Linux 使用 VisualVM 通过防火墙连接到远程 jstatd 实例
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7424519/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Using VisualVM to connect to a remote jstatd instance through a firewall
提问by Ben Baron
Possible Duplicate:
VisualVM over ssh
可能的重复:
通过 ssh 的 VisualVM
I'm writing this question and answering it because I spent a few hours getting this to work today and no answer I found on here worked for me. Hopefully this is helpful for others. If you have another solution than the one I ended up using, please feel free to answer the question as well. If yours is better I'll accept yours instead.
我正在写这个问题并回答它,因为我今天花了几个小时来解决这个问题,但我在这里找到的答案没有对我有用。希望这对其他人有帮助。如果您有其他解决方案而不是我最终使用的解决方案,请随时回答这个问题。如果你的更好,我会接受你的。
The problem: I'm trying to monitor some home made java applications on my FreeBSD server (this should apply to Linux servers as well) using VisualVM and jstatd, but I can't get VisualVM to list the processes on the server even after I forwarded the assigned and random jstatd ports in my firewall and can see a connection being made using sockstat.
问题:我正在尝试使用 VisualVM 和 jstatd 在我的 FreeBSD 服务器上监视一些自制的 Java 应用程序(这也应该适用于 Linux 服务器),但是即使在我之后,我也无法让 VisualVM 列出服务器上的进程在我的防火墙中转发分配的和随机的 jstatd 端口,可以看到使用 sockstat 建立的连接。
采纳答案by Ben Baron
Instead of creating a firewall rule every time I run jstatd (because it annoyingly chooses a new random port each time), I got it to work with SSH tunnels.
我没有在每次运行 jstatd 时创建防火墙规则(因为它每次都会烦人地选择一个新的随机端口),而是让它与 SSH 隧道一起工作。
First I ran jstatd on the server to find which ports I needed to tunnel. That is done by (in my case) first creating a policy file called tools.policy with the following contents:
首先,我在服务器上运行 jstatd 以查找我需要建立隧道的端口。这是通过(在我的情况下)首先创建一个名为 tools.policy 的策略文件来完成的,其中包含以下内容:
grant codebase "file:${java.home}/../lib/tools.jar" {
permission java.security.AllPermission;
};
Then running the following command: jstatd -J-Djava.security.policy=tools.policy
然后运行以下命令: jstatd -J-Djava.security.policy=tools.policy
Then I determined the random port jstatd was using by running sockstat | grep jstat(may need to use netstatinstead on Linux, I'm not sure).
然后我通过运行确定了 jstatd 正在使用的随机端口sockstat | grep jstat(可能需要netstat在 Linux上使用,我不确定)。
Then lets say the random port is 55663, I created two SSH tunnels on my local machine, one for the standard jstatd port 1099 and the other for 55663 by running the following commands in two terminal windows (haven't done this on Windows, but I'm pretty sure putty can do it):
然后假设随机端口是 55663,我在本地机器上创建了两个 SSH 隧道,一个用于标准 jstatd 端口 1099,另一个用于 55663,方法是在两个终端窗口中运行以下命令(在 Windows 上没有这样做,但是我很确定腻子可以做到):
ssh -L 1099:localhost:1099 login_name@host_name
ssh -L 1099:localhost:1099 login_name@host_name
ssh -L 55663:localhost:55663 login_name@host_name
ssh -L 55663:localhost:55663 login_name@host_name
Once the two tunnels were open, I opened VisualVM and right clicked on the "Local" machine on the left side and chose "Add jstatd Connection". I clicked the "Add Default" button on the right and made sure the port was set to 1099. I hit the "OK" button to save it and immediately saw my remote Java processes show up in the "Local" section.
两条隧道打开后,我打开 VisualVM 并右键单击左侧的“本地”机器并选择“添加 jstatd 连接”。我单击右侧的“添加默认值”按钮并确保端口设置为 1099。我单击“确定”按钮保存它,并立即看到我的远程 Java 进程显示在“本地”部分。
回答by Tomas Hurka
See this "Running VisualVM through an ssh tunnel with SOCKS" for another solution.
请参阅此“使用 SOCKS 通过 ssh 隧道运行 VisualVM”以获取另一种解决方案。
