FedoraRHEL Based

How To Install Elasticsearch on Fedora 43

r00t
11 minutes read

Install Elasticsearch on Fedora 43

Elasticsearch has become the go-to solution for developers and organizations seeking powerful full-text search capabilities and real-time data analytics. This distributed search and analytics engine excels at handling massive volumes of structured and unstructured data, making it invaluable for log analysis, application monitoring, and building sophisticated search features. Whether you’re developing a content management system, implementing enterprise search, or analyzing server logs, Elasticsearch delivers the speed and scalability modern applications demand.

Fedora 43, with its cutting-edge package management and robust security features, provides an excellent foundation for running Elasticsearch. This comprehensive guide walks you through every step of installing and configuring Elasticsearch on Fedora 43, from initial system preparation to security hardening and troubleshooting common issues. By the end of this tutorial, you’ll have a fully functional Elasticsearch instance ready for development or production use.

Table of Contents

Prerequisites and System Requirements

Before diving into the installation process, ensure your Fedora 43 system meets the necessary requirements for running Elasticsearch smoothly.

Minimum System Requirements

Elasticsearch performs best when given adequate resources. Your system should have at least 2 CPU cores, though 4 cores are recommended for production environments. Memory requirements start at 4GB RAM minimum, but 8GB or more significantly improves performance, especially when handling large datasets or multiple indices. Allocate at least 20GB of disk space for the installation and initial operation, though 50GB or more is advisable for production scenarios where you’ll be indexing substantial amounts of data.

Network connectivity is essential for downloading packages and accessing the Elasticsearch repository. Additionally, if you plan to build a multi-node cluster, reliable network connections between nodes become critical.

Required Access and Software

You’ll need root or sudo privileges to install packages and configure system services. Basic familiarity with the command line interface will help you navigate the installation process confidently. An active internet connection ensures smooth package downloads from the Elasticsearch repository.

Checking System Information

Before proceeding, verify your Fedora version by running cat /etc/fedora-release in your terminal. This command should confirm you’re running Fedora 43. Check your system architecture with uname -m to ensure compatibility with the Elasticsearch packages. Most modern systems run on x86_64 architecture.

Monitor available memory using free -h and disk space with df -h. These commands provide a clear snapshot of your system resources, helping you plan your Elasticsearch configuration appropriately.

Step 1: Updating Your Fedora System

System updates form the foundation of a secure and stable Elasticsearch installation. Updated packages ensure compatibility, patch security vulnerabilities, and provide the latest bug fixes.

Start by cleaning the DNF package cache with sudo dnf clean all. This command removes temporary files and ensures you’re working with fresh package metadata. Next, update all installed packages by running sudo dnf update. The DNF (Dandified YUM) package manager, Fedora’s default package management tool, will download and install available updates.

This process might take several minutes depending on how many updates are available. Reboot your system if kernel updates were installed to ensure all changes take effect.

Step 2: Installing Java (OpenJDK)

Why Java is Required

Elasticsearch runs on the Java Virtual Machine because it’s built on Apache Lucene, a powerful Java-based search library. The Java Runtime Environment (JRE) provides the necessary execution environment for Elasticsearch to function.

Installing OpenJDK 17

Elasticsearch 8.x works best with OpenJDK 17, which offers improved performance and security features over older versions. Install OpenJDK 17 along with development tools and the lsof utility by executing sudo dnf install java-17-openjdk java-17-openjdk-devel lsof.

OpenJDK 17 is a Long-Term Support (LTS) release, ensuring stability and extended support. While Elasticsearch may work with other Java versions, OpenJDK 17 provides the optimal balance of compatibility and performance.

Verifying Java Installation

After installation completes, confirm Java is correctly installed by running java -version. The output should display the Java version number, typically showing OpenJDK 17.x.x along with runtime information. This verification step ensures the Java environment is properly configured and available in your system’s PATH.

If needed, check the JAVA_HOME environment variable by running echo $JAVA_HOME. This variable should point to your Java installation directory, though Elasticsearch typically detects Java automatically.

Step 3: Adding Elasticsearch Repository

Importing GPG Key

Security starts with package verification. Import the Elasticsearch GPG key to ensure packages you download are authentic and haven’t been tampered with. Execute sudo rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch to add the official Elasticsearch signing key to your system.

