Falied to start Elasticsearch to my group volumes

MonkeyD.J · February 14, 2023, 5:55pm

Hello,

Mrs,Mr,

I try to start Elasticsearch on my volum group.
So I am on a debian 11.3 and I install java jre1.8.0_121.
I Install the version elastick 7.17.6 amd64.deb on my folder with this command
dpkg -x /applis/sources/elasticsearch-7.17.6-amd64.deb /applis/elasticsearch/ and I modify all this files "you can see below"

applis/elasticsearch/etc/elasticsearch/elasticsearch.yml

# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
#       Before you set out to tweak and tune the configuration, make sure you
#       understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
cluster.name: ELK-CLUSTER
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
node.name: ELK-nODE-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
#path.data: /var/lib/elasticsearch
path.data: /applis/elasticsearch/var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /applis/elasticsearch/var/log/elasticsearch

#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
#network.host: 192.168.0.1
network.host: 192.168.1.1
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
#http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
#discovery.seed_hosts: ["host1", "host2"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
#
# ---------------------------------- Security ----------------------------------
#
#                                 *** WARNING ***
#
# Elasticsearch security features are not enabled by default.
# These features are free, but require configuration changes to enable them.
# This means that users donâ€™t have to provide credentials and can get full access
# to the cluster. Network connections are also not encrypted.
#
# To protect your data, we strongly encourage you to enable the Elasticsearch security features. 
# Refer to the following documentation for instructions.
#
# https://www.elastic.co/guide/en/elasticsearch/reference/7.16/configuring-stack-security.html

/applis/elasticseearch/usr/lib/systemd/system/elasticsearch.service

[Unit]
Description=Elasticsearch
Documentation=https://www.elastic.co
Wants=network-online.target
After=network-online.target

[Service]
Type=notify
RuntimeDirectory=elasticsearch
PrivateTmp=true
Environment=ES_HOME=/applis/elasticsearch/usr/share/elasticsearch
Environment=ES_PATH_CONF=/applis/elasticsearch/etc/elasticsearch
Environment=PID_DIR=/applis/elasticsearch/var/run/elasticsearch
Environment=ES_SD_NOTIFY=true
EnvironmentFile=-/applis/elasticsearch/etc/default/elasticsearch

WorkingDirectory=/applis/eleasticsearch/usr/share/elasticsearch

User=elasticsearch
Group=elasticsearch

ExecStart=/applis/elasticsearch/usr/share/elasticsearch/bin/systemd-entrypoint -p ${PID_DIR}/elasticsearch.pid --quiet

# StandardOutput is configured to redirect to journalctl since
# some error messages may be logged in standard output before
# elasticsearch logging system is initialized. Elasticsearch
# stores its logs in /var/log/elasticsearch and does not use
# journalctl by default. If you also want to enable journalctl
# logging, you can simply remove the "quiet" option from ExecStart.
StandardOutput=journal
StandardError=inherit

# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=65535

# Specifies the maximum number of processes
LimitNPROC=4096

# Specifies the maximum size of virtual memory
LimitAS=infinity

# Specifies the maximum file size
LimitFSIZE=infinity

# Disable timeout logic and wait until process is stopped
TimeoutStopSec=0

# SIGTERM signal is used to stop the Java process
KillSignal=SIGTERM

# Send the signal only to the JVM rather than its control group
KillMode=process

# Java process is never killed
SendSIGKILL=no

# When a JVM receives a SIGTERM signal it exits with code 143
SuccessExitStatus=143

# Allow a slow startup before the systemd notifier module kicks in to extend the timeout
TimeoutStartSec=75

[Install]
WantedBy=multi-user.target

# Built for packages-7.17.6 (packages)

I create a symblic link with my /applis/elasticseearch/usr/lib/systemd/system/elasticsearch.service on my system in the folder /usr/lib/systemd/system/ I give a right but when I try start the elasticsearch service I have a error

