How to install Elasticsearch and Kibana version 8.1 on RHEL For Beginner
On this article we are going to perform Elasticsearch and Kibana installation stack on the RHEL, let’s start the process.
Step 1. Download the installer
Before we proceed, we need to download and ensure the installer is the latest version 8.1 as similar as this article.
https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.1.0-x86_64.rpm
https://artifacts.elastic.co/downloads/kibana/kibana-8.1.0-x86_64.rpm
Step 2. Pre-Configuration
On this article the installation process will be executed in the on-promise development environment, it is not required to use strict firewall. So, we need to stop the firewall services.
$sudo systemctl stop firewalld.service
$sudo systemctl status firewalld.service
Take a note:
- To perform the ELK installation your account must have permission to execute the installation or SUDO privileges.
- For Production environment you need to ensure the firewall and port open to avoid issues during installation process.
Elasticsearch and Kibana Overview
Elasticsearch is a real-time, distributed storage, search, and analytics engine. Kibana is an open source analytics and visualization platform designed to work with Elasticsearch.
Step 3. Elasticsearch setup
Run this command to perform Elasticsearch setup and wait until it complete and you will see the finish message below.
$ sudo rpm -ivh elasticsearch-8.1.0-x86_64.rpm
[devops@munwarrior~]$ sudo rpm -ivh elasticsearch-8.1.0-x86_64.rpm
[sudo] password for devops:
warning: elasticsearch-8.1.0-x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID d88e42b4: NOKEY
Creating elasticsearch group… OK
Creating elasticsearch user… OK
— — — — — — — — — — — — — — Security autoconfiguration information — — — — — — — — — — — — — — —
Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.
The generated password for the elastic built-in superuser is : Gw*LbsCh+cVXikp+XER8
If this node should join an existing cluster, you can reconfigure this with
‘/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node — enrollment-token <token-here>’
after creating an enrollment token on your existing cluster.
You can complete the following actions at any time:
Reset the password of the elastic built-in superuser with
‘/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic’.
Generate an enrollment token for Kibana instances with
‘/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana’.
Generate an enrollment token for Elasticsearch nodes with
‘/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node’.
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
sudo systemctl start elasticsearch.service
[/usr/lib/tmpfiles.d/elasticsearch.conf:1] Line references path below legacy directory /var/run/, updating /var/run/elasticsearch → /run/elasticsearch; please update the tmpfiles.d/ drop-in file accordingly.
Then you need to run the command below
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
sudo systemctl start elasticsearch.service
sudo systemctl status elasticsearch.service
Once the Elasticsearch installation finish, to validate the elasticsearch service is up and run this command
$sudo curl — cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
[devops@munwarrior]$ sudo curl — cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
Enter host password for user ‘elastic’:
{
“name” : “node-1”,
“cluster_name” : “elasticsearch”,
“cluster_uuid” : “-ao6PfivQey_gJ20DDgdUg”,
“version” : {
“number” : “8.1.0”,
“build_flavor” : “default”,
“build_type” : “rpm”,
“build_hash” : “3700f7679f7d95e36da0b43762189bab189bc53a”,
“build_date” : “2022–03–03T14:20:00.690422633Z”,
“build_snapshot” : false,
“lucene_version” : “9.0.0”,
“minimum_wire_compatibility_version” : “7.17.0”,
“minimum_index_compatibility_version” : “7.0.0”
},
“tagline” : “You Know, for Search”
}
Step 4. Kibana setup
Run this command to perform Kibana setup and wait until it complete and you will see the finish message.
$ sudo rpm -ivh kibana-8.1.0-x86_64.rpm
Before we run the Kibana services, we need to amend 2 important information on the kibana.yml.
$sudo vi /etc/kibana/kibana.yml
Search the parameter and uncomment it from the kibana.yml, then save.
server.port: 5601
server.host: “192.168.100.100” {IP address}
Once finish, then run the command below
sudo systemctl daemon-reload
sudo systemctl enable kibana.service
sudo systemctl start kibana.service
sudo systemctl status kibana.service
After running sudo systemctl status kibana.service you will see “http server running at http://192.168.100.100:5601”, then open browser and paste the URL on the kibana status.
You will need to fill in the kibana token, to get the token you must go to Elasticsearch server located then run the command below.
$sudo /usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana
Copy the auto-generated kibana token, paste onto the Kibana browser to complete the activity.