ES 5.2 node validation exception bootstrap checks failed - no other error

Ive hit this error all day and tried all the information I could

My elasticsearch.yml file ES-SERVER ${HOSTNAME}
node.master: true true
transport.tcp.port: 9300 ["SERVER1002","SERVER1003","SERVER1004","SERVER1005"] /appl/elasticsearch

path.logs: /var/log/elasticsearch

#bootstrap.memory_lock: true

http.port: 9200

#discovery.zen.minimum_master_nodes: 3

#gateway.recover_after_nodes: 3

#action.destructive_requires_name: true


[2017-03-08T20:33:06,423][INFO ][o.e.t.TransportService   ] [SERVER1002] publish_address {}, bound_addresses {}
[2017-03-08T20:33:06,429][INFO ][o.e.b.BootstrapChecks    ] [SERVER1002] bound or publishing to a non-loopback or non-link-local address, enforcing bootstrap checks
[2017-03-08T20:33:06,431][ERROR][o.e.b.Bootstrap          ] [SERVER1002] node validation exception
bootstrap checks failed
system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk

No other errors than this

also this is a REAL PHYSICAL cluster - with DNS to resolve hostnmes.

Hence the strict enforcement of boot straping. I need the corect NETWORK settings

Thank you

Please format your code using </> icon as explained in this guide. It will make your post more readable.

Or use markdown style like:


I edited your post.

Did you read ?

Thank you for that making the correction and getting my post moving

Yes I read that, that's basically saying I can bypass the system call.
I have no reason to bypass the system call, I have nothing to hide. You guys are CREATING the call because Im using a REAL ip address - to insure stability of my real cluster, what do I need to do?

This is a legitimate cluster and I understand your concern for my sleeping well at night because of a SOLID configuration. But Its seems the system call is giving an exception without an explanation. That's the issue. God knows I fixed allot of errors on the startup up until this point.

Now its just giving me an meaningless error "check your logs"... I'm reading the log! - this error is IN the log!
I want this to operate as a 4 node physical cluster, and I just need the configuration to make that happen.

In previous ES 2.4 the clustering just happened and was MUCH easier to setup. I promoted it as such.
I know you guys are tightening everything down to make it more robust, but you really need to include a more descriptive/useful config file. Even the links in the config file don't work and 50% of the settings are deprecated.

So, can you guys from elastic help me get this working. Essentially, my nodes cant see each other and I can only startup if I use a loop back address, which I have NO reason to do.

I have REAL route able ip addresses and REAL hosts and am setting this up as a POV. I need a REAL configuration per your new standards.
For the record this is a physical 4 node cluster running RHEL Server release 6.8

It's there, it's higher in the logs.

You need to check higher in the logs. You'll see something like:

[2017-02-01T10:46:10,639][WARN ][o.e.b.JNANatives         ] unable to install syscall filter:
java.lang.UnsupportedOperationException: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
        at org.elasticsearch.bootstrap.SystemCallFilter.linuxImpl( ~[elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.bootstrap.SystemCallFilter.init( ~[elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.bootstrap.JNANatives.tryInstallSystemCallFilter( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.bootstrap.Natives.tryInstallSystemCallFilter( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.bootstrap.Bootstrap.initializeNatives( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.bootstrap.Bootstrap.setup( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.bootstrap.Bootstrap.init( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.bootstrap.Elasticsearch.init( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.bootstrap.Elasticsearch.execute( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.cli.SettingCommand.execute( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.cli.Command.mainWithoutErrorHandling( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.cli.Command.main( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.bootstrap.Elasticsearch.main( [elasticsearch-5.2.0.jar:5.2.0]
        at org.elasticsearch.bootstrap.Elasticsearch.main( [elasticsearch-5.2.0.jar:5.2.0]

This is telling you why the system call filter failed to install. The docs that @dadoonet pointed you to explain the purpose of this check. You can either address whatever log message you have similar to the above, or just skip the system call filter check by setting bootstrap.system_call_filter to false.

I want to fix this. Which link in the config file does not work?

I want to fix this. Which settings in the config file are deprecated?

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.