How To Solve Issues Related to Log – Failed to process

Get an Elasticsearch Check-Up

Check if your ES issues are caused from misconfigured settings
(Free 2 min process)

Check-Up

Last update: Dec-19

Elasticsearch Error Guide In Page Navigation (click to jump) :

Troubleshooting Background – start here to get the full picture       
Related Issues – selected resources on related issues  
Log Context – usefull for experts
About Opster – offering a diffrent approach to troubleshoot Elasticsearch

Check Your Elasticsearch Settings for Painfull Mistakes 


Troubleshooting background

To troubleshoot Elasticsearch log “Failed to process” it’s important to know common problems related to Elasticsearch concepts: tribe, document, settings. See below-detailed explanations complete with common problems, examples and useful tips.

Document in Elasticsearch

Overview

A document is simply a json document that is stored in Elasticsearch index. It consists of one or more fields; where each field has its own data type. This field type defines the type of data that can be stored in the field such as integer, string, object. Document is schema-free, which means we do not require to specify schema before indexing document, when a field is indexed for the first time, its type is decided and set.

Examples:

Creating A document : to create a document in the users index.

POST  /users/_doc 
{
    "name" : "Petey",
    "lastname" : "Cruiser",
    "email" : "petey@gmail.com"
}

In the above request, we haven’t mentioned id for the document so index operation generates a unique ID for the document. Here _doc is the type of document. We can provide this type to user-defined type also where user index may store user type document.

POST  /users/_doc/1
{
    "name" : "Petey",
    "lastname" : "Cruiser",
    "email" : "petey@gmail.com"
}

In the above query, the document will be created with id 1.

You can use the below ‘GET’ query to get a document from the index using id

GET  /users/_doc/1

Bellow is the result containing the document (in _source field) with metadata:-

{
    "_index": "users",
    "_type": "_doc",
    "_id": "1",
    "_version": 1,    "_seq_no": 1,    "_primary_term": 1,
    "found": true,
    "_source": {
        "name": "Petey",
        "lastname": "Cruiser",
        "email": "petey@gmail.com"
    }
}
Notes

Starting version 7.0 types are deprecated, so for backward compatibility on version 7.x all docs are under type ‘_doc’, starting 8.x type will be completely removed from ES APIs

Settings in Elasticsearch

What it is 

In ElasticSearch, you can configure cluster-level settings, node-level settings and index level settings. Here we discuss each of them.

A. Cluster Wide Settings

These settings can be either persistent, meaning they apply across restarts, or transient, meaning they won’t survive a full cluster restart. If a transient setting is reset, the first one of these values that is defined is applied:

  • the persistent setting
  • the setting in the configuration file
  • the default value

The order of precedence for cluster settings is:

  1. transient cluster settings
  2. persistent cluster settings
  3. settings in the elasticsearch.yml configuration file
Examples:

An example of persistent cluster settings update:

PUT /_cluster/settings
{
    "persistent" : {
        "indices.recovery.max_bytes_per_sec" : "500mb"
    }
}

An example of a transient update:

PUT /_cluster/settings
{
    "transient" : {
        "indices.recovery.max_bytes_per_sec" : "40mb"
    }
}

B. Index Settings

These are the settings that are applied to individual indices. There is an API to update index level settings.

Examples:

The following API call will set the number of replica shards to 5 for my_index  index.

PUT /my_index/_settings
{
    "index" : {
        "number_of_replicas" : 5    
     }
}

To revert a setting to the default value, use null.

PUT /my_index/_settings
{
    "index" : {
        "refresh_interval" : null
    }
}

C. Node settings

These settings apply to nodes. Nodes can fulfill different roles, for example, there are master nodes , data nodes, or coordinating nodes. Node settings are set through the elasticsearch.yml file for each node. 

Examples:
  • Setting a node to be a data node ( in the elasticsearch.yml file ) 
node.data: true
  • Disabling the ingest role for the node ( which is enabled by default)
node.ingest: false

For production clusters, you will need to run each type of node on a dedicated machine with two or more instances of each, for HA  ( minimum three for master nodes ).

Notes and Good Things to Know:
  • Learning the cluster settings and index settings is important, it can spare you a lot of trouble. For example, if you are going to ingest huge amount of data into an index, then if the number of replica shards are set , for example at 5 replica shards, the indexing process will be super slow because the data will be replicated at the same time it is indexed. What you can do to speed up indexing is to set the replica shards to 0 by updating the settings, and set it back to the original number when indexing is done, using the settings API.

  • Another useful example of using cluster-level settings is when a node has just joined the cluster and the cluster is not assigning any shards to the node. Although shard allocation is enabled by default on all nodes, someone may have disabled shard allocation at some point (for example, in order to perform a rolling restart), and forgot to re-enable it later. To enable shard allocation, you can update the Cluster Settings API:

PUT /_cluster/settings{ "transient":    {       "cluster.routing.allocation.enable" : "all"     }}
  • It’s better to set cluster-wide settings with Settings API instead of with the elasticsearch.yml file and to use the file only for local changes. This will keep the same setting on all nodes. But if you define different settings on different nodes by accident using the elasticsearch.yml configuration file, it is hard to notice these discrepancies.

  • See also: Recoveries


To help troubleshoot related issues we have gathered selected Q&A from the community and issues from Github , please review the following for further information :

1. Failed To Process Cluster Event Exc  

2.      

Failed To Process Cluster Event Put


Log Context

Log ”Failed to process” classname is TribeService.java
We have extracted the following from Elasticsearch source code to get an in-depth context :

<pre class="wp-block-syntaxhighlighter-code">             clusterService.submitStateUpdateTask(
                    "cluster event from " + tribeName;
                    event;
                    ClusterStateTaskConfig.build(Priority.NORMAL);
                    executor;
                    (source; e) -> logger.warn((Supplier<?>) () -> new ParameterizedMessage("failed to process [{}]"; source); e));
        }
    }

    class TribeNodeClusterStateTaskExecutor implements ClusterStateTaskExecutor<ClusterChangedEvent> {
        private final String tribeName;

</pre>

About Opster

Incorporating deep knowledge and broad history of Elasticsearch issues. Opster’s solution identifies and predicts root causes of Elasticsearch problems, provides recommendations and can automatically perform various actions to manage, troubleshoot and prevent issues

Learn more: Glossary | Blog| Troubleshooting guides | Error Repository

Need help with any Elasticsearch issue ? Contact Opster

Did this page help you?