CentOSRHEL Based

How To Install Elasticsearch on CentOS Stream 10

r00t

Install Elasticsearch on CentOS Stream 10

In this tutorial, we will show you how to install Elasticsearch on CentOS Stream 10. Elasticsearch is a powerful, distributed, and RESTful search and analytics engine. It is designed for horizontal scalability, near real-time indexing, and advanced query capabilities. When running Elasticsearch on CentOS Stream 10, users enjoy a stable, enterprise-grade environment that delivers efficiency and robust performance. This guide covers the full process, from preparing the system to securing, optimizing, and maintaining Elasticsearch for long-term use. Whether setting up a standalone environment or laying the groundwork for an ELK Stack, this tutorial offers comprehensive instructions and best practices.

System Requirements

Before installing Elasticsearch on CentOS Stream 10, ensure that the underlying server or virtual machine meets the technical requirements. Specific hardware and software considerations help achieve smooth operation and room for future scaling.

Hardware Recommendations

For most production environments, at least 4 GB of RAM is recommended. However, if the use case involves heavy search traffic or large data sets, consider allocating 8 GB or more. A multi-core CPU also improves query response time and indexing throughput. Disk performance is critical in data-intensive scenarios, so fast SSDs or NVMe drives can accelerate indexing tasks.

Software Prerequisites

CentOS Stream 10 should be fully updated, with essential packages like curl and wget installed. An internet connection is essential to fetch Elasticsearch RPM packages and necessary repository files. Additionally, having sudo privileges is important to carry out system-level commands without hindrance. Keeping the operating system up-to-date ensures you have the latest security patches and performance enhancements.

Network Requirements

By default, Elasticsearch uses TCP port 9200 for HTTP communication and port 9300 for internal node-to-node clustering. If a firewall is in place, open these ports or configure them to permit inbound and outbound traffic where necessary. Proper network configuration allows external clients or other Elasticsearch nodes to communicate seamlessly.

Storage Considerations

Indexing can consume substantial disk space during normal usage, especially if large log files or diverse data sets are ingested. Plan adequate storage ahead of time to prevent performance bottlenecks. For production setups, separate data directories onto specialized disks or partitions to reduce I/O contention. Always leave a margin of free space to maintain Elasticsearch efficiency.

Pre-Installation Steps

Properly preparing CentOS Stream 10 prior to installing Elasticsearch helps ensure a stable, problem-free experience. The following tasks involve updating the operating system, installing necessary dependencies, configuring the firewall, and verifying Java availability.

System Update and Dependencies

To begin, run a full system update. This step guarantees that all base system packages and libraries are current:

sudo dnf update -y

Next, install some common utilities if they are not already present:

sudo dnf install -y curl wget vim nano

Keeping these packages updated and adding essential tools lays a foundation for subsequent operations and troubleshooting.

Firewall Configuration

CentOS Stream 10 often ships with firewalld enabled. Elasticsearch typically listens on ports 9200 and 9300, but you can modify these if necessary. To allow traffic on the default ports:

sudo firewall-cmd --zone=public --permanent --add-port=9200/tcp
sudo firewall-cmd --zone=public --permanent --add-port=9300/tcp
sudo firewall-cmd --reload

Adjust firewall settings based on your specific security rules. Proper firewall management is crucial to safeguard the system and permit legitimate Elasticsearch traffic.

Java Installation

Elasticsearch requires a compatible Java environment. In many cases, Elasticsearch includes a bundled OpenJDK in newer releases. However, if a dedicated Java installation is still required or preferred, follow these steps:

sudo dnf install -y java-11-openjdk

Verify the installation:

java -version

If the output shows the expected version, Java is successfully installed. Otherwise, adjust as necessary or use the bundled Java distribution included with Elasticsearch.

Elasticsearch Installation Process

With the foundations properly laid, you can proceed to install Elasticsearch via official repositories. This method ensures automatic updates and access to trusted packages.

