-
Notifications
You must be signed in to change notification settings - Fork 130
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding support for scenarios where the RMI registry has SSL enabled #835
Conversation
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems good to me. Had one rather small suggestion.
I'd really like to see an integration test that covers this. Would you mind opening an issue to do that work in a follow-up PR?
jmx-metrics/src/main/groovy/io/opentelemetry/contrib/jmxmetrics/JmxConnectorHelper.java
Outdated
Show resolved
Hide resolved
Co-authored-by: jason plumb <75337021+breedx-splk@users.noreply.github.com>
jmx-metrics/src/main/groovy/io/opentelemetry/contrib/jmxmetrics/JmxConnectorHelper.java
Outdated
Show resolved
Hide resolved
Thanks @breedx-splk. I've made the suggested change and will create a separate issue for the integration test. |
I've created issue #838 for this. |
@breedx-splk per https://github.com/open-telemetry/opentelemetry-java-contrib/blob/main/RELEASING.md#release-cadence does this mean the next normal release would be May 12th? |
just a heads up, you can ignore the EasyCLA failure, it is having an issue currently (open-telemetry/community#1445)
👍 |
/easycla |
/easycla |
I don't think we'd want to promise a date, but yeah, basically monthly and more strongly coordinated with the core and instrumentation releases. I defer to the maintainers on anything more specific. |
Description:
The JMX Metric Gatherer is not working properly with servers that have SSL protection enabled on the RMI registry. Oracle's Java documentation describes this setting as follows:
The system property
com.sun.management.jmxremote.registry.ssl=true
was new in JDK 6 and aims at resolving security issues with the RMI registry used in relation with JMX. This property must be used in conjunction withcom.sun.management.jmxremote.ssl.need.client.auth=true
in order to fully secure the RMI registry.Changes were made to the JMX Metrics Gatherer to support this scenario, by adding a new helper class called JmxConnectorHelper. This class implements different connection logic when SSL is enabled on the RMI registry.
Changes were also made to JmxConfig, as a new parameter is required to handle this scenario. Specifically, the following parameter was added:
The readme file was updated to explain when to use this new parameter.
Existing Issue(s):
Issue #834
Testing:
The following scenarios were tested:
Documentation:
README.md was updated to reflect the new configuration parameters.
Outstanding items:
Nothing at this time.