With the latest release of Java Management Service (JMS) Oracle introduces several new advanced features to help administrators gain additional insights into Java workloads. JMS administrators can now use Java Management Service - Fleet Management to:
on Desktops, Servers, or Cloud deployments covered by an Oracle Java SE Subscription or when running on an Oracle Cloud Infrastructure service that permits access to the underlying operating system.
As announced during the JavaOne 2022 Keynote, the Basic Java Management Service Discovery Features that identify Java Runtimes and Oracle JDK usage is now available to everyone, even users that do not have a Java SE Subscription or are running in Oracle Cloud Infrastructure.
In addition to Java Runtime Lifecycle Management Operations, JMS has introduced more advanced features - Advanced Usage Tracking, Crypto event analysis, and JDK Flight Recording. These new advanced features are currently supported on Linux platforms.
Basic usage tracking which relies on Java usage tracker and file scanning capabilities helps JMS administrators to identify Oracle JDK usage and report OpenJDK distributions. Advanced usage tracking will help in identifying usage of Java severs and Java libraries.
JMS administrators can use the "Scan for Java servers" operation in Java Management Service - Fleet Management, to detect and report usage of application and HTTP servers like Oracle Weblogic, Apache Tomcat, and JBoss. In addition to the versioning info, JMS administrators can also see the applications deployed on these servers and the Managed Servers to which the servers are deployed.
The "Scan for Java libraries" creates a list of Java libraries used by Java applications (both standalone and those deployed in Java servers) in the fleet. JMS will also compare the libraries and versions found against the National Vulnerability Database to help administrator identify applications that should be updated to use newer versions or updated to different libraries.
The scans for advanced usage tracking must be initiated by the JMS administrator and is not performed by default by the JMS agents.
Oracle's plans for changes to the security algorithms and associated policies/settings in the Oracle Java Runtime Environment (JRE) and Java SE Development Kit (JDK) are published periodically at Oracle JRE and JDK Cryptographic Roadmap. To make good use of that information however, administrators would need to know if any of their Java applications are using the algorithms, key lengths, or default values that will be changed. Some of that information can be hard to know, especially when applications rely on configurations on the servers they connect to.
Using Crypto Event Analysis, administrators will get detailed information on what cryptographic algorithms from the Java Security Libraries are being used. JMS will compare the algorithms being used with the planned changes and highlight applications that might be impacted by future changes or by certificates that are about to expire. When applicable, JMS will provide recommendations to avoid disruptions.
Please be aware that JMS can only identify cryptographic usage within the JDK libraries. JMS can identify usage of most third-party cryptographic providers but cannot provide details of which algorithms or certificates are being used when relying on third-party cryptographic providers.
Administrators can initiate Java Flight Recording on applications reported by JMS using the Run JDK Flight Recorder (JFR) operation in Java Management Service - Fleet Management. JDK Flight Recorder collects diagnostic and profiling data about a running Java application. JMS will initiate the recording and upload the resulting JFR file to the customer’s tenancy, enabling administrators to do their own analysis of the recordings.
We are excited to announce that Basic Java discovery of JMS is now available to all Java users, whether they have a Java SE Subscription, are running on OCI, or not. Basic Discovery allows you to:
To take advantage of JMS Basic Discovery administrators will need to create an OCI Account, go to Java Management Service, and create one or more fleets (to group the managed instances). Once you have created your fleet(s), you install the Java Management Service agent on each system you would like to monitor. The JMS agent will scan your systems to find all Java installations and configure usage logging on all Oracle Runtimes to start collecting information on what Java Applications are using them. All information collected by JMS is stored in your user tenancy. Although there is no charge for using JMS you will be responsible for storage costs for the information collected by the agent (starting $0.01 per MB per month, see Object Storage Pricing). For many users the free tier allowance will provide enough storage for JMS basic discovery services.
Sanju Nair is a Product Manager in the Java Platform Group at Oracle. He has worked in the IT industry for 10 years starting as a Java developer in Wipro Technologies and Oracle before moving into Product Management roles at NTT-Netmagic and Oracle. Sanju currently manages Java Management Service, JDK Mission Control and Java Advanced Management Console at Oracle.