配置ELK的时候,我平常遇到了以下几种报错情况,整理如下(持续更新中):

  1. elasticsearch启动失败

    # systemctl start elasticsearch
    
Job for elasticsearch.service failed because the control process exited with error code. See "systemctl status elasticsearch.service" and "journalctl -xe" for details.

#这个时候,直接查看系统日志,因为elasticsearch没有专门的日志审计
    
tail -f /var/log/messages

    出现如下报错

    Dec 13 10:16:30 oldboy elasticsearch: ERROR: [1] bootstrap checks failed
    
Dec 13 10:16:30 oldboy elasticsearch: [1]: initial heap size [536870912] not equal to maximum heap size [775946240]; this can cause resize pauses and prevents mlockall from locking the entire heap

    其实提示已经很明显了,jvm给的内存不足,那么我们直接把内存调大就可以了

    #修改jvm内存大小
    
# vim /etc/elasticsearch/jvm.options
    
-Xms1500m
    
-Xms1500m
    
#因为刚才把内存改的很小,改回来就行了

    如果不是使用的systemd方法启动,直接调用bin/elasticsearch 启动,那么有几点需要注意

    #1.不能使用root进行登录
    
useradd elk #创建用户elk

#2.将涉及的用户权限赋予elk

  2. kibana显示中文乱码

    #首先查看要拉取的日志的格式是什么
    
file file.txt  #在linux上查看

以记事本打开log文件,点击另存为查看,如果显示为ANSI,那么就是gbk  #在windows上查看

#在filebeat中配置字符集

# vim /etc/filebeat/filebeat.yml

filebeat.inputs:

- type: log

  enabled: true

  paths:
    
    - c:\work\CA*
    
  encoding: gbk   #此处加入字符格式,如果是utf8,那么不需要添加

    继续生成测试日志,登录kibana查看,发现中文字符已经正常显示,没有乱码了。

  3. es集群配置xpack启动后,创建密码失败

    [root@db01 elasticsearch]# bin/elasticsearch-setup-passwords interactive

Failed to determine the health of the cluster running at http://10.0.0.200:9200
    
Unexpected response code [503] from calling GET http://10.0.0.200:9200/_cluster/health?pretty
    
Cause: master_not_discovered_exception

It is recommended that you resolve the issues with your cluster before running elasticsearch-setup-passwords.
    
It is very likely that the password changes will fail when run against an unhealthy cluster.

Do you want to continue with the password setup process [y/N]y

Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
    
You will be prompted to enter passwords as the process progresses.
    
Please confirm that you would like to continue [y/N]y

#错误原因,因为脏数据的原因,当开始xpack的时候,集群链接失败

#终极大招(只适用于初始创建集群,或者测试环境)

1.停止服务
    
2.删除数据目录
    
3.三个节点只配置xpack.security.enabled: true,启动
    
4.设置密码

#配置文件(三台除了ip之外都一样)
    
cluster.name: think
    
node.name: node-1
    
path.data: /var/lib/elasticsearch
    
path.logs: /var/log/elasticsearch
    
bootstrap.memory_lock: true
    
network.host: 10.0.0.200,127.0.0.1
    
http.port: 9200
    
discovery.seed_hosts: ["10.0.0.200", "10.0.0.201"]
    
cluster.initial_master_nodes: ["10.0.0.200", "10.0.0.201","10.0.0.202"]
    
http.cors.enabled: true
    
http.cors.allow-origin: "*"
    
xpack.security.enabled: true

#测试效果
    
[root@db01 elasticsearch]# bin/elasticsearch-setup-passwords interactive
    
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
    
You will be prompted to enter passwords as the process progresses.
    
Please confirm that you would like to continue [y/N]y

Enter password for [elastic]:
    
Reenter password for [elastic]:
    
Enter password for [apm_system]:
    
Reenter password for [apm_system]:
    
Enter password for [kibana]:
    
Reenter password for [kibana]:
    
Enter password for [logstash_system]:
    
Reenter password for [logstash_system]:
    
Enter password for [beats_system]:
    
Reenter password for [beats_system]:
    
Enter password for [remote_monitoring_user]:
    
Reenter password for [remote_monitoring_user]:
    
Changed password for user [apm_system]
    
Changed password for user [kibana]
    
Changed password for user [logstash_system]
    
Changed password for user [beats_system]
    
Changed password for user [remote_monitoring_user]
    
Changed password for user [elastic]

#成功

4.隔天上班又出现和标题3同样的情况,如下解决方案

#直接配上ca证书验证,开启ssl

# 设置默认的角色密码

bin/elasticsearch-setup-passwords interactive  #这一步我是不成功的,不过标题3已经创建过了,所以跳过

再elasticsearch.yml加入如下

xpack.security.transport.ssl.enabled: true

xpack.security.transport.ssl.verification_mode: certificate # 证书验证级别

xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12 # 节点证书路径

xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12

#创建证书

# 创建keystore文件

# bin/elasticsearch-keystore create # config文件夹下有的话这一步就不用再执行了

# 生成CA证书,一直回车

bin/elasticsearch-certutil ca (CA证书:elastic-stack-ca.p12)

