ES service keeps crashing

Elastic Stack Elasticsearch
1

Hi,

Just realised that after I start the service for Elastic it stops running after about 2 minutes. Checked the event logs and see some errors:

Application: elasticsearch.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: Elastic.ProcessHosts.Process.StartupException
at Elastic.ProcessHosts.Process.ProcessBase.HandleException(System.Exception)
at System.Reactive.ObserverBase1[[System.__Canon, mscorlib, Version=[4.0.0.0](https://4.0.0.0/), Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnError(System.Exception) at System.Reactive.Observer1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnError(System.Exception)
at System.Reactive.Linq.ObservableImpl.AsObservable1+_[[System.__Canon, mscorlib, Version=[4.0.0.0](https://4.0.0.0/), Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnError(System.Exception) at System.Reactive.AutoDetachObserver1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnErrorCore(System.Exception)
at System.Reactive.ObserverBase1[[System.__Canon, mscorlib, Version=[4.0.0.0](https://4.0.0.0/), Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnError(System.Exception) at Elastic.ProcessHosts.Process.ObservableProcess+<>c__DisplayClass22_0.<CreateProcessExitSubscription>b__0(System.Reactive.EventPattern1<System.Object>)
at System.Reactive.AnonymousSafeObserver`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].OnNext(System.__Canon)
at System.EventHandler.Invoke(System.Object, System.EventArgs)
at System.Diagnostics.Process.OnExited()
at System.Diagnostics.Process.RaiseOnExited()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading._ThreadPoolWaitOrTimerCallback.PerformWaitOrTimerCallback(System.Object, Boolean)

2nd Error:

Faulting application name: elasticsearch.exe, version: 7.9.2.0, time stamp: 0x5f6ac09d
Faulting module name: KERNELBASE.dll, version: 10.0.17763.1432, time stamp: 0x9b30685b
Exception code: 0xe0434352
Fault offset: 0x0000000000039689
Faulting process id: 0x24c4
Faulting application start time: 0x01d697e4a6848d22
Faulting application path: D:\Elastic\Elastic-7.9.2\7.9.2\bin\elasticsearch.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 979054f3-f60a-40f3-9875-a651c3139d00
Faulting package full name:
Faulting package-relative application ID:

Any thoughts?

2

Would you able to share the logs from elasticsearch?

Elasticsearch logs for windows usually store at %ALLUSERSPROFILE%\Elastic\Elasticsearch\logs

3

Think I found the problem, I have network.host: "0.0.0.0" in the elasticsearch.yml file, and when that is valid, the service crashes, if I # it out, it runs fine.
Would Logstash still be able to send logs to ES even if this field is not working? Logstash is installed on another server

4

Would Logstash still be able to send logs to ES even if this field is not working? Logstash is installed on another server

Sorry I'm not too sure on this.

5

OK cool, what about how to resolve the issue of allowing other servers to access the ES server, as obviously, it defaults to localhost which won't work from another server

6

Can you share your elasticsearch.yml ?

7

Sure:

    bootstrap.memory_lock: false
    cluster.name: Elastic
    http.port: 9200
    node.data: true
    node.ingest: true
    node.master: true
    node.max_local_storage_nodes: 1
    node.name: SV-MSE-ELTC-001
    path.data: D:\Elastic\Elastic-7.9.2\Data
    path.logs: D:\Elastic\Elastic-7.9.2\Logs
    transport.tcp.port: 9300
    xpack.license.self_generated.type: basic
    xpack.security.enabled: false
    #network.host: "0.0.0.0"
8

Sorry, what about the logs?

9

If this is your reddit thread, then it looks like you had server.host in your elasticsearch.yml, which is not a valid setting.

If you have added network.host and it's not working, please provide the Elasticsearch logs.

