feat(jdp): add env vars to enable/configure JDP

README.md

@@ -103,18 +103,21 @@ Note: If your podman runtime is set to runc v1.0.0-rc91 or later it is not neces
 
 ## CONFIGURATION
 
-Cryostat can be configured via the following environment variables
+Cryostat can be configured via the following environment variables:
 
 #### Configuration for cryostat
 
-* `CRYOSTAT_WEB_HOST`: the hostname used by the cryostat web server
-* `CRYOSTAT_WEB_PORT`: the internal port used by the cryostat web server
-* `CRYOSTAT_EXT_WEB_PORT`: the external port used by the cryostat web server
-* `CRYOSTAT_CORS_ORIGIN`: the origin for CORS to load a different cryostat-web instance
+* `CRYOSTAT_WEB_HOST`: the hostname used by the cryostat web server. Defaults to reverse-DNS resolving the host machine's hostname.
+* `CRYOSTAT_WEB_PORT`: the internal port used by the cryostat web server. Defaults to 8181.
+* `CRYOSTAT_EXT_WEB_PORT`: the external port used by the cryostat web server. Defaults to be equal to `CRYOSTAT_WEB_PORT`.
+* `CRYOSTAT_CORS_ORIGIN`: the origin for CORS to load a different cryostat-web instance. Defaults to the empty string, which disables CORS.
 * `CRYOSTAT_MAX_WS_CONNECTIONS`: the maximum number of websocket client connections allowed (minimum 1, maximum 64, default 2)
-* `CRYOSTAT_AUTH_MANAGER`: the authentication/authorization manager used for validating user accesses. See the `USER AUTHENTICATION / AUTHORIZATION` section for more details. Set to the fully-qualified class name of the auth manager implementation to use, ex. `io.cryostat.net.BasicAuthManager`.
+* `CRYOSTAT_AUTH_MANAGER`: the authentication/authorization manager used for validating user accesses. See the `USER AUTHENTICATION / AUTHORIZATION` section for more details. Set to the fully-qualified class name of the auth manager implementation to use, ex. `io.cryostat.net.BasicAuthManager`. Defaults to an AuthManager corresponding to the selected deployment platform, whether explicit or automatic (see below).
 * `CRYOSTAT_PLATFORM`: the platform client used for performing platform-specific actions, such as listing available target JVMs. If `CRYOSTAT_AUTH_MANAGER` is not specified then a default auth manager will also be selected corresponding to the platform, whether that platform is specified by the user or automatically detected. Set to the fully-qualified name of the platform detection strategy implementation to use, ex. `io.cryostat.platform.internal.KubeEnvPlatformStrategy`.
-* `CRYOSTAT_CONFIG_PATH`: the filesystem path for the configuration directory (default `/opt/cryostat.d/conf.d`)
+* `CRYOSTAT_ENABLE_JDP_BROADCAST`: enable the Cryostat JVM to broadcast itself via JDP (Java Discovery Protocol). Defaults to `true`.
+* `CRYOSTAT_JDP_ADDRESS`: the JDP multicast address to send discovery packets. Defaults to `224.0.23.178`.
+* `CRYOSTAT_JDP_PORT`: the JDP multicast port to send discovery packets. Defaults to `7095`.
+* `CRYOSTAT_CONFIG_PATH`: the filesystem path for the configuration directory. Defaults to `/opt/cryostat.d/conf.d`.
 
 #### Configuration for Automated Analysis Reports
 

pom.xml

@@ -398,6 +398,8 @@
               <argument>--mount</argument>
               <argument>type=tmpfs,target=/opt/cryostat.d/probes.d</argument>
               <argument>--env</argument>
+              <argument>CRYOSTAT_ENABLE_JDP_BROADCAST=true</argument>
+              <argument>--env</argument>
               <argument>CRYOSTAT_TARGET_CACHE_TTL=60</argument>
               <argument>--env</argument>
               <argument>CRYOSTAT_DISABLE_JMX_AUTH=true</argument>

run.sh

@@ -98,6 +98,7 @@ podman run \
     --mount type=bind,source="$(dirname $0)/templates",destination=/opt/cryostat.d/templates.d,relabel=shared \
     --mount type=bind,source="$(dirname $0)/truststore",destination=/truststore,relabel=shared \
     --mount type=tmpfs,target=/opt/cryostat.d/probes.d \
+    -e CRYOSTAT_ENABLE_JDP_BROADCAST=true \
     -e CRYOSTAT_REPORT_GENERATOR=$CRYOSTAT_REPORT_GENERATOR \
     -e CRYOSTAT_PLATFORM=$CRYOSTAT_PLATFORM \
     -e CRYOSTAT_DISABLE_SSL=$CRYOSTAT_DISABLE_SSL \

src/main/extras/app/entrypoint.sh

@@ -106,13 +106,26 @@ fi
 
 FLAGS=(
     "-XX:+CrashOnOutOfMemoryError"
-    "-Dcom.sun.management.jmxremote.autodiscovery=true"
     "-Dcom.sun.management.jmxremote.port=$CRYOSTAT_RJMX_PORT"
     "-Dcom.sun.management.jmxremote.rmi.port=$CRYOSTAT_RMI_PORT"
     "-Djavax.net.ssl.trustStore=$SSL_TRUSTSTORE"
     "-Djavax.net.ssl.trustStorePassword=$SSL_TRUSTSTORE_PASS"
 )
 
+if [ -z "$CRYOSTAT_ENABLE_JDP_BROADCAST" ]; then
+    FLAGS+=("-Dcom.sun.management.jmxremote.autodiscovery=true")
+else
+    FLAGS+=("-Dcom.sun.management.jmxremote.autodiscovery=$CRYOSTAT_ENABLE_JDP_BROADCAST")
+fi
+
+if [ -n "$CRYOSTAT_JDP_ADDRESS" ]; then
+    FLAGS+=("-Dcom.sun.management.jmxremote.jdp.address=$CRYOSTAT_JDP_ADDRESS")
+fi
+
+if [ -n "$CRYOSTAT_JDP_PORT" ]; then
+    FLAGS+=("-Dcom.sun.management.jmxremote.jdp.port=$CRYOSTAT_JDP_PORT")
+fi
+
 importTrustStores
 
 if [ "$CRYOSTAT_DISABLE_JMX_AUTH" = "true" ]; then