javatomcatjmxvisualvmjstatd

Adding remote VMs in Java VisualVM


If I open jvisualvm and go to File >> Add Remote Host I am prompted to create a new remote server entry. I enter a host name of myapp01.example.org, and then I see that server show up under the Remote section of the Applications tree on the left-hand side. When I right-click that server, and click Add JMX Connection, I see the following dialog:

enter image description here

Let's say I have a Java app (WAR deployed to Tomcat) running on myapp01.example.org:8443. To SSH into the server, I use username skroob and a password of 12345 (hey, that's the combination on my luggage!):

ssh skroob@myapp01.example.org
skroob@myapp01.example.org's password: 12345

When I fill out the dialog as follows:

I get the following error:

Cannot connect to skroob@myapp01.example.org:8443 using service:jmxLrmi:///jndi/rmi://myapp01.example.org:8443/jmxrmi

I believe this may be because I'm not configuring JMX to be exposed on Tomcat itself. Or maybe I'm just entering the wrong info. Maybe both. Either way:


Solution

  • That's not how JMX connection is specified. For tomcat the best way is to create a bin/setenv.sh file This is best because the Apache scripts are already set up to look for it and call it if present.

    This is the place where you are intended to set any installation specific parameters.

    You will go far with something like this:

    #
    # PORT for debug
    export JPDA_ADDRESS='8000'
    
    echo start with 'jpda start' parameters to enable debugging.  Tomcat will listen on $JPDA_ADDRESS
    
    CATALINA_OPTS="\
    -Dcom.sun.management.jmxremote \
    -Dcom.sun.management.jmxremote.port=1299 \
    -Dcom.sun.management.jmxremote.authenticate=true \
    -Dcom.sun.management.jmxremote.password.file=../conf/jmxremote.password \
    -Dcom.sun.management.jmxremote.access.file=../conf/jmxremote.access \
    -Dcom.sun.management.jmxremote.ssl=false 
    

    jmxremote.access:

    monitorRole readonly
    controlRole readwrite
    

    jmxremote.password: This file MUST be READONLY by the ID that starts Tomcat or JMX WILL NOT WORK! i.e. chmod 400 jmxremote.password

    monitorRole  readpass
    controlRole  changepass
    

    Basically you are setting up 2 JMX user IDs. One that can access exposed getters. The other that can also access setters and arbitary mbean methods. In practice you'll usually want to supply the latter so you can do more than just look.

    SO.... In your dialog above it becomes