● elasticsearch.service - Elasticsearch
     Loaded: loaded (/applis/elasticsearch/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Tue 2023-02-14 18:44:52 CET; 2s ago
       Docs: https://www.elastic.co
    Process: 10940 ExecStart=/applis/elasticsearch/usr/share/elasticsearch/bin/systemd-entrypoint -p ${PID_DIR}/elasticsearch.pid --quiet (code=exited, status=200/CHDIR)
   Main PID: 10940 (code=exited, status=200/CHDIR)
        CPU: 6ms

févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: User lookup succeeded: uid=1001 gid=1001
févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: Child 10940 belongs to elasticsearch.service.
févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: Main process exited, code=exited, status=200/CHDIR
févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: Service will not restart (restart setting)
févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: Changed start -> failed
févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: Job 9885 elasticsearch.service/start finished, result=failed
févr. 14 18:44:52 ELK systemd[1]: Failed to start Elasticsearch.
févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: Unit entered failed state.
févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: Consumed 6ms CPU time.

févr. 14 18:44:52 ELK systemd[1]: Sent message type=signal sender=org.freedesktop.systemd1 destination=n/a path=/org/freedesktop/systemd1/unit/elasticsearch_2eservice interface=org.freedesktop.D>
févr. 14 18:44:52 ELK systemd[1]: Sent message type=signal sender=org.freedesktop.systemd1 destination=n/a path=/org/freedesktop/systemd1/unit/elasticsearch_2eservice interface=org.freedesktop.D>
févr. 14 18:44:52 ELK systemd[1]: Sent message type=signal sender=n/a destination=n/a path=/org/freedesktop/systemd1/unit/elasticsearch_2eservice interface=org.freedesktop.DBus.Properties member>
févr. 14 18:44:52 ELK systemd[1]: Sent message type=signal sender=n/a destination=n/a path=/org/freedesktop/systemd1/unit/elasticsearch_2eservice interface=org.freedesktop.DBus.Properties member>
févr. 14 18:44:52 ELK systemd[1]: Sent message type=signal sender=org.freedesktop.systemd1 destination=n/a path=/org/freedesktop/systemd1 interface=org.freedesktop.systemd1.Manager member=JobRem>
févr. 14 18:44:52 ELK systemd[1]: Sent message type=signal sender=n/a destination=n/a path=/org/freedesktop/systemd1 interface=org.freedesktop.systemd1.Manager member=JobRemoved cookie=8222 repl>
févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: Unit entered failed state.
févr. 14 18:44:52 ELK systemd[1]: elasticsearch.service: Consumed 6ms CPU time.
░░ Subject: Ressources consommées durant l'éxécution de l'unité (unit)
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ L'unité (unit) elasticsearch.service s'est arrêtée et a consommé les ressources indiquées.
févr. 14 18:44:52 ELK systemd[1]: Spawning thread to nuke /tmp/systemd-private-2f63cc34ab7949d48067d18fcc4d87ec-elasticsearch.service-4W9Raf
févr. 14 18:44:52 ELK systemd[1]: Spawning thread to nuke /var/tmp/systemd-private-2f63cc34ab7949d48067d18fcc4d87ec-elasticsearch.service-JCopGh
févr. 14 18:44:52 ELK systemd[1]: Sent message type=signal sender=org.freedesktop.systemd1 destination=n/a path=/org/freedesktop/systemd1/unit/elasticsearch_2eservice interface=org.freedesktop.D>
févr. 14 18:44:52 ELK systemd[1]: Sent message type=signal sender=org.freedesktop.systemd1 destination=n/a path=/org/freedesktop/systemd1/unit/elasticsearch_2eservice interface=org.freedesktop.D>
févr. 14 18:44:52 ELK systemd[1]: Sent message type=signal sender=n/a destination=n/a path=/org/freedesktop/systemd1/unit/elasticsearch_2eservice interface=org.freedesktop.DBus.Properties member>
févr. 14 18:44:52 ELK systemd[1]: Sent message type=signal sender=n/a destination=n/a path=/org/freedesktop/systemd1/unit/elasticsearch_2eservice interface=org.freedesktop.DBus.Properties member>
