multiple app nodes how to expose jmx in kubernetes?

  1. In kubernetes I can expose services with service. This is fine.
  2. Lets say I have 1 web instance and 10 java server instances.
  3. I have a windows gateway I’m used to access those 10 java servers instances via the jconsole installed on it.
  4. Obviously I do not expose all apps jmx port via kubernetes service.

What are my options here? how should I allow this external to kubernetes cluster windows gateway access to those 10 servers jmx ports? Any practices here?

  • Elastic Beanstalk with Docker deployment failure
  • How to download docker images without using pull command?
  • Can't resolve hostnames between docker containers
  • Cannot connect to the Docker daemon on Windows 7
  • Multiple dokku apps one domain
  • docker Django runserver blocks binaries connecting to MySQL DB
  • Docker-compose up directory error with Python3
  • How to connect to SSHD inside a Docker container from Windows?
  • Cannot save a Spark Model with a Dockerized Spark cluster
  • docker - how can we export/import (or save/load) only the new changes?
  • Cannot validate certificate for ip because it doesn't contain any IP SANs
  • Is migration from docker to vm possible?
  • 3 Solutions collect form web for “multiple app nodes how to expose jmx in kubernetes?”

    Another option is to forward JMX port from K8 pod to your local PC with kubectl port-forward.

    I do it like this:

    1). Add following JVM options to your app:

    -Dcom.sun.management.jmxremote
    -Dcom.sun.management.jmxremote.authenticate=false
    -Dcom.sun.management.jmxremote.ssl=false
    -Dcom.sun.management.jmxremote.local.only=false
    -Dcom.sun.management.jmxremote.port=1099
    -Dcom.sun.management.jmxremote.rmi.port=1099
    -Djava.rmi.server.hostname=127.0.0.1
    

    The critical part here is that:

    • The same port should be used as ‘jmxremote.port’ and ‘jmxremote.rmi.port’. This is needed to forward one port only.

    • 127.0.0.1 should be passed as rmi server hostname. This is needed for JMX connection to work via port-forwarding.

    2). Forward the JMX port (1099) to your looptionscal PC via kubectl:

    kubectl port-forward <your-app-pod> 1099
    

    3). Open jconsole connection to your local port 1099:

    jconsole 127.0.0.1:1099
    

    This way because makes it possible to debug any Java pod via JMX without having to publicly expose JMX via K8 service (which is better from security perspective).

    We did it in following way

    1. Add a unique label for each pod. ex: podid=asdw23443
    2. Create a new service with selector of podid=asdw23443. Make sure in the service you expose jmx ports on pod through nodeport or loadbalancer.

    If you are selecting nodeport in service, because you a doing a NAT operation you may have to give following JVM argument for each jvm you need to connect through jconsole

    -Djava.rmi.server.hostname=<your-ip-address>
    

    I think one way is to add a label to your pod with a unique string \ id for example pod_name and use the expose command to create a new service with the selector of this unique id\string.

    kubectl label pods <podname> podname=<podname>
    kubectl expose pod <podname> --port=9010 --name=<podname>_jmx
    
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.