Jolokia: Difference between revisions
Felix.Marx (talk | contribs) |
|||
Line 23: | Line 23: | ||
| com.openexchange.jolokia.user | | com.openexchange.jolokia.user | ||
| | | | ||
| <nowiki>User used for authentication with HTTP Basic Authentication. If not given, | | <nowiki>User used for authentication with HTTP Basic Authentication. If not given, Jolokia will not start!</nowiki> | ||
|- | |- | ||
| com.openexchange.jolokia.password | | com.openexchange.jolokia.password | ||
| | | | ||
| <nowiki>Password used for authentification, if not set "secret" is used. | | <nowiki>Password used for authentification, if not set "secret" is used.</nowiki> | ||
|- | |- | ||
| com.openexchange.jolokia.restrict.to.localhost | | com.openexchange.jolokia.restrict.to.localhost |
Revision as of 13:43, 25 September 2013
How to interact with Jolokia for Open-Xchange
Open-Xchange does support Jolokia as a remote JMX-Bridge over HTTP.
By Version 7.4.0 ongoing, it is located inside Open-Xchange Bundle and configured by jolokia.properties
Additional information can be found at http://www.jolokia.org/ .
jolokia.properties
Key | Default value | Comment |
---|---|---|
com.openexchange.jolokia.start | false | start switch for jolokia |
com.openexchange.jolokia.servlet.name | /monitoring/jolokia | Under what servlet name jolokia will be published, please bear in mind that this should not be forwarded by apache and kept internal |
com.openexchange.jolokia.user | User used for authentication with HTTP Basic Authentication. If not given, Jolokia will not start! | |
com.openexchange.jolokia.password | Password used for authentification, if not set "secret" is used. | |
com.openexchange.jolokia.restrict.to.localhost | true | This setting will restrict jolokia access to localhost. It is completly ignored when a jolokia-access.xml is present |
Keep in mind that Jolokia will not start, unless you set com.openexchange.jolokia.start = true
, com.openexchange.jolokia.user = "yourUser"
and to com.openexchange.jolokia.password = "yourPassword"
.
When using Munin-Scripts with Jolokia, this user and password also need to be changed.
Things to mention about Jolokia
As Jolokia represents a JMX-Interface it is highly recommended to not forward it to the internet!
This is by default set through the use of com.openexchange.jolokia.restrict.to.localhost = true
and can be changed by either setting it to false
or providing a jolokia-access.xml
inside /opt/open-xchange/etc/
for further information how to setup this file, http://www.jolokia.org/reference/html/security.html is a good start as all those settings are usable.
Jolokia with Grizzly
When using Grizzly, you can connect to jolokia directly with the servers address, e.g.: http://oxserver1:8009/monitoring/jolokia
Jolokia with AJP
When using AJP, you need to enable forwarding for each server, keep in mind that those should be only accessable inside your intranet.
An Apache proxy_ajp.conf could look like this:
<Location /internal>
# restrict access to internal
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
# you might add more ip addresses / networks here
# if the apache is not on the same machine as the OX-server
# Allow from 192.168 10 172.16
</Location>
...
<Proxy /internal/ox1/monitoring>
ProxyPass ajp://oxhost1:8009/monitoring
</Proxy>
...
Jolokia on oxhost1 is accessable by http://apacheaddress/internal/ox1/monitoring/jolokia .