Remote JMX connections are sent to localhost

Question

I' m trying to set up remote JMX monitoring on a Java process. These are the options I'm giving the JVM to start it:

JAVA_OPTS="-server -Xms1G -Xmx1G -XX:MaxPermSize=512m "
JMX_OPTS="-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=57011 -Dcom.sun.management.jmxremote.authenticate=false"
JMX_OPTS="$JMX_OPTS -Dcom.sun.management.jmxremote.ssl=false -Dfoo.jmx=true -Dfoo.jmx.detailed=true"
JMX_OPTS="$JMX_OPTS -Djava.rmi.server.host=192.168.9.121"
LOG_OPTS="-Dfoo.logging.type=log4j -DLOGDIR=${SERVERDIR}/logs"
ASD_OPTS="-Dfoo.conf.file=file:${PROPFILE} -cp ${CLASSPATH} foo"
/usr/bin/nohup ${JAVA_EXE} $JAVA_OPTS $JMX_OPTS $LOG_OPTS $ASD_OPTS 1>${SERVERDIR}/service.log 2>&1 &

I'm able to connect using Jconsole locally, but when I connect from a remote host, I get following error (cut for brevity's sake)

Java.rmi.ConnectException: Connection refused to host: 127.0.0.1; nested exception is: 
java.net.ConnectException: Connection refused: <snip>

So despite the explicit declaration saying to bind to 192.168.9.121 (-Djava.rmi.server.host), JMX is still binding to the remote system's loopback interface.

The only workaround I've found is to modify my /etc/hosts to set the system's FQDN like so:

127.0.0.1       localhost localhost.localdomain
192.168.9.121   my.servers.fqdn.com

Based on the fact that every Linux system I've ever seen has "my.servers.fqdn.com" pointing at 127.0.0.1, I can only imagine weird problems with changing this.

How can I get remote JMX monitoring working without this hack?

The system is CentOS 6, Java 1.6.0_35, firewall disabled for testing.

Are you sure the property isn't java.rmi.server.hostname, not java.rmi.server.host? — Mark Wagner, May 15 '13 at 22:51
You probably should _not_ have the FQDN defined as 127.0.0.1 in `/etc/hosts`. This can cause all sorts of things to go haywire. — Michael Hampton, May 15 '13 at 22:57
Mark is correct. I had typo'd java.rmi.server.hostname. Thank you! — grog_7, May 16 '13 at 15:55

ultra.deep · Answer 1 · 2019-06-28T11:02:04.723

2

I have this problem exactly... I used tomcat 9.0.19 and centos7 server... finally, I add following properties inside of path/to/tomcat/bin/setenv.sh :

CATALINA_OPTS="$CATALINA_OPTS 
-Dcom.sun.management.jmxremote 
-Dcom.sun.management.jmxremote.port=1099 
-Dcom.sun.management.jmxremote.rmi.port=1099 
-Dcom.sun.management.jmxremote.authenticate=false 
-Dcom.sun.management.jmxremote.ssl=false 
-Djava.rmi.server.hostname=192.168.1.20 
-Djmx.rmi.registry.port=1099 
-Djmx.rmi.port=1099 
" 

export CATALINA_OPTS

and restart your tomcat...

192.168.1.20 is my local server and 1099 is my jmx port. this configuration worked for me.

edited Jun 28 '19 at 11:02

answered Jun 28 '19 at 10:53

ultra.deep

151
6

I was having trouble configuring jmx to run on the localhost/loopback address for security purposes. The client kept connecting to the server's public IP address. The config item "-Djava.rmi.server.hostname=127.0.0.1" is what was needed to get this working for me. – Bryan Solan Sep 24 '21 at 20:30

Remote JMX connections are sent to localhost

1 Answers1