févr. 14 18:44:52 ELK systemd[1]: Got message type=method_call sender=n/a destination=org.freedesktop.systemd1 path=/org/freedesktop/systemd1/unit/elasticsearch_2eservice interface=org.freedeskt>
févr. 14 18:44:52 ELK systemd[1]: SELinux access check scon=system_u:system_r:kernel_t:s0 tcon=system_u:object_r:unlabeled_t:s0 tclass=service perm=status state=permissive path=/applis/elasticse>
févr. 14 18:44:52 ELK systemd[1]: Sent message type=method_return sender=org.freedesktop.systemd1 destination=n/a path=n/a interface=n/a member=n/a cookie=21 reply_cookie=4 signature=v error-nam>
févr. 14 18:44:52 ELK systemd[1]: Bus private-bus-connection: changing state RUNNING → CLOSING
févr. 14 18:44:52 ELK systemd[1]: Bus private-bus-connection: changing state CLOSING → CLOSED
févr. 14 18:44:52 ELK systemd[1]: Got disconnect on private connection.
févr. 14 18:44:55 ELK systemd[1]: Bus private-bus-connection: changing state UNSET → OPENING
févr. 14 18:44:55 ELK systemd[1]: sd-bus: starting bus private-bus-connection on fds 31/31 (socket:[270233], socket:[270233])...
févr. 14 18:44:55 ELK systemd[1]: Bus private-bus-connection: changing state OPENING → AUTHENTICATING
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1 iface=org.freedesktop.systemd1.Manager
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/job iface=org.freedesktop.systemd1.Job
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Unit
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Automount
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Device
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Mount
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Path
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Scope
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Service
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Slice
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Socket
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Swap
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Target
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/systemd1/unit iface=org.freedesktop.systemd1.Timer
févr. 14 18:44:55 ELK systemd[1]: Registering bus object implementation for path=/org/freedesktop/LogControl1 iface=org.freedesktop.LogControl1
févr. 14 18:44:55 ELK systemd[1]: Accepted new private connection.
févr. 14 18:44:55 ELK systemd[1]: Bus private-bus-connection: changing state AUTHENTICATING → RUNNING
févr. 14 18:44:55 ELK systemd[1]: Got message type=method_call sender=n/a destination=org.freedesktop.systemd1 path=/org/freedesktop/systemd1/unit/elasticsearch_2eservice interface=org.freedeskt>
févr. 14 18:44:55 ELK systemd[1]: SELinux access check scon=system_u:system_r:kernel_t:s0 tcon=system_u:object_r:unlabeled_t:s0 tclass=service perm=status state=permissive path=/applis/elasticse>
févr. 14 18:44:55 ELK systemd[1]: Failed to read pids.max attribute of cgroup root, ignoring: No data available
févr. 14 18:44:55 ELK systemd[1]: Sent message type=method_return sender=org.freedesktop.systemd1 destination=n/a path=n/a interface=n/a member=n/a cookie=1 reply_cookie=1 signature=a{sv} error->
févr. 14 18:44:55 ELK systemd[1]: Bus private-bus-connection: changing state RUNNING → CLOSING
févr. 14 18:44:55 ELK systemd[1]: Bus private-bus-connection: changing state CLOSING → CLOSED
févr. 14 18:44:55 ELK systemd[1]: Got disconnect on private connection.
févr. 14 18:45:50 ELK systemd[1]: systemd-udevd.service: Got notification message from PID 412 (WATCHDOG=1)
févr. 14 18:46:40 ELK systemd[1]: systemd-logind.service: Got notification message from PID 642 (WATCHDOG=1)
févr. 14 18:46:40 ELK systemd[1]: systemd-journald.service: Got notification message from PID 390 (WATCHDOG=1)

Have you an idea why the service elasticsearch don't start ?
Thanks your help
Sorry in order to the spelling.

leandrojmp · February 14, 2023, 6:07pm

You need to share more logs, the logs you shared doesn't have enough information about why the service could not start.

