Centos7 starts Elasticsearch error collation

I have encountered a lot of mistakes in practicing es recently. Now write down the problems for later review and summary

I won't repeat the process of installing es here. If you need the whole process of installing es, you can leave a message. If there are more, I'll write another detailed installation step

Problem 1. Enter the es installation directory and execute the startup command on a single virtual machine

]# bin/elasticsearch

See the following error

]# pwd
/opt/module/elasticsearch-7.0.1
]# bin/elasticsearch

[2021-06-09T14:47:37,348][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [node-1] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.RuntimeException: can not run elasticsearch as root
        at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:163) ~[elasticsearch-7.0.1.jar:7.0.1]
        at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150) ~[elasticsearch-7.0.1.jar:7.0.1]
        at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) ~[elasticsearch-7.0.1.jar:7.0.1]
        at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) ~[elasticsearch-cli-7.0.1.jar:7.0.1]
        at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-cli-7.0.1.jar:7.0.1]
        at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:115) ~[elasticsearch-7.0.1.jar:7.0.1]
        at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92) ~[elasticsearch-7.0.1.jar:7.0.1]
Caused by: java.lang.RuntimeException: can not run elasticsearch as root
        at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:102) ~[elasticsearch-7.0.1.jar:7.0.1]
        at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:169) ~[elasticsearch-7.0.1.jar:7.0.1]
        at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:325) ~[elasticsearch-7.0.1.jar:7.0.1]
        at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) ~[elasticsearch-7.0.1.jar:7.0.1]
        ... 6 more

According to the error prompt can not run elasticsearch as root, it can be seen that es cannot be run as root, which should be the reason for es based security considerations.

Therefore, we need to switch users. If users have been created, we can switch directly

# Execute su + user name
]# su kohsin

After switching users, execute the startup program...... If it still fails to start, check question 2

If no user has been created, create the user first

]# useradd kohsin
]# passwd kohsin
 Change user kohsin Your password.
New password:
Invalid password: password is less than 8 characters
 Re enter the new password:
passwd: All authentication tokens have been successfully updated.

Execute the startup command after creating the user.....

Problem 2: after the user is switched, an error is still reported when executing the start command

]$ bin/elasticsearch
Exception in thread "main" java.nio.file.AccessDeniedException: /opt/module/elasticsearch-7.0.1/config/jvm.options
        at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
        at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
        at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
        at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:214)
        at java.nio.file.Files.newByteChannel(Files.java:361)
        at java.nio.file.Files.newByteChannel(Files.java:407)
        at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:384)
        at java.nio.file.Files.newInputStream(Files.java:152)
        at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:60)

This is because after switching users, they do not have permission to the folder, so there is no way to execute successfully

After entering the upper directory, you can see that the current es folder belongs to root

]$ ll
 Total consumption 0
drwxr-xr-x 9 root root 192 6 September 14:10 elasticsearch-7.0.1

Therefore, you can change the permission of the folder to the new user. Because it is a new user just created, you must not have permission. sudo instruction should be added in front of the command

]# sudo chown -R kohsin elasticsearch-7.0.1

At this time, you will encounter a new error

Question 3. The new user is not in the sudoers file

]$ sudo chown -R kohsin elasticsearch-7.0.1
[sudo] kohsin Password for:
kohsin be not in sudoers File. The matter will be reported.

The reason for this problem is that there is no permission to configure a new user, so the configuration file cannot be found when sudo is executed

Next, we configure sudoers for new users

Let's see what's in the duers

]$ cat /etc/sudoers
cat: /etc/sudoers: insufficient privilege

If it is found that our permission is insufficient, we need to modify it through the root user

Then we decide to return to the root role and execute the su root instruction. If there is an authentication failure..... View problem 4 for resolution

# root can write but not write
]$ su root
 password:
su: Identify faults

 

Question 4. su: identify faults

The problem of error in converting other users to root user is solved now. This problem needs to reset the password of root user. Enter the password and find the error of the above problem 3

]$ sudo passwd root
[sudo] kohsin Password for:
kohsin be not in sudoers File. The matter will be reported.

After solving the problem twice, it is found that the problem that the user is not in sudoers needs to be solved first

So let's go back to problem 3 and solve it

Because we have been in the newly created user, various permissions are limited. We need to switch back to the root user to perform the modification, but we can't switch through the instruction, so we need to reopen a window (I use the virtual machine connected by MobaXterm), and then enter the root account to log in

So we'll go back to root

The next step is to set the permissions of the new user we just created. Enter the following instructions

]# vi /etc/sudoers

Find the location of the, and then add the content in the red box. The first word is the user name you created. It is forced to save

 

The problems in question 4 also apply to the following errors (the solution should be read down)

sudo: etc/sudoers can be contacted by anyone Sudo: no valid sudoers resource found, exit sudo: unable to initialize policy plugin

After the permission problem of the new user is solved, we switch to the new user and continue with the last step of the previous question 2

Switch user instruction

]# su kohsin

We found the installation directory of es

Then execute the instruction

]# sudo chown -R kohsin elasticsearch-7.0.1

It can be seen that at this time, the instruction will no longer report errors, and then the owner of the folder becomes kohsin (new user)

At this time, when we execute the startup instruction, we will see that the program is running

But...... I made another mistake...... (in utter silence...)

Question 5

max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535]

The process of es is too low.... (I'm NIMA)

Continue processing

According to the information, when installing es, the configuration allows the application server to access through the network. Of course, the production environment is the same. Now it is started through a single machine, so es will dislike the low-end of the single machine version and cannot be started

If you feel troublesome, you can start the cluster directly

If you want to solve this problem

Then go to limits Modify in conf configuration. Note that * cannot be omitted

]$ sudo vim /etc/security/limits.conf

Add content at the end of the file
* soft nofile 65536
* hard nofile 131072
* soft nproc 2048
* hard nproc 65536

Question 6

Error Max virtual memory areas VM max_ map_ count [65530] likely too low, increase to at least [262144]

This is because: the number of virtual memory areas a process can have.

]$ sudo vim /etc/sysctl.conf
 Add a line at the end of the file
vm.max_map_count=262144
The modifications to questions 5 and 6 will take effect only after the virtual machine is restarted.
 
 
 
The whole process of the article is solved step by step by checking the data when I encounter problems, so logically, I don't do a good job in the configuration first like other articles. I come one by one when I encounter problems, so it seems that I will feel a mess.

Keywords: Big Data ElasticSearch

Added by fhil85 on Sun, 30 Jan 2022 23:25:53 +0200