Increase RLIMIT_MEMLOCK. soft limit . hard limit – How to solve related issues

Opster Team

Feb-20, Version: 1.7-8.0

Before you begin reading this guide, we recommend you run Elasticsearch Error Check-Up which analyzes 2 JSON files to detect many errors.

Briefly, this error occurs when the soft limit for RLIMIT_MEMLOCK is too low and needs to be increased, which can cause issues with the operation of Elasticsearch. To resolve this issue, you can try to increase the soft limit for RLIMIT_MEMLOCK to the required value, or check the system configuration for errors.

To easily locate the root cause and resolve this issue try AutoOps for Elasticsearch & OpenSearch. It diagnoses problems by analyzing hundreds of metrics collected by a lightweight agent and offers guidance for resolving them.

This guide will help you check for common problems that cause the log ” Increase RLIMIT_MEMLOCK. soft limit . hard limit ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: bootstrap.

 
 

bootstrap checks

Overview

Elasticsearch has many settings that can cause significant performance problems if not set correctly. To prevent this happening, Elasticsearch carries out “bootstrap checks” to ensure that these important settings have been covered. If any of the checks fail, Elasticsearch will write an error to the logs and will not start. In this guide we cover common bootstrap checks you should know and how to configure your settings correctly to pass the checks successfully.

Bootstrap checks are carried out when the network.host setting in:

network.host: 0.0.0.0

If network host is not set and you use the default localhost, then Elasticsearch will consider the node to be in development mode, and bootstrap checks will not be enforced.

Common issues with bootstrap checks

If you install elasticsearch using RPM or Debian packages (strongly recommended) then most of the important configuration is already done for you, and the only bootstrap checks you are likely to run up against are the following.

Heap size check

The minimum and maximum heap sizes specified in jvm.options (or via environment variables) must be equal to one another.

File descriptors check

Minimum file descriptors must have been set to at least 65535

Memory lock check

There are various methods used to prevent memory swapping, and you must use one of them.  The most common is to set in elasticsearch.yml

bootstrap.memory_lock: true

For this to be effective you must give permission to elasticsearch to enable this. There are various ways to do so, depending upon your operating system.

Discovery configuration checks

At least one of the following properties must be configured in elasticsearch.yml to ensure that your node can form a cluster properly:

  • discovery.seed_hosts
  • discovery.seed_providers
  • cluster.initial_master_nodes

Less common bootstrap check issues

If you are not using RPM or debian packages, you may come across the following issues:

Max number of threads check

You must allow your system to create at least 4096 threads. In linux this is done by editing /etc/security/limits.conf and adjusting the nproc setting.

Max file size check

Your system should be able to create unlimited file sizes. In linux this is done by editing /etc/security/limits.conf and adjusting the fsize setting

Max virtual memory check

The system should be able to create unlimited virtual memory for the elasticsearch user.

This is done by editing /etc/security/limits.conf 
<user> - as unlimited

Max map count check

The system must be able to use mmap effectively.  This is done by running the command 

sysctl vm.max_map_count 262144

Other checks

The following checks are also carried out, but are rarely found:

OsX File Descriptor Check
Client Jvm Check
UseS erial GC Check
System Call Filter Check
Might Fork Check
On Error Check
On Out Of Memory Error Check
Early Access Check
G1GC Check
All Permission Check
 
 

 
 

Log Context

Log “Increase RLIMIT_MEMLOCK; soft limit: {}; hard limit: {}” classname is JNANatives.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

         // mlockall failed for some reason
        logger.warn("Unable to lock JVM Memory: error={}; reason={}"; errno ; errMsg);
        logger.warn("This can result in part of the JVM being swapped out.");
        if (errno == JNACLibrary.ENOMEM) {
            if (rlimitSuccess) {
                logger.warn("Increase RLIMIT_MEMLOCK; soft limit: {}; hard limit: {}"; rlimitToString(softLimit); rlimitToString(hardLimit));
                if (Constants.LINUX) {
                    // give specific instructions for the linux case to make it easy
                    String user = System.getProperty("user.name");
                    logger.warn("These can be adjusted by modifying /etc/security/limits.conf; for example: \n" +
                                "\t# allow user '{}' mlockall\n" +

 

How helpful was this guide?

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?

Analyze your cluster & get personalized recommendations

Analyze Your Cluster
Or view the full platform AutoOps in action

Related Articles

Back to all articles
Skip to content