multiple app nodes how to expose jmx in kubernetes?

  1. In kubernetes I can expose services with service. This is fine.
  2. Lets say I have 1 web instance and 10 java server instances.
  3. I have a windows gateway I’m used to access those 10 java servers instances via the jconsole installed on it.
  4. Obviously I do not expose all apps jmx port via kubernetes service.

What are my options here? how should I allow this external to kubernetes cluster windows gateway access to those 10 servers jmx ports? Any practices here?

  • Default path to install Nexus Docker Container from AWS EC2
  • node.js in a dockerfile cant connect to mongolabs via mongoose: getaddrinfo ESRCH
  • Can Docker plugins inspect label metadata from starting image?
  • Docker build auth error
  • How to sync back files from a Docker container to its host?
  • How does Hotspot JVM determine exactly the current timezone on Linux(Centos)?
  • “docker-machine rm” failing on non-existent EC2 instance
  • Docker-compose migrating from links to networking MongoDB database issue
  • How to remove old Docker containers
  • Can't connect in php to db in postgres-docker-container
  • How to install multiple php versions on a single docker container
  • Running meteor app with Docker
  • 3 Solutions collect form web for “multiple app nodes how to expose jmx in kubernetes?”

    Another option is to forward JMX port from K8 pod to your local PC with kubectl port-forward.

    I do it like this:

    1). Add following JVM options to your app:

    -Dcom.sun.management.jmxremote
    -Dcom.sun.management.jmxremote.authenticate=false
    -Dcom.sun.management.jmxremote.ssl=false
    -Dcom.sun.management.jmxremote.local.only=false
    -Dcom.sun.management.jmxremote.port=1099
    -Dcom.sun.management.jmxremote.rmi.port=1099
    -Djava.rmi.server.hostname=127.0.0.1
    

    The critical part here is that:

    • The same port should be used as ‘jmxremote.port’ and ‘jmxremote.rmi.port’. This is needed to forward one port only.

    • 127.0.0.1 should be passed as rmi server hostname. This is needed for JMX connection to work via port-forwarding.

    2). Forward the JMX port (1099) to your looptionscal PC via kubectl:

    kubectl port-forward <your-app-pod> 1099
    

    3). Open jconsole connection to your local port 1099:

    jconsole 127.0.0.1:1099
    

    This way because makes it possible to debug any Java pod via JMX without having to publicly expose JMX via K8 service (which is better from security perspective).

    We did it in following way

    1. Add a unique label for each pod. ex: podid=asdw23443
    2. Create a new service with selector of podid=asdw23443. Make sure in the service you expose jmx ports on pod through nodeport or loadbalancer.

    If you are selecting nodeport in service, because you a doing a NAT operation you may have to give following JVM argument for each jvm you need to connect through jconsole

    -Djava.rmi.server.hostname=<your-ip-address>
    

    I think one way is to add a label to your pod with a unique string \ id for example pod_name and use the expose command to create a new service with the selector of this unique id\string.

    kubectl label pods <podname> podname=<podname>
    kubectl expose pod <podname> --port=9010 --name=<podname>_jmx
    
    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.