Networking

通過 jmx 訪問 java 應用程序到本地網路中遠端主機上的 Docker 容器

  • March 23, 2017

我無法通過 jmx(使用 VisualVM)將 Java 應用程序連接到本地網路中遠端主機上的 Docker 容器中。

問題截圖。

案例 1:Java 應用程序到客戶端的 Docker 容器中:

連接到應用程序(埠 6830) - 工作

連接到 jmx(埠 6831) - 工作

java -Dhttp.port=9010 \
    -Dcom.sun.management.jmxremote.port=9011 \
    -Dcom.sun.management.jmxremote.ssl=false \
    -Dcom.sun.management.jmxremote.authenticate=false \
    -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=9012 \
    -jar application.jar

docker run -d \
          -p 6830:9010 \
          -p 6831:9011 \
          --name container_name \
          base_image \
          setup.sh

案例 2:遠端主機上沒有 Docker 容器的 Java 應用程序:

連接到應用程序(埠 6830) - 工作

連接到 jmx(埠 6831) - 工作

java -Dhttp.port=6830 \
    -Dcom.sun.management.jmxremote.port=6831 \
    -Dcom.sun.management.jmxremote.ssl=false \
    -Dcom.sun.management.jmxremote.authenticate=false \
    -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=6832 \
    -jar application.jar

案例 3:Java 應用到遠端主機上的 Docker 容器中:

連接到應用程序(埠 6830) -工作

連接到 jmx(埠 6831) -不工作

java -Dhttp.port=9010 \
    -Dcom.sun.management.jmxremote.port=9011 \
    -Dcom.sun.management.jmxremote.ssl=false \
    -Dcom.sun.management.jmxremote.authenticate=false \
    -Dcom.sun.management.jmxremote.local.only=false \
    -Dcom.sun.management.jmxremote.rmi.port=9011 \
    -Djava.rmi.server.hostname="192.168.0.2" \
    -Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=9012 \
    -jar application.jar

docker run -d \
          -p 6830:9010 \
          -p 6831:9011 \
          --name container_name \
          base_image \
          setup.sh

伺服器上的結果netstat -tunelp | grep 6831

tcp6       0      0 :::6831                 :::*                    LISTEN      0          84051435    10094/docker-proxy

結果netstat -tunelp | grep 9011進入 Docker 容器:

tcp6       0      0 :::9011                 :::*                    LISTEN      0          84052513    7/java

附加資訊:

  • 伺服器IP:192.168.0.2
  • 客戶端IP:192.168.0.120
  • 伺服器作業系統:Debian 8.5 x86_64
  • 客戶端作業系統:Kubuntu 15.10 x86_64
  • Docker(伺服器和客戶端):1.11.2
  • Docker 中的 Java:1.8.0_91-b14
  • 客戶端上的 OpenJDK:1.7.0_101
  • 視覺虛擬機:1.3.8

更新#1

在客戶端記錄 tshark:

