Skip to main content
Redhat Developers  Logo
  • Products

    Featured

    • Red Hat Enterprise Linux
      Red Hat Enterprise Linux Icon
    • Red Hat OpenShift AI
      Red Hat OpenShift AI
    • Red Hat Enterprise Linux AI
      Linux icon inside of a brain
    • Image mode for Red Hat Enterprise Linux
      RHEL image mode
    • Red Hat OpenShift
      Openshift icon
    • Red Hat Ansible Automation Platform
      Ansible icon
    • Red Hat Developer Hub
      Developer Hub
    • View All Red Hat Products
    • Linux

      • Red Hat Enterprise Linux
      • Image mode for Red Hat Enterprise Linux
      • Red Hat Universal Base Images (UBI)
    • Java runtimes & frameworks

      • JBoss Enterprise Application Platform
      • Red Hat build of OpenJDK
    • Kubernetes

      • Red Hat OpenShift
      • Microsoft Azure Red Hat OpenShift
      • Red Hat OpenShift Virtualization
      • Red Hat OpenShift Lightspeed
    • Integration & App Connectivity

      • Red Hat Build of Apache Camel
      • Red Hat Service Interconnect
      • Red Hat Connectivity Link
    • AI/ML

      • Red Hat OpenShift AI
      • Red Hat Enterprise Linux AI
    • Automation

      • Red Hat Ansible Automation Platform
      • Red Hat Ansible Lightspeed
    • Developer tools

      • Red Hat Trusted Software Supply Chain
      • Podman Desktop
      • Red Hat OpenShift Dev Spaces
    • Developer Sandbox

      Developer Sandbox
      Try Red Hat products and technologies without setup or configuration fees for 30 days with this shared Openshift and Kubernetes cluster.
    • Try at no cost
  • Technologies

    Featured

    • AI/ML
      AI/ML Icon
    • Linux
      Linux Icon
    • Kubernetes
      Cloud icon
    • Automation
      Automation Icon showing arrows moving in a circle around a gear
    • View All Technologies
    • Programming Languages & Frameworks

      • Java
      • Python
      • JavaScript
    • System Design & Architecture

      • Red Hat architecture and design patterns
      • Microservices
      • Event-Driven Architecture
      • Databases
    • Developer Productivity

      • Developer productivity
      • Developer Tools
      • GitOps
    • Secure Development & Architectures

      • Security
      • Secure coding
    • Platform Engineering

      • DevOps
      • DevSecOps
      • Ansible automation for applications and services
    • Automated Data Processing

      • AI/ML
      • Data Science
      • Apache Kafka on Kubernetes
      • View All Technologies
    • Start exploring in the Developer Sandbox for free

      sandbox graphic
      Try Red Hat's products and technologies without setup or configuration.
    • Try at no cost
  • Learn

    Featured

    • Kubernetes & Cloud Native
      Openshift icon
    • Linux
      Rhel icon
    • Automation
      Ansible cloud icon
    • Java
      Java icon
    • AI/ML
      AI/ML Icon
    • View All Learning Resources

    E-Books

    • GitOps Cookbook
    • Podman in Action
    • Kubernetes Operators
    • The Path to GitOps
    • View All E-books

    Cheat Sheets

    • Linux Commands
    • Bash Commands
    • Git
    • systemd Commands
    • View All Cheat Sheets

    Documentation

    • API Catalog
    • Product Documentation
    • Legacy Documentation
    • Red Hat Learning

      Learning image
      Boost your technical skills to expert-level with the help of interactive lessons offered by various Red Hat Learning programs.
    • Explore Red Hat Learning
  • Developer Sandbox

    Developer Sandbox

    • Access Red Hat’s products and technologies without setup or configuration, and start developing quicker than ever before with our new, no-cost sandbox environments.
    • Explore Developer Sandbox

    Featured Developer Sandbox activities

    • Get started with your Developer Sandbox
    • OpenShift virtualization and application modernization using the Developer Sandbox
    • Explore all Developer Sandbox activities

    Ready to start developing apps?

    • Try at no cost
  • Blog
  • Events
  • Videos

Quick links: redhat.com, Customer Portal, Red Hat's developer site, Red Hat's partner site.

  • You are here

    Red Hat

    Learn about our open source products, services, and company.

  • You are here

    Red Hat Customer Portal

    Get product support and knowledge from the open source experts.

  • You are here

    Red Hat Developer

    Read developer tutorials and download Red Hat software for cloud application development.

  • You are here

    Red Hat Partner Connect

    Get training, subscriptions, certifications, and more for partners to build, sell, and support customer solutions.

Products & tools

  • Ansible.com

    Learn about and try our IT automation product.
  • Red Hat Ecosystem Catalog

    Find hardware, software, and cloud providers―and download container images―certified to perform with Red Hat technologies.

Try, buy, & sell

  • Red Hat Hybrid Cloud Console

    Access technical how-tos, tutorials, and learning paths focused on Red Hat’s hybrid cloud managed services.
  • Red Hat Store

    Buy select Red Hat products and services online.
  • Red Hat Marketplace

    Try, buy, sell, and manage certified enterprise software for container-based environments.

Events

  • Red Hat Summit and AnsibleFest

    Register for and learn about our annual open source IT industry event.

