Monitoring the health of the Apache Geronimo server

JConsole is a Java Management eXtension (JMX) compliant GUI tool that can be used to connect to a running Geronimo server instance. In JConsole, you will be able to monitor the JVM memory usage, threads stack trace, loaded classes and VM information as well as Geronimo MBeans.

Monitoring Geronimo in JConsole

To make Geronimo accessible to JConsole you can simply deactive both password authentication and secure socket layer (SSL) encryption:

If you are running the server with IBM JDK 6, you have to add the following Java options to disable password authentication and SSL connection. Note that the command should be typed on a single line.
- On a Windows system
```
set JAVA_OPTS=-Dcom.sun.management.jmxremote.port=<port> -Dcom.sun.management.jmxremote.authenticate=false
-Dcom.sun.management.jmxremote.ssl=false
```
- On a Linux system
```
export JAVA_OPTS="-Dcom.sun.management.jmxremote.port=<port> -Dcom.sun.management.jmxremote.authenticate=false  
-Dcom.sun.management.jmxremote.ssl=false"
```
where

<port> is a free port on which you would like to enable this connection.
Start the server.
Then, run the command jconsole from <JDK_HOME>\bin directory.
In the dialog New connection of JConsole, input the connection information in the Remote Process field.
- <ipaddr>:<port> for monitoring local server overall information, for example memories, threads, and VM summaries.
- service:jmx:rmi:///jndi/rmi://<ipaddr>:1099/JMXConnector for monitoring Geronimo information in MBeans tab. In this case, tabs other than MBeans are inactive.
  where
  - <ipaddr> can be localhost if you are monitoring the local server, and can be host name if the monitoring remote machine can access the Geronimo server via ping command.
  - <port> is the port number you specified in Java options.
  - 1099 is the default naming port for Geronimo.
Then click OK. Note that information may vary when you are using IBM SDK or Sun SDK.

Monitor Geronimo in JConsole with secure JMX connection enabled

Password authentication over secure sockets layer (SSL) can be used to ensure that unauthorized persons cannot control or monitor your server. Before connecting to the secure JMX server in JConsole, you have to make a few configuration steps to disable the non-secure JMX server and start the jmx-security module.

Enable JMX-security module of the Geronimo server.
Then, open a command window and set environment variable.
- On a Windows system
```
set GERONIMO_HOME=<Geronimo_HOME>
```
- On a Linux system
```
export GERONIMO_HOME=<Geronimo_HOME>
```
where <Geronimo_HOME> is the installation directory of the Geronimo server
Run <JDK_HOME>/bin/jconsole via the following command. Note that the command has been split across several lines for readability. The command must be typed on a single line.
- On a Windows system
```
jconsole \-J-D-Dorg.apache.geronimo.keyStoreTrustStorePasswordFile=%myDir%/KeystoreTrustSotrePasswordFile.key
```
- On a Linux system
```
jconsole \-J-D-Dorg.apache.geronimo.keyStoreTrustStorePasswordFile=$myDir/KeystoreTrustSotrePasswordFile.key
```
Where

_myDir_ is the location of your trusted keystore file. By default, the content of file is from /var/config/config-substitutions.properties file. See Creating your keystorefile for SSL authentication for more details.
In the dialog Connect to Agent of JConsole, click Advanced, and input the information:
- JMX URL: service:jmx:rmi:///jndi/rmi://<ipaddr>:1099/JMXSecureConnector
- User Name: system (or user name you set)
- Password: manager (or password you set)
  where
  - <ipaddr> can be localhost if you are monitoring the local server, and can be host name if the monitoring remote machine can access the Geronimo server via ping command.
  - 1099 is the default naming port for Geronimo.
Then click OK. JConsole will connect to Geronimo MBeans management interface. Switch to Means tab for server-wide information. In this case, tabs other than MBeans are inactive. Note that information may vary when you are using IBM SDK or Sun SDK.