Try to start it again to generate new logs and share the logs related to that interval of time when it failed.

MonkeyD.J · February 15, 2023, 9:29am

Hello,

Leandrojmp,

Thanks to reply me.
how can I see a logs ?
Because when I start elasticsearch I have this message

Job for elasticsearch.service failed because the control process exited with error code.
See "systemctl status elasticsearch.service" and "journalctl -xe" for details.

So I already send you the status of my service and the journalctle -xe in my first post.
I have configure on my path.logs in my file elasticsearch.yml but when I see the folder I have nothing.

leandrojmp · February 15, 2023, 1:40pm

You need to look directly on the file, /var/log/messages or /var/log/syslog depending on the system.

I would recommend that you try to start again to get fresh logs and look at those files.

MonkeyD.J · February 15, 2023, 1:56pm

I start again and I have this.

/var/log/syslog

root@ELK:/usr# tail -f /var/log/syslog
Feb 15 14:50:38 SELK systemd[1]: varlink-31: varlink: setting state idle-server
Feb 15 14:50:38 ELK systemd[1]: varlink-31: New incoming message: {"method":"io.systemd.UserDatabase.GetUserRecord","parameters":{"userName":"*","service":"io.systemd.DynamicUser"}}
Feb 15 14:50:38 ELK systemd[1]: varlink-31: varlink: changing state idle-server → processing-method
Feb 15 14:50:38 ELK systemd[1]: varlink-31: Sending message: {"error":"io.systemd.UserDatabase.NoRecordFound","parameters":{}}
Feb 15 14:50:38 ELK systemd[1]: varlink-31: varlink: changing state processing-method → processed-method
Feb 15 14:50:38 ELK systemd[1]: varlink-31: varlink: changing state processed-method → idle-server
Feb 15 14:50:38 ELK systemd[1]: varlink-31: Got POLLHUP from socket.
Feb 15 14:50:38 ELK systemd[1]: varlink-31: varlink: changing state idle-server → pending-disconnect
Feb 15 14:50:38 ELK systemd[1]: varlink-31: varlink: changing state pending-disconnect → processing-disconnect
Feb 15 14:50:38 ELK systemd[1]: varlink-31: varlink: changing state processing-disconnect → disconnected

/var/log/syslog

root@ELK:/usr# tail -f /var/log/messages
Feb 12 00:10:50 ELK rsyslogd: [origin software="rsyslogd" swVersion="8.2102.0" x-pid="641" x-info="https://www.rsyslog.com"] rsyslogd was HUPed
Feb 15 00:10:50 ELK rsyslogd: [origin software="rsyslogd" swVersion="8.2102.0" x-pid="641" x-info="https://www.rsyslog.com"] rsyslogd was HUPed

You think it's possible to start and install elasticsearch on my group volumes.
I think remove my package and install elasticsearch.

warkolm · February 15, 2023, 9:27pm

Welcome to our community!

This path should contain Elasticsearch logs with more information.

MonkeyD.J · February 17, 2023, 8:05am

Hello,

thansk to help me warkolm,

I have nothing when I start this service in my folder

/applis/elasticsearch/var/log/elasticsearch

I do a chmod 777 on the directory
I try to change elasticsearch with elasticsearch.log but I have a same issue.
I haven't log in my folder /applis/elasticsearch/var/log/elasticsearch

MonkeyD.J · February 22, 2023, 5:04pm

Hello,
Someone, I have an idea in order to my issue.
Thanks

MonkeyD.J · March 7, 2023, 10:58am

Hello,
someone I have an idea please.
I think install Elasticsearch on my system and create a link symbolic between my system and my group volumes.
Thanks

leandrojmp · March 7, 2023, 12:17pm

Hello,

As already asked you need to share logs that shows why the elasticsearch service is not running, the logs you shared doesn't have this information it is impossible to know what maybe the issue and help you without logs that can give some hint.

Look on your system for Elasticsearch logs and also system logs on the range when you tried to start elasticsearch that reference the elasticsearch service.

system · April 4, 2023, 12:18pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.