Elasticsearch is a powerful and flexible open-source, distributed search and analytics engine built on top of Apache Lucene. It provides a scalable and near-real-time search platform with RESTful API support. In this tutorial, we will guide you through the process of how to install and configure Elasticsearch on Rocky Linux system.
Prerequisites
Before we begin, make sure you have the following:
- A Rocky Linux server with a non-root user having sudo privileges.
- Java Development Kit (JDK) installed on your server. Elasticsearch requires Java to run.
How to Install and Configure Elasticsearch on Rocky Linux
Install Java Development Kit (JDK)
If you don’t have JDK installed on your Rocky Linux system, you can install it using the following command:
sudo dnf install java-11-openjdk-develVerify the installation by checking the Java version:
java -versionYou should see the installed Java version in the output.
Installing Elasticsearch on Rocky Linux
Now, let’s proceed with the installation of Elasticsearch. First, import the GPG key for the Elasticsearch repository:
sudo rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearchNext, create a new repository file for Elasticsearch:
sudo nano /etc/yum.repos.d/elasticsearch.repoAdd the following content to the file:
[elasticsearch]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-mdSave and exit the file. Now, install Elasticsearch using the following command:
sudo dnf install elasticsearchConfigure Elasticsearch on Rocky Linux
Before starting Elasticsearch, we need to configure it properly. Open the Elasticsearch configuration file:
sudo nano /etc/elasticsearch/elasticsearch.ymlFind the following lines and modify them according to your requirements:
cluster.name: my-cluster
node.name: my-node
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearchTo enable access to Elasticsearch from a remote host, update the network.host and http.port settings:
network.host: 0.0.0.0
http.port: 9200Save and exit the file.
Start and Enable Elasticsearch Service on Linux
Now, start and enable the Elasticsearch service:
sudo systemctl start elasticsearch
sudo systemctl enable elasticsearchYou can check the status of Elasticsearch using the following command:
sudo systemctl status elasticsearch
Test Elasticsearch Installation on Linux
To test if Elasticsearch is running correctly, execute the following curl command:
curl -X GET "localhost:9200/"If everything is working fine, you will receive a JSON response with details about the Elasticsearch installation.
{
"name" : "elasticsearch-node",
"cluster_name" : "elasticsearch-cluster",
"cluster_uuid" : "abcd1234efgh5678",
"version" : {
"number" : "7.x.x",
"build_flavor" : "default",
"build_type" : "tar",
"build_hash" : "xxxxxxxxxxxxxxxxxxxx",
"build_date" : "2023-xx-xxTxx:xx:xx.xxxxxxZ",
"build_snapshot" : false,
"lucene_version" : "8.x.x",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
If you see a similar output, Elasticsearch is installed and running correctly.
Secure Elasticsearch with Security Features Rocky Linux
Elasticsearch provides several security features to protect your data and prevent unauthorized access. To enable these features, open the Elasticsearch configuration file:
sudo nano /etc/elasticsearch/elasticsearch.ymlAdd the following lines to enable security features:
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: trueSave the file and restart Elasticsearch to apply the changes:
sudo systemctl restart elasticsearchConfigure the Firewall
To ensure the security of your Elasticsearch instance, it is crucial to configure the firewall. On Rocky Linux, firewalld is the default firewall management tool. You can use the following commands to allow Elasticsearch traffic through the firewall:
sudo firewall-cmd --add-port=9200/tcp --permanent
sudo firewall-cmd --reloadThese commands open port 9200 for TCP traffic and apply the changes permanently.
Conclusion
In this article, you have learned how to install and configure Elasticsearch on Rocky Linux. You have also learned how to set up the Elasticsearch repository, install the required Java environment, and configure Elasticsearch to enable essential security features.
For further reading and to explore other topics related to Linux system administration, you can check out these articles:
- How to Install and Configure Logrotate on Rocky Linux
- How to Install and Configure Rsyslog on Rocky Linux
- How to Install and Configure Fail2ban on Rocky Linux
- How to Install and Configure Prometheus on Rocky Linux
- How to Install and Configure Zabbix on Rocky Linux
These articles will provide you with more information on various tools and configurations to enhance the performance and security of your Linux server.