Repository Configuration

Elasticsearch publishes a GPG key and repository files for RPM-based distributions such as CentOS Stream 10. Begin by importing the GPG key:

sudo rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

Next, create a new repository file named elasticsearch.repo under /etc/yum.repos.d:

sudo nano /etc/yum.repos.d/elasticsearch.repo

Add the following content (adjust the baseurl and version number if needed):

[elasticsearch]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=0
autorefresh=1
type=rpm-md

Save and exit. This configuration makes the Elasticsearch package accessible for installation while preventing accidental updates if you prefer finer version control.

Package Installation

With the repository set up, install Elasticsearch using dnf and explicitly enable the repository:

sudo dnf install --enablerepo=elasticsearch elasticsearch -y

The command pulls the necessary dependencies and places Elasticsearch in the appropriate directories.

Directory Structure Overview

After installation, check the Elasticsearch directories:

  • Configuration files: /etc/elasticsearch
  • Data files: /var/lib/elasticsearch
  • Logs: /var/log/elasticsearch
  • Binary files: /usr/share/elasticsearch

These directories are vital for managing and troubleshooting Elasticsearch. Familiarity with the layout simplifies maintenance tasks and clarifies where to look for configuration and logs.

Configuration Steps

Elasticsearch provides a default configuration, suitable for basic testing. For production or more advanced setups, it’s important to adjust settings in the main configuration file, elasticsearch.yml.

Basic Configuration

Open the primary configuration file:

sudo nano /etc/elasticsearch/elasticsearch.yml

Consider the following basic parameters:

  • cluster.name: Assign a unique cluster name, especially if multiple clusters run on the same network.
  • node.name: Give each node a descriptive name. This is helpful for identification in logs and dashboards.
  • network.host: If remote access is needed, set this to 0.0.0.0 or a specific interface. By default, it’s bound to localhost.
  • http.port: Default is 9200. You can modify to suit your environment if needed.
  • discovery.type: Use single-node for initial testing or single-node installations.

Save the file and exit.

Security Setup

Security is vital for production deployments. Elasticsearch can enable basic authentication, role-based access control, and TLS/SSL encryption. Starting with version 8.x, security is enabled by default, though a quick configuration check is wise. Look for parameters such as xpack.security.enabled and xpack.security.transport.ssl.enabled in the elasticsearch.yml file.

When enabled, Elasticsearch generates enrollment tokens and passwords for the built-in users (like elastic). These credentials ensure only authorized users can operate on or query the cluster. Storing these passwords securely is mandatory to maintain cluster integrity.

SSL and TLS Configuration

If you wish to secure traffic between Elasticsearch nodes or between Elasticsearch and external clients or applications, configure Transport Layer Security. Generating certificates can be done using the Elasticsearch elasticsearch-certutil tool or an external certificate authority.

sudo /usr/share/elasticsearch/bin/elasticsearch-certutil ca
sudo /usr/share/elasticsearch/bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

After generating the certificates, place them in appropriate keystores and reference them in elasticsearch.yml. Adjust relevant parameters like xpack.security.transport.ssl.verification_mode to ensure that nodes communicate securely and trust each other’s certificates.

Service Management

Systemd integration simplifies Elasticsearch management. After configuring the service, you can enable it to start automatically and run seamlessly in the background.

Starting and Enabling at Boot

To start Elasticsearch:

sudo systemctl start elasticsearch.service

Check the service status:

sudo systemctl status elasticsearch.service

If the status is active (running), Elasticsearch is operational. Enable it to start automatically on every reboot:

sudo systemctl enable elasticsearch.service

Service Status Verification

A running Elasticsearch instance can also be confirmed using curl to query the local endpoint:

curl -X GET http://localhost:9200

The response should display essential metadata including the cluster name, node name, and version details. This quick check confirms successful operation.

Troubleshooting Basics

If the service fails to start, inspect logs located in /var/log/elasticsearch. Common causes include incorrect memory settings (e.g., -Xms and -Xmx in jvm.options), Java version mismatches, or misconfigured network settings. Adjusting inappropriate parameters or suspected lines typically resolves issues.

