Chapter 16: Monitoring and Managing Tomcat with JMX
Chapter 16: Monitoring and Managing Tomcat with JMX To enable SSL connections for Tomcat, make sure you set com.sun.management.jmxremote.sslto true, and then follow the instructions in Chapter 14 to set up SSL transport if you have not already done so. On the client machine where you intend to run jconsole over SSL, you should have the server s CA cert in your local keystore and start jconsole with: jconsole -Djavax.net.ssl.trustStore=mykeystore -Djavax.net.ssl.trustStorePassword=mykeystorepassword You should replace mykeystore with the location of your keystore, and mykeystorepasswordwith the password you have set for the keystore. Summary To conclude this chapter, let s review some of its key points: . JMX is a standard for the management of hardware devices, software services, and other manageable entities. The JMX architecture has three levels and each level is componentized. Each level is decoupled from the others. . The bottom level is instrumentation, and it requires that manageable devices and/or services expose their manageable attributes, operations, and events via a set of MBeans. . The top level is distributed services. It involves management applications or higher-level agent functionality and is not well defined at this time. . The middle level is called the agent level. This level aggregates the MBeans from devices and services, and provides a set of services, customized value-added logic, and external/remote access to managed elements. . Tomcat 6 is fully JMX-compliant. It is also fully instrumented. This means that all of its configuration, internal, and runtime components have MBeans associated with them, enabling these components to be accessed through a JMX agent. . The Manager application in Tomcat provides a JMX proxy that can be used to access these Tomcat MBeans. The proxy provides a Web interface for querying the MBean Server, and reading and writing MBean attribute values. This interface, provided through an HTTP protocol adapter, can be used to monitor and manage local as well as remote Tomcat instances. . The jconsole tool included with standard JDK can also be used to monitor and manage Tomcat instances via a user-friendly GUI. jconsole can work with Tomcat instances running on the same machine, or remote instances. . Remote management should be enabled only on internal test networks. If you must enable remote management in production, do so only after careful consideration for security. Specifically, you should enable user authentication and SSL if you must enable remote management for production systems. . One major benefit of Tomcat s JMX support is the capability to consolidate the monitoring and management of Tomcat servers via remote JMX access. Ultimately, this centralizes the
For high quality website hosting services please check java web hosting website.