ElasticSearch 安装报错整理

单机安装报错

初次启动服务

/opt/elasticsearch-5.5.2/bin/elasticsearch

当使用root账户调用启动命令出现错误信息,错误提示信息如下:

[2017-08-30T13:32:17,003][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [ELK-node1] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.RuntimeException: can not run elasticsearch as root
    at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:127) ~[elasticsearch-5.5.2.jar:5.5.2]
    at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:114) ~[elasticsearch-5.5.2.jar:5.5.2]
    at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:67) ~[elasticsearch-5.5.2.jar:5.5.2]
    at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:122) ~[elasticsearch-5.5.2.jar:5.5.2]
    at org.elasticsearch.cli.Command.main(Command.java:88) ~[elasticsearch-5.5.2.jar:5.5.2]
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:91) ~[elasticsearch-5.5.2.jar:5.5.2]
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:84) ~[elasticsearch-5.5.2.jar:5.5.2]
Caused by: java.lang.RuntimeException: can not run elasticsearch as root
    at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:106) ~[elasticsearch-5.5.2.jar:5.5.2]
    at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:194) ~[elasticsearch-5.5.2.jar:5.5.2]
    at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:351) ~[elasticsearch-5.5.2.jar:5.5.2]
    at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:123) ~[elasticsearch-5.5.2.jar:5.5.2]
    ... 6 more

创建新用户

由于Elasticsearch可以接收用户输入的脚本并且执行,为了系统安全考虑,不允许root账号启动,所以建议给Elasticsearch单独创建一个用户来运行Elasticsearch

命令格式 useradd ymq(用户名) -g ymq(所属组名) -p ymq(密码)

groupadd ymq
useradd  ymq -g ymq -p ymq

授权访问组权限

命令格式: chown -R ymq(所属用户) : ymq(所属用户组名) /opt/elasticsearch-5.5.2 (要更改的文件路径)

chown -R ymq:ymq /opt/elasticsearch-5.5.2
chmod -R 777 /opt/elasticsearch-5.5.2

授权 root 权限

命令格式: ymq 用户 root 权限 NOPASSWD意思是 不用输密码

chmod 777 /etc/sudoers
vi /etc/sudoers

root    ALL=(ALL)       ALL

#添加ymq 用户 root 权限
ymq     ALL=(ALL)       NOPASSWD:ALL 

pkexec chmod 0440 /etc/sudoers

su ymq
/opt/elasticsearch-5.5.2/bin/elasticsearch

如果报如下错误

[2017-08-30T13:41:13,631][INFO ][o.e.n.Node               ] [ELK-node1] starting ...
[2017-08-30T13:41:14,093][INFO ][o.e.t.TransportService   ] [ELK-node1] publish_address {192.168.252.121:9300}, bound_addresses {[::]:9300}
[2017-08-30T13:41:14,121][INFO ][o.e.b.BootstrapChecks    ] [ELK-node1] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks
[2017-08-30T13:41:14,127][ERROR][o.e.b.Bootstrap          ] [ELK-node1] node validation exception
[2] bootstrap checks failed
[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
[2]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
[2017-08-30T13:41:14,142][INFO ][o.e.n.Node               ] [ELK-node1] stopping ...
[2017-08-30T13:41:14,186][INFO ][o.e.n.Node               ] [ELK-node1] stopped
[2017-08-30T13:41:14,186][INFO ][o.e.n.Node               ] [ELK-node1] closing ...
[2017-08-30T13:41:14,204][INFO ][o.e.n.Node               ] [ELK-node1] closed

以下错误都切换到 root 用户进项修改

su root

错误

[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536

编辑 limits.conf 在第一行加上如下内容

cat /etc/security/limits.conf 

* soft nofile 65536
* hard nofile 131072
* soft nproc 2048
* hard nproc 4096

错误

[2]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]

编辑 limits.conf 在第一行加上如下内容

cat /etc/sysctl.conf 

vm.max_map_count = 655360

执行 sysctl -p

sysctl -p

删除data目录下的数据(如果是新解压的安装包就不必了)

异常 IllegalStateException

Caused by: java.lang.IllegalStateException: failed to obtain node locks, tried [[/opt/elasticsearch-5.5.2/data/ymq]] with lock id [0]; maybe thes

