Opster Team
Before you begin reading this guide, we recommend you run Elasticsearch Error Check-Up which analyzes 2 JSON files to detect many errors.
To easily locate the root cause and resolve this issue try AutoOps for Elasticsearch & OpenSearch. It diagnoses problems by analyzing hundreds of metrics collected by a lightweight agent and offers guidance for resolving them.
This guide will help you check for common problems that cause the log ” Exception when bootstrapping with . rescheduling ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: bootstrap and cluster.
Overview
Elasticsearch has many settings that can cause significant performance problems if not set correctly. To prevent this happening, Elasticsearch carries out “bootstrap checks” to ensure that these important settings have been covered. If any of the checks fail, Elasticsearch will write an error to the logs and will not start. In this guide we cover common bootstrap checks you should know and how to configure your settings correctly to pass the checks successfully.
Bootstrap checks are carried out when the network.host setting in:
network.host: 0.0.0.0
If network host is not set and you use the default localhost, then Elasticsearch will consider the node to be in development mode, and bootstrap checks will not be enforced.
Common issues with bootstrap checks
If you install elasticsearch using RPM or Debian packages (strongly recommended) then most of the important configuration is already done for you, and the only bootstrap checks you are likely to run up against are the following.
Heap size check
The minimum and maximum heap sizes specified in jvm.options (or via environment variables) must be equal to one another.
File descriptors check
Minimum file descriptors must have been set to at least 65535
Memory lock check
There are various methods used to prevent memory swapping, and you must use one of them. The most common is to set in elasticsearch.yml
bootstrap.memory_lock: true
For this to be effective you must give permission to elasticsearch to enable this. There are various ways to do so, depending upon your operating system.
Discovery configuration checks
At least one of the following properties must be configured in elasticsearch.yml to ensure that your node can form a cluster properly:
Less common bootstrap check issues
If you are not using RPM or debian packages, you may come across the following issues:
Max number of threads check
You must allow your system to create at least 4096 threads. In linux this is done by editing /etc/security/limits.conf and adjusting the nproc setting.
Max file size check
Your system should be able to create unlimited file sizes. In linux this is done by editing /etc/security/limits.conf and adjusting the fsize setting
Max virtual memory check
The system should be able to create unlimited virtual memory for the elasticsearch user.
This is done by editing /etc/security/limits.conf
<user> - as unlimited
Max map count check
The system must be able to use mmap effectively. This is done by running the command
sysctl vm.max_map_count 262144
Other checks
The following checks are also carried out, but are rarely found:
OsX File Descriptor Check Client Jvm Check UseS erial GC Check System Call Filter Check Might Fork Check On Error Check On Out Of Memory Error Check Early Access Check G1GC Check All Permission Check
Overview
An Elasticsearch cluster consists of a number of servers (nodes) working together as one. Clustering is a technology which enables Elasticsearch to scale up to hundreds of nodes that together are able to store many terabytes of data and respond coherently to large numbers of requests at the same time.
Search or indexing requests will usually be load-balanced across the Elasticsearch data nodes, and the node that receives the request will relay requests to other nodes as necessary and coordinate the response back to the user.
Notes and good things to know
The key elements to clustering are:
Cluster State – Refers to information about which indices are in the cluster, their data mappings and other information that must be shared between all the nodes to ensure that all operations across the cluster are coherent.
Master Node – Each cluster must elect a single master node responsible for coordinating the cluster and ensuring that each node contains an up-to-date copy of the cluster state.
Cluster Formation – Elasticsearch requires a set of configurations to determine how the cluster is formed, which nodes can join the cluster, and how the nodes collectively elect a master node responsible for controlling the cluster state. These configurations are usually held in the elasticsearch.yml config file, environment variables on the node, or within the cluster state.
Node Roles – In small clusters it is common for all nodes to fill all roles; all nodes can store data, become master nodes or process ingestion pipelines. However as the cluster grows, it is common to allocate specific roles to specific nodes in order to simplify configuration and to make operation more efficient. In particular, it is common to define a limited number of dedicated master nodes.
Replication – Data may be replicated across a number of data nodes. This means that if one node goes down, data is not lost. It also means that a search request can be dealt with by more than one node.
Common problems
Many Elasticsearch problems are caused by operations which place an excessive burden on the cluster because they require an excessive amount of information to be held and transmitted between the nodes as part of the cluster state. For example:
- Shards too small
- Too many fields (field explosion)
Problems may also be caused by inadequate configurations causing situations where the Elasticsearch cluster is unable to safely elect a Master node. This situation is discussed further in:
Backups
Because Elasticsearch is a clustered technology, it is not sufficient to have backups of each node’s data directory. This is because the backups will have been made at different times and so there may not be complete coherency between them. As such, the only way to backup an Elasticsearch cluster is through the use of snapshots, which contain the full picture of an index at any one time.
Cluster resilience
When designing an Elasticsearch cluster, it is important to think about cluster resilience. In particular – what happens when a single node goes down? And for larger clusters where several nodes may share common services such as a network or power supply – what happens if that network or power supply goes down? This is where it is useful to ensure that the master eligible nodes are spread across availability zones, and to use shard allocation awareness to ensure that shards are spread across different racks or availability zones in your data center.

Log Context
Log “exception when bootstrapping with {}; rescheduling” classname is ClusterBootstrapService.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :
assert transportService.getLocalNode().isMasterNode(); try { votingConfigurationConsumer.accept(votingConfiguration); } catch (Exception e) { logger.warn(new ParameterizedMessage("exception when bootstrapping with {}; rescheduling"; votingConfiguration); e); transportService.getThreadPool().scheduleUnlessShuttingDown(TimeValue.timeValueSeconds(10); Names.GENERIC; new Runnable() { Override public void run() { doBootstrap(votingConfiguration);
Find & fix Elasticsearch problems
Opster AutoOps diagnoses & fixes issues in Elasticsearch based on analyzing hundreds of metrics.
Fix Your Cluster IssuesConnect in under 2 minutes
Jose Rafaelly
Head of System Engineering at Everymundo