Page History

...

• About J2EE remote instance monitoring
• Preparing J2EE remote instance monitoring
• Installing the J2EE remote instance
• Installation on WebSphere
• Additional information

Anchor
AboutJ2EEremoteinstancemonitoring AboutJ2EEremoteinstancemonitoring

About J2EE remote instance monitoring

If there are security restrictions that prevent the installation of the Precise Listener on the monitored JVM server, you can monitor J2EE instances remotely without installing the Precise Listener there. In that case, the following features which are available in regular J2EE monitoring, are not available:

...

• Performance case. If you have a very large activity amount which is sent to one SSL listener, you can configure several Precise Listeners as consumers to load balance the data processing and the load to the PMDB.
• Security case. If the monitored server and the FocalPoint are located in different security zones (the monitored server zone cannot approach to the FocalPoint zone), you can configure an SSL Listener in the monitored server zone, and a consumer Listener in the FocalPoint zone, so that the FocalPoint zone will initiate the communication. The SSL and Consumer configuration can be applied to both the Precise FocalPoint and Precise Listener.

Anchor
PreparingJ2EEremoteinstancemonitoring PreparingJ2EEremoteinstancemonitoring

Preparing J2EE remote instance monitoring

The preparation of J2EE remote instance monitoring is described in three parts:

...

Perform the part in the order as described.

Installing an SSL Listener

Install a new Precise Listener or edit an existing Precise Listener installation and configure the server to be an SSL Listener.

...

Windows   infra\bin\psin_cli.bat
                   -i3-user admin
                   -i3-clear-password admin
                   -action setup
                   -parameter setup-process=server
                   -parameter handle-server-machine-name=sun5
                   -parameter setup-mode=edit
                   -parameter server-machine-ssl-sun5=true
                   -parameter server-machine-ssl-port-sun5=1443
UNIX           infra/bin/psin_cli.sh
                   -i3-user admin
                   -i3-clear-password admin
                   -action setup
                   -parameter setup-process=server
                   -parameter handle-server-machine-name=sun5
                   -parameter setup-mode=edit
                   -parameter server-machine-ssl-sun5=true
                   -parameter server-machine-ssl-port-sun5=1443

Installing a consumer Listener

Install a new Precise Listener or edit an existing Precise Listener installation and configure the server to be a consumer Listener. The consumer Listener mode is set by the server-machine-consumer-mode-<SERVER_NAME> property. For example, to enable the consumer Listener on server sun5, run the following CLI utility command on the Main Precise FocalPoint server:

...

Windows    infra\bin\psin_cli.bat
                    -i3-user admin
                    -i3-clear-password admin
                    -action setup
                    -parameter setup-process=server
                    -parameter handle-server-machine-name=sun5
                    -parameter setup-mode=edit
                    -parameter server-machine-consumer-mode-sun5=true
                    -parameter server-machine-consume-target-sun5=hp2
UNIX            infra/bin/psin_cli.sh
                    -i3-user admin
                    -i3-clear-password admin
                    -action setup
                    -parameter setup-process=server
                    -parameter handle-server-machine-name=sun5
                    -parameter setup-mode=edit
                    -parameter server-machine-consumer-mode-sun5=true
                    -parameter server-machine-consume-target-sun5=hp2

Creating the deployment package

To create the deployment package

Run the following CLI utility script to create the deployment.zip file that should later be extracted on the remote monitored instance server. The deployment.zip file can be created once and there is no need to recreate the deployment.zip file for each instance that you want to monitor. This deployment.zip file is later used in the installation stage.

...

Anchor
InstallingtheJ2EEremoteinstance InstallingtheJ2EEremoteinstance

Installing the J2EE remote instance

To monitor a remote J2EE instance, perform the following steps to install the J2EE remote instance:

1. Copy the deployment.zip file to the J2EE instance server.

2. Extract it to a local folder.

   Info
   Verify that the JVM user has full permissions in the local folder, as the JVM must have access to the folder and files within it to initiate the installation of the J2EE instance. The files also contain the access key to the Precise installation and should only be accessible to the relevant JVM user.

