准备环境

在使用 Java Management Service 之前，必须确保您的 OCI 环境设置正确。这允许所有必需的组件和云服务之间进行通信。

入门 Java Management Service

要登记服务，请使用 Oracle Cloud Infrastructure (OCI) 控制台中的入职向导或手动完成这些步骤。对于新加入 OCI 的用户，建议使用“入职向导”。

以管理员身份登录到 OCI 控制台。
打开导航菜单，单击观测和管理，然后单击 Java 管理下的组。
选择引导向导将在其下为 JMS 组创建新区间时的根区间。
单击设置 JMS 可查看 Onboarding 向导将创建的资源的详细信息。

注意：
如果未显示设置 JMS 按钮，则单击检查先决条件按钮。
此时将显示 JMS 先决条件详细信息。默认情况下，将创建以下资源：
1. Fleet_Compartment
  该区间将容纳要创建的组。
2. Fleet_Managers
  用户组将从您作为唯一用户开始。您可以添加要管理 JMS 的其他用户。
3. JMS_DYNAMIC_GROUP
  此动态组包含 JMS 将监视的所有托管实例。
4. JMS_Policy_Fleet_Compartment
  这是 OCI Identity and Access Management 策略名称。JMS 所需的所有策略都添加到此策略文档。
在监视 OCI 实例下，选择要监视的 OCI 实例所在的区间。要添加更多区间，请单击添加行。

单击复查可查看将创建的所有资源。

验证是否使用以下规则设置了 JMS_DYNAMIC_GROUP：

ALL {resource.type='managementagent', resource.compartment.id=<Fleet_Compartment_OCID>}
ANY {instance.compartment.id = <Fleet_Compartment_OCID>}
ALL {resource.type='managementagent', resource.compartment.id=<OCI_Instance_Compartment_OCID>}
ANY {instance.compartment.id = <OCI_Instance_Compartment_OCID>}

使用以下规则验证是否设置了 JMS_Policy_Fleet_Compartment：

ALLOW GROUP FLEET_MANAGERS TO MANAGE fleet IN COMPARTMENT Fleet_Compartment
ALLOW GROUP FLEET_MANAGERS TO MANAGE management-agents IN COMPARTMENT Fleet_Compartment
ALLOW GROUP FLEET_MANAGERS TO MANAGE management-agent-install-keys IN COMPARTMENT Fleet_Compartment
ALLOW GROUP FLEET_MANAGERS TO READ METRICS IN COMPARTMENT Fleet_Compartment
ALLOW GROUP FLEET_MANAGERS TO MANAGE instance-family IN COMPARTMENT Fleet_Compartment
ALLOW GROUP FLEET_MANAGERS TO READ instance-agent-plugins IN COMPARTMENT Fleet_Compartment
ALLOW GROUP FLEET_MANAGERS TO MANAGE log-groups IN COMPARTMENT Fleet_Compartment
ALLOW GROUP FLEET_MANAGERS TO MANAGE log-content IN COMPARTMENT Fleet_Compartment
ALLOW GROUP FLEET_MANAGERS TO MANAGE jms-plugins IN COMPARTMENT Fleet_Compartment
ALLOW GROUP FLEET_MANAGERS TO MANAGE instance-family IN COMPARTMENT <OCI_Instance_Compartment>
ALLOW GROUP FLEET_MANAGERS TO READ instance-agent-plugins IN COMPARTMENT <OCI_Instance_Compartment>
 
ALLOW DYNAMIC-GROUP JMS_DYNAMIC_GROUP TO USE METRICS IN COMPARTMENT Fleet_Compartment
ALLOW DYNAMIC-GROUP JMS_DYNAMIC_GROUP TO MANAGE management-agents IN COMPARTMENT Fleet_Compartment
ALLOW DYNAMIC-GROUP JMS_DYNAMIC_GROUP TO MANAGE log-content IN COMPARTMENT Fleet_Compartment
ALLOW DYNAMIC-GROUP JMS_DYNAMIC_GROUP TO MANAGE jms-plugins IN COMPARTMENT Fleet_Compartment
ALLOW DYNAMIC-GROUP JMS_DYNAMIC_GROUP TO MANAGE metrics IN COMPARTMENT Fleet_Compartment WHERE target.metrics.namespace='java_management_service'
ALLOW DYNAMIC-GROUP JMS_Dynamic_Group TO MANAGE management-agents IN COMPARTMENT <OCI_Instance_Compartment>
ALLOW DYNAMIC-GROUP JMS_DYNAMIC_GROUP TO USE METRICS IN COMPARTMENT <OCI_Instance_Compartment>
ALLOW DYNAMIC-GROUP JMS_DYNAMIC_GROUP TO MANAGE jms-plugins IN COMPARTMENT <OCI_Instance_Compartment>
 
ALLOW resource jms SERVER-COMPONENTS TO MANAGE metrics IN COMPARTMENT Fleet_Compartment WHERE target.metrics.namespace='java_management_service'
ALLOW resource jms SERVER-COMPONENTS TO USE management-agent-install-keys IN COMPARTMENT Fleet_Compartment
ALLOW resource jms SERVER-COMPONENTS TO MANAGE log-groups IN COMPARTMENT Fleet_Compartment
ALLOW resource jms SERVER-COMPONENTS TO MANAGE log-content IN COMPARTMENT Fleet_Compartment
ALLOW resource jms SERVER-COMPONENTS TO READ instances IN tenancy
ALLOW resource jms SERVER-COMPONENTS TO INSPECT instance-agent-plugins IN tenancy

单击页面底部的确认以启动入职向导。
将出现一个屏幕，通知您先决条件已成功设置。单击完成以关闭窗口。

注意：
如果创建过程中出现错误，则会显示错误消息。解决错误并重新启动入职向导以继续。

顶部会显示一条 JMS setup is successful 通知消息。