From 39a19b144de6f7f245fb6aff86fb45b173037003 Mon Sep 17 00:00:00 2001 From: Amnon Heiman Date: Tue, 1 Mar 2016 19:47:55 +0200 Subject: [PATCH 1/3] Import RMIServerSocketFactoryImp from origin The RMIServerSocketFactoryImp is the way origin handle local port configuration. When used, the jmx can be set to listen on local traffic only. Signed-off-by: Amnon Heiman --- .../jmx/utils/RMIServerSocketFactoryImpl.java | 118 ++++++++++++++++++ 1 file changed, 118 insertions(+) create mode 100644 src/main/java/com/scylladb/jmx/utils/RMIServerSocketFactoryImpl.java diff --git a/src/main/java/com/scylladb/jmx/utils/RMIServerSocketFactoryImpl.java b/src/main/java/com/scylladb/jmx/utils/RMIServerSocketFactoryImpl.java new file mode 100644 index 0000000..3135d34 --- /dev/null +++ b/src/main/java/com/scylladb/jmx/utils/RMIServerSocketFactoryImpl.java @@ -0,0 +1,118 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +/* + * Copyright 2016 ScyllaDB + * + * Modified by ScyllaDB + */ + +package com.scylladb.jmx.utils; + +import java.io.IOException; +import java.lang.management.ManagementFactory; +import java.net.*; +import java.rmi.registry.LocateRegistry; +import java.rmi.server.RMIServerSocketFactory; +import java.util.HashMap; +import java.util.Map; + +import javax.management.remote.JMXConnectorServer; +import javax.management.remote.JMXServiceURL; +import javax.management.remote.rmi.RMIConnectorServer; +import javax.net.ServerSocketFactory; + +public class RMIServerSocketFactoryImpl implements RMIServerSocketFactory { + public static JMXConnectorServer jmxServer = null; + + public static void maybeInitJmx() { + String jmxPort = System + .getProperty("com.sun.management.jmxremote.port"); + + if (jmxPort == null) { + System.out.println( + "JMX is not enabled to receive remote connections."); + + jmxPort = System.getProperty("cassandra.jmx.local.port", "7199"); + String address = System.getProperty("jmx.address", "localhost"); + if (address.equals("localhost")) { + System.setProperty("java.rmi.server.hostname", + InetAddress.getLoopbackAddress().getHostAddress()); + } else { + try { + System.setProperty("java.rmi.server.hostname", + InetAddress.getByName(address).getHostAddress()); + } catch (UnknownHostException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + } + try { + RMIServerSocketFactory serverFactory = new RMIServerSocketFactoryImpl(); + LocateRegistry.createRegistry(Integer.valueOf(jmxPort), null, + serverFactory); + + StringBuffer url = new StringBuffer(); + url.append("service:jmx:"); + url.append("rmi://").append(address).append("/jndi/"); + url.append("rmi://").append(address).append(":").append(jmxPort) + .append("/jmxrmi"); + System.out.println(url); + Map env = new HashMap(); + env.put(RMIConnectorServer.RMI_SERVER_SOCKET_FACTORY_ATTRIBUTE, + serverFactory); + + jmxServer = new RMIConnectorServer( + new JMXServiceURL(url.toString()), env, + ManagementFactory.getPlatformMBeanServer()); + + jmxServer.start(); + } catch (IOException e) { + System.out.println( + "Error starting local jmx server: " + e.toString()); + } + + } else { + System.out.println( + "JMX is enabled to receive remote connections on port: " + + jmxPort); + } + } + + public ServerSocket createServerSocket(final int pPort) throws IOException { + return ServerSocketFactory.getDefault().createServerSocket(pPort, 