Chapter 6. Monitoring Enterprise Web Server with JBoss Operations Network

Complete this task to download the JBoss Operations Network (JON) plugin for JBoss Enterprise Web Server from the Red Hat Customer Portal.

Procedure 6.1. Download Installation Files

  1. Open http://access.redhat.com in a web browser.
  2. Click Downloads in the menu across the top of the page.
  3. Click Downloads in the list under JBoss Enterprise Middleware.
  4. Enter your login information.
    You are taken to the Software Downloads page.

  5. Download the JBoss Operations Network Plugin

    If you intend to use the JBoss Operations Network plugin for JBoss Enterprise Web Server, select JBoss ON for EWS from either the Software Downloads drop-down box, or the menu on the left.
    1. Click the JBoss Operations Network VERSION Base Distribution download link.
    2. Click the Download link to start the Base Distribution download.
    3. Repeat the steps to download the EWS Plugin Pack for JBoss ON VERSION
To allow JBoss Operations Network to monitor JBoss Enterprise Web Server, you need to configure the server to allow the JBoss ON discovery and give JBoss ON the needed access.

Procedure 6.2. Configuring User Permissions on a Unix Operating System

Note

For Windows, skip these steps and proceed to Procedure 6.3, “Configuring Monitoring”.
RHQ/JON agent needs read and write permission to the httpd and Tomcat directories.
To assign the permissions:
  • As a user with root privileges, run the following command to add the user, under which JON Agent runs to the tomcat and apache user groups: 
    # usermod -aG tomcat,apache <RHQ_AGENT_USER>

Procedure 6.3. Configuring Monitoring

JBoss Enterprise Web Servers are auto-discovered on Linux and Unix platforms. However, you need to configure the instance's JMX to allow proper handling of authentication and accurate Tomcat monitoring.
To set up JMX to handle authentication:
  1. Open the startup file of the respective JBoss Enterprise Web Server instance for editing:
    • on Red Hat Enterprise Linux installed from a ZIP file open /opt/jboss-ews-2.1/tomcat<VERSION>/bin/startup.sh
    • on Red Hat Enterprise Linux installed from a RPM files open /usr/sbin/tomcat<VERSION>
    • on Solaris open /opt/jboss-ews-2.1/tomcat<VERSION>/bin/startup.sh
    • on Windows open C:\Program Files\jboss-ews-2.1\share\tomcat<VERSION>\bin\startup.bat.
    • on Red Hat Enterprise Linux and on Solaris when running by daemon.sh open /opt/jboss-ews-2.1/tomcat<VERSION>/bin/setenv.sh
  2. Define an available port for JMX monitoring. Ensure the port is not blocked by any firewall. To ensure the port is not blocked, in the startup file, add the following line and substitute PORT_NUMBER with the number of the port dedicated to monitoring to the JAVA_OPTS variable:
    • on Red Hat Enterprise Linux and Solaris: 
      JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.port=PORT_NUMBER -Djava.rmi.server.hostname=IP_ADDRESS"
    • on Windows: 
      set "JAVA_OPTS=%JAVA_OPTS% -Dcom.sun.management.jmxremote.port=PORT_NUMBER -Djava.rmi.server.hostname=IP_ADDRESS"
  3. If you want to disable authentication and SSL for development purposes, add the following lines to the JAVA_OPTS variable in the startup file: 
    JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.ssl=false"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.authenticate=false"

    Important

    In production environments, add the following lines to the JAVA_OPTS variable in the startup file to secure JMX with SSL and restrict the access with a firewall:
    on Red Hat Enterprise Linux and Solaris
    JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.access.file=/opt/jboss-ews-2.1/jmxremote.access"
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.password.file=/opt/jboss-ews-2.1/jmxremote.password"
    on Windows:
    set "JAVA_OPTS=%JAVA_OPTS% -Dcom.sun.management.jmxremote.access.file=C:\Program Files\jboss-ews-2.1\jmxremote.access"
set "JAVA_OPTS=%JAVA_OPTS% -Dcom.sun.management.jmxremote.password.file=C:\Program Files\jboss-ews-2.1\jmxremote.password"
  4. Once the Tomcat server resource is discovered and imported into JBoss Operations Network inventory, it may be necessary to update the new resource's connection settings.
    1. Click Connection Settings in the JBoss Operations Network interface for the newly imported Tomcat Server resource.
    2. Verify the value of the Manager URL property to the RMI URL at which uses the correct JMX host name and port number as defined in the Tomcat server startup file. An example for this value is as follows: 
      service:jmx:rmi:///jndi/rmi://$IP_ADDRESS:$PORT/jmxrmi

