tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dominic Mitchell <...@semantico.com>
Subject Re: Another confused person trying to get jconsole to monitor tomcat.
Date Thu, 21 Aug 2008 10:07:46 GMT
On 21 Aug 2008, at 09:25, Mark Thomas wrote:

> Bill Davidson wrote:
>> I've been through the docs.  I've been through Google.  I can't seem
>> to figure this out.
>>
>> Server: Tomcat 6.0.18, JDK: 1.6.0_07, Redhat Server 5.2
>> Client: jconsole from JDK 1.6.0_07 on Windows XP
>>
>> I've got all of these in $CATALINA_OPTS and they do show up in
>> the java command line when I run ps:
>>
>> -Dcom.sun.management.jmxremote
>> -Dcom.sun.management.jmxremote.port=12345
>> -Dcom.sun.management.jmxremote.ssl=false
>> -Dcom.sun.management.jmxremote.authenticate=false
>>
>> The Redhat server is running iptables and disallows most things that
>> aren't 80/443.  Any other ports that are needed are generally opened
>> up only to specific IP's.
>>
>> I've opened up the JMX port specified above on the Linux firewall:
>>
>> iptables -A INPUT -s myClientsIp -p tcp -m tcp --dport 12345 -j  
>> ACCEPT
>>
>> I run jconsole:
>>
>> C:\PathToJava\bin>jconsole myServer.myDomain.com:12345
>>
>> It can't make the connection.  I've got a feeling it's something to  
>> do with
>> the firewall.  I've seen some stuff that suggests that there's  
>> another
>> unspecified port opened up but it didn't really make sense to me.
>>
>> Note that the server and the client are at different facilities  
>> connected
>> over the internet which is why I eventually want to get it going with
>> authentication and SSL but I can't even get this simple insecure
>> version of the connection to work.
>
> Add some logging to your firewall configuration to see what is being  
> dropped.

That should help, but it's likely to be a different port in use each  
time.  Because JMX uses RMI by default, and RMI uses two ports: a  
fixed port to initiate the connection and then a secondary (random)  
port for data transfer.  This is a real pain to get working.

-Dom

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message