[2022-09-05T14:35:19,438][INFO ][o.e.x.m.p.l.CppLogMessageHandler] [n32] [controller/8954] [Main.cc@114] controller (64 bit): Version 6.8.12 (Build 39bf066b214253) Copyright (c) 2020 Elasticsearch BV
[2022-09-05T14:35:19,864][DEBUG][o.e.a.ActionModule ] [n32] Using REST wrapper from plugin org.elasticsearch.xpack.security.Security
[2022-09-05T14:35:20,080][INFO ][o.e.d.DiscoveryModule ] [n32] using discovery type [zen] and host providers [settings]
[2022-09-05T14:35:21,009][INFO ][o.e.n.Node ] [n32] initialized
[2022-09-05T14:35:21,009][INFO ][o.e.n.Node ] [n32] starting ...
[2022-09-05T14:35:21,473][INFO ][o.e.t.TransportService ] [n32] publish_address {172.20.251.32:9300}, bound_addresses {172.20.251.32:9300}
[2022-09-05T14:35:21,492][INFO ][o.e.b.BootstrapChecks ] [n32] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2022-09-05T14:35:21,496][ERROR][o.e.b.Bootstrap ] [n32] node validation exception
[2] bootstrap checks failed
[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]
[2]: memory locking requested for elasticsearch process but memory is not locked
[2022-09-05T14:35:21,498][INFO ][o.e.n.Node ] [n32] stopping ...
[2022-09-05T14:35:21,542][INFO ][o.e.n.Node ] [n32] stopped
[2022-09-05T14:35:21,542][INFO ][o.e.n.Node ] [n32] closing ...
