Using VisualVM to connect to a remote jstatd instance through a firewall

java linux freebsd
Ben Baron picture Ben Baron · Sep 15, 2011 · Viewed 37.1k times · Source

Possible Duplicate:
VisualVM over ssh

I'm writing this question and answering it because I spent a few hours getting this to work today and no answer I found on here worked for me. Hopefully this is helpful for others. If you have another solution than the one I ended up using, please feel free to answer the question as well. If yours is better I'll accept yours instead.

The problem: I'm trying to monitor some home made java applications on my FreeBSD server (this should apply to Linux servers as well) using VisualVM and jstatd, but I can't get VisualVM to list the processes on the server even after I forwarded the assigned and random jstatd ports in my firewall and can see a connection being made using sockstat.

Answer

Ben Baron picture Ben Baron · Sep 15, 2011

Instead of creating a firewall rule every time I run jstatd (because it annoyingly chooses a new random port each time), I got it to work with SSH tunnels.

First I ran jstatd on the server to find which ports I needed to tunnel. That is done by (in my case) first creating a policy file called tools.policy with the following contents:

grant codebase "file:${java.home}/../lib/tools.jar" {
    permission java.security.AllPermission;
};

Then running the following command: jstatd -J-Djava.security.policy=tools.policy

Then I determined the random port jstatd was using by running sockstat | grep jstat (may need to use netstat instead on Linux, I'm not sure).

Then lets say the random port is 55663, I created two SSH tunnels on my local machine, one for the standard jstatd port 1099 and the other for 55663 by running the following commands in two terminal windows (haven't done this on Windows, but I'm pretty sure putty can do it):

ssh -L 1099:localhost:1099 login_name@host_name

ssh -L 55663:localhost:55663 login_name@host_name

Once the two tunnels were open, I opened VisualVM and right clicked on the "Local" machine on the left side and chose "Add jstatd Connection". I clicked the "Add Default" button on the right and made sure the port was set to 1099. I hit the "OK" button to save it and immediately saw my remote Java processes show up in the "Local" section.

Related questions

Error: Could not find or load main class

I am having trouble compiling and running my Java code, intended to allow me to interface Java with a shared object for Vensim, a simulation modeling package. The following code compiles without error: javac -d . -cp ./apache-log4j-1.2.16/log4j-1.2.16.…

Read More
How to set JAVA_HOME in Linux for all users

I am new to Linux system and there seem to be too many Java folders. java -version gives me: java version "1.7.0_55" OpenJDK Runtime Environment (rhel-2.4.7.1.el6_5-x86_64 u55-b13) OpenJDK 64-Bit Server VM (build 24.51-b03, mixed mode) When I am …

Read More
Command-line Tool to find Java Heap Size and Memory Used (Linux)?

Is there a Command-line Tool (Linux) to check Heap Size (and Used Memory) of a Java Application? I have tried through jmap. But it gives info. about internal memory areas like Eden/ PermGen etc., which is not useful to me. …

Read More