删除 安装目录下/data

cd /opt/elasticsearch-5.5.2/data
rm -rf nodes

异常 RemoteTransportException

[2017-09-01T11:40:42,115][INFO ][o.e.d.z.ZenDiscovery     ] [ELK-node2] failed to send join request to master [{ELK-node1}{DKCwxkubTFufsBaOSXj9Nw}{UIMSNeuIT6m8SFGGTi4wSg}{192.168.252.121}{192.168.252.121:9300}], reason [RemoteTransportException[[ELK-node1][192.168.252.121:9300][internal:discovery/zen/join]]; nested: NotMasterException[Node [{ELK-node1}{DKCwxkubTFufsBaOSXj9Nw}{UIMSNeuIT6m8SFGGTi4wSg}{192.168.252.121}{192.168.252.121:9300}] not master for join request]; ], tried [3] times

删除 个集群安装目录下/data

cd /opt/elasticsearch-5.5.2/data
rm -rf nodes

异常 ElasticsearchUncaughtExceptionHandler

上次启动失败,占用了端口

[2017-08-30T22:02:14,463][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [ELK-node2] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: BindHttpException[Failed to bind to [9200]]; nested: BindException[Address already in use];

jps 

2824 Elasticsearch
3165 Jps

kill -9 2824

再次启动服务

切到 ymq 用户尝试启动服务 加 -d 后台启动

su ymq
/opt/elasticsearch-5.5.2/bin/elasticsearch  -d

jvm 内存内存修改

vi /opt/elasticsearch-5.5.2/config/jvm.options

-Xms2g  --》修改为512m
-Xmx2g  --》修改为512m

查看日志

ymq 及时集群名称

less /opt/elasticsearch-5.5.2/logs/ymq.log

查看端口

netstat -nltp

(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -                   
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      -                   
tcp6       0      0 :::9200                 :::*                    LISTEN      2944/java           
tcp6       0      0 :::9300                 :::*                    LISTEN      2944/java           
tcp6       0      0 :::22                   :::*                    LISTEN      -                   
tcp6       0      0 ::1:25                  :::*                    LISTEN      - 

测试访问

curl -X GET http://localhost:9200/

{
  "name" : "ELK-node1",
  "cluster_name" : "ymq",
  "cluster_uuid" : "jxWzvSFNTCWtToD6wrVIpA",
  "version" : {
    "number" : "5.5.2",
    "build_hash" : "b2f0c09",
    "build_date" : "2017-08-14T12:33:14.154Z",
    "build_snapshot" : false,
    "lucene_version" : "6.6.0"
  },
  "tagline" : "You Know, for Search"

浏览器如果访问不成功,关闭防火墙,开放指定端9200,9300端口,为了方便,生产不要禁用防火墙

systemctl stop firewalld.service

更多异常:请参考

Elasticsearch 复制集群配置

不推荐按照以下步骤,可以按照上面介绍的单机配置依次安装

node1 ROOT 用户下操作

su root

把本机配置的文件复制到 node2,node3集群

for a in {2..3} ; do scp -r /opt/elasticsearch-5.5.2/ node$a:/opt/elasticsearch-5.5.2/ ; done

ssh 登录 node2,node3集群,创建新用户,授权访问组权限,并且授权访问/etc/sudoers 给root权限

for a in {2..3} ; do ssh node$a "source /etc/profile; groupadd ymq; useradd ymq -g ymq -p ymq; chown -R ymq:ymq /opt/elasticsearch-5.5.2; chmod 777 /etc/sudoers;" ; done

for a in {2..3} ; do scp -r /etc/sudoers node$a:/etc/sudoers ; done

复制 limits.confnode2,node3集群

for a in {2..3} ; do scp -r /etc/security/limits.conf node$a:/etc/security/limits.conf ; done

复制 sysctl.confnode2,node3集群

for a in {2..3} ; do scp -r /etc/sysctl.conf  node$a:/etc/sysctl.conf ; done

复制 jvm.optionsnode2,node3集群

for a in {2..3} ; do scp -r /opt/elasticsearch-5.5.2/config/jvm.options  node$a:/opt/elasticsearch-5.5.2/config/jvm.options ; done

执行 sysctl -p操作

for a in {2..3} ; do ssh node$a "source /etc/profile; sysctl -p ; " ; done

vi /opt/elasticsearch-5.5.2/config/elasticsearch.yml

node.name: 换个名字,可以ELK-node2,ELK-node3

node.name: ELK-node1

后台启动

后台启动node1,node2,node3 服务

su ymq
/opt/elasticsearch-5.5.2/bin/elasticsearch -d

查看node1,node2,node3端口使用情况

 netstat -nltp
点赞