我目前正在为我们使用的2.4.6版本的elasticsearch的k8s设置而烦恼。
用bootstrap.memory_lock禁用内存交换并不成功。内存预留失败,出现了众所周知的错误。
[2020-05-22 21:12:22,762][WARN ][bootstrap ] Unable to lock JVM Memory: error=12,reason=Cannot allocate memory
[2020-05-22 21:12:22,764][WARN ][bootstrap ] This can result in part of the JVM being swapped out.
[2020-05-22 21:12:22,765][WARN ][bootstrap ] Increase RLIMIT_MEMLOCK, soft limit: 83968000, hard limit: 83968000
[2020-05-22 21:12:22,765][WARN ][bootstrap ] These can be adjusted by modifying /etc/security/limits.conf, for example:
# allow user 'elasticsearch' mlockall
elasticsearch soft memlock unlimited
elasticsearch hard memlock unlimited
我基本上是按照这个源头的指导来做的。内存设置 但还是不能正常运行。
有什么办法可以解决这个问题吗?
部署.yaml。
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: elasticsearch
name: elasticsearch
spec:
replicas: 1
selector:
matchLabels:
app: elasticsearch
template:
metadata:
labels:
app: elasticsearch
spec:
containers:
- image: elasticsearch:2.4.6
imagePullPolicy: ""
name: elasticsearch
env:
- name: ES_JAVA_OPTS
value: "-Xmx512m -Xms512m"
- name: ES_HEAP_SIZE
value: "1g"
- name: bootstrap.memory_lock
value: "true"
ports:
- containerPort: 9200
- containerPort: 9300
volumeMounts:
- mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
subPath: elasticsearch.yml
name: elasticsearch-config
initContainers:
- name: fix-permissions
image: alpine:3.6
command: ["sh", "-c", "chown -R 1000:1000 /usr/share/elasticsearch/data"]
securityContext:
privileged: true
volumeMounts:
- name: elasticsearch-data
mountPath: /usr/share/elasticsearch/data
- name: increase-vm-max-map
image: alpine:3.6
command: ["/sbin/sysctl", "-w", "vm.max_map_count=262144"]
securityContext:
privileged: true
- name: fix-ulimit
image: alpine:3.6
command: ["sh", "-c", "ulimit -n 65536"]
securityContext:
privileged: true
hostname: elasticsearch
restartPolicy: Always
serviceAccountName: ""
volumes:
- name: elasticsearch-data
persistentVolumeClaim:
claimName: elasticsearch-data
- name: elasticsearch-config
configMap:
name: elasticsearch-config
如果需要的话,可以把configmap和pvc贴出来,但我觉得它们和这个问题没有什么关系。
你可能无法解决这个问题,很有可能是在容器中运行的Elasticsearch没有必要的系统权限。
mlockall
只有当你启用了swap时才需要,这在现代系统中是不常见的。如果你没有配置任何交换空间,不用担心。mlockall
.