You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@iotdb.apache.org by su...@apache.org on 2020/04/03 08:26:59 UTC
[incubator-iotdb] 01/01: JMX user and password
This is an automated email from the ASF dual-hosted git repository.
sunzesong pushed a commit to branch jmx_user
in repository https://gitbox.apache.org/repos/asf/incubator-iotdb.git
commit ea7080ef3f4deb2f98944ee553d83ae2be3b2387
Author: samperson1997 <sz...@mails.tsinghua.edu.cn>
AuthorDate: Fri Apr 3 16:25:41 2020 +0800
JMX user and password
---
docs/UserGuide/6-System Tools/3-JMX Tool.md | 24 ++++++++++++++++++++
docs/zh/UserGuide/6-System Tools/3-JMX Tool.md | 24 ++++++++++++++++++++
.../resources/conf/iotdb-engine.properties | 10 +++++++++
.../java/org/apache/iotdb/db/conf/IoTDBConfig.java | 26 ++++++++++++++++++++++
.../org/apache/iotdb/db/conf/IoTDBConstant.java | 1 +
.../org/apache/iotdb/db/conf/IoTDBDescriptor.java | 4 ++++
.../org/apache/iotdb/db/service/JMXService.java | 7 ++++++
7 files changed, 96 insertions(+)
diff --git a/docs/UserGuide/6-System Tools/3-JMX Tool.md b/docs/UserGuide/6-System Tools/3-JMX Tool.md
index 3827622..89f9937 100644
--- a/docs/UserGuide/6-System Tools/3-JMX Tool.md
+++ b/docs/UserGuide/6-System Tools/3-JMX Tool.md
@@ -23,6 +23,30 @@
Java VisualVM is a tool that provides a visual interface for viewing detailed information about Java applications while they are running on a Java Virtual Machine (JVM), and for troubleshooting and profiling these applications.
+## Config
+
+If you have set access and password for JMX (that is, `com.sun.management.jmxremote.authenticate` is true), you need to edit user config in `iotdb-engine.properties`. Related configurations are:
+
+* jmx\_user
+
+|Name| jmx\_user |
+|:---:|:---|
+|Description| User name of JMX |
+|Type| String |
+|Default| admin |
+|Effective|After restart system|
+
+* jmx\_password
+
+|Name| jmx\_password |
+|:---:|:---|
+|Description| User password of JMX |
+|Type| String |
+|Default| password |
+|Effective|After restart system|
+
+User name and password should be consistent with your JMX config in `com.sun.management.jmxremote.password.file`.
+
## Usage
Step1: Start sever.
diff --git a/docs/zh/UserGuide/6-System Tools/3-JMX Tool.md b/docs/zh/UserGuide/6-System Tools/3-JMX Tool.md
index 4e50ab8..dfe534e 100644
--- a/docs/zh/UserGuide/6-System Tools/3-JMX Tool.md
+++ b/docs/zh/UserGuide/6-System Tools/3-JMX Tool.md
@@ -23,6 +23,30 @@
Java VisualVM提供了一个可视化的界面,用于查看Java应用程序在Java虚拟机(JVM)上运行的详细信息,并对这些应用程序进行故障排除和分析。
+## 配置
+
+如果你为 JMX 配置了用户访问权限和密码(也就是`com.sun.management.jmxremote.authenticate`为 true),你需要编辑`iotdb-engine.properties`中的用户配置。相关配置项包括:
+
+* jmx\_user
+
+|名字| jmx\_user |
+|:---:|:---|
+|描述| JMX配置中的用户名 |
+|类型| String |
+|默认值| admin |
+|改后生效方式|重启服务器生效|
+
+* jmx\_password
+
+|名字| jmx\_password |
+|:---:|:---|
+|描述| JMX配置中的密码 |
+|类型| String |
+|默认值| password |
+|改后生效方式|重启服务器生效|
+
+用户名和密码需要与`com.sun.management.jmxremote.password.file`文件中的配置保持一致。
+
## 使用
第一步:启动IoTDB server。
diff --git a/server/src/assembly/resources/conf/iotdb-engine.properties b/server/src/assembly/resources/conf/iotdb-engine.properties
index 35b7ef3..39ac594 100644
--- a/server/src/assembly/resources/conf/iotdb-engine.properties
+++ b/server/src/assembly/resources/conf/iotdb-engine.properties
@@ -40,6 +40,16 @@ rpc_thrift_compression_enable=false
rpc_max_concurrent_client_num=65535
####################
+### JMX Configuration
+####################
+
+# If system property com.sun.management.jmxremote.authenticate is true, user name should be set to environment
+jmx_user=admin
+
+# If system property com.sun.management.jmxremote.authenticate is true, password should be set to environment
+jmx_password=password
+
+####################
### Dynamic Parameter Adapter Configuration
####################
diff --git a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConfig.java b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConfig.java
index 1b38462..c0ce887 100644
