Installation issues on Debian 10 virtual environment

Hi,

I am installing Elasticsearch on a Debian 10 virtual environment.
According to the /data/log/elasticsearch/xxx.log the start process fails with the following response:

    [2020-04-23T11:00:20,586][WARN ][o.e.b.JNANatives         ] [pmsingest01] unable to install syscall filter:
    java.lang.UnsupportedOperationException: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
            at org.elasticsearch.bootstrap.SystemCallFilter.linuxImpl(SystemCallFilter.java:342) ~[elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.bootstrap.SystemCallFilter.init(SystemCallFilter.java:617) ~[elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.bootstrap.JNANatives.tryInstallSystemCallFilter(JNANatives.java:260) [elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.bootstrap.Natives.tryInstallSystemCallFilter(Natives.java:113) [elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:110) [elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:172) [elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:349) [elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:170) [elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:161) [elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) [elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:125) [elasticsearch-cli-7.6.2.jar:7.6.2]
            at org.elasticsearch.cli.Command.main(Command.java:90) [elasticsearch-cli-7.6.2.jar:7.6.2]
            at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:126) [elasticsearch-7.6.2.jar:7.6.2]
            at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92) [elasticsearch-7.6.2.jar:7.6.2]
    [2020-04-23T11:00:20,783][INFO ][o.e.e.NodeEnvironment    ] [pmsingest01] using [1] data paths, mounts [[/data (/dev/mapper/vg01-data)]], net usable_space [8.2gb], net total_space [8.7gb], types [ext4]
    [2020-04-23T11:00:20,785][INFO ][o.e.e.NodeEnvironment    ] [pmsingest01] heap size [3.9gb], compressed ordinary object pointers [true]
    [2020-04-23T11:00:20,922][INFO ][o.e.n.Node               ] [pmsingest01] node name [pmsingest01], node ID [QbqBshCZQ0aduoJEUNvFkA], cluster name [digi-pms]
    [2020-04-23T11:00:20,923][INFO ][o.e.n.Node               ] [pmsingest01] version[7.6.2], pid[8021], build[default/deb/ef48eb35cf30adf4db14086e8aabd07ef6fb113f/2020-03-26T06:34:37.794943Z], OS[Linux/4.4.109-grsec-D64-S011/amd64], JVM[AdoptOpenJDK/OpenJDK 64-Bit Server VM/13.0.2/13.0.2+8]
    [2020-04-23T11:00:20,923][INFO ][o.e.n.Node               ] [pmsingest01] JVM home [/usr/share/elasticsearch/jdk]
    [2020-04-23T11:00:20,924][INFO ][o.e.n.Node               ] [pmsingest01] JVM arguments [-Des.networkaddress.cache.ttl=60, -Des.networkaddress.cache.negative.ttl=10, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -XX:-OmitStackTraceInFastThrow, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dio.netty.allocator.numDirectArenas=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Djava.locale.providers=COMPAT, -Xms4g, -Xmx4g, -XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -Djava.io.tmpdir=/data/tmp/elasticsearch, -XX:+HeapDumpOnOutOfMemoryError, -XX:HeapDumpPath=/var/lib/elasticsearch, -XX:ErrorFile=/var/log/elasticsearch/hs_err_pid%p.log, -Xlog:gc*,gc+age=trace,safepoint:file=/var/log/elasticsearch/gc.log:utctime,pid,tags:filecount=32,filesize=64m, -XX:MaxDirectMemorySize=2147483648, -Des.path.home=/usr/share/elasticsearch, -Des.path.conf=/etc/elasticsearch, -Des.distribution.flavor=default, -Des.distribution.type=deb, -Des.bundled_jdk=true]
    [2020-04-23T11:00:22,782][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [aggs-matrix-stats]
    [2020-04-23T11:00:22,782][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [analysis-common]
    [2020-04-23T11:00:22,783][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [flattened]
    [2020-04-23T11:00:22,783][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [frozen-indices]
    [2020-04-23T11:00:22,783][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [ingest-common]
    [2020-04-23T11:00:22,783][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [ingest-geoip]
    [2020-04-23T11:00:22,783][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [ingest-user-agent]
    [2020-04-23T11:00:22,784][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [lang-expression]
    [2020-04-23T11:00:22,784][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [lang-mustache]
    [2020-04-23T11:00:22,784][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [lang-painless]
    [2020-04-23T11:00:22,784][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [mapper-extras]
    [2020-04-23T11:00:22,784][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [parent-join]
    [2020-04-23T11:00:22,785][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [percolator]
    [2020-04-23T11:00:22,785][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [rank-eval]
    [2020-04-23T11:00:22,785][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [reindex]
    [2020-04-23T11:00:22,785][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [repository-url]
    [2020-04-23T11:00:22,786][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [search-business-rules]
    [2020-04-23T11:00:22,786][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [spatial]
    [2020-04-23T11:00:22,786][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [systemd]
    [2020-04-23T11:00:22,786][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [transform]
    [2020-04-23T11:00:22,786][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [transport-netty4]
    [2020-04-23T11:00:22,787][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [vectors]
    [2020-04-23T11:00:22,787][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-analytics]
    [2020-04-23T11:00:22,787][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-ccr]
    [2020-04-23T11:00:22,787][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-core]
    [2020-04-23T11:00:22,787][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-deprecation]
    [2020-04-23T11:00:22,788][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-enrich]
    [2020-04-23T11:00:22,788][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-graph]
    [2020-04-23T11:00:22,788][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-ilm]
    [2020-04-23T11:00:22,788][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-logstash]
    [2020-04-23T11:00:22,788][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-ml]
    [2020-04-23T11:00:22,789][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-monitoring]
    [2020-04-23T11:00:22,789][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-rollup]
    [2020-04-23T11:00:22,789][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-security]
    [2020-04-23T11:00:22,789][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-sql]
    [2020-04-23T11:00:22,789][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-voting-only-node]
    [2020-04-23T11:00:22,790][INFO ][o.e.p.PluginsService     ] [pmsingest01] loaded module [x-pack-watcher]
    [2020-04-23T11:00:22,790][INFO ][o.e.p.PluginsService     ] [pmsingest01] no plugins loaded
    [2020-04-23T11:00:27,158][INFO ][o.e.x.s.a.s.FileRolesStore] [pmsingest01] parsed [0] roles from file [/etc/elasticsearch/roles.yml]
    [2020-04-23T11:00:27,908][INFO ][o.e.x.m.p.l.CppLogMessageHandler] [pmsingest01] [controller/8099] [Main.cc@110] controller (64 bit): Version 7.6.2 (Build e06ef9d86d5332) Copyright (c) 2020 Elasticsearch BV
    [2020-04-23T11:00:28,564][DEBUG][o.e.a.ActionModule       ] [pmsingest01] Using REST wrapper from plugin org.elasticsearch.xpack.security.Security
    [2020-04-23T11:00:28,712][INFO ][o.e.d.DiscoveryModule    ] [pmsingest01] using discovery type [zen] and seed hosts providers [settings]
    [2020-04-23T11:00:29,710][INFO ][o.e.n.Node               ] [pmsingest01] initialized
    [2020-04-23T11:00:29,711][INFO ][o.e.n.Node               ] [pmsingest01] starting ...
    [2020-04-23T11:00:29,849][INFO ][o.e.t.TransportService   ] [pmsingest01] publish_address {10.2.13.38:9300}, bound_addresses {10.2.13.38:9300}
    [2020-04-23T11:00:29,996][INFO ][o.e.b.BootstrapChecks    ] [pmsingest01] bound or publishing to a non-loopback address, enforcing bootstrap checks
    [2020-04-23T11:00:30,000][ERROR][o.e.b.Bootstrap          ] [pmsingest01] node validation exception
    [1] bootstrap checks failed
    [1]: system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk
    [2020-04-23T11:00:30,004][INFO ][o.e.n.Node               ] [pmsingest01] stopping ...
    [2020-04-23T11:00:30,021][INFO ][o.e.n.Node               ] [pmsingest01] stopped
    [2020-04-23T11:00:30,022][INFO ][o.e.n.Node               ] [pmsingest01] closing ...
    [2020-04-23T11:00:30,047][INFO ][o.e.n.Node               ] [pmsingest01] closed
    [2020-04-23T11:00:30,049][INFO ][o.e.x.m.p.NativeController] [pmsingest01] Native controller process has stopped - no new native processes can be started

