Now we can't get elasticsearch to start wtih the following error:
Jul 9 16:56:59 [localhost] systemd: Failed at step EXEC spawning /usr/share/elasticsearch/bin/elasticsearch: Exec format error
Can anyone point me in the right direction to troubleshoot? We have 2 nodes in the cluster with the same issue and the same config, but different ips and node name
I was able to get this to at least start by using our own certificate for our organization, but I am getting SSL received a record that axceeded the maximum length. I think I have a configuration issue, but I am not sure where, here is the relevant configuration we have at the moment.
The issue was a combination of incorrect SSL certs, and also the way that I was trying to curl elastic on 9200.
Some things to keep in mind are understanding SSL certs, and then once it should be working, make sure to query elastic with https://fqdn:9200/ rather than http or localhost or the ip address. It is also worth noting the difference between xpack.security.transport and xpack.security.http settings, which is pretty clear in the documentation if you read thoroughly instead of skimming.
Still not sure how to get it working with your own CA, although I suspect I had it working but was querying elasticsearch incorrectly =0
For us it is easier / better to just use our normal certs anyway.
Also worth noting it is a better practice to use 3 nodes instead of 2, but all I could afford at the time of making the cluster was 2 servers with 2x Intel(R) Xeon(R) CPU E5-2643 v2 @ 3.50GHz and 64GB of RAM each, but so far, even when we add our netflow data they are able to handle a lot of data. Still, once I get my way we will be adding one more of these to the cluster, since with netflow data rolling in it puts both of these boxes at 60% CPU utilization on average.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
