elasticsearch的一些運維和開發常見問題

es 查看正在執行的任務

可以在kiabna執行
curl -XGET "http://*:9200/_nodes/hot_threads"

查看CPU占用高的線程

可以在kiabna執行
curl -XGET "http://*:9200/_nodes/hot_threads"

參考

https://blog.csdn.net/huchao_lingo/article/details/104820269

elasticsearch missing authentication credentials for REST request

現在網上錯誤的、沒有經過驗證的技術貼漫天飛，很容易給讀者造成各種誤導，由於這部分關系，筆者也開始認真地進行技術貼的撰寫，同時也mark下一些知識點，特別是在這種由於公司內網環境導致無法把資料遷出的情況。
場景
elasticsearch 在開啟xpack認證之后, 直接通過curl 訪問接口會報錯
解決
curl帶上認證
在ECS終端訪問REST API的時候
curl --user elastic:yourpassword -XGET ‘localhost:9200’

elastic是默認的賬號

權限不夠或 can not run elasticsearch as root

問題：

　　es安裝好之后，使用root啟動會報錯：can not run elasticsearch as root

[root@iZbp1bb2egi7w0ueys548pZ bin]# ./elasticsearch
[2019-01-21T09:50:59,387][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: java.lang.RuntimeException: can not run elasticsearch as root
    at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:134) ~[elasticsearch-6.0.0.jar:6.0.0]
    at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:121) ~[elasticsearch-6.0.0.jar:6.0.0]
    at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:69) ~[elasticsearch-6.0.0.jar:6.0.0]
    at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:134) ~[elasticsearch-6.0.0.jar:6.0.0]
    at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-6.0.0.jar:6.0.0]
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92) ~[elasticsearch-6.0.0.jar:6.0.0]
    at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:85) ~[elasticsearch-6.0.0.jar:6.0.0]
Caused by: java.lang.RuntimeException: can not run elasticsearch as root
    at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:104) ~[elasticsearch-6.0.0.jar:6.0.0]
    at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:171) ~[elasticsearch-6.0.0.jar:6.0.0]
    at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:322) ~[elasticsearch-6.0.0.jar:6.0.0]
    at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:130) ~[elasticsearch-6.0.0.jar:6.0.0]
    ... 6 more

原因：

　　為了安全不允許使用root用戶啟動

解決：

　　es5之后的都不能使用添加啟動參數或者修改配置文件等方法啟動了，必須要創建用戶

　　1、創建用戶：elasticsearch

[root@iZbp1bb2egi7w0ueys548pZ bin]# adduser elasticsearch
　　2、創建用戶密碼，需要輸入兩次

[root@iZbp1bb2egi7w0ueys548pZ bin]# passwd elasticsearch
　　3、將對應的文件夾權限賦給該用戶

[root@iZbp1bb2egi7w0ueys548pZ local]# chown -R elasticsearch elasticsearch-6.0.0
　　4、切換至elasticsearch用戶

[root@iZbp1bb2egi7w0ueys548pZ etc]# su elasticsearch 　　5、進入啟動目錄啟動 /usr/local/elasticsearch-6.0.0/bin 使用后台啟動方式：./elasticsearch -d

[elasticsearch@vmt10003 bin]$ ./elasticsearch -d
　6、啟動后測試 　輸入curl ip:9200,如果返回一個json數據說明啟動成功
可能遇到的問題
1、啟動后訪問ip:9200沒有顯示json

[root@iZbp1bb2egi7w0ueys548qZ ~]# curl 10.132.131.51:9200
curl: (7) Failed connect to 10.132.131.51:9200; Connection refused

　　解決：

　　修改elasticsearch.yml文件，添加

　　network.host: 0.0.0.0

　　再次啟動就可以了

[root@iZbp1bb2egi7w0ueys548qZ ~]# curl 10.132.131.51:9200
{
  "name" : "dMD7fZd",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "Cy4a99t2Sw2_hnJ_jtdRgA",
  "version" : {
    "number" : "6.0.0",
    "build_hash" : "8f0685b",
    "build_date" : "2017-11-10T18:41:22.859Z",
    "build_snapshot" : false,
    "lucene_version" : "7.0.1",
    "minimum_wire_compatibility_version" : "5.6.0",
    "minimum_index_compatibility_version" : "5.0.0"
  },
  "tagline" : "You Know, for Search"
}

