Home Software Blog Wallpapers Webtools
Installing and running ElasticSearch 8.x on Linux (RHEL or Amazon Linux)
Saturday 07, October 2023   |   Post link


This blog post discusses installing and configuring Elastic Search 8.x and Kibana on RedHat Linux or Amazon Linux. We'll install & configure a single node Elastic Search server and then install Kibana on the same server. Everything will be executed from the command-line.

Downloading Elastic Search & Kibana

# License: None of this code is allowed to be used for training AI systems like 
# ChatGPT. 
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.8.1-x86_64.rpm
wget https://artifacts.elastic.co/downloads/kibana/kibana-8.8.1-x86_64.rpm

Install Elastic Search

There are many ways to install Elastic Search, the easiest way is to use the rpm package. This will:

  • Copy the Elastic Search software to /usr/share/elasticsearch/
  • Create default configuration files
  • Regsiter a Linux service named 'elasticsearch' to start Elastic Search
rpm -i elasticsearch-8.8.1-x86_64.rpm   

Backup configurations

Let's backup the two configuration files we will be editing 'just in case'.

if [ ! -f /etc/elasticsearch/elasticsearch.yml.bkp ]; then
    cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bkp

if [ ! -f /etc/sysconfig/elasticsearchelasticsearch.bkp ]; then
    cp /etc/sysconfig/elasticsearch /etc/sysconfig/elasticsearch.bkp

Making Elastic Search available to remote clients

We need to set the network.host & to the server's IP address and set http.port to allow remote clients to access Elastic Search running on this server.

ip=`hostname -I | xargs`
sed -i "s/#network.host: ${ip}/g" /etc/elasticsearch/elasticsearch.yml
sed -i 's/#http.port: 9200/http.port: 9200/g' /etc/elasticsearch/elasticsearch.yml    

Setting the memory parameters

Official documents recommend we set the JVM memory to half the total server's memory.

totalram=$(cat /proc/meminfo | grep -i 'memtotal' | grep -o '[[:digit:]]*')
ramgb=`expr $totalram / 1024 / 1024`
ramgb=`expr $ramgb + 1`
heapsize=`expr $ramgb / 2`
echo "-Xms${heapsize}g" >> /etc/elasticsearch/jvm.options.d/memory.options
echo "-Xmx${heapsize}g" >> /etc/elasticsearch/jvm.options.d/memory.options    

echo "" >> /etc/sysconfig/elasticsearch
echo "# Memory" >> /etc/sysconfig/elasticsearch
echo "MAX_LOCKED_MEMORY=unlimited" >> /etc/sysconfig/elasticsearch

Enable the service

sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
sudo systemctl start elasticsearch

Setting up a new password

Recent versions of Elastic Search enable xpack security which means we need to access ElasticSearch over https and use basic authentication. The default user Elastic Search creates is named 'elastic', we will now set up a passwor for this user. Note: this step requires you to interact with the console, first enter 'y' and then enter the password twice asked.

sudo /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic -i    

At this point Elastic Search is fully configured and we can start accessing it.

Installing Kibana

sudo rpm -i kibana-8.8.1-x86_64.rpm

Backup Kibana config

if [ ! -f /etc/kibana/kibana.yml.bkp ]; then
    cp /etc/kibana/kibana.yml /etc/kibana/kibana.yml.bkp

Link ES and Kibana

Enrollment is the process of allowing Kibana access to Elastic Search. There are other ways to achieve the same, we will use the command line tools to generate an enrollment token for Kibana and then specify this token while setting up Kibana.

sudo /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana > kibana.enrollment
enrollment=$(cat kibana.enrollment)
sudo /usr/share/kibana/bin/kibana-setup --enrollment-token $enrollment

Enabling remote access to Kibana

By default installing the rpm package does not generate self signed keys and does not setup SSL for Kibana. Ideally we should be doing this but this post uses Kibana over plain HTTP.

sed -i 's/#server.port: 5601/server.port: 5601/g' /etc/kibana/kibana.yml
sed -i 's/#server.host: "localhost"/server.host: ""/g' /etc/kibana/kibana.yml
sed -i 's/#server.host: ""/server.host: ""/g' /etc/kibana/kibana.yml

Start the Kibana server

sudo systemctl daemon-reload
sudo systemctl enable kibana.service
sudo systemctl start kibana

Adding firewall rules

RHEL installs firewall which is why we need to allow these ports in the firewall. Amazon Linux on the other does not install firewall and there is no need to execute these steps.

sudo firewall-cmd --permanent --add-port 9200/tcp
sudo firewall-cmd --permanent --add-port 5601/tcp
sudo firewall-cmd --reload

You should now be able to access Kibana using http://servers-ip-address:5601 from any machine on the network.