 1   0.000000 192.168.0.120 -> 192.168.0.2  TCP 74 52936→6831 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=61129885 TSecr=0 WS=128
 2   0.000162  192.168.0.2 -> 192.168.0.120 TCP 74 6831→52936 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=1212891632 TSecr=61129885 WS=128
 3   0.000196 192.168.0.120 -> 192.168.0.2  TCP 66 52936→6831 [ACK] Seq=1 Ack=1 Win=29312 Len=0 TSval=61129885 TSecr=1212891632
 4   0.000298 192.168.0.120 -> 192.168.0.2  TCP 73 52936→6831 [PSH, ACK] Seq=1 Ack=1 Win=29312 Len=7 TSval=61129886 TSecr=1212891632
 5   0.000391  192.168.0.2 -> 192.168.0.120 TCP 66 6831→52936 [ACK] Seq=1 Ack=8 Win=29056 Len=0 TSval=1212891632 TSecr=61129886
 6   0.000931  192.168.0.2 -> 192.168.0.120 TCP 86 6831→52936 [PSH, ACK] Seq=1 Ack=8 Win=29056 Len=20 TSval=1212891632 TSecr=61129886
 7   0.000941 192.168.0.120 -> 192.168.0.2  TCP 66 52936→6831 [ACK] Seq=8 Ack=21 Win=29312 Len=0 TSval=61129886 TSecr=1212891632
 8   0.000987 192.168.0.120 -> 192.168.0.2  TCP 81 52936→6831 [PSH, ACK] Seq=8 Ack=21 Win=29312 Len=15 TSval=61129886 TSecr=1212891632
 9   0.001024 192.168.0.120 -> 192.168.0.2  TCP 116 52936→6831 [PSH, ACK] Seq=23 Ack=21 Win=29312 Len=50 TSval=61129886 TSecr=1212891632
10   0.001128  192.168.0.2 -> 192.168.0.120 TCP 66 6831→52936 [ACK] Seq=21 Ack=73 Win=29056 Len=0 TSval=1212891632 TSecr=61129886
11   0.001544  192.168.0.2 -> 192.168.0.120 TCP 381 6831→52936 [PSH, ACK] Seq=21 Ack=73 Win=29056 Len=315 TSval=1212891632 TSecr=61129886
12   0.006570 192.168.0.120 -> 192.168.0.2  TCP 81 52936→6831 [PSH, ACK] Seq=73 Ack=336 Win=30336 Len=15 TSval=61129887 TSecr=1212891632
13   0.010023 192.168.0.120 -> 192.168.0.2  TCP 74 52940→6831 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=61129888 TSecr=0 WS=128
14   0.010176  192.168.0.2 -> 192.168.0.120 TCP 74 6831→52940 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=1212891634 TSecr=61129888 WS=128
15   0.010204 192.168.0.120 -> 192.168.0.2  TCP 66 52940→6831 [ACK] Seq=1 Ack=1 Win=29312 Len=0 TSval=61129888 TSecr=1212891634
16   0.011325 192.168.0.120 -> 192.168.0.2  TCP 178 52940→6831 [PSH, ACK] Seq=1 Ack=1 Win=29312 Len=112 TSval=61129888 TSecr=1212891634
17   0.011561  192.168.0.2 -> 192.168.0.120 TCP 66 6831→52940 [ACK] Seq=1 Ack=113 Win=29056 Len=0 TSval=1212891635 TSecr=61129888
18   0.011572  192.168.0.2 -> 192.168.0.120 TCP 66 6831→52940 [FIN, ACK] Seq=1 Ack=113 Win=29056 Len=0 TSval=1212891635 TSecr=61129888
19   0.011656 192.168.0.120 -> 192.168.0.2  TCP 73 52940→6831 [PSH, ACK] Seq=113 Ack=2 Win=29312 Len=7 TSval=61129888 TSecr=1212891635
20   0.011700 192.168.0.120 -> 192.168.0.2  TCP 66 52940→6831 [FIN, ACK] Seq=120 Ack=2 Win=29312 Len=0 TSval=61129888 TSecr=1212891635
21   0.011780  192.168.0.2 -> 192.168.0.120 TCP 60 6831→52940 [RST] Seq=2 Win=0 Len=0
22   0.011791  192.168.0.2 -> 192.168.0.120 TCP 60 6831→52940 [RST] Seq=2 Win=0 Len=0
23   0.043436  192.168.0.2 -> 192.168.0.120 TCP 66 6831→52936 [ACK] Seq=336 Ack=88 Win=29056 Len=0 TSval=1212891643 TSecr=61129887

在伺服器上記錄 tshark:

