How to establish JMX connection to JVM running in docker

For remote monitoring of JVM processes (running in a docker container) you will have to activate remote JMX monitoring with the following JVM parameters:


        -Dcom.sun.management.jmxremote 
        -Dcom.sun.management.jmxremote.port=[RMI_PORT] 
        -Dcom.sun.management.jmxremote.rmi.port=[RMI_PORT]
        -Djava.rmi.server.hostname=[EXTERNAL_IP_OF_THE_CONTAINER]    

Both RMI_PORTs could have the same value (e.g. 9090). The EXTERNAL_IP_OF_THE_CONTAINER has to be the IP address with which the JVM process is accessible. Localhost or 127.0.0.1 won't work.

The following two parameters completely disable transport encryption and access control. They increase convenience and disable security at the same time:


        -Dcom.sun.management.jmxremote.ssl=false 
        -Dcom.sun.management.jmxremote.authenticate=false 

Given the RMI_PORT=9090, you can launch the process with docker run -p 8080:8080 -p 9090:9090 --name jmx airhacks/tomee-jmx and connect with jvisualvm, jconsole, jmc with EXTERNAL_IP_OF_THE_CONTAINER:9090.

Checkout out the instrumented TomEE dockerfile: tomee-jmx from docklands

See you at Java EE Microservices. and Tuning and troubleshooting Java EE 7 Microservices Is Munich's airport too far? Learn from home: javaeemicro.services.


NEW online workshop: WebStandards Igniter (online)

Airport MUC workshops: Java EE 8, Java 9: Bootstrap, Effective, Architectures, Single Page Apps, Progressive Web Apps, HTML 5, ES 6, CSS 3 and Microservices

Podcast: airhacks.fm and newsletter: airhacks.news

A book about rethinking Java EE Patterns

Comments:

The requirement to know your external IP / hostname inside the container is a fundamental flaw of JMX i.m.h.o.

One of the few viable options I see here for containerized environments is to (contradictory to the article) always specify "localhost" as your external hostname - that at least allows you to reliably connect to your container via port forwarding (e.g. OpenShift's "oc port-forward" command).

Posted by Alex Stockinger on August 31, 2017 at 10:43 PM CEST #

Good overview on the topic.

Posted by GIRISH CHANDER on September 12, 2017 at 08:32 PM CEST #

Post a Comment:
  • HTML Syntax: NOT allowed
realworldpatterns.com
Online Workshops
...the last 150 posts
...the last 10 comments
License