由买买提看人间百态

boards

本页内容为未名空间相应帖子的节选和存档,一周内的贴子最多显示50字,超过一周显示500字 访问原贴
Java版 - trick to use JMX on EC2
相关主题
Jetty embeded server communication question?怎么能学成J2EE的全能
学习JAVA的人要注意请教一下用过JMX (Java Management Extension)的朋友
关于RMI的问题问个deploy相关的问题
新手请教netbean的问题JMX question
How to make RMI bypass firewall?使用SNMP去monitor JBOSS里面的应用
本地spring,网络mysql,必须port forwarding吗?JMX question , help please
JDK 1.5 is out多少个thread 就算不正常?
请教jconsole问题Re: 4年.NET经验在bay area大概能拿多少? (转载)
相关话题的讨论汇总
话题: jmx话题: ip话题: port话题: iptables话题: ec2
进入Java版参与讨论
1 (共1页)
c******n
发帖数: 4965
1
many java applications are written as JMX MBeans
but EC2 presents many problems for JMX
1) normally you have only port 22 open, changing security group is a hassle
if you are just debugging for one shot.
2) the second port used by JMX is determined dynamically, so you don't know
which port to open
3) JMX is going to figure out the *internal* ip of EC2 and let your JMX
client to connect to RMI on that IP, which can not be reached.
so to solve these
1) use ssh tunnel, + iptables on client
2) http://blogs.oracle.com/jmxetc/entry/connecting_through_firewall_using_jmx , i.e. setup RMI connector explicitly.
3) http://blogs.oracle.com/jmxetc/entry/connecting_through_firewall_using_jmx , "-Djava.rmi.server.hostname="
note that in 2) you should NOT supply the
-Dcom.sun.management.jmxremote.port=
argument, otherwise JMX will still use the dynamic port selection
for 1), the trick is to forward your tunnel the traffic onto the remote JMX
port through ssh, so your jconsole needs to connect to localhost instead.
another problem is that the remote JMX is going to ask you to connect to the
external_IP instead, not localhost, so you need to use iptables to route
all your packets onto the remote external_IP to localhost, on which the ssh
tunnel is listening.
########### iptables script ###########
EXTERNAL_BOX_IP=1.2.3.4
PORT=7500
sudo iptables -t nat -F
sudo iptables -t nat -A OUTPUT -d $EXTERNAL_BOX_IP -p tcp --dport $PORT -j
DNAT --to-destination 127.0.0.1
sudo iptables -t nat -A POSTROUTING -p tcp --dport $PORT -j MASQUERADE
############################
then creates the tunnel onto remote EC2 (whose ip is 1.2.3.4)
ssh -L7500:1.2.3.4:7500 1.2.3.4
then you can use jconsole to connect to 1.2.3.4:7500
the link above provides an easier trick without using iptables, i.e. let JMX
tell a lie and say -Djava.rmi.server.hostname=localhost . this
would not work if you do not connect through ssh tunnel, but open up
security group.
have fun!
yang
1 (共1页)
进入Java版参与讨论
相关主题
Re: 4年.NET经验在bay area大概能拿多少? (转载)How to make RMI bypass firewall?
谁深入解答一下Java的Reflection机制本地spring,网络mysql,必须port forwarding吗?
求思路JDK 1.5 is out
问一个关于access object instance的问题请教jconsole问题
Jetty embeded server communication question?怎么能学成J2EE的全能
学习JAVA的人要注意请教一下用过JMX (Java Management Extension)的朋友
关于RMI的问题问个deploy相关的问题
新手请教netbean的问题JMX question
相关话题的讨论汇总
话题: jmx话题: ip话题: port话题: iptables话题: ec2