2408   4.083314 192.168.0.120 -> 192.168.0.2  TCP 74 52918→6831 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=61073274 TSecr=0 WS=128
2409   4.083355  192.168.0.2 -> 192.168.0.120 TCP 74 6831→52918 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=1212835020 TSecr=61073274 WS=128
2410   4.083489 192.168.0.120 -> 192.168.0.2  TCP 66 52918→6831 [ACK] Seq=1 Ack=1 Win=29312 Len=0 TSval=61073274 TSecr=1212835020
2411   4.083558 192.168.0.120 -> 192.168.0.2  TCP 73 52918→6831 [PSH, ACK] Seq=1 Ack=1 Win=29312 Len=7 TSval=61073274 TSecr=1212835020
2412   4.083568  192.168.0.2 -> 192.168.0.120 TCP 66 6831→52918 [ACK] Seq=1 Ack=8 Win=29056 Len=0 TSval=1212835020 TSecr=61073274
2415   4.083999  192.168.0.2 -> 192.168.0.120 TCP 86 6831→52918 [PSH, ACK] Seq=1 Ack=8 Win=29056 Len=20 TSval=1212835020 TSecr=61073274
2416   4.084105 192.168.0.120 -> 192.168.0.2  TCP 66 52918→6831 [ACK] Seq=8 Ack=21 Win=29312 Len=0 TSval=61073274 TSecr=1212835020
2417   4.084168 192.168.0.120 -> 192.168.0.2  TCP 81 52918→6831 [PSH, ACK] Seq=8 Ack=21 Win=29312 Len=15 TSval=61073274 TSecr=1212835020
2418   4.084209 192.168.0.120 -> 192.168.0.2  TCP 116 52918→6831 [PSH, ACK] Seq=23 Ack=21 Win=29312 Len=50 TSval=61073274 TSecr=1212835020
2419   4.084219  192.168.0.2 -> 192.168.0.120 TCP 66 6831→52918 [ACK] Seq=21 Ack=73 Win=29056 Len=0 TSval=1212835021 TSecr=61073274
2420   4.084444  192.168.0.2 -> 192.168.0.120 TCP 381 6831→52918 [PSH, ACK] Seq=21 Ack=73 Win=29056 Len=315 TSval=1212835021 TSecr=61073274
2423   4.085030 192.168.0.120 -> 192.168.0.2  TCP 81 52918→6831 [PSH, ACK] Seq=73 Ack=336 Win=30336 Len=15 TSval=61073275 TSecr=1212835021
2443   4.087937 192.168.0.120 -> 192.168.0.2  TCP 74 52922→6831 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=61073275 TSecr=0 WS=128
2444   4.087957  192.168.0.2 -> 192.168.0.120 TCP 74 6831→52922 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=1212835021 TSecr=61073275 WS=128
2445   4.088104 192.168.0.120 -> 192.168.0.2  TCP 66 52922→6831 [ACK] Seq=1 Ack=1 Win=29312 Len=0 TSval=61073275 TSecr=1212835021
2455   4.092796 192.168.0.120 -> 192.168.0.2  TCP 178 52922→6831 [PSH, ACK] Seq=1 Ack=1 Win=29312 Len=112 TSval=61073277 TSecr=1212835021
2456   4.092807  192.168.0.2 -> 192.168.0.120 TCP 66 6831→52922 [ACK] Seq=1 Ack=113 Win=29056 Len=0 TSval=1212835023 TSecr=61073277
2457   4.092824  192.168.0.2 -> 192.168.0.120 TCP 66 6831→52922 [FIN, ACK] Seq=1 Ack=113 Win=29056 Len=0 TSval=1212835023 TSecr=61073277
2459   4.093055 192.168.0.120 -> 192.168.0.2  TCP 73 52922→6831 [PSH, ACK] Seq=113 Ack=2 Win=29312 Len=7 TSval=61073277 TSecr=1212835023
2460   4.093070 192.168.0.120 -> 192.168.0.2  TCP 66 52922→6831 [FIN, ACK] Seq=120 Ack=2 Win=29312 Len=0 TSval=61073277 TSecr=1212835023
2461   4.093084  192.168.0.2 -> 192.168.0.120 TCP 54 6831→52922 [RST] Seq=2 Win=0 Len=0
2462   4.093085  192.168.0.2 -> 192.168.0.120 TCP 54 6831→52922 [RST] Seq=2 Win=0 Len=0
2526   4.124067  192.168.0.2 -> 192.168.0.120 TCP 66 6831→52918 [ACK] Seq=336 Ack=88 Win=29056 Len=0 TSval=1212835031 TSecr=61073275

在 Docker 容器中記錄 tshark:

