如何从Dock外部访问JMX界面? [英] How to access JMX interface in docker from outside?
问题描述
-
机器1:在ubuntu上的docker中运行JVM(在我的例子中运行kafka)机;该机IP为10.0.1.201;在docker运行的应用程序是172.17.0.85。
-
机器2:运行JMX监控
请注意,当我从机器2运行JMX监视时,它会失败并出现以下错误(注意:当我运行jconsole,jvisualvm,jmxtrans和node-jmx / npm:jmx时,会发生相同的错误):
对于每个JMX监控工具,堆栈跟踪失败,看起来像以下内容:
java.rmi.ConnectException:Connection拒绝主机:172.17.0.85;嵌套异常是
java.net.ConnectException:在sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:619)
(后跟大堆栈跟踪) )
现在有趣的部分是当我运行相同的工具(jconsole,jvisualvm,jmxtrans和node -jmx / npm:jmx)在运行docker(上面的机器1)的同一台机器上,JMX监视工作正常。
我认为这表明我的JMX端口处于活动状态并且正常工作,但是当我远程执行JMX监视(从机器2)时,它看起来像JMX工具不识别内部码头服务商IP(172.17.0.85)
以下是JMX监控工作的机器1上的相关(我认为)网络配置元素(请注意docker ip,172.17 .42.1):
docker0链接封装:以太网HWaddr ...
inet addr:172.17.42.1 Bcast:0.0 .0.0掩码:255.255.0.0
inet6 addr:...范围:链接
UP BROADCAST RUNNING MULTICAST MTU:1500公制:1
RX数据包:6787941错误:0丢弃:0超支: 0帧:0
TX数据包:4875190错误:0丢弃:0超支:0载体:0
碰撞:0 txqueuelen:0
RX字节:1907319636(1.9 GB)TX字节:639691630 (639.6 MB)
wlan0链接封装:以太网HWaddr ...
inet addr:10.0.1.201 Bcast:10.0.1.255掩码:255.255.255.0
inet6 addr:...范围:链接
UP BROADCAST RUNNING MULTICAST MTU:1500公制:1
RX数据包:4054252错误:0丢弃:66超限:0帧:0
TX数据包:2447230错误:0丢弃:0超支:0运营商:0
冲突:0 txqueuelen:1000
RX字节:2421399498(2.4 GB)TX字节:1672522315(1.6 GB)
这是我从中收到JMX错误的远程机器(机器2)上的相关网络配置元素:
lo0:flags = 8049< UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options = 3< RXCSUM,TXCSUM>
inet6 :: 1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
inet6 fe80 :: 1%lo0 prefixlen 64 scopeid 0x1
nd6 options = 1< PERFORMNUD>
en1:flags = 8863< UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether ....
inet6 ....%en1 prefixlen 64 scopeid 0x5
inet 10.0.1.203 netmask 0xffffff00 broadcast 10.0.1.255
nd6 options = 1&PERFORMNUD> ;
媒体:autoselect
状态:活动
为了完整,以下解决方案工作。应该使用特定的参数来运行JVM,以便远程Docker JMX监控如下:
-Dcom.sun.management。 jmxremote
-Dcom.sun.management.jmxremote.authenticate = false
-Dcom.sun.management.jmxremote.ssl = false
-Dcom.sun.management.jmxremote.rmi.port = < PORT>
-Djava.rmi.server.hostname =< IP>
其中:
< IP>是您执行docker run的主机的IP地址
< PORT>是必须从Docker发布的端口,JVM的JMX端口被配置(docker run -publish 7203:7203,例如PORT为7203)
一旦这样做,您应该能够从本地或远程机器执行JMX监视(jmxtrans,node-jmx,jconsole等)。
感谢 @ Chris-Heald ,使其成为一个非常快速和简单的修复!
I am trying to remotely monitor a JVM running in docker. The configuration looks like this:
machine 1: runs a JVM (in my case, running kafka) in docker on an ubuntu machine; the IP of this machine is 10.0.1.201; the application running in docker is at 172.17.0.85.
machine 2: runs JMX monitoring
Note that when I run JMX monitoring from machine 2, it fails with a version of the following error (note: the same error occurs when I run jconsole, jvisualvm, jmxtrans, and node-jmx/npm:jmx):
The stack trace upon failing looks something like the following for each of the JMX monitoring tools:
java.rmi.ConnectException: Connection refused to host: 172.17.0.85; nested exception is
java.net.ConnectException: Operation timed out
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:619)
(followed by a large stack trace)
Now the interesting part is when I run the same tools (jconsole, jvisualvm, jmxtrans, and node-jmx/npm:jmx) on the same machine that is running docker (machine 1 from above) the JMX monitoring works properly.
I think this suggests that my JMX port is active and working properly, but that when I execute JMX monitoring remotely (from machine 2) it looks like the JMX tool does not recognize the internal docker IP (172.17.0.85)
Below are the relevant (I think) network configuration elements on machine 1 where JMX monitoring works (note the docker ip, 172.17.42.1):
docker0 Link encap:Ethernet HWaddr ...
inet addr:172.17.42.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr:... Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6787941 errors:0 dropped:0 overruns:0 frame:0
TX packets:4875190 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1907319636 (1.9 GB) TX bytes:639691630 (639.6 MB)
wlan0 Link encap:Ethernet HWaddr ...
inet addr:10.0.1.201 Bcast:10.0.1.255 Mask:255.255.255.0
inet6 addr:... Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4054252 errors:0 dropped:66 overruns:0 frame:0
TX packets:2447230 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2421399498 (2.4 GB) TX bytes:1672522315 (1.6 GB)
And this is the relevant network configuration elements on the remote machine (machine 2) from which I am getting the JMX errors:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
nd6 options=1<PERFORMNUD>
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether ....
inet6 ....%en1 prefixlen 64 scopeid 0x5
inet 10.0.1.203 netmask 0xffffff00 broadcast 10.0.1.255
nd6 options=1<PERFORMNUD>
media: autoselect
status: active
For completeness, the following solution worked. The JVM should be run with specific parameters established to enable remote docker JMX monitoring were as followed:
-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.rmi.port=<PORT>
-Djava.rmi.server.hostname=<IP>
where:
<IP> is the IP address of the host that where you executed 'docker run'
<PORT> is the port that must be published from docker where the JVM's JMX port is configured (docker run --publish 7203:7203, for example where PORT is 7203)
Once this is done you should be able to execute JMX monitoring (jmxtrans, node-jmx, jconsole, etc) from either a local or remote machine.
Thanks to @Chris-Heald for making this a really quick and simple fix!
这篇关于如何从Dock外部访问JMX界面?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