   Info
   You should keep one folder per monitored instance on the server.

3. Add the following JVM parameters to the JVM startup script, where <LOCAL_LIB> is the extracted directory name.
   1. For WebSphere, see Installation on WebSphere.

   2. For anything else:
      -javaagent:<LOCAL-LIB>/products/j2ee/lib/indepthj2ee-agent.jar
      Alternatively, you can run the displayParams script, which will generate the JVMparameter.

      Info
      For more information on JVM arguments, see JVM arguments.

4. Restart the JVM to initiate the instance installation.

Anchor
JVMarguments JVMarguments

JVM arguments

This section describes recommended guidelines to follow for the JVM aguments.

...

Supported values are  SOCKS, HTTP, and DIRECT. The default value is SOCKS.

Anchor
JVMnaming JVMnaming

JVM naming

It is highly recommended to specify the JVM name in the JVM arguments as described in JVM arguments! If you did not follow the recommendation, the JVM name will be resolved automatically in the following way:

• For WebLogic and WebSphere JVMs running as WebLogic/WebSphere console managed servers correspondingly, the JVM name will be set to the server name if it was not specified explicitly.
• For the rest of the JVMs the JVM name will be set to <server_name>_<running_number>, where <server_name> is the name of the server on which the JVM runs, while <running_number> will help to distinguish between different JVMs running on the same server, but using different extracted Precise folders.
• ***(Requires testing and decision if we support this case!!!!)***If more than one JVM will be run on the same server using the same extracted Precise folder and for none of them the JVM name argument is supplied, the activity of both JVMs will be presented in the same invocations tree and the metrics values will be displayed as average values between all the JVMs.

Shared script JVMs

If several JVMs are sharing the startup script where Precise JVM arguments were added, all of them will be started up with the same JVM name, whether it was specified or not. In such case all the data of the JVMs will be presented in the same way as described in the third bullet of JVM naming.

Advanced installation notes

This section contains advanced installation notes.

...

The find the related instance ID, use the get-instance-id command, see Installing a new instance while keeping historical data from an old instance on page 82.

Anchor
#InstallationonWebSphere #InstallationonWebSphere

Installation on WebSphere

This section describes the installation procedure for WebSphere and if Java 2 Security is enabled.

Installation procedure for WebSphere

For J9, add the following to the JVM argument:

...

Alternatively, you can run the displayParams script, which will generate the JVMparameter.

Java 2 Security is enabled

Perform the following procedure.

...

1. Connect to the WebSphere admin console with a user that has administration rights.
2. In Admin Console>Security>Global Security, check if the Java 2 Security check box is checked.
   1. If Java 2 Security is enabled, certain permissions need to be explicitly granted in a server.policy file.
      1. Determine the location of the server.policy file. This can be found by examining the JVM startup command and locating the Djava.security.policy argument. It typically looks like this:
         -Djava.security.policy=<IBM Installation folder>\WebSphere\AppServer\profiles\<PROFILE>\properties\server.policy where <PROFILE> is the profile name.
   2. If no such argument is found, add one using the above example.

3. Add the following to the server.policy file:
   grant {
   permission java.util.PropertyPermission "indepth.j2ee.classLoaderHandle", "read";
   };
   grant codeBase "file: <PRECISE_LIB>/-" {
   permission java.security.AllPermission;
   };

   Info
   The < PRECISE_LIB> inside the server.policy file needs to be specified using URL format. For example: Windows grant codeBase "file:/E:/Precise/-" { permission java.security.AllPermission; }; UNIX grant codeBase "file:/opt/precise/-" { permission java.security.AllPermission; };

Anchor
#Additionalinformation #Additionalinformation

Additional information

For information on uninstallation of the remote J2EE instance, see Editing or removing tier instances or clusters.

For information on monitoring settings for a remote J2EE instance, see J2EE Remote Instance Monitoringremote instance monitoring.