[TOC]
成都創(chuàng)新互聯(lián)是一家朝氣蓬勃的網(wǎng)站建設(shè)公司。公司專注于為企業(yè)提供信息化建設(shè)解決方案��。從事網(wǎng)站開發(fā)�,網(wǎng)站制作,網(wǎng)站設(shè)計(jì)����,網(wǎng)站模板,微信公眾號開發(fā)�����,軟件開發(fā),微信平臺小程序開發(fā)���,十余年建站對成都建筑動(dòng)畫等多個(gè)行業(yè)����,擁有豐富的營銷推廣經(jīng)驗(yàn)�。
0 說明
使用的es版本為5.6,Linux版本為CentOs 6.5.
1 Elasticsearch bootstrap checks
1.1 開發(fā)環(huán)境
如果在es的配置中沒有配置network.host來指定一個(gè)可用的IP地址的話���,默認(rèn)情況下�����,就綁定到localhost上�����,此時(shí)es會(huì)認(rèn)為用戶只是在開發(fā)環(huán)境下使用es���,基于開箱即用的原則,雖然es此時(shí)也會(huì)進(jìn)行bootstrap checks���,來檢查用戶的配置是否與es設(shè)定的安全值相匹配�����,如下:
- 如果匹配�,則不會(huì)有warnning信息,此時(shí)es正常啟動(dòng)���;
- 如果不匹配,則會(huì)有warnning信息�,但因?yàn)槭情_發(fā)環(huán)境,es依然會(huì)正常啟動(dòng)��;
1.2 生產(chǎn)環(huán)境
一旦用戶配置了network.host來指定一個(gè)可用的非loopback地址����,那么es就會(huì)認(rèn)為用戶此時(shí)是在生產(chǎn)環(huán)境下啟動(dòng)es,同樣會(huì)進(jìn)行檢查��,但一旦檢查不通過�,直接會(huì)將前面的warnning提升為error,所以此時(shí)es會(huì)啟動(dòng)失敗�。
2 開發(fā)環(huán)境啟動(dòng)時(shí)的bootstrap checks分析
不配置network.host時(shí),直接啟動(dòng)es���,會(huì)有下面的warnning:
[2018-12-07T04:15:44,735][INFO ][o.e.d.DiscoveryModule ] [PQ85ukj] using discovery type [zen]
[2018-12-07T04:15:45,702][INFO ][o.e.n.Node ] initialized
[2018-12-07T04:15:45,703][INFO ][o.e.n.Node ] [PQ85ukj] starting ...
[2018-12-07T04:15:46,071][INFO ][o.e.t.TransportService ] [PQ85ukj] publish_address {127.0.0.1:9300}, bound_addresses {[::1]:9300}, {127.0.0.1:9300}
[2018-12-07T04:15:46,090][WARN ][o.e.b.BootstrapChecks ] [PQ85ukj] max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
[2018-12-07T04:15:46,090][WARN ][o.e.b.BootstrapChecks ] [PQ85ukj] max number of threads [1024] for user [hadoop] is too low, increase to at least [2048]
[2018-12-07T04:15:46,090][WARN ][o.e.b.BootstrapChecks ] [PQ85ukj] max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
[2018-12-07T04:15:46,090][WARN ][o.e.b.BootstrapChecks ] [PQ85ukj] system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk
[2018-12-07T04:15:49,269][INFO ][o.e.c.s.ClusterService ] [PQ85ukj] new_master {PQ85ukj}{PQ85ukjdSoeVEpSpByAjMw}{Dbb3lzTWTN-eUEKXO8z-sw}{127.0.0.1}{127.0.0.1:9300}, reason: zen-disco-elected-as-master ([0] nodes joined)
[2018-12-07T04:15:49,313][INFO ][o.e.h.n.Netty4HttpServerTransport] [PQ85ukj] publish_address {127.0.0.1:9200}, bound_addresses {[::1]:9200}, {127.0.0.1:9200}
[2018-12-07T04:15:49,313][INFO ][o.e.n.Node ] [PQ85ukj] started
[2018-12-07T04:15:49,553][INFO ][o.e.g.GatewayService ] [PQ85ukj] recovered [0] indices into cluster_state
提取其waarnning信息����,如下:
文件描述符:
max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
線程數(shù):
max number of threads [1024] for user [hadoop] is too low, increase to at least [2048]
虛擬內(nèi)存:
max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
system call filters:
