.port=1234 -Dcom.sun.management.jmxremote.password.file=/home/tomcat/jmxremote.password ⋯⋯
After you save the jmxremote.password, next time you access JMX agent using JMX client (e.g. VirtualVM) the username (monitorRole or controlRole) and password will be required.

Next Up

  • Monitor Java Application with VisualVM

References

  • Application Monitoring with JConsole, VisualVM and AppDynamics Lite
  • Monitoring and Management Using JMX Technology
  • VisualVM: Monitoring Remote JVM Over SSH (JMX Or Not)
0 Comments



Leave a Reply.

    Categories

    All
    Algorithm
    Concurrency
    CQ
    Data Structure
    Design Pattern
    Developer Tool
    Dynamic Programming
    Entrepreneur
    Functional Programming
    IDE
    Java
    JMX
    Marketing
    Marklogic
    Memory
    OSGI
    Performance
    Product
    Product Management
    Security
    Services
    Sling
    Social Media Programming
    Software Development

    Feed Widget

    Archives

    May 2020
    March 2020
    April 2018
    March 2018
    February 2018
    December 2017
    March 2017
    November 2016
    June 2016
    May 2016
    April 2016
    October 2015
    September 2015
    August 2015
    September 2014
    July 2014
    June 2014
    May 2014
    March 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013

    RSS Feed

in loving memory of my mother  and my 4th aunt
Photos from net_efekt, schani, visnup, Dan Zen, gadl, bobbigmac, Susana López-Urrutia, jwalsh, Philippe Put, michael pollak, oskay, Creative Tools, Violentz, Kyknoord, mobilyazilar