0, + InetAddress.getLoopbackAddress()); + } + + public boolean equals(Object obj) { + if (obj == null) { + return false; + } + if (obj == this) { + return true; + } + + return obj.getClass().equals(getClass()); + } + + public int hashCode() { + return RMIServerSocketFactoryImpl.class.hashCode(); + } + +} From f3610f1a02401d0282b10f11764150f60f3e3467 Mon Sep 17 00:00:00 2001 From: Amnon Heiman Date: Tue, 1 Mar 2016 19:49:31 +0200 Subject: [PATCH 2/3] Main: use the RMIServerSocketFactoryImp jmx init This patch init the jmx proxy from the RMIServerSocketFactoryImp init function. This way the jmx can be set to listen on local port only. Signed-off-by: Amnon Heiman --- src/main/java/com/scylladb/jmx/main/Main.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/main/java/com/scylladb/jmx/main/Main.java b/src/main/java/com/scylladb/jmx/main/Main.java index 4661874..91e31f1 100644 --- a/src/main/java/com/scylladb/jmx/main/Main.java +++ b/src/main/java/com/scylladb/jmx/main/Main.java @@ -4,6 +4,7 @@ package com.scylladb.jmx.main; import com.scylladb.jmx.api.APIConfig; +import com.scylladb.jmx.utils.RMIServerSocketFactoryImpl; import org.apache.cassandra.db.ColumnFamilyStore; import org.apache.cassandra.db.commitlog.CommitLog; @@ -24,6 +25,7 @@ public class Main { APIConfig.setConfig(); System.out.println("Connecting to " + APIConfig.getBaseUrl()); System.out.println("Starting the JMX server"); + RMIServerSocketFactoryImpl.maybeInitJmx(); StorageService.getInstance(); StorageProxy.getInstance(); MessagingService.getInstance(); From 105a1b5a1b442f0327aa18ba55bc6ac51651bbfb Mon Sep 17 00:00:00 2001 From: Amnon Heiman Date: Tue, 1 Mar 2016 19:52:26 +0200 Subject: [PATCH 3/3] scylla-jmx: Support local only jmx port by default This patch set the jmx proxy to listen on local traffic by default and adds a command line switch to allow remote conectivity. Signed-off-by: Amnon Heiman --- scripts/scylla-jmx | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/scripts/scylla-jmx b/scripts/scylla-jmx index dd7b4fe..e29ea9f 100755 --- a/scripts/scylla-jmx +++ b/scripts/scylla-jmx @@ -13,6 +13,8 @@ PARAM_ADDR="-a" PARAM_LOCATION="-l" LOCATION="target" PARAM_FILE="-cf" +ALLOW_REMOTE="-r" +REMOTE=0 print_help() { cat < - The API address to connect to $PARAM_FILE - A configuration file to use $PARAM_LOCATION - The location of the jmx proxy jar file + $ALLOW_REMOTE - When set allow remote jmx connectivity HLPEND } @@ -61,6 +64,10 @@ do CONF_FILE="-Dapiconfig="$2 shift 2 ;; + "$ALLOW_REMOTE") + REMOTE=1 + shift 1 + ;; "$PARAM_HELP") print_help exit 0 @@ -69,4 +76,10 @@ do esac done -exec java $API_ADDR $API_PORT $CONF_FILE -Xmx256m -XX:+UseSerialGC -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=$JMX_PORT -Dcom.sun.management.jmxremote.rmi.port=$JMX_PORT -Dcom.sun.management.jmxremote.local.only=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -jar $LOCATION/scylla-jmx-1.0.jar +if [ $REMOTE -eq 1 ]; then + REMOTE="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=$JMX_PORT -Dcom.sun.management.jmxremote.rmi.port=$JMX_PORT -Dcom.sun.management.jmxremote.local.only=false" +else + REMOTE="-Dcassandra.jmx.local.port=$JMX_PORT" +fi + +exec java $API_ADDR $API_PORT $CONF_FILE $REMOTE -Xmx256m -XX:+UseSerialGC -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -jar $LOCATION/scylla-jmx-1.0.jar