Manage JMX credentials on Kubernetes with Cryostat 2.1

May 19, 2022
Janelle Law
Related topics:
ContainersJavaKubernetes
Related products:
Red Hat OpenShift Container Platform

Share:

Share on twitter Share on facebook Share on linkedin Share with email
  • How to store JMX credentials in Cryostat
  • Conclusion

Cryostat is a tool for managing JDK Flight Recorder data on Kubernetes. If you have Java Management Extensions (JMX) authentication enabled on your containerized Java Virtual Machines (JVMs), Cryostat will prompt you to enter your JMX credentials before it can access the JDK flight recordings on your target JVMs. On the Cryostat console, the Automated Rules, Recordings, and Events tabs will require you to enter your JMX credentials if you want to view existing flight recordings or perform a recording operation on a target with JMX authentication enabled. When monitoring multiple target JVMs with Cryostat features such as automatic rules, you may want Cryostat to remember and reuse your JMX credentials for each target connection.

Cryostat stores JMX credentials according to each target's unique JMX service URL, also known as a connection URL. Even if the underlying JVM instance changes, the target alias changes, or the target application restarts, Cryostat will apply the stored JMX credentials to the connection URL that the credentials are associated with.

If you would like to start an automated rule to automatically start and save recordings on your target applications, you will need to store credentials for each of your selected targets with the Security tab prior to creating the rule. If Cryostat is missing credentials for a target requiring JMX authentication, the rule will be unable to connect to the target JVM and will not start a recording.

Here's how to manage stored JMX credentials with the Cryostat web UI.

How to store JMX credentials in Cryostat

How to store JMX credentials in Cryostat

First, navigate to the Security tab. The Stored Credentials table lists all targets for which Cryostat has stored JMX credentials. Click Add as shown in Figure 1 to enter JMX credentials for your desired target JVM.

An empty Stored JMX Credentials table on the Security tab in the Cryostat web UI.
Figure 1: Navigate to the Security tab to store JMX credentials.

A modal will appear, prompting you to select a target JVM and enter your JMX credentials, as shown in Figure 2.

Selecting a target JVM and entering a username and password on the modal form.
Figure 2: Enter your JMX credentials.

Alternatively, JMX credentials will be automatically stored if you navigate to either the Recordings or Events tab and select a target JVM with JMX authentication enabled, as shown in Figure 3. A similar authentication form will appear, prompting you to enter your JMX credentials. The credentials will be automatically stored and will appear in the Stored JMX Credentials table. Your credentials will be remembered automatically, and you can delete them at any time.

When navigating to the Recordings tab and selecting a target JVM for which Cryostat does not have stored credentials, an authentication modal form appears for you to store JMX credentials.
Figure 3: This JMX authentication popup will appear when you need to authenticate before viewing recordings for a target JVM.

When you store credentials for a target, the target alias and connect URL will appear on the Stored Credentials table in the Security tab to indicate that Cryostat has stored JMX credentials for that target as shown in Figure 4. Again, only the connect URL matters when associating stored credentials for a particular target. You are free to change the target alias at any time without affecting Cryostat's ability to locate or apply stored JMX credentials to your target JVMs.

As a security precaution, you will not be able to view the actual credentials after you have submitted them. If you would like to replace the stored credentials for an existing target, you can delete the old credentials entry and add a new entry with the same connect URL as the old entry. To remove any stored credentials, select the checkbox next to the target and click Delete. To delete all stored JMX credentials, select the header checkbox at the top of the table and click Delete.

The stored credentials table shows the target alias and connect url for the target JVM.
Figure 4: Stored JMX credentials table.
Conclusion

Conclusion

This article covers how to store JMX credentials for Cryostat to reuse when connecting to containerized JVMs. For more information about Cryostat, visit cryostat.io. For questions, comments, and feedback, feel free to connect with us on GitHub or join our mailing list.

Last updated: November 6, 2023

Related Posts

  • How to log into Cryostat 2.1 on OpenShift: SSO for all

  • How to build automated JFR rules with Cryostat 2.1's new UI

  • How to organize JFR data with recording labels in Cryostat 2.1

Recent Posts

  • How to use pipelines for AI/ML automation at the edge

  • What's new in network observability 1.8

  • LLM Compressor: Optimize LLMs for low-latency deployments

  • How to set up NVIDIA NIM on Red Hat OpenShift AI

  • Leveraging Ansible Event-Driven Automation for Automatic CPU Scaling in OpenShift Virtualization

What’s up next?

The microservice architectural approach is more than just about technology: It reaches into the foundation of your organization to allow you to build truly scalable, adaptive, complex systems that help a business adapt to rapidly changing competitive markets. In Microservices for Java Developers, you'll get a hands-on introduction to frameworks and containers through a handful of familiar patterns.

Get the free e-book
Red Hat Developers logo LinkedIn YouTube Twitter Facebook

Products

  • Red Hat Enterprise Linux
  • Red Hat OpenShift
  • Red Hat Ansible Automation Platform

Build

  • Developer Sandbox
  • Developer Tools
  • Interactive Tutorials
  • API Catalog

Quicklinks

  • Learning Resources
  • E-books
  • Cheat Sheets
  • Blog
  • Events
  • Newsletter

Communicate

  • About us
  • Contact sales
  • Find a partner
  • Report a website issue
  • Site Status Dashboard
  • Report a security problem

RED HAT DEVELOPER

Build here. Go anywhere.

We serve the builders. The problem solvers who create careers with code.

Join us if you’re a developer, software engineer, web designer, front-end designer, UX designer, computer scientist, architect, tester, product manager, project manager or team lead.

Sign me up

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility

Report a website issue