GPG (GNU Privacy Guard) keys provide cryptographic verification, protecting you from malicious packages. When you install Elasticsearch from the repository, DNF automatically verifies the package signature against this imported key.

Creating Repository Configuration File

Create a new repository configuration file by opening your text editor with sudo nano /etc/yum.repos.d/elasticsearch.repo. Add the following repository configuration for Elasticsearch 8.x:

[elasticsearch-8.x]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

Each parameter serves a specific purpose. The name field provides a human-readable description. The baseurl points to the Elasticsearch 8.x package repository. Setting gpgcheck=1 enables package signature verification, while gpgkey specifies the verification key location. The enabled=1 parameter activates this repository, and autorefresh=1 ensures DNF checks for updated package metadata automatically.

Elasticsearch 8.x introduces significant security improvements over version 7.x, including security features enabled by default. The OSS (Open Source Software) version lacks certain features like security and alerting, so the full version is recommended for most use cases.

Step 4: Installing Elasticsearch

Method 1: Repository Installation (Recommended)

Install Elasticsearch directly from the repository you just configured by running sudo dnf install elasticsearch. This method offers significant advantages: automatic dependency resolution, simplified updates, and seamless integration with your package manager.

DNF will display package information and ask for confirmation. Type y and press Enter to proceed. The installation process downloads the Elasticsearch package and configures necessary directories and permissions automatically.

Method 2: Manual RPM Installation

Alternative installations become necessary when you need a specific Elasticsearch version or work in environments without direct repository access. Download the RPM package manually using wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.x.x-x86_64.rpm, replacing the version number with your desired release.

Install the downloaded package with sudo rpm -ivh elasticsearch-8.x.x-x86_64.rpm. While this method provides more control, it requires manual updates and doesn’t automatically handle dependencies.

Important Security Information (Elasticsearch 8.x)

Elasticsearch 8.x automatically generates security credentials during installation. The installation output displays the elastic superuser password and an enrollment token for connecting additional nodes or Kibana. Copy these credentials immediately and store them securely—you’ll need them for authentication.

The installation also creates security certificates in /etc/elasticsearch/certs/, enabling encrypted communications between components.

Step 5: Configuring Elasticsearch

Understanding Configuration Files

Elasticsearch’s main configuration file resides at /etc/elasticsearch/elasticsearch.yml. This YAML (Yet Another Markup Language) file uses a straightforward key-value format with strict indentation requirements. Comments begin with hash symbols (#), and the file contains numerous commented examples to guide your configuration.

Essential Configuration Parameters

Open the configuration file with sudo nano /etc/elasticsearch/elasticsearch.yml. Several parameters require attention for a functional setup.

The cluster.name parameter identifies your Elasticsearch cluster. Choose a descriptive name like “production-cluster” or “development-search”. All nodes intended to join the same cluster must share identical cluster names.

Set node.name to identify individual nodes within your cluster. Use descriptive names like “node-1” or “fedora-search-node” to simplify troubleshooting and monitoring.

The network.host parameter determines which network interfaces Elasticsearch binds to. Setting it to 127.0.0.1 restricts access to the local machine, ideal for development. Use 0.0.0.0 to accept connections from any network interface, necessary for production environments where clients connect remotely. Specific IP addresses provide granular control over accessibility.

Elasticsearch listens on port 9200 by default for HTTP API requests. The http.port parameter allows customization if port conflicts arise or security policies require non-standard ports.

For single-node setups, configure cluster.initial_master_nodes: ["node-1"] with your node name. This setting prevents split-brain scenarios in production clusters while allowing standalone nodes to function properly.

Memory Configuration

JVM heap size dramatically impacts Elasticsearch performance. Edit /etc/elasticsearch/jvm.options to adjust heap settings. The Xms and Xmx parameters should be identical, typically set to 50% of available RAM with a maximum of 32GB.

For a system with 8GB RAM, configure -Xms4g and -Xmx4g. Elasticsearch performs better when the heap size remains constant rather than dynamically adjusting.

Enable memory locking by adding bootstrap.memory_lock: true to elasticsearch.yml. This setting prevents the operating system from swapping Elasticsearch memory to disk, which would severely degrade performance.

