RE: GF 2.1 - JMX through firewall
you should have a JSR-160 JMX Listener pre-configured here is why
JMX_SYSTEM_CONNECTOR_PORT is assigned by create-instance command
if you dont specify JMX_SYSTEM_CONNECTOR_PORT i believe the default is 9686 (but dont quote me)
asadmin>create-instance --node localhost-domain1
domain\config\server.policy would contain those perms to grant codebase the connect capability to any IP on any port e.g.
permission java.net.SocketPermission "*", "connect";
processLauncher.xml should contain the JMX.invoke.getters entry as true
observe the jmxremote_optional.jar is in sharedChainJars for same process
Once you create and start the instance the JMX listener should be casting to JMX agents
you should see JMX entries popping in the server.log with these params
servicC:jmx:rmi:///jndi/rmi://localhost:9686/jmxrmi;|ADM1504: Here is the JMXServiceURL for the Standard JMXConnectorServer: [servicC:jmx:rmi:///jndi/rmi://localhost:9686/jmxrmi]. This is where the remote administrative clients should connect using the standard JMX connectors|#]
you should now be able to use remote RMI clients to connect to JMX Service via port <9686>
MG>confirm with netstat -a | grep 9686
using jndi that would be jndi/rmi://localhost:9686/jmxrmi
let us know you are able to get that far
> To: firstname.lastname@example.org
> From: email@example.com
> Subject: GF 2.1 - JMX through firewall
> Date: Thu, 17 Oct 2013 23:47:43 +0000
> This one is about Glassfish 2.1.x and JMX connectivity through
> firewall. Basically, we’re struggling with the random port allocation
> for the RMIServer and a client like VisualVM fails to connect through a
> firewall, even after setting
> -Dcom.sun.aas.jconsole..cbport = , as documented
> here :
> I was looking around in the codebase and found that in the JSR 160
> connector, the JmxConnectorServerDriver expects the JMX service url to
> be of the form "service:jmx:rmi://localhost:" +
> port1 + "/jndi/rmi://localhost:" + port2 + "/jmxrmi" where port1
> is the RMIserver port and port2 is the JMXConnector RMIRegistry port?
> Does this mean VisualVM has to pass in a JMX service URL of this form?
This email and its attachments are intended solely for the personal use of the individual or entity named above. Any use of this communication by an unintended recipient is strictly prohibited. If you have received this email in error, any publication, use, reproduction, disclosure or dissemination of its contents is strictly prohibited. Please immediately delete this message and its attachments from your computer and servers. We would also appreciate if you would contact us by a collect call or return email to notify us of this error. Thank you for your cooperation.