Adam Bien's Weblog

How to establish JMX connection to JVM running in docker

For remote monitoring of JVM processes (running in a docker container) you will have to activate remote JMX monitoring with the following JVM parameters:

Both RMI_PORTs could have the same value (e.g. 9090). The EXTERNAL_IP_OF_THE_CONTAINER has to be the IP address with which the JVM process is accessible. Localhost or won't work.

The following two parameters completely disable transport encryption and access control. They increase convenience and disable security at the same time:

Given the RMI_PORT=9090, you can launch the process with docker run -p 8080:8080 -p 9090:9090 --name jmx airhacks/tomee-jmx and connect with jvisualvm, jconsole, jmc with EXTERNAL_IP_OF_THE_CONTAINER:9090.

Checkout out the instrumented TomEE dockerfile: tomee-jmx from docklands

See you at Java EE Microservices. and Tuning and troubleshooting Java EE 7 Microservices Is Munich's airport too far? Learn from home:

NEW online workshop: WebStandards Igniter (online)

Airport MUC workshops: Java EE 7: Bootstrap, Effective, Architectures, Web, React and Angular, Testing and Microservices


A book about rethinking Java EE Patterns


The requirement to know your external IP / hostname inside the container is a fundamental flaw of JMX i.m.h.o.

One of the few viable options I see here for containerized environments is to (contradictory to the article) always specify "localhost" as your external hostname - that at least allows you to reliably connect to your container via port forwarding (e.g. OpenShift's "oc port-forward" command).

Posted by Alex Stockinger on August 31, 2017 at 10:43 PM CEST #

Good overview on the topic.

Posted by GIRISH CHANDER on September 12, 2017 at 08:32 PM CEST #

Post a Comment:
  • HTML Syntax: NOT allowed
Online Workshops
...the last 150 posts
...the last 10 comments