I am facing the problem in my elk server. Whenever I start the elasticsearch service the outgoing traffic increases to >10 MBps. This is what is shown in the processes.
I also have stopped both filebeat and metricbeat services. What I think is that maybe elastic agent is upgrading the fleet server, filebeat and metricbeat. How to stop that?
The following command (curl -X GET ":9200/_cat/nodes?v=true&s=cpu:desc&pretty") give this output:
node.role: cdfhilmrstw *
master name: soc
I found that this process is eating the CPU. Any suggestions?
On the configuration of the heap memory, it seems to me that elasticsearch recommends that the value of xms be equal to Xmx. However, I see that the elasticsearch process is launched with an Xms 4Mb and an Xmx 64Mb
I found that the above process is the one using the cpu and memory. As I am new to this I dont know how to optimize that. Will happy to get any help. Thanks
Please don't post pictures of text, logs or code. They are difficult to read, impossible to search and replicate (if it's code), and some people may not be even able to see them
elastic+ 406465 0.0 0.2 2657952 90936 ? Ssl Jun08 0:43 /usr/share/elasticsearch/jdk/bin/java -Xms4m -Xmx64m -XX:+UseSerialGC -Dcli.name=server -Dcli.script=/usr/share/elasticsearch/bin/elasticsearch -Dcli.libs=lib/tools/server-cli -Des.path.home=/usr/share/elasticsearch -Des.path.conf=/etc/elasticsearch -Des.distribution.type=deb -cp /usr/share/elasticsearch/lib/*:/usr/share/elasticsearch/lib/cli-launcher/* org.elasticsearch.launcher.CliToolLauncher -p /var/run/elasticsearch/elasticsearch.pid --quiet
elastic+ 406547 52.1 34.7 507693936 11354816 ? Sl Jun08 523:14 /usr/share/elasticsearch/jdk/bin/java -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -Djava.security.manager=allow -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -XX:-OmitStackTraceInFastThrow -Dio.netty.noUnsafe=true -Dio.netty.noKeySetOptimization=true -Dio.netty.recycler.maxCapacityPerThread=0 -Dlog4j.shutdownHookEnabled=false -Dlog4j2.disable.jmx=true -Dlog4j2.formatMsgNoLookups=true -Djava.locale.providers=SPI,COMPAT --add-opens=java.base/java.io=ALL-UNNAMED -XX:+UseG1GC -Djava.io.tmpdir=/tmp/elasticsearch-330912685403022393 -XX:+HeapDumpOnOutOfMemoryError -XX:+ExitOnOutOfMemoryError -XX:HeapDumpPath=/var/lib/elasticsearch -XX:ErrorFile=/var/log/elasticsearch/hs_err_pid%p.log -Xlog:gc*,gc+age=trace,safepoint:file=/var/log/elasticsearch/gc.log:utctime,pid,tags:filecount=32,filesize=64m -Xms4g -Xmx4g -XX:MaxDirectMemorySize=2147483648 -XX:G1HeapRegionSize=4m -XX:InitiatingHeapOccupancyPercent=30 -XX:G1ReservePercent=15 -Des.distribution.type=deb --module-path /usr/share/elasticsearch/lib -m org.elasticsearch.server/org.elasticsearch.bootstrap.Elasticsearch
When I create the .options in jvm.options.d/ with following parameters:
Still the initial process is starting with Xms4m Xmx64m. Any suggestions how to decrease the cpu load and memory consumption. @warkolm
Also can I try and reinstall Elasticsearch and will that remove all the enrolled agents?
Any suggestions @warkolm ?
What is the actual name of the file you created in there?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.