Testing and Verification

A few simple tests help confirm that Elasticsearch is fully functional. Testing also ensures that the cluster or single-node instance runs as expected.

Cluster Health

To gather basic health status:

curl -X GET "http://localhost:9200/_cluster/health?pretty"

The output captures the cluster’s color-coded status (green, yellow, or red), number of nodes, and other indicators. A green status is ideal, while a yellow or red status may indicate cluster or shard allocation problems. For single-node setups, yellow is often normal because replicas cannot be allocated on the same node.

Basic API Queries

Add data to a test index by running:

curl -X POST "http://localhost:9200/my-test-index/_doc/1" -H 'Content-Type: application/json' -d'
{
  "message": "Hello CentOS Stream 10"
}'

Check if the document is indexed properly:

curl -X GET "http://localhost:9200/my-test-index/_search?pretty"

If the JSON response shows your test document, indexing and searching work as intended.

Performance Optimization

Elasticsearch includes performance tuning features that help maintain efficiency as data accumulates and queries become more complex. By optimizing resources, you can deliver quicker response times and handle more extensive workloads.

Memory Settings

Elasticsearch relies heavily on the Java Virtual Machine (JVM). Edit /etc/elasticsearch/jvm.options to define heap size parameters such as -Xms2g and -Xmx2g. Ensure that no more than 50% of total system memory is assigned to the heap. Splitting memory effectively leaves space for system operations and avoids paging. If you have 8 GB of RAM, a typical starting point might be 4 GB for the JVM.

JVM Tuning

Proper garbage collection tuning can enhance cluster performance. Elasticsearch typically defaults to the G1 garbage collector when you use Java 11 or above. This collector reduces garbage collection pauses for better real-time indexing. A balanced approach between indexing speed, search responsiveness, and memory overhead is vital.

System Configuration

Increase the file descriptor limit so Elasticsearch can handle numerous open files efficiently. Set in /etc/security/limits.conf or use systemd overrides. For example:

* soft nofile 65536
* hard nofile 65536

Additionally, consider adjusting the kernel parameter vm.max_map_count to a higher value (e.g., 262144). Elasticsearch uses memory-mapped files, so a higher limit prevents file mapping issues during large merges or heavy indexing.

Performance Testing Techniques

Use Rally, an open-source benchmarking tool, to test Elasticsearch under realistic workloads. It helps create customized tracks simulating varied data sets and query loads. Benchmarking clarifies how well the setup scales and highlights areas for further fine-tuning.

Maintenance and Upgrades

Long-term usage benefits from proper monitoring, strategic updates, and consistent housekeeping. Scheduling these tasks helps maintain elastic, stable, and secure Elasticsearch deployments.

Backup and Snapshot Procedures

Elasticsearch snapshot and restore capabilities protect valuable data. Configure a snapshot repository in a location such as Amazon S3 or a shared filesystem. Here’s an example of creating a repository named my_backup_repo:

PUT _snapshot/my_backup_repo
{
  "type": "fs",
  "settings": {
    "location": "/mnt/backups"
  }
}

Next, run:

PUT _snapshot/my_backup_repo/snapshot_1?wait_for_completion=true

This command takes a snapshot of all indices, preserving them for recovery scenarios.

Update Processes

Updates typically include new features, security improvements, and stability patches. Since the repository is already configured, upgrade Elasticsearch by enabling the repository and performing a dnf update:

sudo dnf update --enablerepo=elasticsearch elasticsearch

Always check release notes prior to upgrading, especially if running major or minor version upgrades. Before large version jumps, create a snapshot for rollback if necessary.

Monitoring Setup

Tools like Kibana and Metricbeat simplify Elasticsearch cluster monitoring. Kibana provides graphical dashboards to visualize cluster health, logs, or performance metrics. Metricbeat collects system-level and service-level metrics, offering crucial insights for capacity planning and problem solving.

Congratulations! You have successfully installed Elasticsearch. Thanks for using this tutorial to install Elasticsearch on CentOS Stream 10. For additional help or useful information, we recommend you check the official Elasticsearch website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved.
Back to top button