RPM package

Installing and running Open Distro for Elasticsearch from an RPM package is a more manual process than the Docker image. We recommend CentOS 7 and Amazon Linux 2, but any RPM-based distribution that uses systemd should work. These steps assume you’re using CentOS 7.

  1. Create the repository file:

    sudo curl https://d3g5vo6xdbdb9a.cloudfront.net/yum/opendistroforelasticsearch-artifacts.repo -o /etc/yum.repos.d/opendistroforelasticsearch-artifacts.repo
    
  2. Open Distro for Elasticseach requires the full Java Development Kit (JDK), not just the Java Runtime Environment (JRE). If you don’t have the JDK installed, install either version 8 or version 11:

    # Java 11
    sudo yum install java-11-openjdk-devel
    # Java 8
    sudo yum install java-1.8.0-openjdk-devel
    

    If you’re using Amazon Linux 2, you might need to use Java 8.

  3. List all available Open Distro for Elasticsearch versions:

    sudo yum list opendistroforelasticsearch --showduplicates
    
  4. Choose the version you’d like and install it:

    sudo yum install opendistroforelasticsearch-1.2.0
    
  5. If you installed Java 8, run the following command:

    sudo ln -s /usr/lib/jvm/java-1.8.0/lib/tools.jar /usr/share/elasticsearch/lib/
    
  6. To start Open Distro for Elasticsearch:

    sudo systemctl start elasticsearch.service
    
  7. Send requests to the server to verify that Elasticsearch is up and running:

    curl -XGET https://localhost:9200 -u admin:admin --insecure
    curl -XGET https://localhost:9200/_cat/nodes?v -u admin:admin --insecure
    curl -XGET https://localhost:9200/_cat/plugins?v -u admin:admin --insecure
    
  8. For instructions on installing and running Kibana, see Kibana.

  9. To check the status of the service:

    systemctl status elasticsearch.service
    

    You might notice some errors if you are using Java 8. If the service is still active (running), you can safely ignore them:

    elasticsearch[3969]: java.security.policy: error adding Entry:
    elasticsearch[3969]: java.net.MalformedURLException: unknown protocol: jrt
    elasticsearch[3969]: java.security.policy: error adding Entry:
    elasticsearch[3969]: java.net.MalformedURLException: unknown protocol: jrt
    
  10. To stop Open Distro for Elasticsearch:

    sudo systemctl stop elasticsearch.service
    

Configuration

To run Open Distro for Elasticsearch when the system starts:

sudo /bin/systemctl daemon-reload
sudo /bin/systemctl enable elasticsearch.service

You can also modify the values in /etc/sysconfig/elasticsearch (JAVA_HOME, most notably), /etc/elasticsearch/elasticsearch.yml, and /etc/elasticsearch/jvm.options (to set the heap size, most notably). To learn more, see Elasticsearch configuration and Important Settings on the Docker page.

Where are the files?

The RPM package installs files to the following locations:

File type Location
Elasticsearch home, management scripts, and plugins /usr/share/elasticsearch/
Configuration files /etc/elasticsearch
Environment variables /etc/sysconfig/elasticsearch
Logs /var/log/elasticsearch
Shard data /var/lib/elasticsearch