Creating Basic Single-Node Configuration

For development environments, a minimal configuration includes setting cluster.name, node.name, network.host to 127.0.0.1, and cluster.initial_master_nodes. Production single-node setups require additional parameters for security, monitoring, and performance optimization.

Step 6: Starting and Enabling Elasticsearch Service

Using systemd to Manage Elasticsearch

Fedora uses systemd for service management, providing reliable process supervision and automatic restarts. Start Elasticsearch with sudo systemctl start elasticsearch. This command initializes the Elasticsearch process in the background.

Enable automatic startup on system boot by running sudo systemctl enable elasticsearch. This configuration ensures Elasticsearch starts automatically after server reboots, critical for production deployments.

Checking Service Status

Verify Elasticsearch is running correctly with sudo systemctl status elasticsearch. The output displays the service state—”active (running)” indicates success. You’ll also see recent log entries, process ID, memory usage, and uptime.

Green text showing “active (running)” confirms Elasticsearch started successfully. Yellow or red indicators suggest problems requiring investigation.

Viewing Logs for Troubleshooting

Elasticsearch logs to /var/log/elasticsearch/ directory. The main log file provides detailed information about cluster operations, errors, and warnings. Access real-time logs using sudo journalctl -u elasticsearch -f, which displays new log entries as they occur.

Log messages include timestamps, severity levels, and detailed descriptions of events. Error messages here often pinpoint configuration problems or resource constraints.

Step 7: Verifying Elasticsearch Installation

Testing Local Connection (Elasticsearch 8.x with Security)

With security enabled by default, accessing Elasticsearch requires authentication. Test your installation using sudo curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200. When prompted, enter the elastic user password generated during installation.

Successful connections return JSON output containing cluster information. You’ll see the cluster name, node name, version number, and Elasticsearch’s distinctive tagline: “You Know, for Search”.

Testing Without Security (Development Only)

Development environments might disable security temporarily for easier testing. If security is disabled, a simple curl http://localhost:9200 suffices for verification.

Understanding the Response

The JSON response contains valuable information. The name field shows your node name, while cluster_name confirms your cluster configuration. The version object displays Elasticsearch version details including build date and Lucene version. The tagline serves as Elasticsearch’s signature greeting.

Configuring Firewall Rules

Understanding Firewall Requirements

Elasticsearch uses port 9200 for HTTP API requests and port 9300 for internal node-to-node communication. External access requires firewall configuration.

Opening Ports with firewalld

Check if firewalld is active with sudo systemctl status firewalld. Add a permanent rule for HTTP access using sudo firewall-cmd --permanent --add-port=9200/tcp. For multi-node clusters, also open port 9300 with sudo firewall-cmd --permanent --add-port=9300/tcp.

Reload the firewall to activate changes: sudo firewall-cmd --reload. Verify your configuration by running sudo firewall-cmd --list-all, which displays all active rules.

Security Considerations

Opening ports to the internet exposes your Elasticsearch instance to potential attacks. Restrict access to trusted IP addresses or networks using rich rules. Production deployments should implement additional security layers including reverse proxies, VPNs, or cloud security groups.

Security Best Practices

Elasticsearch 8.x Built-in Security

Security features activate automatically in Elasticsearch 8.x, a significant improvement over previous versions. TLS/SSL encryption protects both HTTP API communications and internal transport layer traffic. This encryption prevents eavesdropping and man-in-the-middle attacks.

Password Management

Change the default elastic superuser password immediately. Use the elasticsearch-reset-password tool to generate new credentials. Create additional users with specific roles following the principle of least privilege—grant only the permissions each user requires.

The elasticsearch-users command-line tool manages native realm users. Create users for applications, monitoring systems, and administrators separately.

Configuring Authentication

X-Pack security, included in Elasticsearch 8.x, provides enterprise-grade authentication and authorization. The xpack.security.enabled: true setting activates these features, though they’re enabled by default in version 8.x.

SSL/TLS certificates generated during installation secure communications. Custom certificates can replace default ones for organizations with existing PKI infrastructure.