[2022-09-05T14:35:21,558][INFO ][o.e.n.Node ] [n32] closed
按照提示,修改/etc/security/limits.conf,新增nofile为65536
修改 /etc/sysctl.conf
vm.max_map_count = 655360
sudo sysctl -p 使参数生效,退出后重启elasticsearch。
报错仍热存在。
1、修改/etc/security/limits.d/20-nproc.conf ,如果没有次文件,修改xx-nproc.conf文件
# cat 20-nproc.conf
# Default limit for number of user's processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.
* soft nofile 65536
* hard nofile 65536
* soft nproc 65536
root soft nproc unlimited
修改完后,重新进入,参数还未生效。
[k8s@slcj-rzcl-es elasticsearch]$ ulimit -Hn
4096
[k8s@slcj-rzcl-es elasticsearch]$ sudo su -
Last login: Mon Sep 5 14:53:57 CST 2022 on pts/0
[root@slcj-rzcl-es ~]# ulimit -Hn
65536
[root@slcj-rzcl-es ~]#
普通用户和root用户,执行相同的命令,显示的不一致。即root用户下,改完后是生效了的。
继续更改配置文件,将/etc/security/limits.conf 中,* 用具体要操作的用户名替代。
k8s soft nofile 65536
k8s hard nofile 65536
k8s soft nproc 65536
k8s hard nproc 65536
修改/etc/security/limits.d/20-nproc.conf ,这个文件中,只配置nproc
cat /etc/security/limits.d/20-nproc.conf
# Default limit for number of user's processes to prevent
# accidental fork bombs.
# See rhbz #432903 for reasoning.
* soft nproc 65536
* hard nproc 65536
root soft nproc 65536
新建配置文件/etc/security/limits.d/def.conf
[root@slcj-rzcl-es ~]# cat /etc/security/limits.d/def.conf
k8s soft nofile 65536
k8s hard nofile 65536
配置完,切换普通用户,ulimit -Hn 值未生效。
继续
修改 /etc/pam.d/login
新建/etc/pam.d/sshd 文件,添加如下内容
[root@slcj-rzcl-es ~]# cat /etc/pam.d/sshd
session required pam_limits.so
修改配置文件etc/ssh/ssd_config ,将UsePAM的注释放开
在切到普通用户,验证成功
[k8s@slcj-rzcl-es elasticsearch]$
[k8s@slcj-rzcl-es elasticsearch]$ ulimit -Hn
65536
[k8s@slcj-rzcl-es elasticsearch]$
[k8s@slcj-rzcl-es elasticsearch]$
[k8s@slcj-rzcl-es elasticsearch]$
[k8s@slcj-rzcl-es elasticsearch]$ sudo su - root
Last login: Mon Sep 5 18:08:06 CST 2022 on pts/3
[root@slcj-rzcl-es ~]# ulimit -Hn
65536
[root@slcj-rzcl-es ~]#
[root@slcj-rzcl-es ~]#
重新启动elasticsearch
[2022-09-05T18:05:23,660][INFO ][o.e.x.s.a.s.FileRolesStore] [n32] parsed [0] roles from file [/data/log4x/apps/elasticsearch/config/roles.yml]
[2022-09-05T18:05:24,235][INFO ][o.e.x.m.p.l.CppLogMessageHandler] [n32] [controller/46559] [Main.cc@114] controller (64 bit): Version 6.8.12 (Build 39bf066b214253) Copyright (c) 2020 Elasticsearch BV
[2022-09-05T18:05:24,686][DEBUG][o.e.a.ActionModule ] [n32] Using REST wrapper from plugin org.elasticsearch.xpack.security.Security
[2022-09-05T18:05:24,865][INFO ][o.e.d.DiscoveryModule ] [n32] using discovery type [zen] and host providers [settings]
[2022-09-05T18:05:25,577][INFO ][o.e.n.Node ] [n32] initialized
[2022-09-05T18:05:25,578][INFO ][o.e.n.Node ] [n32] starting ...
[2022-09-05T18:05:25,719][INFO ][o.e.t.TransportService ] [n32] publish_address {172.20.251.32:9300}, bound_addresses {172.20.xx.xx:9300}
[2022-09-05T18:05:25,733][INFO ][o.e.b.BootstrapChecks ] [n32] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2022-09-05T18:05:28,780][INFO ][o.e.c.s.MasterService ] [n32] zen-disco-elected-as-master ([0] nodes joined), reason: new_master {n32}{upc2qZ3vRFS8FNSgfsRU3Q}{I-bKOB_GQWWlVLdlGg3K6w}{172.20.xx.xx}{172.20.xx.xx:9300}{ml.machine_memory=33542516736, xpack.installed=true, ml.max_open_jobs=20, ml.enabled=true}
[2022-09-05T18:05:28,784][INFO ][o.e.c.s.ClusterApplierService] [n32] new_master {n32}{upc2qZ3vRFS8FNSgfsRU3Q}{I-bKOB_GQWWlVLdlGg3K6w}{172.20.xx.xx}{172.20.xx.xx:9300}{ml.machine_memory=33542516736, xpack.installed=true, ml.max_open_jobs=20, ml.enabled=true}, reason: apply cluster state (from master [master {n32}{upc2qZ3vRFS8FNSgfsRU3Q}{I-bKOB_GQWWlVLdlGg3K6w}{172.20.xx.xx}{172.20.xx.xx:9300}{ml.machine_memory=33542516736, xpack.installed=true, ml.max_open_jobs=20, ml.enabled=true} committed version [1] source [zen-disco-elected-as-master ([0] nodes joined)]])
[2022-09-05T18:05:28,825][INFO ][o.e.h.n.Netty4HttpServerTransport] [n32] publish_address {172.20.251.32:9200}, bound_addresses {172.20.xx.xx:xx}
[2022-09-05T18:05:28,825][INFO ][o.e.n.Node ] [n32] started
[2022-09-05T18:05:29,076][WARN ][o.e.x.s.a.s.m.NativeRoleMappingStore] [n32] Failed to clear cache for realms [[]]
[2022-09-05T18:05:29,116][INFO ][o.e.g.GatewayService ] [n32] recovered [0] indices into cluster_state
[2022-09-05T18:05:29,242][INFO ][o.e.c.m.MetaDataIndexTemplateService] [n32] adding template [.watches] for index patt
第二天,重启elasticsearch后,发现又重启不了,查看日志,仍报错文件数少的报错。
挨个检查上面的配置文件,参数都已经设置了,怎么又失效了呢。
因为没有重启 init 6
重启完后,就检查了下主机参数,ulimit -Hn ,参数生效。
至此,完结。