如果開始了密碼功能訪問發生應該是這樣

 curl --user elastic:abc-123 -XGET '127.0.0.1:9200'

如果某些es的sh程序不能啟動的話 還需要設置這些sh的執行權限 chmod -x xxx.sh

沒什么問題的話 帆軟報表就可以連接ES使用了

elasticsearch密碼設置

7.0以后es把基礎的安全模塊免費集成了。很棒。現在試試設置吧。
官網安全模塊文檔
其中包含了一個安全入門教程
下面基本都是以我的操作為例，實際上可以按照官網文檔進行其它的嘗試。
一、設置賬號密碼
單節點
在elasticsearch.yml文件里增加配置

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
初始化密碼需要在es啟動的情況下進行設置，按照提示輸入各個內置用戶的密碼。

[esuser@localhost elasticsearch-7.12.0]$./bin/elasticsearch -d
[esuser@localhost elasticsearch-7.12.0]$./bin/elasticsearch-setup-passwords interactive
主要設置了一下的密碼

Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]

開發問題

springboot中依賴

注意 我這邊的es服務端是7.4.2

        <dependency>
            <groupId>org.elasticsearch</groupId>
            <artifactId>elasticsearch</artifactId>
            <version>7.7.0</version>
        </dependency>
        <dependency>
            <groupId>org.elasticsearch.client</groupId>
            <artifactId>elasticsearch-rest-high-level-client</artifactId>
            <version>7.7.0</version>
        </dependency>

es沒有開啟密碼驗證的配置代碼

package com.ag.dtools.config;


import org.elasticsearch.client.transport.TransportClient;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.TransportAddress;
import org.elasticsearch.transport.client.PreBuiltTransportClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.net.InetAddress;

@Configuration
public class ElasticSearchConf {

    private static final Logger LOGGER = LoggerFactory.getLogger(ElasticSearchConf.class);

    /**
     * elk集群地址
     */
    @Value("${elasticsearch.ip}")
    private String hostName;

    /**
     * 端口
     */
    @Value("${elasticsearch.port}")
    private String port;

    /**
     * 集群名稱
     */
    @Value("${elasticsearch.cluster.name}")
    private String clusterName;

    /**
     * 連接池
     */
    @Value("${elasticsearch.pool}")
    private String poolSize;

    /**
     * Bean name default  函數名字
     *
     * @return
     */
    @Bean(name = "transportClient")
    public TransportClient transportClient() {
        LOGGER.info("Elasticsearch初始化開始。。。。。");
        TransportClient transportClient = null;
        try {
            // 配置信息
            Settings esSetting = Settings.builder()
                    .put("cluster.name", clusterName) //集群名字
                    .put("client.transport.sniff", true)//增加嗅探機制，找到ES集群
                    .put("thread_pool.search.size", Integer.parseInt(poolSize))//增加線程池個數，暫時設為5
                    .build();
            //配置信息Settings自定義
            transportClient = new PreBuiltTransportClient(esSetting);
            TransportAddress transportAddress = new TransportAddress(InetAddress.getByName(hostName), Integer.valueOf(port));
            transportClient.addTransportAddresses(transportAddress);
        } catch (Exception e) {
            LOGGER.error("elasticsearch TransportClient create error!!", e);
        }
        return transportClient;
    }
}

yml

elasticsearch:
  ip: 112.124.xx.xx
  port: 9200
  pool: 5
  cluster:
    name: my-application

如果es開啟了密碼登陸需要用這個配置

package com.ag.dtools.config;


import org.apache.http.HttpHost;
import org.elasticsearch.client.RestClient;
import org.elasticsearch.client.RestHighLevelClient;
import org.elasticsearch.client.transport.TransportClient;
import org.elasticsearch.common.settings.Settings;
import org.elasticsearch.common.transport.TransportAddress;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.elasticsearch.client.ClientConfiguration;
import org.springframework.data.elasticsearch.client.RestClients;
import javax.annotation.PostConstruct;
import java.net.InetAddress;
import java.net.UnknownHostException;


@Configuration
public class ElasticSearchConf {

    private static final Logger LOGGER = LoggerFactory.getLogger(ElasticSearchConf.class);

