JMX

JMX Benefits

The recommendation is to use Java's Management eXtension (JMX) framework on the Java based systems (Tomcat, RMI Servers, etc.).

http://java.sun.com/javase/technologies/core/mntr-mgmt/javamanagement/

The JMX technology supports monitoring Java based applications. JMX has been incorporated into the Java Stand Edition (J2SE) platform since version 5.0. JMX will provide information related to memory usage, threads and CPU with the JVM. JMX statistical information gathering is an out of box function within each Java application running on JVM version 1.5 or higher. This information is automatically gathered by the Java VM. The change will be to expose this information to be access remotely.

The information should help to pin-point the areas of concern within the reviewed applications. This information will be used to identify some of the application code issues. The information gathered will be coupled with various other system assessment strategies.

JConsole is a general JMX client. The JConsole client will be used by the performance integration technical team to review the JVM heap usage, memory, threads and other key monitoring information. The following is a view of JConsole;

Pros

The following are some of the typical benefits of using JMX in a Java system.

JMX is a Java production supported technology. It is used by open source and commercial J2EE application servers as a standard technology.
Enables Java application monitoring at a JVM level without a heavy investment or third party tools (verses JProfiler)
JMX is part of the J2ES and J2EE standard platform.
Utilizes Java's "Out of box" monitoring and management of the Java Virtual Machine
The exposed JMX interfaces will only allow read-only requests through the JMX monitorRole role
Supports open source or commercial JMX based JVM statistical reporting tools
Supports the possibility of adding future management functions such as JVM based monitoring notifications and on demand JVM garbage collection.

See the following link for additional reasons why JMX should be used in Java based systems

http://java.sun.com/javase/6/docs/technotes/guides/jmx/overview/intro.html#wp997785

Cons

Each remote connection will impact the JVM based on the number of connections plus the number of requests to access the retrieved information. Connections to the JMX services via clients such as JConsole must be limited so that application performance may not be affected. This will be a small impact assuming a small number of JMX clients (the performance integration technical team).

JMX implementation

JMX remote monitoring will use password authentication. The authentication will be setup for the Java server environments.

Tomcat Setup

Login as the "tomcat" user
Copy the password template file, ${JRE_HOME}/lib/management/jmxremote.password.template, to /opt/tomcat/apache-tomcat-5.5.12/conf /jmxremote.password
Set file permissions so that only the owner can read and write the password file.

chmod 600 /opt/tomcat/apache-tomcat-5.5.12/conf/jmxremote.password

Add password for role such as monitorRole in /opt/tomcat2/apache-tomcat-5.5.12/conf /jmxremote.password (last line in jmxremote.password file)
Backup "catalina.sh" and "shutdown.sh"
Copy /opt/tomcat2/apache-tomcat-5.5.12/bin/catalina.sh to /opt/tomcat2/apache-tomcat-5.5.12/bin/catalina-shutdown.sh
Add the following JVM arguments to /opt/tomcat2/apache-tomcat-5.5.12/bin/catalina.sh (look for JAVA_OPTS)

-Dcom.sun.management.jmxremote.port=7010

-Dcom.sun.management.jmxremote.authenticate=true

-Dcom.sun.management.jmxremote.ssl=false

-Dcom.sun.management.jmxremote.password.file=/opt/tomcat2/apache-tomcat-5.5.12/conf//jmxremote.password

Edit /opt/tomcat2/apache-tomcat-5.5.12/bin/catalina-shutdown.sh
Edit /opt/tomcat2/apache-tomcat-5.5.12/bin/shutdown.sh
1. Change "EXECUTABLE=catalina.sh" to "EXECUTABLE=catalina-shutdown.sh"

Windows JMX Password Security Restriction Setup

See the following URL for details

http://download.oracle.com/javase/6/docs/technotes/guides/management/security-windows.html

Also note you must change owner of the file to the security user

Right Click -> Properties -> Security -> Advance -> Owner -> Select a user -> Click OK

JMX Verification

Restart the Tomcat server on the server
From a laptop (with JDK version 1.5 or higher)
Click Start -> run -> jconsole.exe
Connect to tomcat JMX

Select Remote Process
Enter ${server-name}:7010
Username: monitorRole
Password: ${password}

See the following for details

http://tomcat.apache.org/tomcat-6.0-doc/windows-service-howto.html#Command_line_arguments

on server

Click Start -> run

Enter "cmd"

Type d:
cd D:\Sciquest\Tomcat6.0\bin

Enter (one line)
tomcat6.exe //US//"Apache Tomcat 6" --JvmOptions -Xrs -Dcom.sun.management.jmxremote.port=7002
-Dcom.sun.management.jmxremote.authenticate=true
-Dcom.sun.management.jmxremote.ssl=false
-Dcom.sun.management.jmxremote.password.file= /jmxremote.password