 1   0.000000 192.168.0.120 -> 172.17.0.6   TCP 74 52896→9011 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=61025980 TSecr=0 WS=128
 2   0.000015   172.17.0.6 -> 192.168.0.120 TCP 74 9011→52896 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=1212787726 TSecr=61025980 WS=128
 3   0.000182 192.168.0.120 -> 172.17.0.6   TCP 66 52896→9011 [ACK] Seq=1 Ack=1 Win=29312 Len=0 TSval=61025980 TSecr=1212787726
 4   0.000283 192.168.0.120 -> 172.17.0.6   TCP 73 52896→9011 [PSH, ACK] Seq=1 Ack=1 Win=29312 Len=7 TSval=61025980 TSecr=1212787726
 5   0.000289   172.17.0.6 -> 192.168.0.120 TCP 66 9011→52896 [ACK] Seq=1 Ack=8 Win=29056 Len=0 TSval=1212787727 TSecr=61025980
 6   0.000659   172.17.0.6 -> 192.168.0.120 TCP 86 9011→52896 [PSH, ACK] Seq=1 Ack=8 Win=29056 Len=20 TSval=1212787727 TSecr=61025980
 7   0.000803 192.168.0.120 -> 172.17.0.6   TCP 66 52896→9011 [ACK] Seq=8 Ack=21 Win=29312 Len=0 TSval=61025981 TSecr=1212787727
 8   0.000944 192.168.0.120 -> 172.17.0.6   TCP 81 52896→9011 [PSH, ACK] Seq=8 Ack=21 Win=29312 Len=15 TSval=61025981 TSecr=1212787727
 9   0.001023 192.168.0.120 -> 172.17.0.6   TCP 116 52896→9011 [PSH, ACK] Seq=23 Ack=21 Win=29312 Len=50 TSval=61025981 TSecr=1212787727
10   0.001055   172.17.0.6 -> 192.168.0.120 TCP 66 9011→52896 [ACK] Seq=21 Ack=73 Win=29056 Len=0 TSval=1212787727 TSecr=61025981
11   0.001305   172.17.0.6 -> 192.168.0.120 TCP 381 9011→52896 [PSH, ACK] Seq=21 Ack=73 Win=29056 Len=315 TSval=1212787727 TSecr=61025981
12   0.002021 192.168.0.120 -> 172.17.0.6   TCP 81 52896→9011 [PSH, ACK] Seq=73 Ack=336 Win=30336 Len=15 TSval=61025981 TSecr=1212787727
13   0.006775 192.168.0.120 -> 172.17.0.6   TCP 74 52898→9011 [SYN] Seq=0 Win=29200 Len=0 MSS=1460 SACK_PERM=1 TSval=61025982 TSecr=0 WS=128
14   0.006783   172.17.0.6 -> 192.168.0.120 TCP 74 9011→52898 [SYN, ACK] Seq=0 Ack=1 Win=28960 Len=0 MSS=1460 SACK_PERM=1 TSval=1212787728 TSecr=61025982 WS=128
15   0.006943 192.168.0.120 -> 172.17.0.6   TCP 66 52898→9011 [ACK] Seq=1 Ack=1 Win=29312 Len=0 TSval=61025982 TSecr=1212787728
16   0.008275 192.168.0.120 -> 172.17.0.6   TCP 178 52898→9011 [PSH, ACK] Seq=1 Ack=1 Win=29312 Len=112 TSval=61025982 TSecr=1212787728
17   0.008279   172.17.0.6 -> 192.168.0.120 TCP 66 9011→52898 [ACK] Seq=1 Ack=113 Win=29056 Len=0 TSval=1212787729 TSecr=61025982
18   0.008311   172.17.0.6 -> 192.168.0.120 TCP 66 9011→52898 [FIN, ACK] Seq=1 Ack=113 Win=29056 Len=0 TSval=1212787729 TSecr=61025982
19   0.008605 192.168.0.120 -> 172.17.0.6   TCP 73 52898→9011 [PSH, ACK] Seq=113 Ack=2 Win=29312 Len=7 TSval=61025983 TSecr=1212787729
20   0.008617   172.17.0.6 -> 192.168.0.120 TCP 54 9011→52898 [RST] Seq=2 Win=0 Len=0
21   0.008607 192.168.0.120 -> 172.17.0.6   TCP 66 52898→9011 [FIN, ACK] Seq=120 Ack=2 Win=29312 Len=0 TSval=61025983 TSecr=1212787729
22   0.008620   172.17.0.6 -> 192.168.0.120 TCP 54 9011→52898 [RST] Seq=2 Win=0 Len=0
23   0.040268   172.17.0.6 -> 192.168.0.120 TCP 66 9011→52896 [ACK] Seq=336 Ack=88 Win=29056 Len=0 TSval=1212787737 TSecr=61025981

解決方案:使用 JMXMP 而不是 RMI。

添加依賴項(例如 sbt):

deps += "org.glassfish.external" % "opendmk_jmxremote_optional_jar" % "1.0-b01-ea"

添加程式碼:

val port = 6831
javax.management.remote.JMXConnectorServerFactory.newJMXConnectorServer(
 new javax.management.remote.JMXServiceURL("service:jmx:jmxmp://127.0.0.1:" + port),
 Collections.emptyMap(),
 java.lang.management.ManagementFactory.getPlatformMBeanServer
).start()

下載庫opendmk_jmxremote_optional_jar並將其放入 VisualVM 文件夾 ($VISUALVM_HOME/platform/lib)。

執行 VisualVM 並連接到:

service:jmx:jmxmp://example.com:6831

基於此來源

引用自:https://serverfault.com/questions/789976