# 生成节点使用的证书,一直回车

bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12  (节点证书:elastic-certificates.p12)

# 创建证书保存目录,并移动到config文件下

mkdir -p /etc/elasticsearch/certs

mv elastic-certificates.p12 /etc/elasticsearch/certs

chmod 777 /etc/elasticsearch/certs   #不给授权就无法登录,可以自己测测到底给多少合适

#重启

elasticsearch配置集群+elk报错总结的更多相关文章

  1. elasticsearch集群搭建报错: not enough master nodes discovered during pinging

    自己用一台 阿里云 服务器 搭建ES集群的时候,总是报上面的问题. 而且两个ES服务都是报同样的问题.自己的配置文件如下: es服务1配置文件 cluster.name: elasticsearch ...

  2. IMPI Python集群运行报错:

    Intel MPI环境利用hostfile多主机运行下报错 HYDU_process_mfile_token (../../utils/args/args.c:523): token slots no ...

  3. 执行redis命令redis-trib.rb查看集群信息报错cannot load such file -- redis (LoadError)

    问题描述: 在执行redis-trib.rb命令查看集群状态的时候,报错: [aiprd@hadoop1 ~]$ redis-trib.rb check Traceback (most recent ...

  4. ceph-deploy离线部署ceph集群及报错解决FAQ

    ceph-deploy部署ceph集群 环境介绍 主机名 ip地址 操作系统 角色 备注 ceph-node1 10.153.204.13 Centos7.6 mon.osd.mds.mgr.rgw. ...

  5. rabbimq集群搭建报错:Error: unable TO perform an operation ON node 'rabbit@test3'. Please see diagnostics information AND suggestions below.

    在搭建rabbitmq集群的时候,添加内存节点时,抛出异常:Error: unable TO perform an operation ON node 'rabbit@test3'. Please s ...

  6. Redis集群创建报错

    Redis集群环境:och163/och164/och165 在执行如下脚本时报错: ./src/redis-trib.rb create 10.1.253.163: 10.1.253.164: 10 ...

  7. Elasticsearch配置集群环境

    环境选择:            1.方案一:准备三台机器   每一台机器一个节点            2.方案二:准备一台机器   启动三个节点,用端口号区分即可            3.ES启 ...

  8. HBase 2.1.3 集群 web 报错InvalidProtocolBufferException 解决方法

    搭建好HBase 集群后,各种后台进程都正常,搭建手册参考: Hbase 2.1.3 集群搭建手册https://www.cndba.cn/dave/article/3322 但是通过web访问,却报 ...

  9. 【问题集】redis集群set报错(error) MOVED 11469 192.168.181.201:7002

    没有启动集群模式(即缺少了那个"-c"): redis-cli -c -h yourhost -p yourpost

随机推荐

  1. C# MySQL,Dapper Trans,list

    static async Task MySQLTransDemo() { try { using(dbConnection) { dbConnection.Open(); //The object m ...

  2. C# 之扩展方法

    在编程过程中,有时由于新的需求,可能就会需要对类型进行修改,但当需要为类型添加新功能但并不拥有类型的已有代码时,就需要用到 扩展方法; 使用扩展方法的方式:创建一个新的类,这个类必须是静态类. 在这个 ...

  3. Navicat for Mysql安装及破解教程

    一.Navicat for Mysql安装 下载链接:https://navicatformysql.en.softonic.com/ 点击download下载. 下载完成后双击安装 二.破解 破解工 ...

  4. Ansible varialbes

    1.什么是变量? ​ 以一个固定的字符串,表示一个不固定的值 version: 1.12 2.定义变量? 1.在playbook中定义变量? vars 关键字 [root@manager projec ...

  5. 深度学习-TensorFlow2.0笔记(一)

    一.Tensor 1.1 什么是Tensor?Tensor的数据类型 Tensor是张量的意思,在TensorFlow中张量可以是标量(scalar).向量(vector).矩阵(matrix).高维 ...

  6. Django 简单的验证码

    创建一个 Django 项目:yanzhengma 和 应用 app01 修改 urls.py 文件 from django.contrib import admin from django.urls ...

  7. 队列(Quene)

    对multiprocessing中的Quene进行演示 import multiprocessing """ 队列Quene是mutiprocessing 中 的一个类 ...

  8. 基于Anaconda编译caffe+pycaffe+matcaffe in Ubuntu[不用sudo权限]

    目录 caffe 编译 环境 github下载caffe源码 依赖 修改源码的编译配置 报错 测试使用 pycaffe caffe matcaffe caffe 编译 环境 Ubuntu16.04 C ...

  9. JS中的实例方法、静态方法、实例属性、静态属性

    一.静态方法与实例方法的例子: 我们先来看一个例子来看一下JS中的静态方法和实例方法到底是什么? 静态方法: function A(){} A.col='red'  //静态属性 A.sayMeS=f ...

  10. 解析YAML文件

    YamlMapFactoryBean yamlMapFactoryBean = new YamlMapFactoryBean(); yamlMapFactoryBean.setResources(ne ...