Mastering the installation of the Elastic Stack on your system is a fundamental step towards unlocking powerful search, analysis, and logging capabilities. This guide provides a clear path to getting Elasticsearch, Kibana, and Logstash version 7 running smoothly on Fedora 30/29 and CentOS 7.
Before you begin, ensure your system is up-to-date and meets the basic requirements. The Elastic Stack requires Java Development Kit (JDK). You’ll typically need OpenJDK version 8 or later installed. You can check your current Java version or install it using your distribution’s package manager:
On CentOS 7:
sudo yum install java-1.8.0-openjdk-devel -y
On Fedora 30/29:
sudo dnf install java-1.8.0-openjdk-devel -y
Next, you need to add the official Elastic repository to your system. This allows you to install the Elastic Stack components using your standard package manager. Create a repository file:
On CentOS 7:
sudo vi /etc/yum.repos.d/elastic.repo
On Fedora 30/29:
sudo vi /etc/yum.repos.d/elastic.repo
Add the following content to the file for Elastic Stack 7:
[elasticsearch-7.x]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
Save and close the file.
Step 1: Install Elasticsearch
With the repository configured, install Elasticsearch using your package manager:
On CentOS 7:
sudo yum install elasticsearch -y
On Fedora 30/29:
sudo dnf install elasticsearch -y
After installation, you might need to configure Elasticsearch. The main configuration file is located at /etc/elasticsearch/elasticsearch.yml. For a basic setup, you might want to set the network.host to allow access from other machines (e.g., ‘0.0.0.0’ for all interfaces, or a specific IP). Be mindful of security implications when setting the host.
Reload the systemd daemon and then start and enable the Elasticsearch service:
sudo systemctl daemon-reload
sudo systemctl start elasticsearch
sudo systemctl enable elasticsearch
Wait a minute or two for Elasticsearch to fully start. You can check its status:
sudo systemctl status elasticsearch
Verify Elasticsearch is running by querying its API (it listens on port 9200 by default):
curl -X GET "localhost:9200/"
If you get a JSON response detailing the cluster and version, Elasticsearch is running. If you have a firewall enabled (like firewalld), you’ll need to open port 9200:
sudo firewall-cmd --add-port=9200/tcp --permanent
sudo firewall-cmd --reload
Step 2: Install Kibana
Kibana provides a web interface for visualizing your Elasticsearch data. Install it using the same repository:
On CentOS 7:
sudo yum install kibana -y
On Fedora 30/29:
sudo dnf install kibana -y
Configure Kibana by editing /etc/kibana/kibana.yml. You’ll likely need to uncomment and set the server.host (e.g., ‘0.0.0.0’ or a specific IP) and ensure elasticsearch.hosts points to your Elasticsearch instance (usually ["http://localhost:9200"]).
Reload the systemd daemon and start and enable the Kibana service:
sudo systemctl daemon-reload
sudo systemctl start kibana
sudo systemctl enable kibana
Kibana typically runs on port 5601. Allow this port through your firewall:
sudo firewall-cmd --add-port=5601/tcp --permanent
sudo firewall-cmd --reload
You should now be able to access the Kibana web interface by navigating to http://YOUR_SERVER_IP:5601 in your web browser.
Step 3: Install Logstash
Logstash is a data processing pipeline that ingests data from multiple sources, transforms it, and sends it to Elasticsearch. Install it:
On CentOS 7:
sudo yum install logstash -y
On Fedora 30/29:
sudo dnf install logstash -y
Logstash configuration is done using configuration files, typically in /etc/logstash/conf.d/. These files define your input, filter, and output plugins. For example, a simple configuration to read from standard input and output to standard output could be:
input { stdin { } }
output { stdout { codec => rubydebug } }
Or, to send data to Elasticsearch:
input { ... }
filter { ... }
output { elasticsearch { hosts => ["localhost:9200"] } }
You would save this as a .conf file in /etc/logstash/conf.d/.
Reload the systemd daemon and start and enable the Logstash service:
sudo systemctl daemon-reload
sudo systemctl start logstash
sudo systemctl enable logstash
Logstash doesn’t have a web interface like Kibana, but its status can be checked with sudo systemctl status logstash.
By following these steps, you will have successfully installed and configured the core components of the Elastic Stack 7 on your Fedora or CentOS system, ready to start ingesting and analyzing your data. Remember to consult the official Elastic documentation for more advanced configurations, security settings, and troubleshooting.
Source: https://kifarunix.com/install-elastic-stack-7-on-fedora-30-fedora-29-centos-7/
