Mutable Ideas

Notes and ideas about Java, Scala, Big Data, NoSQL, Quality and Software Deploy

Remote Debug of a Java App Using SSH Tunneling (Without Opening Server Ports)

Sometimes production code misbehave and it’s complex to replicate the same conditions on test/stage environment. We have almost all ports of our server closed (as it should be), so IMHO the best option is to open a ssh tunnel.

This is my receipt:

On the server I start the java virtual machine with debug parameters:

1
2
java -Xdebug -Xrunjdwp:transport=dt_socket,server=y,address=9000 \
  -jar myproduct-jar-with-dependencies.jar &> console.out &

You can check the VM is listen to connections using netstat:

1
2
3
4
5
6
7
8
$ netstat -an | grep LISTEN
tcp   0.0.0.0:4949    0.0.0.0:*   LISTEN
tcp   0.0.0.0:22      0.0.0.0:*   LISTEN
tcp   127.0.0.1:25    0.0.0.0:*   LISTEN
tcp   0.0.0.0:9000    0.0.0.0:*   LISTEN
tcp   0.0.0.0:3306    0.0.0.0:*   LISTEN
tcp   :::80           :::*        LISTEN
tcp   :::22           :::*        LISTEN

On the development machine I open the tunnel with the server, having only SSH(22) port opened

1
ssh -f ec2-user@ec2-54-204-111-222.compute-1.amazonaws.com -L 9000:127.0.0.1:9000 -N

The -L parameter is a little bit confusing, the syntax is -L <local-port>:<remote-host>:<remote-port> so basically what we are doing here is saying:

  1. Listen on local (develop machine) port 9000
  2. Forward any connection to localhost, port 9000 of the remote machine (server)

Now everything is configured you can attach your IDE to remote server:

  1. Open your Eclipse
  2. Go to Run > Debug Configurations
  3. Create a new Remote Java Application
  4. Configure Host: localhost and Port: 9000 Debug Configurations
  5. Hit Debug button
  6. When you finish your job, just disconnect Eclipse Disconnect Button

Happy Debugging!

References

http://www.revsys.com/writings/quicktips/ssh-tunnel.html