在生产服务器上启用jmx（lambda探针）是个好主意吗？ [英] Is a good idea to enable jmx (lambda probe) on a production server?

问题描述

我们在Sun VM 1.5.0_06-b05上运行的Tomcat 5.5.17上部署的Web应用程序出现了一些减速，我们的托管公司没有提供足够的数据来查找问题。

We are experiencing some slowdowns on our web-app deployed on a Tomcat 5.5.17 running on a Sun VM 1.5.0_06-b05 and our hosting company doesn't gives enough data to find the problem.

我们正在考虑在生产服务器上安装 lambda probe ，但需要启用JMX（com.sun.management.jmxremote）以获取内存和CPU统计信息。

We are considering installing lambda probe on the production server but it requires to enable JMX (com.sun.management.jmxremote) in order to obtain memory and CPU statistics.

启用JMX会导致严重的性能损失吗？

Does enabling JMX incur a serious performance penalty?

如果我们启用JMX，我们是否会打开任何安全漏洞？如果我们只启用对JMX的本地访问，是否需要设置安全身份验证？

If we enable JMX, are we opening any security flaw? Do I need to setup secure authentication if we are only enabling local access to JMX?

是否有人使用相同的（tomcat + lambda探针）而没有生产问题？

Is anyone using the same (tomcat + lambda probe) without problems on production?

看看答案似乎单独启用JMX不会给VM带来很大的开销。如果连接到VM的监控应用程序（ JConsole ， lambda探测器或其他任何一个，都是过度奉献的轮询，则可能会有额外的工作。

Looking at the answers it seems that enabling JMX alone doesn't incur significant overhead to the VM. The extra work may come if the monitoring application attached to the VM, be it JConsole, lambda probe or any other, is polling with excessive dedication.

推荐答案

您可以使用安全身份验证来消除安全漏洞。只是保持JMX服务准备就绪不会产生任何重大开销，通常是一个好主意。这里有一个基准这里。

You can cross out security flaws by using secure authentication. Just keeping the JMX service ready does not incur any significant overhead and is generally a good idea. There's a benchmark here about this.

这篇关于在生产服务器上启用jmx（lambda探针）是个好主意吗？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！