ElasticSearch wont stay running

mr_m_cox · October 21, 2020, 11:43am

Hi All,
I recently added a disk to our ubuntu VM running graylog as i needed more space for my elasticsearch.
I have completed the data transfer and updated the elasticsearch.yml to reflect the new location however the service just wont stay started.
Below is the logs I have a long with the result I get for a service status check. Would appear to be a permissions issue, what permissions should be set? I have alloweed all users full access, I believe.

Any assistance would be greatly appreciated.

root@POR-GRAYLOG:/usr/share/elasticsearch/bin# service elasticsearch status
● elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Wed 2020-10-21 12:13:40 BST; 13s ago
Docs: http://www.elastic.co
Process: 29477 ExecStart=/usr/share/elasticsearch/bin/elasticsearch -p ${PID_DIR}/elasticsearch.pid --quiet (code=exi
Main PID: 29477 (code=exited, status=1/FAILURE)

Oct 21 12:13:35 POR-GRAYLOG systemd[1]: Started Elasticsearch.
Oct 21 12:13:35 POR-GRAYLOG elasticsearch[29477]: warning: Falling back to java on path. This behavior is deprecated. S
Oct 21 12:13:40 POR-GRAYLOG systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
Oct 21 12:13:40 POR-GRAYLOG systemd[1]: elasticsearch.service: Failed with result ‘exit-code’.
lines 1-11/11 (END)

[2020-10-21T12:07:32,020][ERROR][o.e.b.Bootstrap          ] [unknown] Exception
java.lang.IllegalStateException: Unable to access 'path.data' (/media/ubuntuadmin/Data/GrayLogData/elasticsearch)
	at org.elasticsearch.bootstrap.FilePermissionUtils.addDirectoryPath(FilePermissionUtils.java:70) ~[elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.bootstrap.Security.addFilePermissions(Security.java:299) ~[elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.bootstrap.Security.createPermissions(Security.java:254) ~[elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.bootstrap.Security.configure(Security.java:123) ~[elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:207) ~[elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:333) [elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:159) [elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:150) [elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) [elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) [elasticsearch-cli-6.8.4.jar:6.8.4]
	at org.elasticsearch.cli.Command.main(Command.java:90) [elasticsearch-cli-6.8.4.jar:6.8.4]
	at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:116) [elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) [elasticsearch-6.8.4.jar:6.8.4]
Caused by: java.nio.file.AccessDeniedException: /media/ubuntuadmin/Data/GrayLogData
	at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84) ~[?:1.8.0_265]
	at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102) ~[?:1.8.0_265]
	at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107) ~[?:1.8.0_265]
	at sun.nio.fs.UnixFileSystemProvider.checkAccess(UnixFileSystemProvider.java:308) ~[?:1.8.0_265]
	at java.nio.file.Files.createDirectories(Files.java:746) ~[?:1.8.0_265]
	at org.elasticsearch.bootstrap.Security.ensureDirectoryExists(Security.java:413) ~[elasticsearch-6.8.4.jar:6.8.4]
	at org.elasticsearch.bootstrap.FilePermissionUtils.addDirectoryPath(FilePermissionUtils.java:68) ~[elasticsearch-6.8.4.jar:6.8.4]
	... 12 more

maniel · October 21, 2020, 12:18pm

looks like ES data directory (/media/ubuntuadmin/Data/GrayLogData/elasticsearch) has incorrect permissions, or doesn’t exist and ES cannot create it under /media/ubuntuadmin/Data/GrayLogData

mr_m_cox · October 21, 2020, 12:48pm

Thanks for taking the time to reply.

Any ideas on what the permissions should be? I can confirm the directory does exist using that path.
Thanks.

Cato · October 21, 2020, 2:10pm

Yes, looks like a permission issue.
Caused by: java.nio.file.AccessDeniedException: /media/ubuntuadmin/Data/GrayLogData

The folder should be owned by the user running the elasticsearch process

mr_m_cox · October 21, 2020, 2:17pm

Thanks for clarifying.

How would I confirm which user account is running, or attempting to run that process?
Thanks

Cato · October 21, 2020, 2:38pm

ps -ef | grep elasticsearch
if you are running linux

mr_m_cox · October 21, 2020, 3:25pm

This is what I get, any thoughts on which is wrong? or both!

reshippie · October 21, 2020, 6:44pm

Try looking in /usr/lib/systemd/system/elasticsearch.service.
In mine there’s a line that says User=elasticsearch which tells systemd to start Elasticsearch as the elasticsearch user.

system · November 4, 2020, 6:44pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Elasticsearch Service Not Running (New Installation) Graylog Central (peer support)	7	7218	October 9, 2018
Graylog installation manual for ubuntu improvements - elasticsearch issue Graylog Central (peer support)	8	1800	May 24, 2019
Elasticsearch Service AWS Graylog Central (peer support)	3	310	April 21, 2020
FAIL TO START - elasticsearch Graylog Central (peer support) elastic	7	4909	October 5, 2022
Starting Elasticsearch Service fail after upgrade Graylog Central (peer support)	7	3163	May 11, 2022

ElasticSearch wont stay running

Related topics