Chris,
2013/9/12 <users-digest-h...@tomcat.apache.org>
>
>
> Marcin,
>
> On 9/11/13 2:29 PM, Marcin Domański wrote:
> > Hi there! I am trying to setup a Tomcat instance using only
> > specific address for all communications. This is convenient for us
> > from the point of IPsec. I was able to succeed in http, https, ajp,
> > etc. but for JMX I still cannot get it right. For this example,
> > let's assume, my desired address is 127.2.0.1. Currently my
> > configuration is as follows:
> >
> > - <Listener
> > className="org.apache.catalina.mbeans.JmxRemoteLifecycleListener"
> > rmiRegistryPortPlatform="9012" rmiServerPortPlatform="9013"
> > useLocalPorts="true" />
> >
> >
> > Which allows to connect to the server at
> > "service:jmx:rmi:///jndi/rmi:// 127.2.0.1:9012/jmxrmi but also
> > localhost (means I cannot run second instance with different IP)
>
> Hmm. I would have expected "useLocalPorts" to bind only to 127.0.0.1
> (i.e. localhost). What does netstat tell you under this configuration?
>
I see open ports to 127.2.0.1:9012 whenever I have rmiBindAddress set and
applied patch in JmxRemoteLifecycleListener to use rmiBindAddress instead
of localhost around line 304, otherwise I get exception whenever I use
rmiBindAddress=127.2.0.1 and no ports are open.
Netstat with patch and rmiBindAddress=127.0.2.1 and useLocalPorts=false:
TCP 127.0.2.1:9012 XXX:0 LISTENING
TCP 127.0.2.1:9013 XXX:0 LISTENING
Netstat with patch and rmiBindAddress=127.0.2.1 and useLocalPorts=true:
TCP 127.0.2.1:9012 XXX:0 LISTENING
TCP 127.0.2.1:9013 XXX:0 LISTENING
Seems that it connects differently because I see it using localhost for
connections to port 9013 and 127.0.2.1 for 9012 (remote address in netstat)
> > On the other hand,when I try following:
> >
> > - <Listener
> > className="org.apache.catalina.mbeans.JmxRemoteLifecycleListener"
> > rmiRegistryPortPlatform="9012" rmiServerPortPlatform="9013"
> > useLocalPorts="true" rmiBindAddress="127.2.0.1"/>
> >
> > On Windows machine I get a network error basically saying there is
> > no server configured at localhost in
> > JmxRemoteLifecycleListener:304.
>
> You get this on startup? Post the full stack trace, please.
>
Yes, it is a startup of Tomcat itself, not my J2EE application. You can try
it yourself. Stack is as follows:
java.io.IOException: Cannot bind to URL [rmi://localhost:9012/jmxrmi]:
javax.naming.ServiceUnavailableException [Root exception is
java.rmi.ConnectException: Connection refused to host: localhost; nested
exception is:
java.net.ConnectException: Connection refused: connect]
at
javax.management.remote.rmi.RMIConnectorServer.newIOException(RMIConnectorServer.java:827)
at
javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:432)
at
org.apache.catalina.mbeans.JmxRemoteLifecycleListener.createServer(JmxRemoteLifecycleListener.java:304)
at
org.apache.catalina.mbeans.JmxRemoteLifecycleListener.lifecycleEvent(JmxRemoteLifecycleListener.java:258)
at
org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
at
org.apache.catalina.util.LifecycleBase.fireLifecycleEvent(LifecycleBase.java:90)
at
org.apache.catalina.util.LifecycleBase.setStateInternal(LifecycleBase.java:402)
at
org.apache.catalina.util.LifecycleBase.setState(LifecycleBase.java:347)
at
org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:725)
at
org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150)
at org.apache.catalina.startup.Catalina.start(Catalina.java:691)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:322)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:456)
Caused by: javax.naming.ServiceUnavailableException [Root exception is
java.rmi.ConnectException: Connection refused to host: localhost; nested
exception is:
java.net.ConnectException: Connection refused: connect]
at
com.sun.jndi.rmi.registry.RegistryContext.bind(RegistryContext.java:143)
at
com.sun.jndi.toolkit.url.GenericURLContext.bind(GenericURLContext.java:226)
at javax.naming.InitialContext.bind(InitialContext.java:419)
at
javax.management.remote.rmi.RMIConnectorServer.bind(RMIConnectorServer.java:644)
at
javax.management.remote.rmi.RMIConnectorServer.start(RMIConnectorServer.java:427)
... 15 more
Caused by: java.rmi.ConnectException: Connection refused to host:
localhost; nested exception is:
java.net.ConnectException: Connection refused: connect
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:619)
at
sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
at
sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:340)
at sun.rmi.registry.RegistryImpl_Stub.bind(Unknown Source)
at
com.sun.jndi.rmi.registry.RegistryContext.bind(RegistryContext.java:137)
... 19 more
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at
java.net.DualStackPlainSocketImpl.socketConnect(DualStackPlainSocketImpl.java:69)
at
java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:339)
at
java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:200)
at
java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:182)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:157)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:391)
at java.net.Socket.connect(Socket.java:579)
at java.net.Socket.connect(Socket.java:528)
at java.net.Socket.<init>(Socket.java:425)
at java.net.Socket.<init>(Socket.java:208)
at
sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
at
sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:146)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
... 24 more
>
> What do you have in /etc/hosts (or the win32 equivalent)?
>
I have all commented out in hosts file (win32):
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
As far as I remember my previous attempts, when I set useLocalPorts = true
I can access same process using 127.2.0.1:9012 and localhost:9012,
otherwise, only second method works.
> What happens if you do rmiBindAddress="127.2.0.1" and don't specify
> useLocalPorts="true" (I believe the former essentially covers the latter)?
>
Setting this to true seems to only affect server not registry (see netstat
at the top).
>
> > Here's the code:
> >
> http://grepcode.com/file/repo1.maven.org/maven2/org.apache.tomcat/tomcat-catalina-jmx-remote/7.0.42/org/apache/catalina/mbeans/JmxRemoteLifecycleListener.java#304
> >
> >
> According
> > to that it seems that both Tomcat RMI server and registry must be
> > accessible on localhost when using JmxRemoteLifecycleListener. Is
> > it true?
>
> useLocalPorts="true" means that Tomcat will use "localhost" as the
> binding host address. If you don't have "localhost" defined anywhere
> (usually /etc/hosts), then the IP lookup will fail.
>
I did some patching replacing localhost with rmiBindAddress around line 304
and now Tomcat itself initializes correctly, our beans gets registered but
our connection from separate process fails with NameNotFoundException:
jmxrmi. Seems connection is established but beans are registered somewhere
else? We are using ManagementFactory.getPlatformMBeanServer() to register
our beans.
>
> - -chris
>
>
>
>