10

Hi, Thanks, logs are below:

[2020-10-02T11:06:01,706][INFO ][o.e.p.PluginsService     ] [SV-MSE-ELTC-001] no plugins loaded
[2020-10-02T11:06:02,472][INFO ][o.e.e.NodeEnvironment    ] [SV-MSE-ELTC-001] using [1] data paths, mounts [[Elastic (D:)]], net usable_space [196.5gb], net total_space [199.9gb], types [NTFS]
[2020-10-02T11:06:02,472][INFO ][o.e.e.NodeEnvironment    ] [SV-MSE-ELTC-001] heap size [2gb], compressed ordinary object pointers [true]
[2020-10-02T11:06:02,878][INFO ][o.e.n.Node               ] [SV-MSE-ELTC-001] node name [SV-MSE-ELTC-001], node ID [8xNypMzjRF2ZRibK0rgABA], cluster name [Elastic]
[2020-10-02T11:06:07,843][INFO ][o.e.x.m.p.l.CppLogMessageHandler] [SV-MSE-ELTC-001] [controller/6740] [Main.cc@114] controller (64 bit): Version 7.9.2 (Build 6a60f0cf2dd5a5) Copyright (c) 2020 Elasticsearch BV
[2020-10-02T11:06:09,417][INFO ][o.e.t.NettyAllocator     ] [SV-MSE-ELTC-001] creating NettyAllocator with the following configs: [name=elasticsearch_configured, chunk_size=256kb, factors={es.unsafe.use_netty_default_chunk_and_page_size=false, g1gc_enabled=true, g1gc_region_size=1mb}]
[2020-10-02T11:06:09,514][INFO ][o.e.d.DiscoveryModule    ] [SV-MSE-ELTC-001] using discovery type [zen] and seed hosts providers [settings]
[2020-10-02T11:06:09,985][WARN ][o.e.g.DanglingIndicesState] [SV-MSE-ELTC-001] gateway.auto_import_dangling_indices is disabled, dangling indices will not be automatically detected or imported and must be managed manually
[2020-10-02T11:06:10,347][INFO ][o.e.n.Node               ] [SV-MSE-ELTC-001] initialized
[2020-10-02T11:06:10,347][INFO ][o.e.n.Node               ] [SV-MSE-ELTC-001] starting ...
[2020-10-02T11:06:10,585][INFO ][o.e.t.TransportService   ] [SV-MSE-ELTC-001] publish_address {10.103.186.210:9300}, bound_addresses {[::]:9300}
[2020-10-02T11:06:11,057][INFO ][o.e.b.BootstrapChecks    ] [SV-MSE-ELTC-001] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2020-10-02T11:06:11,057][ERROR][o.e.b.Bootstrap          ] [SV-MSE-ELTC-001] node validation exception
[1] bootstrap checks failed
[1]: the default discovery settings are unsuitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured
[2020-10-02T11:06:11,072][INFO ][o.e.n.Node               ] [SV-MSE-ELTC-001] stopping ...
[2020-10-02T11:06:11,081][INFO ][o.e.n.Node               ] [SV-MSE-ELTC-001] stopped
[2020-10-02T11:06:11,081][INFO ][o.e.n.Node               ] [SV-MSE-ELTC-001] closing ...
[2020-10-02T11:06:11,097][INFO ][o.e.n.Node               ] [SV-MSE-ELTC-001] closed
[2020-10-02T11:06:11,097][INFO ][o.e.x.m.p.NativeController] [SV-MSE-ELTC-001] Native controller process has stopped - no new native processes can be started
11 
[1] bootstrap checks failed
[1]: the default discovery settings are unsuitable for production use; at least one of [discovery.seed_hosts, discovery.seed_providers, cluster.initial_master_nodes] must be configured

Please read https://www.elastic.co/guide/en/elasticsearch/reference/current/bootstrap-checks.html

12

Literally just resolved this due to that error, thanks a lot. I added the following into the YML file:

discovery.seed_hosts: []
discovery.type: single-node
1 Like
13

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.