Hi All, I have been working with Big Data for a while and I have seen that a number of the components have started to have their own custom baked solutions (minimalistic Web UIs) for basic management operations, like showing metrics, debugging etc instead of using JMX.
I have the feeling that getting JMX working for dozens of different Java services within a large cluster is an overly tough task, especially if you do not want to make compromises around security. For me it seems, that at the moment there is a gap between what the JDK offers regarding JMX monitoring/management and what people would need in a real world setting to use it effectively in an easy and secure way. I am wondering if it would be possible to implement a Kerberos-based authentication mechanism for JMX, allowing all services of a cluster to authenticate JMX clients against a centrally managed Kerberos service, that would also be officially supported by VisualVM so as to give an easy-to-use user interface. Based on my understanding, this could either be a new protocol implementation or assuming JDK-8171311: REST APIs for JMX gets done, an additional feature around there to support GSS Negotiate/SPNEGO based authentication. Could you please share your thoughts on this? Would anyone be interested to sponsor this topic? Thanks, Peter