Impossible de collecter des données Elasticsearch No Shard Available Action Exception

ROok · August 7, 2019, 2:07pm

Bonjour,
En fait lorsque j'essaie de collecter des données sur logstash, ils arrivent pas sur elasticsearch et j'obtient l'erreur suivante dans elasticsearch.log :

[r.suppressed ] [mondomaine.fr] path: /.kibana/_doc/space%3Adefault, params: {index=.kibana, id=space:default}
org.elasticsearch.action.NoShardAvailableActionException: No shard available for [get [.kibana][_doc][space:default]: routing [null]]

Alors que quand je fais un systemctl status elasticsearch il me montre pas d'erreur ni sur elasticsearch ni sur logstash . Sachant que j'arrivais bien à collecter des données.
sur logstash j'obtient cela :

Sending Logstash logs to /var/log/logstash which is now configured via log4j2.properties
[2019-08-07T15:32:02,489][WARN ][logstash.config.source.multilocal] Ignoring the 'pipelines.yml' file because modules or command line options are specified
[2019-08-07T15:32:02,611][INFO ][logstash.runner ] Starting Logstash {"logstash.version"=>"7.1.1"}
[2019-08-07T15:32:31,172][INFO ][logstash.outputs.elasticsearch] Elasticsearch pool URLs updated {:changes=>{:removed=>, :added=>[http://localhost:9200/]}}
[2019-08-07T15:32:31,571][WARN ][logstash.outputs.elasticsearch] Restored connection to ES instance {:url=>"http://localhost:9200/"}
[2019-08-07T15:32:31,854][INFO ][logstash.outputs.elasticsearch] ES Output version determined {:es_version=>7}
[2019-08-07T15:32:31,861][WARN ][logstash.outputs.elasticsearch] Detected a 6.x and above cluster: the type event field won't be used to determine the document _type {:es_version=>7}
[2019-08-07T15:32:31,951][INFO ][logstash.outputs.elasticsearch] New Elasticsearch output {:class=>"LogStash::Outputs::ElasticSearch", :hosts=>["//localhost:9200"]}
[2019-08-07T15:32:31,968][INFO ][logstash.outputs.elasticsearch] Using default mapping template
[2019-08-07T15:32:32,095][INFO ][logstash.javapipeline ] Starting pipeline {:pipeline_id=>"main", "pipeline.workers"=>2, "pipeline.batch.size"=>125, "pipeline.batch.delay"=>50, "pipeline.max_inflight"=>250, :thread=>"#<Thread:0x5101b747 run>"}
[2019-08-07T15:32:32,326][INFO ][logstash.outputs.elasticsearch] Attempting to install template {:manage_template=>{"index_patterns"=>"logstash-", "version"=>60001, "settings"=>{"index.refresh_interval"=>"5s", "number_of_shards"=>1}, "mappings"=>{"dynamic_templates"=>[{"message_field"=>{"path_match"=>"message", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false}}}, {"string_fields"=>{"match"=>"", "match_mapping_type"=>"string", "mapping"=>{"type"=>"text", "norms"=>false, "fields"=>{"keyword"=>{"type"=>"keyword", "ignore_above"=>256}}}}}], "properties"=>{"@timestamp"=>{"type"=>"date"}, "@version"=>{"type"=>"keyword"}, "geoip"=>{"dynamic"=>true, "properties"=>{"ip"=>{"type"=>"ip"}, "location"=>{"type"=>"geo_point"}, "latitude"=>{"type"=>"half_float"}, "longitude"=>{"type"=>"half_float"}}}}}}}
[2019-08-07T15:32:33,235][INFO ][logstash.inputs.file ] No sincedb_path set, generating one based on the "path" setting {:sincedb_path=>"/var/lib/logstash/plugins/inputs/file/.sincedb_b48f39ed4259efb6b2b0c39cd2786443", :path=>["/home/osadmin/test"]}
[2019-08-07T15:32:33,292][INFO ][logstash.javapipeline ] Pipeline started {"pipeline.id"=>"main"}
[2019-08-07T15:32:33,512][INFO ][filewatch.observingtail ] START, creating Discoverer, Watch with file and sincedb collections
[2019-08-07T15:32:33,621][INFO ][logstash.agent ] Pipelines running {:count=>1, :running_pipelines=>[:main], :non_running_pipelines=>}
[2019-08-07T15:32:35,169][INFO ][logstash.agent ] Successfully started Logstash API endpoint {:port=>9600}

