elasticsearch 无法启动:Seccomp 存在,但 bootstrap 检查失败 (Centos 7 / ES 6.4.2)
elasticsearch will not start: Seccomp is present, but bootstrap check fails (Centos 7 / ES 6.4.2)
CentOS Linux 发行版 7.5.1804(核心)
配置生产集群,ES拒绝启动:
1:33:56,454][INFO ][o.e.t.TransportService ] [node-68795-C] publish_address {192.168.200.162:9300}, bound_addresses {192.168.200.162:9300}
[2018-10-28T21:33:56,467][INFO ][o.e.b.BootstrapChecks ] [node-68795-C] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2018-10-28T21:33:56,494][ERROR][o.e.b.Bootstrap ] [node-68795-C] node validation exception
[1] bootstrap checks failed
[1]: system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk
好的,那我去看看有没有seccomp:
[$]# cat /boot/config-`uname -r` | grep CONFIG_SECCOMP=
CONFIG_SECCOMP=y
[$]# CONFIG_SECCOMP=y
因此,看起来和闻起来都像是存在 seccomp。
下一步是什么?
根本原因:/tmp 被挂载为 noexec
事实证明,如果 /tmp 是 noexec,则两三个 bootstrap 检查会失败。
解决/tmp,其他问题都解决了!
CentOS Linux 发行版 7.5.1804(核心)
配置生产集群,ES拒绝启动:
1:33:56,454][INFO ][o.e.t.TransportService ] [node-68795-C] publish_address {192.168.200.162:9300}, bound_addresses {192.168.200.162:9300}
[2018-10-28T21:33:56,467][INFO ][o.e.b.BootstrapChecks ] [node-68795-C] bound or publishing to a non-loopback address, enforcing bootstrap checks
[2018-10-28T21:33:56,494][ERROR][o.e.b.Bootstrap ] [node-68795-C] node validation exception
[1] bootstrap checks failed
[1]: system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk
好的,那我去看看有没有seccomp:
[$]# cat /boot/config-`uname -r` | grep CONFIG_SECCOMP=
CONFIG_SECCOMP=y
[$]# CONFIG_SECCOMP=y
因此,看起来和闻起来都像是存在 seccomp。
下一步是什么?
根本原因:/tmp 被挂载为 noexec
事实证明,如果 /tmp 是 noexec,则两三个 bootstrap 检查会失败。
解决/tmp,其他问题都解决了!