--- a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConfig.java
+++ b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConfig.java
@@ -68,6 +68,16 @@ public class IoTDBConfig {
private int rpcMaxConcurrentClientNum = 65535;
/**
+ * JMX user name
+ */
+ private String jmxUser = "admin";
+
+ /**
+ * JMX user password
+ */
+ private String jmxPassword = "password";
+
+ /**
* Memory allocated for the read process
*/
private long allocateMemoryForWrite = Runtime.getRuntime().maxMemory() * 6 / 10;
@@ -633,6 +643,22 @@ public class IoTDBConfig {
this.enableMetricService = enableMetricService;
}
+ public String getJmxUser() {
+ return jmxUser;
+ }
+
+ public void setJmxUser(String jmxUser) {
+ this.jmxUser = jmxUser;
+ }
+
+ public String getJmxPassword() {
+ return jmxPassword;
+ }
+
+ public void setJmxPassword(String jmxPassword) {
+ this.jmxPassword = jmxPassword;
+ }
+
void setDataDirs(String[] dataDirs) {
this.dataDirs = dataDirs;
}
diff --git a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConstant.java b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConstant.java
index 18b74a3..c52692f 100644
--- a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConstant.java
+++ b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBConstant.java
@@ -33,6 +33,7 @@ public class IoTDBConstant {
public static final String SERVER_RMI_ID = "java.rmi.server.randomIDs";
public static final String RMI_SERVER_HOST_NAME = "java.rmi.server.hostname";
public static final String JMX_REMOTE_RMI_PORT = "com.sun.management.jmxremote.rmi.port";
+ public static final String JMX_REMOTE_AUTHENTICATE = "com.sun.management.jmxremote.authenticate";
public static final String IOTDB_PACKAGE = "org.apache.iotdb.service";
public static final String JMX_TYPE = "type";
diff --git a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBDescriptor.java b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBDescriptor.java
index ad7a2ed..d046e11 100644
--- a/server/src/main/java/org/apache/iotdb/db/conf/IoTDBDescriptor.java
+++ b/server/src/main/java/org/apache/iotdb/db/conf/IoTDBDescriptor.java
@@ -134,6 +134,10 @@ public class IoTDBDescriptor {
conf.setRpcPort(Integer.parseInt(properties.getProperty("rpc_port",
Integer.toString(conf.getRpcPort()))));
+ conf.setJmxUser(properties.getProperty("jmx_user", conf.getJmxUser()));
+
+ conf.setJmxPassword(properties.getProperty("jmx_password", conf.getJmxPassword()));
+
conf.setTimestampPrecision(properties.getProperty("timestamp_precision",
conf.getTimestampPrecision()));
diff --git a/server/src/main/java/org/apache/iotdb/db/service/JMXService.java b/server/src/main/java/org/apache/iotdb/db/service/JMXService.java
index b12aceb..99a7ee6 100644
--- a/server/src/main/java/org/apache/iotdb/db/service/JMXService.java
+++ b/server/src/main/java/org/apache/iotdb/db/service/JMXService.java
@@ -30,10 +30,13 @@ import javax.management.MBeanServer;
import javax.management.MalformedObjectNameException;
import javax.management.NotCompliantMBeanException;
import javax.management.ObjectName;
+import javax.management.remote.JMXConnector;
import javax.management.remote.JMXConnectorServer;
import javax.management.remote.JMXConnectorServerFactory;
import javax.management.remote.JMXServiceURL;
+import org.apache.iotdb.db.conf.IoTDBConfig;
import org.apache.iotdb.db.conf.IoTDBConstant;
+import org.apache.iotdb.db.conf.IoTDBDescriptor;
import org.apache.iotdb.db.exception.StartupException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -86,6 +89,10 @@ public class JMXService implements IService {
private JMXConnectorServer createJMXServer(boolean local) throws IOException {
Map<String, Object> env = new HashMap<>();
+ if (Boolean.getBoolean(System.getProperty(IoTDBConstant.JMX_REMOTE_AUTHENTICATE))) {
+ IoTDBConfig config = IoTDBDescriptor.getInstance().getConfig();
+ env.put(JMXConnector.CREDENTIALS, new String[]{config.getJmxUser(), config.getJmxPassword()});
+ }
InetAddress serverAddress;
if (local) {