I'm trying to create the correct remote JMX config for a Java process on:
OpenJDK 8
CentOS 7
The box seems to be provisioned correctly and the process being run ends up with the following vm options (confirmed using a ps -ef command):
-Dcom.sun.management.jmxremote=true
-Dcom.sun.management.jmxremote.ssl=true
-Dcom.sun.management.jmxremote.ssl.enabled.protocols=TLSv1.2
-Dcom.sun.management.jmxremote.registry.ssl=true
-Dcom.sun.management.jmxremote.authenticate=true
-Dcom.sun.management.jmxremote.local.only=false
-Dcom.sun.management.jmxremote.ssl.config.file=/path/to/jmxremote.properties
-Dcom.sun.management.jmxremote.access.file=/path/to/jmxremote.access
-Dcom.sun.management.jmxremote.password.file=/path/to/jmxremote.password
-Dcom.sun.management.jmxremote.port=<<my_port>>
-Dcom.sun.management.jmxremote.rmi.port=<<my_port>>
The problem I'm facing is that after I start the process, no error is thrown, but the port is not open, whereas all the other ports opened by the application are.
Does anyone know why this config would be utterly ignored by the application?
Related
I want to attach the Debugger to my deployed WARs in my dockerized WebLogic 12c.
I use this official image of WebLogic (which is a Linux container)
https://hub.docker.com/_/oracle-weblogic-server-12c
and I start the container using docker command:
docker run -d -p 4002:4002 -p 9002:9002
-v c:/my-path-to-shared-volume:/u01/oracle/properties
-e ADMINISTRATION_PORT_ENABLED=true -e DOMAIN_NAME=docker_domain
-e JAVA_TOOL_OPTIONS=\"-agentlib:jdwp=transport=dt_socket,address=4002,server=y,suspend=n\"
--name weblogic store/oracle/weblogic:12.2.1.3-dev-200109
The weblogic console comes alive at https://localhost:9002/console/ but when trying to run the debugger, my IDE says:
Unable to open debugger port (localhost:4002): java.io.IOException
"handshake failed - connection prematurally closed"
My OS is Windows10. I tried with Visual Studio Code and IntelliJ, and got the same output. The WARs run just fine and they respond when I use portman to hit some service endpoints.
What seems to happen is that weblogic start scripts inside the container tries to apply the Java Options param twice! Please see the relative parts of container output below:
Domain Home is: /u01/oracle/user_projects/domains/docker_domain
Picked up JAVA_TOOL_OPTIONS: "-agentlib:jdwp=transport=dt_socket,address=localhost:4002,server=y,suspend=n"
Listening for transport dt_socket at address: 4002
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
[...](and further down in the logs I get: )
Starting WLS with line:
/usr/java/jdk-8/bin/java -server -Djava.security.egd=file:/dev/./urandom -cp /u01/oracle/wlserver/server/lib/weblogic-launcher.jar -Dlaunch.use.env.classpath=true -Dweblogic.Name=AdminServer -Djava.security.policy=/u01/oracle/wlserver/server/lib/weblogic.policy -Djava.system.class.loader=com.oracle.classloader.weblogic.LaunchClassLoader -javaagent:/u01/oracle/wlserver/server/lib/debugpatch-agent.jar -da -Dwls.home=/u01/oracle/wlserver/server -Dweblogic.home=/u01/oracle/wlserver/server weblogic.Server
Picked up JAVA_TOOL_OPTIONS: "-agentlib:jdwp=transport=dt_socket,address=localhost:4002,server=y,suspend=n"
ERROR: transport error 202: bind failed: Address already in use
ERROR: JDWP Transport dt_socket failed to initialize, TRANSPORT_INIT(510)
JDWP exit error AGENT_ERROR_TRANSPORT_INIT(197): No transports initialized [debugInit.c:750]
Stopping Derby server...
Derby server stopped.
I then tried to work with docker-compose, creating a .yaml file to add my environmental props there, trying to prevent these from running twice. I got the exact same behavior. Whichever port I use, it is found Already in use.
This is my .yaml file
version: '2'
services:
weblogic:
container_name: weblogic_yamled
image: store/oracle/weblogic:12.2.1.3-dev-200109
ports:
- "7001:7001"
- "7002:7002"
- "4002:4002"
- "4003:4003"
- "9002:9002"
volumes:
- c:/my-path-to-shared-volume:/u01/oracle/properties
environment:
- ADMINISTRATION_PORT_ENABLED=true
- DOMAIN_NAME=docker_domain
- JAVA_TOOL_OPTIONS="-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=localhost:4002"
Finally, I tried transport=dt_shmem but then I got a different error:
ERROR: transport library not found: dt_shmem
Do not know what else I should try!
Try adding address=*:4002 instead of address=4002
JAVA_OPTS is a Tomcat specific environment variable
In Java 8 the JDK supports a JAVA_TOOL_OPTIONS environment variable so to enable the debugger. Try replace JAVA_OPTS with JAVA_TOOL_OPTIONS
You also have to setup the address like this: address=*:8000, address=localhost:4002 or address=0.0.0.0:4002
I had a similar issue with attaching a memory monitoring tool (JVisualVM).
I could telnet to the server but that was not the whole story.
From what I have understood what was blocking me was the RMI connection used under the hoods. What was missing was a "tunnel" between client (where your debugger runs) and host (where your application runs) machine.
In windows you would open a cmd and give:
putty.exe -ssh <username>#<remote-host> -L <port>:<remote-host>:<same_port_again>
This will open a putty window which should remain open after logging in for the tunnel to remain open.
