Scylla 2.0.2. Enable remote access for JMX

[ishibaev@gmail.com]

Hello!

It's good to use nodetool from one centra-management-node, but now I can use nodetool only locally. Also, my monitoring via jmx can't work without jmx-remote access
I set settings like it was necessary for Cassandra  2.2, scylla-jmx listen on 127.0.0.1:7199.
For remote connection i have -
nodetool: Failed to connect to 'hostname.domain.com:7199' - ConnectException: 'Connection refused (Connection refused)'.

How to configure it to '0.0.0.0:7199' ?
What is necessary to enable remote access to scylla via jmx?

[Duarte Nunes]

You need to start the scylla-jmx service, as described here[1].

[1] http://docs.scylladb.com/admin/

--
You received this message because you are subscribed to the Google Groups "ScyllaDB users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to scylladb-user...@googlegroups.com.
To post to this group, send email to scyllad...@googlegroups.com.
Visit this group at https://groups.google.com/group/scylladb-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/scylladb-users/e8277db0-a454-4075-9f55-ae18d972e19f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ishibaev@gmail.com]

Hello!
thank you for this source. I used it, but may be missed something.
listen_address: hostname.domain.com
broadcast_rpc_address: hostname.domain.com
rpc_address: 0.0.0.0

And I can connect to cqlsh remotely.
Can you tell me - what am I missed?

[Duarte Nunes]

Did you enable scylla-jmx?

--
You received this message because you are subscribed to the Google Groups "ScyllaDB users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to scylladb-user...@googlegroups.com.
To post to this group, send email to scyllad...@googlegroups.com.
Visit this group at https://groups.google.com/group/scylladb-users.

To view this discussion on the web visit https://groups.google.com/d/msgid/scylladb-users/6cc26506-b489-4891-868d-17d236f11fa0%40googlegroups.com.

[ishibaev@gmail.com]

Yes, as  I understand  it. this is my  part of file  /etc/scylla/cassandra/cassandra-env.sh-
...
if [ "x$LOCAL_JMX" = "x" ]; then
    LOCAL_JMX=no
fi

# Specifies the default port over which Cassandra will be available for
# JMX connections.
# For security reasons, you should not expose this port to the internet.  Firewall it if needed.
JMX_PORT="7199"

if [ "$LOCAL_JMX" = "yes" ]; then
  JVM_OPTS="$JVM_OPTS -Dcassandra.jmx.local.port=$JMX_PORT -XX:+DisableExplicitGC"
else
  JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.port=$JMX_PORT"
  JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.rmi.port=$JMX_PORT"
  JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.host=10.243.196.30"
  JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.ssl=false"
# yes, I disabled authentication here
  JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.authenticate=false"
# yes, file exist and it fulfilled with data about password
  JVM_OPTS="$JVM_OPTS -Dcom.sun.management.jmxremote.password.file=/etc/scylla/jmxremote.password"

And result -
netstat -lntp | grep scylla
tcp        0      0 127.0.0.1:10000         0.0.0.0:*               LISTEN      3561/scylla
tcp        0      0 0.0.0.0:9042            0.0.0.0:*               LISTEN      3561/scylla
tcp        0      0 ip-address-here:7000      0.0.0.0:*               LISTEN      3561/scylla
tcp        0      0 0.0.0.0:9160            0.0.0.0:*               LISTEN      3561/scylla
tcp6       0      0 :::44462                :::*                    LISTEN      3573/scylla-jmx
tcp6       0      0 127.0.0.1:7199          :::*                    LISTEN      3573/scylla-jmx

[Pekka Enberg]

Hi,

You need to pass the "-r" (allow remote JMX) command line option to the "scylla-jmx" scirpt, which sets the "com.sun.management.jmxremote.local.only" property to "false" in that script.

I am not sure if we have a proper configuration mechanism for that in /etc/sysconfig/scylla-jmx, though. Tzach, do you know if we do?

- Pekka

[ishibaev@gmail.com]

Hi!
I  checked this file too (/usr/lib/scylla/jmx/scylla-jmx) , but this tag was already set there -
...
JMX_PORT="7199"
JMX_ADDR=

API_ADDR=
API_PORT=

CONF_FILE=""
DEBUG=""
PARAM_HELP="-h"
PARAM_JMX_PORT="-jp"
PARAM_JMX_ADDR="-ja"
PARAM_API_PORT="-p"
PARAM_ADDR="-a"
PARAM_LOCATION="-l"
LOCATION="target"
LOCATION_SCRIPTS="scripts"
PARAM_FILE="-cf"
ALLOW_REMOTE="-r"
ALLOW_DEBUG="-d"
REMOTE=0
HOSTNAME=`hostname`

[Pekka Enberg]

That's just the name of the command line option. You're supposed to pass that to the script so that REMOTE becomes non-zero and that JMX JVM property is enabled.

- Pekka 

[ishibaev@gmail.com]

well. i'm just di this in /usr/lib/scylla/jmx/scylla-jmx -
...
REMOTE=1

if [ $REMOTE -eq 0 ]; then
    if [ -z $JMX_ADDR ]; then
        JMX_ADDR=-Dcom.sun.management.jmxremote.host=localhost
    fi
    HOSTNAME=localhost
else
    if [ -z $JMX_LOCAL ]; then
        JMX_LOCAL=-Dcom.sun.management.jmxremote.local.only=false
    fi
fi
...
as temp workaround, it's work good... But is it possible to do better?

[ishibaev@gmail.com]

May be I'm not correct, but for Cassandra I need to configure only cassandra-env.sh file for  JMX settings.
For scylla I need configure 2 files - cassandra-env.sh and /usr/lib/scylla/jmx/scylla-jmx...
Also question. JMX_PORT variable exist in both files. if I need  to change jmx port - which file I must update?

[Ilya Shibaev]

looks like only
/usr/lib/scylla/jmx/scylla-jmx
file must be edit for JMX settings... Any settings about it  in cassandra-env.sh has  no effect on JMX

[Kagan Turgut]

Best way is to update the jmx config file here: /etc/default/scylla-jmx, and restart the service sudo systemctl restart  scylla-jmx