Created
March 12, 2019 12:37
-
-
Save seven62/2290d52eee4aa13ec18c0744153db287 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # E & K on RHEL | |
| These are high level instructions to get a simple stack up and running. Logstash not included. | |
| ## Installation | |
| ### Elasticsearch | |
| Openjdk is installed with Centos7. Verify this with `java -version`. If not there, run: | |
| * `yum install -y java-1.8.0-openjdk-headless` | |
| <!-- * download latest jdk rpm: | |
| `curl -O --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/9.0.1+11/jdk-9.0.1_linux-x64_bin.rpm"` | |
| * install rpm package: | |
| `sudo yum -y localinstall jdk<tab>` --> | |
| #### Local Repo Method | |
| * create local elasticsearch repo file: | |
| `sudo vim /etc/yum.repos.d/elasticsearch.repo` | |
| * add the following: | |
| ```.ini | |
| [elasticsearch-6.x] | |
| name=Elasticsearch repository for 6.x packages | |
| baseurl=https://artifacts.elastic.co/packages/6.x/yum | |
| gpgcheck=1 | |
| gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch | |
| enabled=1 | |
| autorefresh=1 | |
| type=rpm-md | |
| ``` | |
| #### .RPM Method | |
| * download and install the public signing key: | |
| `sudo rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch | |
| ` | |
| * download ES rpm file: | |
| `curl -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.1.1.rpm` | |
| * download file hash: | |
| `curl -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.1.1.rpm.sha512` | |
| * check hash of ES rpm download | |
| `shasum -a 512 -c elasticsearch-6.1.1.rpm.sha512 ` | |
| * localinstall | |
| `sudo yum -y localinstall elasticsearch-6.1.1.rpm` | |
| * install elasticsearch: | |
| `sudo yum -y install elasticsearch` | |
| * enable ES on startup | |
| `sudo systemctl daemon-reload` | |
| `sudo systemctl enable elasticsearch.service` | |
| * start ES | |
| `sudo systemctl start elasticsearch.service` | |
| * test ES | |
| `curl localhost:9200` | |
| ## Kibana | |
| #### Local Repo Method | |
| * create local kibana repo file: | |
| `sudo vim /etc/yum.repos.d/kibana.repo` | |
| * add the following: | |
| ```.ini | |
| [kibana-6.x] | |
| name=Kibana repository for 6.x packages | |
| baseurl=https://artifacts.elastic.co/packages/6.x/yum | |
| gpgcheck=1 | |
| gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch | |
| enabled=1 | |
| autorefresh=1 | |
| type=rpm-md | |
| ``` | |
| * install kibana | |
| `sudo yum -y install kibana` | |
| #### .RPM Method | |
| * download Kibana rpm file: | |
| `curl -O https://artifacts.elastic.co/downloads/kibana/kibana-6.1.1-x86_64.rpm` | |
| * compare hash with [published SHA](https://artifacts.elastic.co/downloads/kibana/kibana-6.1.1-x86_64.rpm.sha1): `sha1sum kibana-6.1.1-x86_64.rpm` | |
| * install rpm: `sudo yum -y localinstall kibana-6.1.1-x86_64.rpm` | |
| * enable Kibana on startup | |
| `sudo systemctl daemon-reload` | |
| `sudo systemctl enable kibana.service` | |
| * start Kibana | |
| `sudo systemctl start kibana.service` | |
| * test by pointing browser at: `http://localhost:5601` | |
| ## Configure | |
| ### Elasticsearch | |
| #### Customize Storage Paths | |
| Create needed directories for ES on the /data mount point: | |
| * `sudo mkdir -p /data/elasticsearch/{data, snapshots}` | |
| Give user:elasticsearch full permissions to new data store: | |
| * `sudo chown -R elasticsearch.elasticsearch /data/elasticsearch/` | |
| Elasticsearch main config is found at `/etc/elasticsearch/`: | |
| * `sudo vim /etc/elasticsearch/elasticsearch.yml` | |
| Modify path.data to show: | |
| * `path.data: /data/elasticsearch/data` | |
| Enable path.repo to elasticsearch.yml: | |
| ```.yml | |
| #add local snapshop path | |
| path.repo: /data/elasticsearch/snapshots | |
| ``` | |
| * restart elasticsearch.service | |
| ### JVM | |
| Increase ES memory to 16G. | |
| * /etc/elasticsearch/jvm.options | |
| * change -Xms / -Xmx values | |
| ### Kibana | |
| * enable remote connections: | |
| `sudo vim /etc/kibana/kibana.yml` | |
| * change to allow remote conn: | |
| `server.host: "0.0.0.0."` | |
| * restart service and testing | |
| ### Firewall | |
| Are remote hosts not able to connect? Check the firewall: | |
| `sudo systemctl stop firewalld.service` - test again | |
| start fw again: | |
| `sudo systemctl start firewalld.service` | |
| show firewall config: | |
| `sudo firewall-cmd --list-all` | |
| open a port: | |
| `sudo firewall-cmd --add-port=5601/tcp --permanent` | |
| restart firewall to activate changes: | |
| `sudo systemctl restart firewalld.service` |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment