Fixing the NullPointerException When Querying an elasticsearch Cluster
To retain, search, and analyze the logs of a Windows Service with which we're having performance problems, I installed logstash and elasticsearch. (I'll post more on that later.) This arrangement has been great, as it allows us to scoop the log files from the server (via logstash) and retain them (in elasticsearch) even though the log files are frequently overwritten on the Windows server. And, once I've got more proficient with elasticsearch Query DSL I'm sure we'll be able to tease all sorts of interesting information from our logs.
Anyway, all has been working well. We've been gathering logs for four days now and it's now time to dig into them and see what we find. My first step was to get a list of the indices in the elasticsearch cluster. I did this via the command:
http://localhost:9200/_cat/indices
What I expected to get was a list of indices (similar to database in a SQL system). What I received instead was an HTTP status code of 500 and the message "nullpointerexception".
A little sleuthing on the web uncovered the fact that I'm not the first or only person to have this issue. I found in this GitHub post the reason for the exception:
Query Cache and Suggest stats were introduced in v1.4.0_beta1 and 1.2.0 respectively, therefore they can be null if stats are received from older nodes in the cluster.
I looked at the elasticsearch version used by each node in my cluster and found that one was running 1.4.0 while the other was running 1.3.4.
I upgraded the 1.3.4 node and everything worked well after that.
To upgrade the node, I performed the following steps:
Anyway, all has been working well. We've been gathering logs for four days now and it's now time to dig into them and see what we find. My first step was to get a list of the indices in the elasticsearch cluster. I did this via the command:
http://localhost:9200/_cat/indices
What I expected to get was a list of indices (similar to database in a SQL system). What I received instead was an HTTP status code of 500 and the message "nullpointerexception".
A little sleuthing on the web uncovered the fact that I'm not the first or only person to have this issue. I found in this GitHub post the reason for the exception:
Query Cache and Suggest stats were introduced in v1.4.0_beta1 and 1.2.0 respectively, therefore they can be null if stats are received from older nodes in the cluster.
I looked at the elasticsearch version used by each node in my cluster and found that one was running 1.4.0 while the other was running 1.3.4.
I upgraded the 1.3.4 node and everything worked well after that.
To upgrade the node, I performed the following steps:
- Downloaded the latest version of elasticsearch.
- Copied the /config/elasticsearch.yml from the currently running (that is, old) version of elasticsearch and placed it somewhere else for safe keeping.
- Extracted the files from elasticsearch compressed file, downloaded in step 1, above.
- Went to the Windows Services tool and stopped the elasticsearch service.
- Deleted all files in the folder containing the current (that is, old) version of elasticsearch.
- Copied all the files from the folder containing the newest version of elasticsearch to the folder that contained the old version of elasticsearch.
- Copied the elasticsearch.yml file from where I had copied it in step 2, above, to the /config folder in the now current version of elasticsearch.
- Went to the Windows Services tool and started the elasticsearch service.
- Ran my indices query (http://localhost:9200/_cat/indices) again to verify all was well. It was.
Anyway, if you find you're having issues getting a list of indices in your cluster due to a Null Pointer Exception, then check the version of elasticsearch on every node and upgrade where necessary.
Comments
Post a Comment