如何远程访问 Spring-boot JMX [英] How to access Spring-boot JMX remotely
问题描述
我知道 spring 会自动暴露 JMX bean.我可以使用 VisualVM 在本地访问它.
I know that spring automatically expose JMX beans. I was able to access it locally using VisualVM.
但是在 prod 上,我如何使用它的 JMX bean 远程连接到应用程序?是否有默认端口或者我应该另外定义什么?
However on prod how I can connect to remotely to the app using it's JMX beans? Is there a default port or should I define anything in addition?
谢谢,雷.
推荐答案
默认情况下,JMX 可在本地自动访问,因此运行 jconsole 本地 将检测您所有的本地 Java 应用程序无端口暴露.
By default JMX is automatically accessible locally, so running jconsole locally would detect all your local java apps without port exposure.
要通过 JMX 远程访问应用程序,您必须指定一个 RMI 注册表端口.需要知道的是,在连接时,JMX 在该端口上初始化,然后在随机高端口上建立数据连接,即如果中间有防火墙,这是一个大问题.(嘿系统管理员,打开所有东西,好吗?").
To access an app via JMX remotely you have to specify an RMI Registry port. The thing to know is that when connecting, JMX initializes on that port and then establishes a data connection back on a random high port, which is a huge problem if you have a firewall in the middle. ("Hey sysadmins, just open up everything, mkay?").
要强制 JMX 连接回与您建立的相同的端口,您有以下几个选项.注意:您可以为 JMX 和 RMI 使用不同的端口,也可以使用相同的端口.
To force JMX to connect back on the same port as you've established, you have a couple of the following options. Note: you can use different ports for JMX and RMI or you can use the same port.
选项 1:命令行
-Dcom.sun.management.jmxremote.port=$JMX_REGISTRY_PORT
-Dcom.sun.management.jmxremote.rmi.port=$RMI_SERVER_PORT
如果您使用的是 Spring Boot,则可以将其放入与 (appname).jar 部署一起存在的 (appname).conf 文件中.
If you're using Spring Boot you can put this in your (appname).conf file that lives alongside your (appname).jar deployment.
选项 2:Tomcat/Tomee 配置
配置一个 JmxRemoteLifecycleListener:
Maven 罐子:
<dependency>
<groupId>org.apache.tomcat</groupId>
<artifactId>tomcat-catalina-jmx-remote</artifactId>
<version>8.5.9</version>
<type>jar</type>
</dependency>
配置你的 server.xml:
Configure your server.xml:
<Listener className="org.apache.catalina.mbeans.JmxRemoteLifecycleListener"
rmiRegistryPortPlatform="10001" rmiServerPortPlatform="10002" />
选项 3:以编程方式配置
@Configuration
public class ConfigureRMI {
@Value("${jmx.rmi.host:localhost}")
private String rmiHost;
@Value("${jmx.rmi.port:1099}")
private Integer rmiPort;
@Bean
public RmiRegistryFactoryBean rmiRegistry() {
final RmiRegistryFactoryBean rmiRegistryFactoryBean = new RmiRegistryFactoryBean();
rmiRegistryFactoryBean.setPort(rmiPort);
rmiRegistryFactoryBean.setAlwaysCreate(true);
return rmiRegistryFactoryBean;
}
@Bean
@DependsOn("rmiRegistry")
public ConnectorServerFactoryBean connectorServerFactoryBean() throws Exception {
final ConnectorServerFactoryBean connectorServerFactoryBean = new ConnectorServerFactoryBean();
connectorServerFactoryBean.setObjectName("connector:name=rmi");
connectorServerFactoryBean.setServiceUrl(String.format("service:jmx:rmi://%s:%s/jndi/rmi://%s:%s/jmxrmi", rmiHost, rmiPort, rmiHost, rmiPort));
return connectorServerFactoryBean;
}
}
你会看到,诀窍是在 serviceUrl 中指定 jmx:rmi 主机/端口和 jndi:rmi 主机/端口.如果您同时指定两者,您将不会遇到随机的高问题".
The trick, you'll see, is the serviceUrl in which you specify both the jmx:rmi host/port and the jndi:rmi host/port. If you specify both, you won't get the random high "problem".
要使 JMX 远程处理工作,您需要做出有关身份验证的决定.最好分 3 个不同的步骤进行:1) 使用 -Dcom.sun.management.jmxremote.authenticate=false 进行基本设置,然后 2) 添加密码文件 (-Dcom.sun.management.jmxremote.password.file).参见此处的说明. + -Dcom.sun.management.jmxremote.ssl=false 然后 3) 设置 SSL.
For JMX remoting to work, you'll need to make a decision about authenticating. It's better to do it in 3 distinct steps: 1) basic setup with -Dcom.sun.management.jmxremote.authenticate=false then 2) add a password file (-Dcom.sun.management.jmxremote.password.file). See here for instructions. + -Dcom.sun.management.jmxremote.ssl=false and then 3) set up SSL.
这篇关于如何远程访问 Spring-boot JMX的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
