Elasticsearch is a free and open-source search engine built on the Apache Lucene library. It can be installed on various platforms using Docker, deb, rpm, msi, tar.gz, and .zip archives. This guide covers the installation using the RPM package manager. According to the official Elasticsearch documentation, a production environment should have at least 8 GB of RAM, with 16-64 GB being ideal. For the CPU, 2-8 cores are sufficient.
Requirements
- Linux VPS with at least 8 GB of RAM (16 GB or more recommended)
- Java 8 installed
Preparing for Installation
If Java is not already installed, you can install it with the following command:
sudo yum install java-1.8.0-openjdk-devel
Before installing Elasticsearch, add the public signing key:
rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
Installation
This example uses CentOS 7 and the RPM package manager. First, create a repository file:
nano /etc/yum.repos.d/elasticsearch.repo
Add the following contents to the file:
[elasticsearch-7.x]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
Install Elasticsearch:
sudo yum install elasticsearch
Configuration
Elasticsearch configuration is located in /etc/elasticsearch/elasticsearch.yml. Set the host to localhost and port to 9200 for security:
nano /etc/elasticsearch/elasticsearch.yml
Uncomment and set the following lines:
network.host: localhost
http.port: 9200
Save the changes.
Starting and Stopping Elasticsearch
To enable Elasticsearch to start automatically:
sudo /bin/systemctl daemon-reload
sudo /bin/systemctl enable elasticsearch.service
To manually start and stop the service:
sudo systemctl start elasticsearch.service
sudo systemctl stop elasticsearch.service
Kibana
Kibana is a visualization tool for Elasticsearch. Install it similarly to Elasticsearch. First, create a repository file:
nano /etc/yum.repos.d/kibana.repo
Add the following contents:
[kibana-7.x]
name=Kibana repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
Install Kibana:
sudo yum install kibana
Enable Kibana to start automatically:
sudo /bin/systemctl daemon-reload
sudo /bin/systemctl enable kibana.service
Configuration of Kibana
Edit the Kibana configuration file at /etc/kibana/kibana.yml:
nano /etc/kibana/kibana.yml
Uncomment and set the following lines:
server.port: 5601
server.host: "localhost"
elasticsearch.hosts: ["http://localhost:9200"]
Save the changes. Start and stop the Kibana service with:
sudo systemctl start kibana.service
sudo systemctl stop kibana.service
Nginx Configuration
To access Kibana through a domain, set up Nginx. Install Nginx:
sudo yum install epel-release
sudo yum install nginx httpd-tools
Create a virtual host configuration file:
nano /etc/nginx/conf.d/your-domain.com.conf
Add the following content:
server {
listen 80;
server_name your-domain.com;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/htpasswd.kibana;
location / {
proxy_pass http://localhost:5601;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Enable and start Nginx:
sudo systemctl enable nginx
sudo systemctl start nginx
sudo systemctl restart nginx
Create an admin user:
echo "kibanat4vps:`openssl passwd -apr1`" | sudo tee -a /etc/nginx/htpasswd.kibana
Enter and verify your chosen password.
Logstash Installation
For data processing before uploading to Elasticsearch, use Logstash. Install it with:
wget https://artifacts.elastic.co/downloads/logstash/logstash-6.2.4.rpm
rpm -ivh logstash-6.2.4.rpm
Enable and start Logstash:
systemctl enable logstash
systemctl restart logstash
Connecting to Kibana
If configured correctly, access Kibana through your domain. Enter the username and password created during Nginx configuration.
Kibana Dashboard
On the Kibana dashboard, you will find:
- Search Field: At the top, with filtering options.
- Time Selector: Right of the search field, for setting time ranges.
- Visualization Field: Below the search field, displaying data based on search and time settings.
- Application Column: On the left, providing access to various Kibana tools.
Applications include:
- Discover: Explore data documents.
- Visualize: Create visual data representations.
- Dashboard: Collection of visualizations.
- Canvas: Visual enhancements with colors, shapes, and text.
- Maps: Geographical data analysis.
- Machine Learning: Automates data analysis.
- Infrastructure: Monitors your infrastructure.
- Logs: Server, container, and service logs.
- APM: Application performance monitoring.
- Uptime: Network monitoring.
- Dev Tools: Interaction tools like console and debugger.
- Stack Monitoring: Monitors the entire Elastic Stack.
- Management: General settings and configurations.
For detailed usage of Kibana, refer to the official Kibana documentation.