the mouned volumes on the server are the followings:

    /dev/mapper/vg01-tmp /tmp ext4 rw,nosuid,nodev,noexec,noatime,data=ordered 0 0
    /dev/mapper/vg01-data /data ext4 rw,nosuid,nodev,noatime,data=ordered 0 0
    /dev/mapper/vg01-var /var ext4 rw,relatime,data=ordered 0 0

The tmp volume in noexec, so I made systemctl edit --full elasticsearch.service and inserted the following line:
Environment=ES_TMPDIR=/data/tmp/elasticsearch

of which seem to solved the formerly issuing:

java.lang.NoClassDefFoundError: Could not initialize class com.sun.jna.Native

I also modified the /etc/elasticsearch/elasticsearch.yml:

    path.data: /data/lib/elasticsearch
    path.logs: /data/log/elasticsearch

Directory permission are the followings:

    root@pmsingest01:/data/lib# ls -ltr
    total 4
    drwxr-xr-x 3 elasticsearch elasticsearch 4096 Apr 23 08:13 elasticsearch
    root@pmsingest01:/data/log# ls -ltr
    total 4
    drwxrwxrwx 2 elasticsearch elasticsearch 4096 Apr 23 10:11 elasticsearch
    root@pmsingest01:/data/tmp# ls -ltr
    total 4
    drwxr-xr-x 3 elasticsearch elasticsearch 4096 Apr 23 10:44 elasticsearch

The jvm.options is untouched...

Could You please suggest?

KR,
Szabolcs

Check out OnError and OnOutOfMemoryError checks | Elasticsearch Guide [7.6] | Elastic

Thanks!

Could You please be a bit more specific what to be done here?
seccomp is installed on the server...
Sorry, I am a rookie...

the following line have been inserted into elasticsearch.yml
bootstrap.system_call_filter: false
it works now but sounds nasty... It this the solution?

As https://www.elastic.co/guide/en/elasticsearch/reference/7.6/_system_call_filter_check.html mentions - at your own risk disable system call filters. So it's likely not the best solution.

I don't know enough about how this works on a kernel level to provide any concrete directions though sorry Hopefully someone else with a bit more knowledge will jump in.

Thanks!

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.