jconsole作为JVM的监控工具,能图形化展示远程服务器的CPU和内存使用情况。通过配置JMX,可以在Tomcat启动参数中设置监听端口、SSL和认证选项。在远程监控时,只需输入服务器的IP、端口即可连接,但为保障安全,通常建议启用认证。
为了把握远程服务器的cpu,内存使用状况.我们虽然可以用top命令来查看.但还是图形分析的结果看比较直观.
jconsole是jdk的一个JVM监视,管理工具.位于:JAVA_HOME/bin/jconsole.exe.
jconsole可以监视本地进程(localhost)和远程服务器进程(remote).
本地进程:
本地进程监视很简单,启动选择监视本地进程,然后连接就可以了.
我们就可以观察堆内存,线程,cpu,类,GC,JVM状况,MBean .
远程进程:
但如果是远程服务器的话,就需要做一些设置.我们连接远程服务器是要求提供远程服务器名或者IP地址,端口号,用户名和密码.
首先就是服务器上要配置监听端口.这个地方用到了JMX技术.
我们在tomcat启动shell的JAVA选项参数里面配置如下信息:
-Dcom.sun.management.jmxremote
-Dcom.sun.management.jmxremote.port=9999
-Dcom.sun.management.jmxremote.ssl="false"
-Dcom.sun.management.jmxremote.authenticate="false"
从-Dcom.sun.management.jmxremote.authenticate="false"这句话我们就可以知道现在设置的不需要认证,也就是不用输入用户名和密码就可以访问了.
启动jconsole,选择远程进程,输入IP地址,端口号,然后就可以连接了.
当然为了服务器安全,一般还是需要设置认证.很多具体的信息可以参看下表.
| Property Name | Description | Values |
|---|---|---|
com.sun.management.jmxremote | Enables the JMX remote agent and local monitoring via JMX connector published on a private interface used by jconsole . The jconsole tool can use this connector if it is executed by the same user ID as the user ID that started the agent. No password or access files are checked for requests coming via this connector. | true / false. Default is true. |
com.sun.management.jmxremote. port | Enables the JMX remote agent and creates a remote JMX connector to listen through the specified port. By default, SSL, password, and access files properties are used for this connector. Also enables local monitoring as described for the com.sun.management.jmxremote property. | Port number. No default. |
com.sun.management.jmxremote. | Enables secure monitoring via SSL. If false, then SSL is not used. | true / false. Default is true. |
com.sun.management.jmxremote. | Comma-delimited list of SSL/TLS protocol versions to enable. Used in conjunction with com.sun.management.jmxremote.ssl | Default SSL/TLS protocol version. |
com.sun.management.jmxremote. | A comma-delimited list of SSL/TLS cipher suites to enable. Used in conjunction with com.sun.management.jmxremote.ssl . | Default SSL/TLS cipher suites. |
com.sun.management.jmxremote. | If this property is true and the property com.sun.management.jmxremote.ssl is true, then client authentication will be performed. | true / false. Default is false |
com.sun.management.jmxremote. | If this property is false then JMX does not use passwords or access files: all users are allowed all access. | true / false. Default is true. |
com.sun.management.jmxremote. | Specifies location for password file. If com.sun.management.jmxremote.password is false, then this property and the password and access files are ignored. Otherwise, the password file must exist and be in valid format. If the password file is empty or non-existent, then no access is allowed. | JRE_HOME /lib/management/ |
com.sun.management.jmxremote. | Specifies location for the access file. If com.sun.management.jmxremote.password is false, then this property and the password and access files are ignored. Otherwise, the access file must exist and be in the valid format. If the access file is empty or non-existent, then no access is allowed. | JRE_HOME /lib/management/ |
com.sun.management.jmxremote. | Specifies the name of a JAAS login configuration entry to use when authenticating users of RMI monitoring. When using this property to override the default login configuration, the named configuration entry must be in a file that gets loaded by JAAS. In addition, the login modules specified in the configuration should use the name and password callbacks to acquire the user's credentials. For more information, see javax.security.auth.callback.NameCallback and javax.security.auth.callback.PasswordCallback . If com.sun.management.jmxremote.authenticate is false, then this property and the password and access files are ignored. | Default login configuration is a file-based password authentic |
扫一扫
2312
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
