Chapter 10. Monitoring Enterprise Web Server with JBoss Operating Network

To allow JBoss Operating Network to monitor JBoss Enterprise Web Server, you need to configure the server to allow the JBoss ON discovery and give JBoss ON the needed access.

Procedure 10.1. Configuring User Permissions on a Unix Operating System

Note

If you are using Windows, skip these steps and proceed to Procedure 10.2, “Configuring Monitoring”.
RHQ/JON agent needs read and write permission to the httpd and Tomcat directories.
Follow this procedure to assign the permissions:
  1. At the shell prompt, become the root user.
  2. Run the following command to add the user, under which JON Agent runs to the tomcat and apache user groups:
    # useradd -G tomcat,apache <RHQ_AGENT_USER>

Procedure 10.2. Configuring Monitoring

JBoss Enterprise Web Servers are auto-discovered on Linux and Unix platforms. However, you need to configure the instance's JMX to allow proper handling of authentication and accurate Tomcat monitoring.
Follow this procedure to set up JMX to handle authentication:
  1. Open the startup file of the respective JBoss Enterprise Web Server instance for editing:
    • on Red Hat Enterprise Linux installed from a ZIP file open $EWS_HOME/tomcat<VERSION>/bin/startup.sh
    • on Red Hat Enterprise Linux installed from a RPM files open /usr/sbin/tomcat<VERSION>
    • on Solaris open /opt/redhat/ews/tomcat<VERSION>/bin/startup.sh
    • on Windows open C:\Program Files\Red Hat\Enterprise Web Server\sbin\tomcat<VERSION>.sh
  2. Define an available port for JMX monitoring. Make sure it is not blocked by any firewall. To do so, to the JAVA_OPTS variable in the startup file, add the following line and substitute PORT_NUMBER with the number of the port dedicated to monitoring:
    • on Red Hat Enterprise Linux and Solaris:
      JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.port=PORT_NUMBER"
      
    • on Windows:
      set "JAVA_OPTS=%JAVA_OPTS% -Dcom.sun.management.jmxremote.port=PORT_NUMBER"
      
  3. If you want to disable authentication and SSL for development purposes, add the following lines to the JAVA_OPTS variable in the startup file:
    JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.ssl=false"
    JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.authenticate=false"
    

    Important

    In production environments, add the following lines to the JAVA_OPTS variable in the startup file to secure JMX with SSL and restrict the access with a firewall:
    on Red Hat Enterprise Linux and Solaris
    JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.access.file=$EWS_HOME/jmxremote.access"
    JAVA_OPTS="${JAVA_OPTS} -Dcom.sun.management.jmxremote.password.file=$EWS_HOME/jmxremote.password"
    
    on Windows:
    set "JAVA_OPTS=%JAVA_OPTS% -Dcom.sun.management.jmxremote.access.file=c:\Program Files\Red Hat\Enterprise Web Server\jmxremote.access"
    set "JAVA_OPTS=%JAVA_OPTS% -Dcom.sun.management.jmxremote.password.file=c:\Program Files\Red Hat\Enterprise Web Server\jmxremote.password"
    

    Path to the HTTP Server

    The JON httpd plugin needs a specific directory to monitor the HTTP Server:
    • on Solaris and Red Hat Enterprise Linux: /etc/httpd
    • on Windows: C:\apache
    If the respective directory does not exist, create it before launching the JON agent.
    For further information about JBoss Operating Network refer to the Discovery chapter of the Basic Administration Guide.