J'aimerais bien comprendre d'où vient cette erreur et comment la corriger.

Je vous remercie par avance

ylasri · August 7, 2019, 2:13pm

Peux tu partager les logs de la commande suivante

GET _cat/shards?v
our directement via http://localhost:9200/_cat/shards?v

Aussi cette commande

POST _cluster/allocation/explain 
{
  "index": ".kibana",
  "shard": 0,
  "primary": true
}

ROok · August 7, 2019, 2:34pm

Salut Yassine ,
Merci pour le retour

Donc voici le resultat des commandes
http:/localhost:9200/_cat/shards?v

index .monitoring-es-7-2019.08.07 filebeat-7.1.1-2019.07.26 filebeat-7.1.1-2019.07.26 .monitoring-kibana-7-2019.08.06 0 .monitoring-kibana-7-2019.08.01 0 .monitoring-es-7-2019.08.04 .monitoring-kibana-7-2019.08.02 0 .monitoring-es-7-2019.08.05 .kibana_task_manager .monitoring-es-7-2019.08.01 .monitoring-kibana-7-2019.08.05 0 .monitoring-es-7-2019.08.06 filebeat-7.1.1-2019.07.17 filebeat-7.1.1-2019.07.17 .monitoring-kibana-7-2019.08.07 0 kibana_sample_data_flights .monitoring-es-7-2019.08.03 .monitoring-kibana-7-2019.08.03 0 filebeat-7.1.1-2019.07.31 filebeat-7.1.1-2019.07.31 filebeat-7.1.1-2019.07.18 filebeat-7.1.1-2019.07.18 .monitoring-es-7-2019.08.02 .kibana_1 .monitoring-kibana-7-2019.08.04 0 filebeat-7.1.1-2019.07.30 filebeat-7.1.1-2019.07.30 filebeat-7.1.1-2019.07.25 filebeat-7.1.1-2019.07.25 shard prirep state docs store ip node
0 p STARTED 140101 123.7mb localhost elk.labgei.fr
0 p STARTED 853 4.4mb localhost elk.labgei.fr
0 r UNASSIGNED
p STARTED 8639 1.9mb localhost elk.labgei.fr
p STARTED 8639 2mb localhost elk.labgei.fr
0 p STARTED 251350 123.3mb localhost elk.labgei.fr
p STARTED 8639 2mb localhost elk.labgei.fr
0 p STARTED 267186 145.6mb localhost elk.labgei.fr
0 p STARTED 2 46.4kb localhost elk.labgei.fr
0 p STARTED 234074 137.8mb localhost elk.labgei.fr
p STARTED 8635 1.9mb localhost elk.labgei.fr
0 p STARTED 260908 130.6mb localhost elk.labgei.fr
0 p STARTED 288789 151.6mb localhost elk.labgei.fr
0 r UNASSIGNED
p STARTED 5129 1.9mb localhost elk.labgei.fr
0 p STARTED 13059 6.5mb localhost elk.labgei.fr
0 p STARTED 251320 123.6mb localhost elk.labgei.fr
p STARTED 8639 1.9mb localhost elk.labgei.fr
0 p STARTED 1 55.8kb localhost elk.labgei.fr
0 r UNASSIGNED
0 p STARTED 378585 196.1mb localhost elk.labgei.fr
0 r UNASSIGNED
0 p STARTED 250655 125.9mb localhost elk.labgei.fr
0 p STARTED 69 115.9kb localhost elk.labgei.fr
p STARTED 8638 1.9mb localhost elk.labgei.fr
0 p STARTED 1626 1.1mb localhost elk.labgei.fr
0 r UNASSIGNED
0 p STARTED 1747 1.6mb localhost elk.labgei.fr
0 r UNASSIGNED

