报错信息一：can not run elasticsearch as root

[root@localhost bin]# ./elasticsearch

[2018-06-22T18:06:16,313][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [] uncaught exception in thread [main]org.elasticsearch.bootstrap.StartupException: java.lang.RuntimeException: can not run elasticsearch as rootat org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:125) ~[elasticsearch-6.2.4.jar:6.2.4]at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:112) ~[elasticsearch-6.2.4.jar:6.2.4]at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) ~[elasticsearch-6.2.4.jar:6.2.4]at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) ~[elasticsearch-cli-6.2.4.jar:6.2.4]at org.elasticsearch.cli.Command.main(Command.java:90) ~[elasticsearch-cli-6.2.4.jar:6.2.4]at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:92) ~[elasticsearch-6.2.4.jar:6.2.4]at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:85) ~[elasticsearch-6.2.4.jar:6.2.4]Caused by: java.lang.RuntimeException: can not run elasticsearch as rootat org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:105) ~[elasticsearch-6.2.4.jar:6.2.4]at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:172) ~[elasticsearch-6.2.4.jar:6.2.4]at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:323) ~[elasticsearch-6.2.4.jar:6.2.4]at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:121) ~[elasticsearch-6.2.4.jar:6.2.4]... 6 more

解决办法：

主要看报错第二行：can not run elasticsearch as root ：意思是不能用root用户运行elasticesearch新建用户elasearch 专用于操作elkgroupadd elasearchuseradd elasearch -g elasearchchown -R elasearch:elasearch /usr/local/elasticsearch-6.2.4/切换到elasticsearch用户启动es。

报错问题二： increase to at least [65536]

ERROR: [3] bootstrap checks failed

[1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]

上边的描述:

[2018-07-05T19:24:50,764][WARN ][o.e.b.JNANatives ] Unable to lock JVM Memory: error=12, reason=Cannot allocate memory[2018-07-05T19:24:50,766][WARN ][o.e.b.JNANatives ] This can result in part of the JVM being swapped out.[2018-07-05T19:24:50,766][WARN ][o.e.b.JNANatives ] Increase RLIMIT_MEMLOCK, soft limit: 65536, hard limit: 65536[2018-07-05T19:24:50,766][WARN ][o.e.b.JNANatives ] These can be adjusted by modifying /etc/security/limits.conf, for example: allow user 'elasticsearch' mlockallelasticsearch soft memlock unlimitedelasticsearch hard memlock unlimited

解决办法：

echo '* soft nofile 65536' >> /etc/security/limits.confecho '* hard nofile 65536' >> /etc/security/limits.conf

报错信息三：memory is not locked

[2]: memory locking requested for elasticsearch process but memory is not locked

解决办法：报错的信息也有显示这个解决办法

elasticsearch soft memlock unlimitedelasticsearch hard memlock unlimited

报错信息四：AccessDeniedException

Likely root cause: java.nio.file.AccessDeniedException: /usr/local/elasticsearch-6.2.4/config/elasticsearch.keystore

原因：当前用户没有接入权限

解决办法：

chown -R elasearch:elasearch /usr/local/elasticsearch-6.2.4/

报错信息五： vm.max_map_count [65530] is too low

[3]: max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144]

解决办法：

echo 'vm.max_map_count=262144' >> /etc/sysctl.conf sysctl -p

报错信息六：

[ERROR][i.n.u.ResourceLeakDetector] LEAK: ByteBuf.release() was not called before it's garbage-collected. Enable advanced leak reporting to find out where the leak occurred. To enable advanced leak reporting, specify the JVM option '-Dio.netty.leakDetection.level=advanced' or call ResourceLeakDetector.setLevel() See for more information.

解决办法：

修改jvm配置，添加以下配置：-Dio.netty.leakDetection.level=advanced