SELinux Configuration

Fedora’s SELinux (Security-Enhanced Linux) enforces mandatory access controls. Elasticsearch requires proper SELinux contexts to function correctly. If you encounter permission errors, check SELinux audit logs in /var/log/audit/audit.log.

Setting appropriate file contexts and boolean values resolves most SELinux issues. The setsebool and chcon commands modify SELinux configuration as needed.

Additional Security Measures

Bind network.host to specific network interfaces rather than 0.0.0.0 when possible. Implement role-based access control (RBAC) to manage user permissions granularly. Regular security updates protect against newly discovered vulnerabilities. Disable unused features to minimize attack surface.

Common Issues and Troubleshooting

Service Fails to Start

Service startup failures typically stem from configuration errors or resource constraints. Examine logs carefully for error messages. Memory lock failures occur when the system can’t allocate requested memory—verify ulimit settings and available RAM.

Port conflicts arise if another process already uses port 9200. Identify the conflicting process with sudo lsof -i :9200 and either stop it or configure Elasticsearch to use a different port.

Permission errors indicate incorrect file ownership. Elasticsearch files should belong to the elasticsearch user and group. Fix permissions with sudo chown -R elasticsearch:elasticsearch /etc/elasticsearch and similar commands for data and log directories.

Bootstrap Check Failures

Bootstrap checks enforce production-readiness requirements. Discovery configuration errors prevent cluster formation. Ensure cluster.initial_master_nodes is set correctly for single-node deployments or contains all master-eligible nodes in multi-node clusters.

File descriptor limits prevent Elasticsearch from opening necessary files. Increase limits in /etc/security/limits.conf by adding lines for the elasticsearch user.

Connection Problems

Connection failures to localhost:9200 might indicate the service isn’t running or is listening on a different interface. Verify the service status and network.host configuration.

Certificate verification failures in Elasticsearch 8.x occur when the CA certificate path is incorrect. Ensure you’re using the correct certificate file path in your curl commands.

Firewall rules blocking connections require the configuration described earlier. Test with verbose curl output using the -v flag to see detailed connection information.

Memory and Performance Issues

Incorrect heap size configuration causes performance problems or out-of-memory errors. Monitor heap usage through Elasticsearch APIs and adjust accordingly. Elasticsearch warns at 85% disk usage and sets indices to read-only at 90% to prevent data loss.

JVM memory pressure indicates heap size is too small for your workload. Swap usage severely degrades performance—disable swap or configure memory locking properly.

Authentication Errors

Lost elastic passwords can be reset using the elasticsearch-reset-password tool. Certificate path issues prevent secure connections—verify certificate locations match your configuration. SSL/TLS handshake failures suggest certificate or encryption configuration problems.

Testing Your Elasticsearch Installation

Creating a Test Index

Verify full functionality by creating a test index. Use curl to send a PUT request: curl -X PUT "https://localhost:9200/test-index" -u elastic with appropriate certificate parameters for Elasticsearch 8.x. The response confirms index creation with acknowledged: true.

Adding Sample Documents

Index test documents to verify write operations work correctly. Send a POST request with JSON data representing a document. Elasticsearch automatically assigns IDs when using POST, or you can specify IDs with PUT requests.

Performing Search Queries

Execute basic search queries to confirm search functionality. A match-all query retrieves all documents from an index, validating both indexing and search capabilities work properly.

Deleting Test Data

Clean up test data by deleting the test index with a DELETE request. Maintaining a clean Elasticsearch environment prevents confusion during actual development work.

Optional: Installing Kibana

Kibana provides a powerful web interface for visualizing Elasticsearch data and managing your cluster. Install it with sudo dnf install kibana. Elasticsearch 8.x requires an enrollment token to connect Kibana securely—generate one using sudo /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana.

Configure Kibana to connect to your Elasticsearch instance, start the Kibana service, and access the web interface at http://localhost:5601. Kibana’s intuitive interface simplifies index management, query building, and data visualization.

Congratulations! You have successfully installed Elasticsearch. Thanks for using this tutorial for installing Elasticsearch on Fedora 43 Linux system. For additional help or useful information, we recommend you check the official Elasticsearch website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
11 minutes read
Photo of r00t

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Copyright © 2025 idroot.us | All Rights Reserved | Follow us for more Linux tutorials!
Back to top button