Pour la commande POST _cluster/allocation/explain

{"index":"filebeat-7.1.1-2019.07.26","shard":0,"primary":false,"current_state":"unassigned","unassigned_info":{"reason":"CLUSTER_RECOVERED","at":"2019-08-07T08:08:27.490Z","last_allocation_status":"no_attempt"},"can_allocate":"no","allocate_explanation":"cannot allocate because allocation is not permitted to any of the nodes","node_allocation_decisions":[{"node_id":"wt1E07FYQ9KryRA0gBhnxA","node_name":"elk.labgei.fr","transport_address":"localhost:9300","node_attributes":{"ml.machine_memory":"3973926912","xpack.installed":"true","ml.max_open_jobs":"20"},"node_decision":"no","deciders":[{"decider":"same_shard","decision":"NO","explanation":"the shard cannot be allocated to the same node on which a copy of the shard already exists [[filebeat-7.1.1-2019.07.26][0], node[wt1E07FYQ9KryRA0gBhnxA], [P], s[STARTED], a[id=oG6Z52rETN62gp2QG640Zg]]"}]}]}curl: (3) [globbing] unmatched brace at pos 2
curl: (6) Could not resolve host: index; Name or service not known
curl: (6) Could not resolve host: .kibana,; Name or service not known
bash: shard:: command not found
bash: primary:: command not found

ylasri · August 7, 2019, 3:09pm

Peux-tu décrire votre cluster (combien de noeuds, shards, replicas, ...) ?

ROok · August 8, 2019, 7:24am

Voici la description du cluster

{
"cluster_name" : "elasticsearch",
"status" : "yellow",
"timed_out" : false,
"number_of_nodes" : 1,
"number_of_data_nodes" : 1,
"active_primary_shards" : 23,
"active_shards" : 23,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 6,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 79.3103448275862
}

C'est cela que j'obtient aussi sur elasticsearch.log si ça peu être utile

[2019-08-07T10:08:28,706][WARN ][r.suppressed ] [elk.labgei.fr] path: /.kibana/_doc/space%3Adefault, params: {index=.kibana, id=space:default}
org.elasticsearch.action.NoShardAvailableActionException: No shard available for [get [.kibana][_doc][space:default]: routing [null]]
at org.elasticsearch.action.support.single.shard.TransportSingleShardAction$AsyncSingleAction.perform(TransportSingleShardAction.java:233) ~[elasticsearch-7.1.1.jar:7.1.1]
at org.elasticsearch.action.support.single.shard.TransportSingleShardAction$AsyncSingleAction.start(TransportSingleShardAction.java:210) ~[elasticsearch-7.1.1.jar:7.1.1]
at org.elasticsearch.action.support.single.shard.TransportSingleShardAction.doExecute(TransportSingleShardAction.java:103) ~[elasticsearch-7.1.1.jar:7.1.1]
at org.elasticsearch.action.support.single.shard.TransportSingleShardAction.doExecute(TransportSingleShardAction.java:62) ~[elasticsearch-7.1.1.jar:7.1.1]
at org.elasticsearch.action.support.TransportAction$RequestFilterChain.proceed(TransportAction.java:145) ~[elasticsearch-7.1.1.jar:7.1.1]
at org.elasticsearch.xpack.security.action.filter.SecurityActionFilter.apply(SecurityActionFilter.java:123) ~[?:?]
at org.elasticsearch.action.support.TransportAction$RequestFilterChain.proceed(TransportAction.java:143) ~[elasticsearch-7.1.1.jar:7.1.1]

Merci !

system · September 5, 2019, 7:24am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.