问题
I run Tomcat7 using JDK7 on Centos6. I enable JMX using the following options:
CATALINA_OPTS="${CATALINA_OPTS} -Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9123 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.local.only=true"
Unfortunately, when I check what ports are opened I discover 2 additional random ports:
netstat -plunt | grep java
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 :::60555 :::* LISTEN 22752/java
tcp 0 0 ::ffff:127.0.0.1:8080 :::* LISTEN 22752/java
tcp 0 0 :::9123 :::* LISTEN 22752/java
tcp 0 0 :::40867 :::* LISTEN 22752/java
I guess that JMX should open one additional port JMX enabled Java application appears to open a random high order port when JMX client connects
Why JMX in Tomcat opens 2 additional ports?
How can I configure these ports?
If I configure -Dcom.sun.management.jmxremote.local.only=true means additional ports also can be accessed using local access only?
How can I configure ::ffff:127.0.0.1 will appear before all ports opened by JMX?
回答1:
You can use Tomcat's JMX Remote Lifecycle Listener which allows fixing the ports used by the JMX/RMI Server.
The JMX Remote Lifecycle Listener allows configuring the following ports:
rmiRegistryPortPlatform- The port to be used by the JMX/RMI registry for the Platform MBeans. This one should be used instead of thecom.sun.management.jmxremote.portsystem propertyrmiServerPortPlatform- The port to be used by the Platform JMX/RMI server.
In addtions you can configure the useLocalPorts attribute - Should any clients using these ports be forced to use local ports to connect to the the JMX/RMI server.
Notice that this listener requires catalina-jmx-remote.jar to be placed in $CATALINA_HOME/lib. This jar may be found in the extras directory of the binary download area.
来源:https://stackoverflow.com/questions/20699068/tomcat7-with-enabled-jmx-opens-2-additional-random-listening-ports