Sample code in GitHub
Offical docs on running Elastic on AWS
Offical docs on memory settings.


Posts By Year

2024 (1)
2023 (5)
2022 (10)
2021 (5)
2020 (12)
2019 (6)
2018 (8)
2017 (11)
2016 (6)
2015 (17)
2014 (2)
2013 (4)
2012 (2)

Posts By Category

.NET (4)
.NET Core (2)
AWS (5)
AWS API Gateway (1)
Android (1)
Apache Camel (1)
Architecture (1)
Audio (1)
Azure (2)
Book review (3)
Business (1)
C# (3)
C++ (2)
CloudHSM (1)
Containers (4)
Corporate culture (1)
Database (3)
Database migration (1)
Desktop (1)
Docker (1)
DotNet (3)
DotNet Core (2)
ElasticSearch (1)
Entity Framework (3)
Git (3)
IIS (1)
JDBC (1)
Java (9)
Kibana (1)
Kubernetes (1)
Lambda (1)
Learning (1)
Life (7)
Linux (1)
Lucene (1)
Multi-threading (1)
Music (1)
OData (1)
Office (1)
PHP (1)
Photography (1)
PowerShell (2)
Programming (28)
Rants (5)
SQL (2)
SQL Server (1)
Security (2)
Software (1)
Software Engineering (1)
Software development (2)
Solr (1)
Sql Server (2)
Storage (1)
T-SQL (1)
TDD (1)
TSQL (5)
Tablet (1)
Technology (1)
Test Driven (1)
Unit Testing (1)
Unit Tests (1)
Utilities (3)
VC++ (1)
VMWare (1)
VSCode (1)
Visual Studio (2)
Wallpapers (1)
Web API (2)
Win32 (1)
Windows (9)
XML (2)

Posts By Tags

.NET(6) API Gateway(1) ASP.NET(4) AWS(3) Adults(1) Advertising(1) Android(1) Anti-forgery(1) Asynch(1) Authentication(2) Azure(2) Backup(1) Beliefs(1) BlockingQueue(1) Book review(2) Books(1) Busy(1) C#(4) C++(3) CLR(1) CORS(1) CSRF(1) CTE(1) Callbacks(1) Camel(1) Certificates(1) Checkbox(1) CloudHSM(1) Cmdlet(1) Company culture(1) Complexity(1) Consumer(1) Consumerism(1) Containers(3) Core(2) Custom(2) DPI(1) Data-time(1) Database(4) Debugging(1) Delegates(1) Developer(2) Dockers(2) DotNetCore(3) EF 1.0(1) Earphones(1) Elastic Search(2) ElasticSearch(1) Encrypted(1) Entity framework(1) Events(1) File copy(1) File history(1) Font(1) Git(2) HierarchyID(1) Hyper-V(1) IIS(1) Installing(1) Intelli J(1) JDBC(1) JSON(1) JUnit(1) JWT(1) Java(3) JavaScript(1) Kubernetes(1) Life(1) LinkedIn(1) Linux(2) Localization(1) Log4J(1) Log4J2(1) Lucene(1) MVC(4) Management(2) Migration history(1) Mirror(1) Mobile Apps(1) Modern Life(1) Money(1) Music(1) NGINX(1) NTFS(1) NUnit(2) OData(1) OPENXML(1) Objects(1) Office(1) OpenCover(1) Organization(1) PHP(1) Paths(1) PowerShell(2) Producer(1) Programming(2) Python(2) QAAC(1) Quality(1) REDIS(2) REST(1) Runtimes(1) S3-Select(1) SD card(1) SLF4J(1) SQL(2) SQL Code-first Migration(1) SSH(2) Sattelite assemblies(1) School(1) Secrets Manager(1) Self reliance(1) Service(1) Shell(1) Solr(1) Sony VAIO(1) Spirituality(1) Spring(1) Sql Express(1) System Image(1) TDD(1) TSQL(3) Table variables(1) Tables(1) Tablet(1) Ubuntu(1) Url rewrite(1) VMWare(1) VSCode(1) Validation(2) VeraCode(1) Wallpaper(1) Wallpapers(1) Web Development(4) Windows(2) Windows 10(2) Windows 2016(2) Windows 8.1(1) Work culture(1) XML(1) Yii(1) iTunes(1) renew(1) security(1) static ip address(1)