使用Kubernetes的Elasticsearch。使用bootstrap.memory_lock的内存锁不起作用。

问题描述 投票:0回答:1

我目前正在为我们使用的2.4.6版本的elasticsearch的k8s设置而烦恼。

用bootstrap.memory_lock禁用内存交换并不成功。内存预留失败,出现了众所周知的错误。

[2020-05-22 21:12:22,762][WARN ][bootstrap                ] Unable to lock JVM Memory: error=12,reason=Cannot allocate memory
[2020-05-22 21:12:22,764][WARN ][bootstrap                ] This can result in part of the JVM being swapped out.
[2020-05-22 21:12:22,765][WARN ][bootstrap                ] Increase RLIMIT_MEMLOCK, soft limit: 83968000, hard limit: 83968000
[2020-05-22 21:12:22,765][WARN ][bootstrap                ] These can be adjusted by modifying /etc/security/limits.conf, for example:
        # allow user 'elasticsearch' mlockall
        elasticsearch soft memlock unlimited
        elasticsearch hard memlock unlimited

我基本上是按照这个源头的指导来做的。内存设置 但还是不能正常运行。

有什么办法可以解决这个问题吗?

部署.yaml。

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: elasticsearch
  name: elasticsearch
spec:
  replicas: 1
  selector:
    matchLabels:
      app: elasticsearch
  template:
    metadata:
      labels:
        app: elasticsearch
    spec:
      containers:
      - image: elasticsearch:2.4.6
        imagePullPolicy: ""
        name: elasticsearch
        env:
         - name: ES_JAVA_OPTS
           value: "-Xmx512m -Xms512m"
         - name: ES_HEAP_SIZE
           value: "1g"
         - name: bootstrap.memory_lock
           value: "true"
        ports:
        - containerPort: 9200
        - containerPort: 9300
        volumeMounts:
        - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
          subPath: elasticsearch.yml
          name: elasticsearch-config
      initContainers:
          -   name: fix-permissions
              image: alpine:3.6
              command: ["sh", "-c", "chown -R 1000:1000 /usr/share/elasticsearch/data"]
              securityContext:
                  privileged: true
              volumeMounts:
                  -   name: elasticsearch-data
                      mountPath: /usr/share/elasticsearch/data
          -   name: increase-vm-max-map
              image: alpine:3.6
              command: ["/sbin/sysctl", "-w", "vm.max_map_count=262144"]
              securityContext:
                  privileged: true
          -   name: fix-ulimit
              image: alpine:3.6
              command: ["sh", "-c", "ulimit -n 65536"]
              securityContext:
                  privileged: true
      hostname: elasticsearch
      restartPolicy: Always
      serviceAccountName: ""
      volumes:
      - name: elasticsearch-data
        persistentVolumeClaim:
          claimName: elasticsearch-data
      - name: elasticsearch-config
        configMap:
          name: elasticsearch-config

如果需要的话,可以把configmap和pvc贴出来,但我觉得它们和这个问题没有什么关系。

elasticsearch kubernetes memory-locking
1个回答
0
投票

你可能无法解决这个问题,很有可能是在容器中运行的Elasticsearch没有必要的系统权限。

mlockall 只有当你启用了swap时才需要,这在现代系统中是不常见的。如果你没有配置任何交换空间,不用担心。mlockall.

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.