For more information on this, you can check here on the 2nd step of the solution provided by #freedev.
I am not sure if it works for you but I suspect it may be the same case as mine.
The problem is that the WebLogic server in the container is configured to run in production mode (the value of the PRODUCTION_MODE variable in the script setDomainEnv.sh is set to "true").
To disable this You need open the file setDomainEnv.sh, find PRODUCTION_MODE="true" and change it to PRODUCTION_MODE="false".
You also don't need to set JAVA_TOOL_OPTIONS variable, setDomainEnv.sh script already has the possibility to start in debug mode.
To enable the debug mode, the environment variable “debugFlag” needs to be set to true before executing the script.
Docker command:
docker run -d --name weblogic -p 7001:7001 -p 9002:9002 -p 55195:55195
-v c:/my-path:/u01/oracle/properties
-e ADMINISTRATION_PORT_ENABLED=true -e DOMAIN_NAME=base_domain
-e debugFlag=true -e DEBUG_PORT=55195
store/oracle/weblogic:12.2.1.3
Note, I also change the debug port to 55195.
Have you tried using the port number + 3 (4005) instead? That's a common practice to have a separate debug port for containerized applications
Title says it all. Tomcat 8 (Java 8) is running on Linux. After the error message I see that java process is not killed. Is it a problem with JMX configuration or what?
export JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=55001 -Dcom.sun.management.jmxremote.authenticate=false"
export JAVA_OPTS="$JAVA_OPTS -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.rmi.port=55002 -Djava.rmi.server.hostname=xxxxx -Dcom.sun.management.jmxremote.local.only=false"
Found the answer here:
There isn't. The reason why this is happening is that when tomcat
starts, port 5555 (in this example) is bound.
For shutdown, another jvm is launched and gets the same jmx
parameters. Therefore, it tries to bind to port 5555, too, fails and
shuts the jvm down. The shutdown procedure isn't executed and thus
tomcat is still running.
The only fix I could think of is to introduce yet another variable
that applies to start and run but not to stop.
I had to set JMX parameters as CATALINA_OPTS and not as JAVA_OPTS and it worked.
I'm trying to monitor remote jvm using Jconsole.
jdk1.7.0_75 is installed and configured the below parameter in jre/lib/management/management.properties file on remote machine.
-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.port=8002
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.ssl=false
-Djava.rmi.server.hostname=x.x.x.x
Getting Connection failed: connection refused.
checked the port number 8002 is free and disabled the firewall, Kindly provide the solution.
You are setting the right properties, but mixing two different approaches here. To enable JMX on your application you either need to:
start your application with these command line parameters you used above (java -Dcom.sun.management.jmxremote.port=8002 -cp somedependency.jar Appplication)
add similar entries to your management.properties BUT WITHOUT the "-D" prefixes. So entries like: com.sun.management.jmxremote.port=8002
All,
I have a remote server that I recently enabled VNC for using vnc4server and Chicken for mac as the client.
The purpose for doing so was to enable running Java's Jconsole to monitor an executable jar file that is running my server logic.
However, after logging into my server using VNC, I keep getting an error when I try to use Jconsole on vnc.
It states connection failed do you want to try again. Now I am logged in as the same user that started the process.
Is there something I am missing when using jconsole in VNC? Also can I monitor my executable jar file remotely using Jconsole on my local machine?
These are the options I am including to run the jar file: java -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9005 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.remote.ssl=false -Djava.rmi.server.hostname=ipaddress -jar path
Thanks
These JVM options fixed things. Fix found here: You need to pass to the VM: -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.local.only=false
https://forums.oracle.com/thread/1177644
This does not seem like an VNC issue- either the ports are not open, they are being blocked b a firewall, or there is some kind of permission/authentication issue with the app itself related to monitoring it.
In order to eliminate VNC as the cause (and use localhost in a local connection on jconsole), do "ssh -X REMOTHOST -n jconsole" and see. This will also eliminate the overhead of running the full X server and VNC.
Also on linux you can find out what process holds a port open by doing:
netstat -ap | grep PORT_NUMBER on the remote host you want to run on.
Colin
I've been trying to monitor a locally running Tomcat via JConsole. I, of course, added
-Dcom.sun.management.jmxremote to the CATALINA_OPTS variable in catalina.bat, but when starting JConsole, I couldn't find the process in the process list.
After some searching, I tried out the (more complicated?) non-local setting, further adding
set CATALINA_OPTS=-Dcom.sun.management.jmxremote \
-Dcom.sun.management.jmxremote.port=%my.jmx.port% \
-Dcom.sun.management.jmxremote.ssl=false \
-Dcom.sun.management.jmxremote.authenticate=false
and using the right parameters in JConsole, I was able to connect via the remote interface.
Has anyone else tried and succeded in using JConsole/Tomcat in a pure local setting or is the pseudo-remote way the only chance to get a local tomcat monitored?
I ran into the same thing--I'm used to running jconsole on my local Tomcat process that's been started with the -Dcom.sun.management.jmxremote flag, but it didn't work for me the first time I tried it on my laptop.
Another answer in here tipped me off to the temp directory being the key to getting this working. My Tomcat process has this argument:
-Djava.io.tmpdir="c:/install/apache-tomcat-6.0.18/temp"
I was able to get jconsole running with this command line:
jconsole -J-Djava.io.tmpdir="c:/install/apache-tomcat-6.0.18/temp"
I am running JDK 6 update 24 on a Windows 7 64-bit system.