system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk
可以看到有4個(gè)問題,分別為:文件描述符�、線程數(shù)、虛擬內(nèi)存與system call filters�����。
雖然有warnning���,但因?yàn)閑s本身會(huì)認(rèn)為是在開發(fā)環(huán)境下運(yùn)行����,基于開箱即用的特性���,是仍然可以正常啟動(dòng)的����。
3 生產(chǎn)環(huán)境啟動(dòng)時(shí)的bootstrap checks分析
綁定IP地址后再啟動(dòng)�,發(fā)現(xiàn)有下面的報(bào)錯(cuò)信息:
ERROR: [4] bootstrap checks failed
[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
[2]: max number of threads [1024] for user [hadoop] is too low, increase to at least [2048]
[3]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
[4]: system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk
直接error,所以會(huì)啟動(dòng)失敗�����,除非進(jìn)行上面的設(shè)置符合安全要求。
4 生產(chǎn)環(huán)境正常啟動(dòng)配置
解決上面出現(xiàn)的問題��,需要進(jìn)行如下的配置���。
4.1 文件描述符
ulimit -n 65536
但是重新登錄后就會(huì)恢復(fù)成默認(rèn)值了�。
修改/etc/security/limits.conf配置���,如下:
hadoop soft nofile 65536 # soft表示為超過這個(gè)值就會(huì)有warnning
hadoop hadr nofile 100000 # hard則表示不能超過這個(gè)值
之后再重新登錄���,使用ulimit -n就可以進(jìn)行驗(yàn)證���。
4.2 線程數(shù)
修改/etc/security/limits.conf配置����,如下:
hadoop soft nproc 2048
hadoop hard nproc 4096
實(shí)際上�����,該配置文件對于nproc的說明為進(jìn)程數(shù)��,而不是線程數(shù):
# -
39,1 41%
# /etc/security/limits.conf
#
#Each line describes a limit for a user in the form:
#
#
-
#
#Where:
# can be:
# - an user name
# - a group name, with @group syntax
# - the wildcard *, for default entry
# - the wildcard %, can be also used with %group syntax,
# for maxlogin limit
#
# can have the two values:
# - "soft" for enforcing the soft limits
# - "hard" for enforcing hard limits
#
#
- can be one of the following:
# - core - limits the core file size (KB)
# - data - max data size (KB)
# - fsize - maximum filesize (KB)
# - memlock - max locked-in-memory address space (KB)
# - nofile - max number of open files
# - rss - max resident set size (KB)
# - stack - max stack size (KB)
# - cpu - max CPU time (MIN)
# - nproc - max number of processes
# - as - address space limit (KB)
# - maxlogins - max number of logins for this user
# - maxsyslogins - max number of logins on the system
# - priority - the priority to run user process with
# - locks - max number of file locks the user can hold
# - sigpending - max number of pending signals
# - msgqueue - max memory used by POSIX message queues (bytes)
# - nice - max nice priority allowed to raise to values: [-20, 19]
# - rtprio - max realtime priority
#
#
-
#
#* soft core 0
#* hard rss 10000
4.3 虛擬內(nèi)存
sysctl vm.max_map_count
sysctl -w vm.max_map_count=262144
但是重啟系統(tǒng)后就會(huì)失效��。
修改配置文件/etc/sysctl.conf,如下:
vm.max_map_count=262144
需要重啟后才生效����。
4.4 system call filters
參考:https://www.jianshu.com/p/89f8099a6d09
分享文章:Elasticsearch啟動(dòng)分析與問題解決-bootstrapchecks
轉(zhuǎn)載注明:
http://weahome.cn/article/iidcjp.html
重慶分公司
重慶分公司
