How Does eG Enterprise Monitor Tomcat Servers?

The eG agent is capable of monitoring Tomcat in an agent-based manner and an agentless manner.

Pre-requisites for Monitoring the Tomcat Servers

To enable the eG agent to start monitoring the server, a set of pre-requisites should be fulfilled. These requirements are discussed in the following sections.

Configuring a Tomcat server to work with the eG Agent

The performance data pertaining to a Tomcat server are captured by certain JSP files - one each for every test that is executed on the Tomcat server. The eG agent on the Tomcat server, while running tests on the server, contacts these JSP files and pulls out the reported metrics from them. To deploy these JSP files on the Tomcat server, you will first have to install a special egtomcat application (i.e., the egtomcat.war file in the <EG_INSTALL_DIR>\lib directory) on the server.

Note:

Prior to war deployment, ensure that the Tomcat server to be monitored executes on JDK 1.5 or above; the eG agent can monitor only those Tomcat servers that are using JDK 1.5 or above.

To deploy the war, do the following:

  1. From the browser, connect to the Tomcat server using the URL: http://<TomcatIP>:<Tomcatport>.
  2. Next, login to the Tomcat server by providing valid credentials at Figure 1.

    Figure 1 : Logging into Tomcat

  3. Upon a successful login, Figure 2 will appear.

    Figure 2 : The default Tomcat home page

  4. To begin installing a new application, click on the Tomcat Manager hyperlink under the Administration section in the left panel of Figure 2. Doing so invokes Figure 3 that displays all the applications that pre-exist on the Tomcat server.

    Figure 3 : List of applications on the Tomcat server

  5. In order to deploy a new application, scroll down the applications list (see Figure 3) until a WAR file to deploy section (see Figure 4) becomes visible. Use the Browse button in that section to quickly specify the full path to the egtomcat.war file to be deployed on the server. Finally, click the Deploy button.

    Figure 4 : Deploying the egtomcat.war file

  6. If the war file is successfully deployed, then an entry for the egtomcat application will be automatically added to the applications list, as depicted by Figure 5.

Figure 5 : Tomcat application successfully deployed

Configuring the eG Agent to Collect JVM-related Metrics from the Tomcat Server

The jvm layer of the Tomcat monitoring model is associated with tests that report critical statistics related to the Tomcat server’s JVM. These statistics typically reveal the following:

  • The count of classes loaded/unloaded (Java Classes test)
  • JVM thread usage (JVM Threads test)
  • CPU and memory usage of the JVM (JVM Cpu Usage test and JVM Memory Usage test)
  • The effectiveness of the JVM’s garbage collection activity  (JVM Garbage Collections test)
  • The uptime of the JVM (JVM Uptime test)
  • Whether JMX is currently enabled/disabled on the target WebLogic server (JMX Connection to JVM test)
  • The count and status of file descriptors (JVM File Descriptors test)

These tests connect to the JRE used by the Tomcat application server to pull out the above-mentioned metrics. For these test to execute, you should configure the eG agent to connect to JRE and collect the required metrics using either of the following methodologies:

  • JMX (Java Management Extensions)
  • SNMP (Simple Network Management Protocol)

Since both JMX and SNMP support are available for JRE 1.5 and above only, these tests will work only if the Tomcat server being monitored uses JRE 1.5 and above.

If you choose to use JMX for pulling out the desired metrics from the JRE, then the following broad steps should be followed before configuring the tests:

  1. First, determine whether the JMX requires no authentication at all, or requires authentication (but no security)

    • If JMX does not require authentication, follow the steps below:
    • Login to the target Tomcat server.
  2. Edit the catalina.sh file (on Unix; on Windows, this will be catalina.bat) in the <CATALINA_HOME_DIR>\bindirectory (on Unix; on Windows, this will be <CATALINE_HOME_DIR>\bin) of the target Tomcat server, and configure the following in it:

    • The JMX remote port
    • Whether JMX is SSL-enabled or not
  3. Indicate that JMX does not require authentication

    • The IP address using which the Tomcat server has been managed in the eG Enterprise system
  4. To configure the above, append the following lines to the catalina.sh (or catalina.bat file, as the case may be) of Tomcat versions prior to v7.0:

    -Dcom.sun.management.jmxremote.port=<Port No>

    -Dcom.sun.management.jmxremote.ssl=<true/false>

    -Dcom.sun.management.jmxremote.authenticate=false

    -Djava.rmi.server.hostname=<IP address using which the Tomcat server is managed in the eG Entperprise system>

    In case of Tomcat 7.0 (or above), append the following lines to the catalina.sh (or catalina.bat) file:

    JAVA_OPTS="-Dcom.sun.management.jmxremote.port=<PortNo> -Dcom.sun.management.jmxremote.ssl=<true/false> -Dcom.sun.management.jmxremote.authenticate=false -Djava.rmi.server.hostname=<IP address using which the Tomcat server is managed in the eG Enterprise system>

    Note:

    • The catalina.sh (or catalina.bat) file is used for both starting and stopping a Tomcat server instance. However, when enabling JMX for a Tomcat server instance, you need to make sure that the related JAVA_OPTS setting is invoked only when starting the server instance, and not when stopping it. To ensure this, follow the steps below:

      1. In the catalina.sh (or catalina.bat) file, look for the following entry:

      2. JAVA_OPTS=$JAVA_OPTS $JSSE_OPTS

      3. Once it is found, replace the entry with the following script:

        If [“$1” = start ]; then

        JAVA_OPTS=$JAVA_OPTS -Dcom.sun.management.jmxremote.port=1234 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false $JSSE_OPTS

        else

        JAVA_OPTS=$JAVA_OPTS $JSSE_OPTS

        fi

      4. Finally, save the file.

    • The Java Service Wrapper provides a pair of Java Management Extensions (JMX) MBean interfaces (J2SE 5.0 JMX, JavaSE6 JMX) which make it possible to control the Wrapper using a JMX interface.

If the JMX requires authentication (but no security), follow the steps below:

  1. Login to the target Tomcat server. If the server is executing on a Windows host, then, login to the host as a local/domain administrator.
  2. Next, copy the jmxremote.password.template file in the <JAVA_HOME>\jre\lib\management folder to any other location on the host, rename it as as jmxremote.password, and then, copy it back to the <JAVA_HOME>\jre\lib\management folder.
  3. Next, edit the jmxremote.password file and the jmxremote.access file to create a user with read-write access to the JMX. To know how to create such a user, refer to Monitoring Java Applications.
  4. Then, proceed to make the jmxremote.password file secure by granting a single user “full access” to that file. To know how to achieve this, refer to the Monitoring Java Applications.
  5. Edit the catalina.sh file (on Unix; on Windows, this will be catalina.bat) in the <CATALINA_HOME_DIR>/bin directory (on Unix; on Windows, this will be <CATALINA_HOME_dir>\bin) of the target Tomcat server, and configure the following in it:

    • The JMX remote port
    • Whether JMX is SSL-enabled or not
    • Indicate that JMX requires authentication
    • The full path to the jmxremote.access file
    • The full path to the jmxremote.password file
    • The IP address using which the Tomcat server has been managed in the eG Enterprise system
    • To configure the above, append the following lines to the catalina.sh (or catalina.bat file, as the case may be) file of Tomcat server prior to v7.0:

      -Dcom.sun.management.jmxremote.port=<Port No>

      -Dcom.sun.management.jmxremote.ssl=<true/false>

      -Dcom.sun.management.jmxremote.authenticate=true

      -Dcom.sun.management.jmxremote.access.file=<Path of jmxremote.access>

      -Dcom.sun.management.jmxremote.password.file=<Path of jmxremote.password>

      -Djava.rmi.server.hostname=<IP address using which the Tomcat server is managed in the eG Entperprise system>

    • In case of Tomcat 7.0 (or above), append the following lines to the catalina.sh (or catalina.bat) file:

      JAVA_OPTS="-Dcom.sun.management.jmxremote.port=<PortNo> -Dcom.sun.management.jmxremote.ssl=<true/false> -Dcom.sun.management.jmxremote.authenticate=false -Djava.rmi.server.hostname=<IP address using which the Tomcat server is managed in the eG Enterprise system> -Dcom.sun.management.jmxremote.access.file=<Path to the jmxremote.access file> -Dcom.sun.management.jmxremote.password.file=<Path to the jmxremote.password file>"

  6. Then, Save the file.