    /**
     * elk集群地址
     */
    @Value("${elasticsearch.ip}")
    private String hostName;

    /**
     * 端口
     */
    @Value("${elasticsearch.port}")
    private String port;

    /**
     * 集群名稱
     */
    @Value("${elasticsearch.cluster.name}")
    private String clusterName;

    /**
     * 連接池
     */
    @Value("${elasticsearch.pool}")
    private String poolSize;
    @Value("${elasticsearch.password}")
    private String password;
    
    /**
     * Bean name default  函數名字
     *
     * @return
     */
    @Bean(name = "restHighLevelClient")
    public RestHighLevelClient transportClient() {
        LOGGER.info("Elasticsearch初始化開始。。。。。");
        final ClientConfiguration clientConfiguration = ClientConfiguration.builder()
                .connectedTo(hostName+":"+port)
                .withBasicAuth("elastic", password)
                .build();
        return RestClients.create(clientConfiguration).rest();
    }
}

同時還需要使用這個配置

elasticsearch:
  ip: 192.168.200.24
  port: 9200
  pool: 5
  username: "elastic"
  password: "es-123456"
  cluster:
    name: my-application

None of the configured nodes are available

這個問題很扯淡,可能各種原因，但我是ES7。。所以沒遇到過。。 至於網上說的什么9200 要改成9300的，那是因為是ES6 ES7 直接9200也沒有問題

Springboot中消費kafka數據寫入ES時報異常

Connection closed unexpectedly 
org.apache.http.ConnectionClosedException: Connection is closed

經過幾次測試

發現，項目中使用了nacos 在沒有開啟nacos服務器的情況下，項目連接nacos 會網絡錯誤，接着 es put 時 就拋出了上面說的異常

nacos 異常

Caused by: com.alibaba.nacos.api.exception.NacosException: failed to req API:/api//nacos/v1/ns/instance after all servers([127.0.0.1:8848]) tried: java.net.ConnectException: Connection refused: connect
	at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:496)
	at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:401)
	at com.alibaba.nacos.client.naming.net.NamingProxy.reqAPI(NamingProxy.java:397)
	at com.alibaba.nacos.client.naming.net.NamingProxy.registerService(NamingProxy.java:212)
	at com.alibaba.nacos.client.naming.NacosNamingService.registerInstance(NacosNamingService.java:207)
	at com.alibaba.cloud.nacos.registry.NacosServiceRegistry.register(NacosServiceRegistry.java:64)
	... 27 common frames omitted

打開Nacos服務器后，一切正常。
隨后關閉nacos，繼續消費寫入ES，又不報異常了。。。
這個問題 需要繼續關注...

網上相關的問題解決方案

https://www.cnblogs.com/quwenli/p/15050215.html
https://www.jianshu.com/p/cccae69f491b

class file for org.elasticsearch.client.Cancellable not found

在新的項目中，按照上面的開發配置是沒有問題，但是我在另一個項目中就出現了這個問題，還出現了

java.lang.NoSuchMethodError: org.elasticsearch.action.search.SearchRequest.getPreFilterShardSize()

所以該了下配置

properties 中必須設置ES的版本，不然 迷之報錯...

 <properties>
        <java.version>1.8</java.version>
            <elasticsearch.version>7.6.2</elasticsearch.version>
    </properties>

pom

   <dependency>
            <groupId>org.elasticsearch</groupId>
            <artifactId>elasticsearch</artifactId>
            <version>7.6.2</version>
        </dependency>

        <dependency>
            <groupId>org.elasticsearch.client</groupId>
            <artifactId>elasticsearch-rest-high-level-client</artifactId>
            <version>7.6.2</version>
        </dependency>

        <dependency>
            <groupId>org.elasticsearch.client</groupId>
            <artifactId>elasticsearch-rest-client</artifactId>
            <version>7.6.2</version>
        </dependency>


        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-data-elasticsearch</artifactId>
        </dependency>

        <dependency>
            <groupId>org.springframework.data</groupId>
            <artifactId>spring-data-elasticsearch</artifactId>
        </dependency>

at least one primary shard for the index [.security-7] is unavailable

該問題不會導致es無法連接和無法訪問,需要時在徹底消除這個報錯

No available authentication scheme

該問題不會導致es無法連接和無法訪問,需要時在徹底消除這個報錯