26.1 Using JMX to Monitor the Vibe Site

Java Management Extensions (JMX) is a Java technology for managing and monitoring applications, system objects, devices, and services. It is a lightweight, non-intrusive mechanism for gathering and monitoring useful runtime statistics. You can use JMX in addition to other tools that are included in the Vibe product to monitor your Vibe site.

26.1.1 Installing and Configuring JMX for Vibe

  1. Install Vibe as described in the Novell Vibe 3.2 Installation Guide.

  2. Navigate to the following directory on the Vibe server:

    Linux:

    /opt/novell/teaming/apache-tomcat/conf 
    

    Windows:

    c:\Program Files\Novell\Teaming\apache-tomcat\conf
    
  3. Open the vibe.management.properties file in a text editor.

  4. Uncomment the following line:

    #com.sun.management.jmxremote.port=8642
    

    If this port is already in use on your server, change the port number to a port that is not in use.

  5. (Recommended) To require authentication when accessing Vibe remotely through JMX, change the value of the following property to true:

    com.sun.management.jmxremote.authentication=false
    

    For more information about requiring authentication when accessing Vibe remotely through JMX, see Section 26.1.2, Requiring Authentication When Accessing Vibe through JMX.

  6. By default, SSL is not enabled when accessing Vibe through JMX. If the JMX user is accessing Vibe from within the firewall (which is recommended), there is no reason to require an SSL connection. If SSL is required by your organization, you can enable it.

    To require an SSL connection when accessing Vibe remotely through JMX, change the value of the following property to true:

    com.sun.management.jmxremote.ssl=false
    

    If you require an SSL connection when accessing Vibe through JMX, you must also set up a certificate and configure SSL as instructed in the online JMX documentation.

  7. Save your changes, then close the text editor.

  8. Stop and restart the Vibe server.

26.1.2 Requiring Authentication When Accessing Vibe through JMX

For security reasons, you should configure JMX to require authentication when accessing Vibe. In a clustered environment where a firewall is protecting your entire system but where there is no firewall running between individual nodes (which is the recommended configuration), it is extremely important that authentication is required when accessing Vibe through JMX in order to prevent an unauthorized entity from gaining access to the Vibe system.

After you have required authentication for the JMX user as discussed in Section 26.1.1, Installing and Configuring JMX for Vibe, you need to finish setting up the authentication:

Specifying a Password for One or Both JMX User Types

The properties discussed in this section represent JMX user types that can have access to Vibe through JMX. These are not Vibe users, but rather are JMX users. These users are not reflected anywhere in your Vibe system.

  1. Navigate to the following directory on the Vibe server:

    Linux:

    /opt/novell/teaming/apache-tomcat/conf 
    

    Windows:

    c:\Program Files\Novell\Teaming\apache-tomcat\conf
    
  2. Open the jmxremote.password file in a text editor.

  3. Uncomment one or both of the user types, depending on whether you want the JMX user to have Read Only access or Read/Write access through JMX. If you plan to use only one user type (for example, Read/Write), leave the other one commented out.

    Read Only access: Allows the JMX user to monitor or view Vibe data through JMX.

    To configure the JMX user to have Read Only access, uncomment the following user type:

    # monitorVibeRole XYZ
    

    Read/Write access: Allows the JMX user to perform state-changing actions such as initiating garbage collection of the JVM, changing an attribute of an MBean, or executing an operation on an MBean, as well as monitoring and viewing Vibe data through JMX.

    To configure the JMX user to have Read/Write access, uncomment the following user type:

    # controlVibeRole A&B
    
  4. Replace the XYZ and/or A&B values to a secure password. For example, if you want to change the password for Read/Write access to novell, the line would look like the following:

    controlVibeRole novell
    

    Passwords are case-sensitive.

  5. Save the jmxremote.password file and close the text editor.

Restricting Access to the Password File

The jmxremote.password file displays the usernames of the JMX users who can access the Vibe site through JMX, together with the passwords for these users, in plain text. For this reason it is important that you restrict access to this file to only the file owner, which is the operating system account where the Vibe server is running.

Restricting Access to the Password File on Linux

If your Vibe server is running on a Linux operating system, the file permissions are changed automatically when Vibe is installed. (The Vibe program runs this command: chmod 600 vibe.jmxremote.password.)

Restricting Access to the Password File on Windows

If your Vibe server is running on a Windows operating system, you must change the permissions manually after Vibe is installed. For instructions on how to set file permissions on Windows, see How to Secure a Password File on Microsoft Windows Systems.

26.1.3 Using JConsole to Monitor the Vibe Site

JConsole is a Java monitoring tool that comes with JDK. You can use JConsole to monitor your Vibe site through JMX.

Starting JConsole

Because JConsole requires a considerable amount of system resources in order to run, you should not run JConsole from the same machine where Vibe is running. The section describes how to connect JConsole to Vibe from a remote machine.

The machine that you run JConsole from must have a JDK installed.

  1. Navigate to the location where your JDK is installed, then in the bin directory launch following file appropriate for your operating system:

    Linux:

    jconsole

    Windows:

    jconsole.exe

    The New Connection dialog box is displayed.

  2. Select Remote Process, then specify the hostname and port number of the server where Vibe is running.

  3. In the Username and Password fields, specify the username and password that you created in Specifying a Password for One or Both JMX User Types.

  4. Click Connect.

    The Java Monitoring & Management Console is displayed.

Using JConsole to Monitor Vibe

JConsole contains several tabs that help you monitor various aspects of your server. Information specific to Vibe is found in the MBeans tab in the Vibe folder. For specific information about the other tabs in JConsole, see Using JConsole.

Using Zenoss Core to Supplement JConsole Monitoring

Zenoss Core is not a replacement for JConsole, but it can provide additional monitoring functionality. Zenoss provides the following capabilities:

  • Define alerts on an MBean attribute based on the attribute’s acceptable value range, without relying on the JMX notification mechanism.

  • Display performance graphs to view how data points change over time (JConsole displays only the current snapshot).

For more information about Zenoss, see Zenoss Core - Enterprise IT Monitoring.