Elasticsearch returns virtual memory and thread size error even if it is set in Linux


Below is the cat of my /etc/security/limits.conf file

#*               soft    core            0
#*               hard    rss             10000
#@student        hard    nproc           20
#@faculty        soft    nproc           20
#@faculty        hard    nproc           50
#ftp             hard    nproc           0
#@student        -       maxlogins       4
* hard nofile 262144
* hard nproc 2048
* hard as unlimited

but I am getting the following error when I start elasticsearch

ERROR: bootstrap checks failed
max number of threads [1024] for user [user1] likely too low, increase to at least [2048]
max virtual memory areas vm.max_map_count [65536] likely too low, increase to at least [262144]

I run elasticsearch 5.0GA. How can I fix this?

This is all documented here: https://www.elastic.co/guide/en/elasticsearch/reference/5.0/bootstrap-checks.html

I have gone through it. Its from there, i found settings for nofile, nproc, and as

You may want to set the soft limit as well as the hard limit.

1 Like

same issue with setting;

* hard nofile 262144
* hard nproc 2048
* hard as unlimited
* soft nofile 262144
* soft nproc 2048
* soft as unlimited

Hi, I have set even both hard and soft settings. Still no hope.

Which package have you used to install Elasticsearch? Which linux distribution you are using?

Elasticsearch: Version: 5.0.0, Build: 253032b/2016-10-26T04:37:51.531Z, JVM: 1.8.0_102
OS: CentOS release 6.6 (Final)

So I assume this is the RPM you are using. Have you also checked the information on https://www.elastic.co/guide/en/elasticsearch/reference/5.0/setting-system-settings.html? It mentions special cases for sytems that use systemd. Don't know if that applies here though.

I have added session required pam_limits.so , still issue exists.

Check Redhat Linux / Centos 6.6. documentation. There you can find that using * (wildcard user) in /etc/security/limits.conf does work, but with mixed results, because settings can be overridden by configurations in /etc/security/limits.d/*.conf

So, the safest and preferable way is always to use the user name in the lines of /etc/security/limits.conf


Also, in order for the modified limits to be picked up, make sure you log out and log back in with the user that is running elasticsearch (seems to be user1 in your case, not the default elasticsearch user?). You can cat /proc/$$/limits before logging out and logging in again to see if the new limits where picked up.

1 Like


Thank you all guys, the settings came active after a restart and I have set username instead of * for all rules. Also I have set the rules for root too. This solved the issue.

1 Like