Taken from https://reintech.io/blog/installing-configuring-elasticsearch-almalinux-9
# vim /etc/yum.repos.d/elasticsearch.repo [elasticsearch-8.x] name=Elasticsearch repository for 8.x packages baseurl=https://artifacts.elastic.co/packages/8.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=1 autorefresh=1 type=rpm-md # dnf -y install elasticsearch
Note down generated super-user password: The generated password for the elastic built-in superuser is : ...
Additional optional actions:
Reset the password of the elastic built-in superuser with '/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'. Generate an enrollment token for Kibana instances with '/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'. Generate an enrollment token for Elasticsearch nodes with '/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.
Specify memory optoins for JVM:
# vim /etc/elasticsearch/jvm.options.d/.options #<author> <date> #JVM heap size #See https://www.elastic.co/guide/en/elasticsearch/reference/8.15/heap-size.html # Xms represents the initial size of total heap space # Xmx represents the maximum size of total heap space -Xms4g -Xmx4g
Adjust configuration:
# cp /etc/elasticsearch/elasticsearch.yml /etc/elasticsearch/elasticsearch.yml.bak # vim /etc/elasticsearch/elasticsearch.yml xpack.security.enabled: false http.host: <internal_ip_address_or_leave_0.0.0.0_and_setup_firewall_properly> cluster.name: elastic-<myapp>-cluster node.name: <hostname>
Note: value of "node.name" needs to match value of "cluster.initial_master_nodes" !
First start might take 30-40 seconds, unit should be running successfully:
# systemctl start elasticsearch && systemctl status elasticsearch
Check if listetning on ports 9200 and 9300:
# netstat -lpn | grep java
Add HTTP API port 9200 to firewall for internal IP addresses:
# firewall-cmd --zone=internal --permanent --add-port=9200/tcp # firewall-cmd --reload
Make sure API accessible from internal network:
[internal-host ~] # curl http://<internal_ip>:9200
{
"name" : "node-host1",
"cluster_name" : "elastic-myapp-cluster",
...
}
And not accessible from public IP:
[external-host ~]$ curl http://<external_ip>:9200 curl: (7) Failed to connect to <external_ip> port 9200 after 173 ms: Could not connect to server
Make sure cluster is healthy (green):
# curl -XGET 'http://localhost:9200/_cluster/health?pretty'
{
"cluster_name" : "elastic-myapp-cluster",
"status" : "green",
...
Enable from start:
# systemctl enable elasticsearch