To connect JConsole to server process, in the Remote Process section, specify the URL service:jmx:rmi:///jndi/rmi://localhost:2047/fmq and credentials pertaining to the server. Default user name and password are admin and passwd respectively.
Remote JMX ConnectionsRight click anywhere in the blank area under the application tree and select Add JMX Connection. Provide the machine name and port number for a running JMX agent, that has been started with the appropriate system properties to allow remote management.
The most common way to enable remote JMX access to your JVM is to specify a TCP/IP port number and some basic security settings when you start the JVM. The security settings commonly include authentication and SSL (Secure Socket Layer). Derby attempts to use the JVM's built-in platform MBean server.
I had a similar, if not the same, problem. I could connect to the JMX server if I started jconsole locally on the machine.
It appears the RMI server was not listening on the correct ip. So, as was suggested in this related question, I added the following:
-Djava.rmi.server.hostname=<host ip>
to JAVA_OPTS
as well, and then it worked.
I've collected information spread over the net, found with hints from other members.
Most pain caused by JMX is (imo) the fact that JMX opens a second dynamically allocated network port. A firewall (like iptables) will block this.
Solution for tomcat on linux :
use tomcat 6.0.24 or newer download catalina-jmx-remote.jar from apache tomcat extras (use browse on tomcat download page) copy it in the $CTALINA_HOME\lib
This allows you to set both ports used by JMX
edit Server section in your server.xml
<Server port="8005" ..>
...
<Listener className="org.apache.catalina.mbeans.JmxRemoteLifecycleListener" rmiRegistryPortPlatform="9840" rmiServerPortPlatform="9841"/>
set some environment variables (e.g. in setenv.sh)
CATALINA_OPTS="
-Djava.rmi.server.hostname=IP-TO-LISTEN
-Dcom.sun.management.jmxremote.password.file=$CATALINA_BASE/conf/jmxremote.password
-Dcom.sun.management.jmxremote.access.file=$CATALINA_BASE/conf/jmxremote.access
-Dcom.sun.management.jmxremote.ssl=false"
this activates access control for JMX
jmxremote.access will look like
monitorRole readonly
controlRole readwrite
end jmxremote.password will be
monitorRole tomcat
controlRole tomcat
(just simple spaces)
restart tomcat.
Now configure firewall on the server (e.g. iptables)
/etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 9840 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 9841 -j ACCEPT
and /etc/sysconfig/ip6tables
-A RH-Firewall-1-INPUT -m tcp -p tcp --dport 9840 -j ACCEPT
-A RH-Firewall-1-INPUT -m tcp -p tcp --dport 9841 -j ACCEPT
restart iptables
Done!
Now use VisualVM or JConsole on your workstation to establish a connection to rmiRegistryPortPlatform, 9840 in our sample.
If there are no more firewalls between workstation and server it should work.
-Dcom.sun.management.jmxremote.port=1616
-Dcom.sun.management.jmxremote.rmi.port=1616
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.local.only=false
-Djava.rmi.server.hostname=localhost
for example add into bin/setenv.sh this:
export CATALINA_OPTS="$CATALINA_OPTS \
-Dcom.sun.management.jmxremote.port=1616 \
-Dcom.sun.management.jmxremote.rmi.port=1616 \
-Dcom.sun.management.jmxremote.local.only=true \
-Dcom.sun.management.jmxremote.authenticate=false \
-Dcom.sun.management.jmxremote.ssl=false "
Windows users:
putty.exe -ssh user@remote-host -L 1616:remote-host:1616
Linux and Mac Users:
ssh user@remote-host -L 1616:remote-host:1616
jconsole
on your computerjconsole localhost:1616
ssh
and -L
you specify that the port 1616 on the local (client) host is to be forwarded to the remote side.what string are you using as the JMX connection url. I don't mean to point out the obvious but JConsole has a terrible interface and to me requires an overly complex url before it will connect to a remote jmx app. Mine looks like this:
service:jmx:rmi:///jndi/rmi://(hostname):(jmxport)/jmxrmi
1/ Download the catalina-jmx-remote.jar
from apache website and place in $CATALINA_HOME/lib
.
2/ Take server.xml
/ setenv.sh
backup. Make the changes to server.xml
like below-
<Listener className="org.apache.catalina.mbeans.JmxRemoteLifecycleListener" rmiRegistryPortPlatform="10001" rmiServerPortPlatform="10002" />
3/ Make the changes to $CATALINA_BASE/bin/setenv.sh
like -
[...]
JVM_OPTS="[...]
-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.authenticate=true
-Djava.rmi.server.hostname=<eth:0_IP>| <`hostname -i`>
-Dcom.sun.management.jmxremote.password.file=/apps/data/apache-tomcat-8_8080/conf/jmxremote.password
-Dcom.sun.management.jmxremote.access.file=/apps/data/apache-tomcat-8_8080/conf/jmxremote.access
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.local.only=false
-Dcom.sun.management.jmxremote=true "
4/ Create these two files as -
$touch $CATALINA_BASE/conf/jmxremote.password
containing:
admin letmein
$touch $CATALINA_BASE/conf/jmxremote.access
containing:
admin readwrite
$ chmod 600 jmxremote.password
5/ Restart tomcat and test on jconsole tool :)
$echo|telnet 10.105.14.90 10001
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With