Procedure 6.4. To configure JON monitoring for managing JBoss Enterprise Web Server Tomcat installed from RPMs:

  1. On the shell prompt become the root user.
  2. Set up JMX JAVA_OPTS properties in the /usr/sbin/tomcat<VERSION> file in the start and start-security sections. 
    if [ "$1" = "start" ]; then
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.port=8100 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=true -Dcom.sun.management.jmxr
emote.access.file="/etc/tomcat<VERSION>/jmxremote.access" -Dcom.sun.management.jmxremote.password.file="/etc/tomcat<VERSION>/jmxremote.password""

  ${JAVACMD} $JAVA_OPTS $LOGGING_CONFIG $CATALINA_OPTS \
    -classpath "$CLASSPATH" \
    -Dcatalina.base="$CATALINA_BASE" \
    -Dcatalina.home="$CATALINA_HOME" \
    -Djava.endorsed.dirs="$JAVA_ENDORSED_DIRS" \
    -Djava.io.tmpdir="$CATALINA_TMPDIR" \
    org.apache.catalina.startup.Bootstrap start \
     >> ${CATALINA_BASE}/logs/catalina.out 2>&1 & 
    if [ ! -z "$CATALINA_PID" ]; then
      echo $! > $CATALINA_PID
    fi
elif [ "$1" = "start-security" ]; then
JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.port=8100 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=true -Dcom.sun.management.jmxr
emote.access.file="/etc/tomcat<VERSION>/jmxremote.access" -Dcom.sun.management.jmxremote.password.file="/etc/tomcat<VERSION>/jmxremote.password""

  ${JAVACMD} $JAVA_OPTS $LOGGING_CONFIG $CATALINA_OPTS \
    -classpath "$CLASSPATH" \
    -Dcatalina.base="$CATALINA_BASE" \
  3. Set tomcat to run as root user in the /etc/tomcat<VERSION>/tomcat<VERSION>.conf file. 
    TOMCAT_USER="root"
  4. On the shell prompt, run the following command to start tomcat. 
    service tomcat<VERSION> start
  5. Start the JON agent.
  6. From the JBoss Operations Network Web UI, import JON agent and tomcat to JON.
  7. On the JBoss Operations Network Web UI, setup Tomcat connection configuration (principal and credentials).
  8. On the JBoss Operations Network Web UI, setup Tomcat Control method configuration to RPM System V init script.

    Note

    Start and Shutdown script may not be set because Tomcat plugin always runs service tomcat<VERSION> start/stop command for RPM System V init script configuration setting.

Procedure 6.5. JBoss Operations Network managing Tomcat installed as Windows service

  1. Install Tomcat as Windows service using the following command. 
    jboss-ews-2.1\share\tomcat6\bin\service.bat install
  2. Create jmxremote.access file with controlRole readwrite in the C:\jmx directory.
  3. Create jmxremote.password file with controlRole pwd in the C:\jmx directory.

    Note

    Set owner of jmxremote.access and jmxremote.password to SYSTEM and restrict access of jmxremote.password file only to user SYSTEM. The user SYSTEM must have only read access.
  4. Enable JMX for Tomcat windows service. 
    jboss-ews-2.1\sbin\tomcat6.exe //US//Tomcat6 ++JvmOptions="-Dcom.sun.management.jmxremote.port=8100;-Dcom.sun.management.jmxremote.access.file="C:\jmx\jmxremote.access";-Dcom.sun.management.jmxremote.password.file="C:\jmx\jmxremote.password";-Dcom.sun.management.jmxremote.ssl=false;-Dcom.sun.management.jmxremote.authenticate=true"
  5. Start Tomcat win service by Windows services application

    Note

    See the tomcat logs in logs directory to check if Tomcat win service has started.
  6. Install and configure JON agent. Type discovery in agent prompt to discover Tomcat windows service.
  7. On the JBoss Operations Network Web UI, click Inventory and then, click Discovery Queue to select import Tomcat and RHQ agent.
  8. On the JBoss Operations Network Web UI, go to platforms and search the agent name. Click on your agent.
  9. On the Agent page, Tomcat Servers are listed.
  10. Select your Tomcat server by clicking it.
  11. On the JBoss Operations Network Web UI, click on the Inventory tab and then configure the Tomcat Server in the Connection settings.
  12. Enter the Principal and Credentials information. use the controlRole and password set in jmxremote files.
  13. Set Control Method to RPM System V init script.

    Note

    You can not set Start and Shutdown Script fields.
  14. Click Save.
  15. Update the connection settings of Tomcat Server JVM and set Principal and Credentials.
Report a bug