一、elasticsearch
1、OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
解決:
關閉虛擬機並將處理器的的“每個處理器的內核數量”改爲2。
2、main ERROR Could not register mbeans java.security.AccessControlException: access denied ("javax.management.MBeanTrustPermission" "register")
解決:
更改elasticsearch文件夾所有者到當前用戶:
sudo chown -R wzh.wzh elasticsearch-5.4.3
3、OpenJDK 64-Bit Server VM warning: Option UseConcMarkSweepGC was deprecated in version 9.0 and will likely be removed in a future release.
解決:
此問題爲jdk版本太新了。安裝低版本jdk即可解決,比如安裝jdk1.8
4、啓動elasticsearch後直接被殺死
由於ES是運行在JVM上,JVM本身除了分配的heap內存以外,還會用到一些堆外(off heap)內存。 在小內存的機器上跑ES,如果heap劃分過多,累加上堆外內存後,總的JVM使用內存量可能超過物理內存限制。 如果swap又是關閉的情況下,就會被操作系統oom killer殺掉。
解決:
修改ES中config目錄下的jvm.options文件:
將
-Xms1g
-Xmx1g
改爲
-Xms512m
-Xmx512m
5、ERROR: [2] bootstrap checks failed
(1)問題[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]
解決:
編輯 /etc/security/limits.conf,追加以下內容,其中數字可根據提示來修改。
* soft nofile 65536
* hard nofile 131072
* soft nproc 65536
* hard nproc 65536
其中*表示所有用戶,soft指軟限制,hard指硬限制。
注:
在Ubuntu18.04中修改以上配置後可能還不能生效,還需要修改 /etc/systemd/user.conf 及 /etc/systemd/system.conf 中如下面這行的配置項:
此文件修改後需要重新登錄用戶,纔會生效。
用普通用戶,查看進程數:
ulimit -n // 查看系統打開文件描述符的最大值
ulimit -Hn // 查看用戶硬限制
ulimit -Su // 查看用戶軟限制
(2)問題 [2]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]
解決:
編輯 /etc/sysctl.conf,追加以下內容:
vm.max_map_count=262144
保存後,執行:
sysctl -p
或者:
sysctl -w vm.max_map_count=262144
二、logstash
1、
Sending Logstash's logs to /home/wzh/Elk/logstash-5.4.3/logs which is now configured via log4j2.properties
[2020-05-20T00:04:43,938][FATAL][logstash.runner]
An unexpected error occurred!
{ :error=>#<ArgumentError: Setting "" hasn't been registered>,
:backtrace=>[
"/home/wzh/Elk/logstash-5.4.3/logstash-core/lib/logstash/settings.rb:29:in `get_setting'",
"/home/wzh/Elk/logstash-5.4.3/logstash-core/lib/logstash/settings.rb:61:in `set_value'",
"/home/wzh/Elk/logstash-5.4.3/logstash-core/lib/logstash/settings.rb:80:in `merge'",
"org/jruby/RubyHash.java:1342:in `each'",
"/home/wzh/Elk/logstash-5.4.3/logstash-core/lib/logstash/settings.rb:80:in `merge'",
"/home/wzh/Elk/logstash-5.4.3/logstash-core/lib/logstash/settings.rb:129:in `validate_all'",
"/home/wzh/Elk/logstash-5.4.3/logstash-core/lib/logstash/runner.rb:217:in `execute'",
"/home/wzh/Elk/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:67:in `run'",
"/home/wzh/Elk/logstash-5.4.3/logstash-core/lib/logstash/runner.rb:185:in `run'",
"/home/wzh/Elk/logstash-5.4.3/vendor/bundle/jruby/1.9/gems/clamp-0.6.5/lib/clamp/command.rb:132:in `run'",
"/home/wzh/Elk/logstash-5.4.3/lib/bootstrap/environment.rb:71:in `(root)'"
]
}
此問題是配置文件中出現非法的字符,或者編碼方式不正確。修改config底下的logstash.yml
三、kibana
1、Unable to fetch mapping. Do you have indices matching the pattern?
此問題是kibana想Kibana想映射ES的一個索引,你需要指定一個在ES中已存在的索引,在頁面中,有一個默認索引:一個叫logstash-*的索引。注意此索引和logstash中的配置文件設置有關係,如果配置文件沒寫好則有可能搜索不出索引。如配置文件裏“index => "logstash-%{+YYYY-MM-dd}”則kibana輸入:“lostash-*”即可創建對應索引。