Open Distro for Elasticsearch development has moved to OpenSearch. The ODFE plugins will continue to work with legacy versions of Elasticsearch OSS, but we recommend upgrading to OpenSearch to take advantage of the latest features and improvements.
Installing and running Open Distro for Elasticsearch from an RPM package is a more manual process than the Docker image. We recommend CentOS 7 and Amazon Linux 2, but any RPM-based distribution that uses systemd should work. These steps assume you’re using CentOS 7.
Create the repository file:
sudo curl https://d3g5vo6xdbdb9a.cloudfront.net/yum/opendistroforelasticsearch-artifacts.repo -o /etc/yum.repos.d/opendistroforelasticsearch-artifacts.repo
Open Distro for Elasticseach requires the full Java Development Kit (JDK), not just the Java Runtime Environment (JRE). If you don’t have the JDK installed, install either version 8 or version 11:
# Java 11 sudo yum install java-11-openjdk-devel # Java 8 sudo yum install java-1.8.0-openjdk-devel
If you’re using Amazon Linux 2, you might need to use Java 8.
Install wget and unzip:
sudo yum install wget unzip
List all available Open Distro for Elasticsearch versions:
sudo yum list opendistroforelasticsearch --showduplicates
Choose the version you’d like and install it:
sudo yum install opendistroforelasticsearch-1.13.2
This command automatically chooses the appropriate architecture (x64 or ARM64) depending on the system you’re using.
If you installed Java 8, run the following command:
sudo ln -s /usr/lib/jvm/java-1.8.0/lib/tools.jar /usr/share/elasticsearch/lib/
To start Open Distro for Elasticsearch:
sudo systemctl start elasticsearch.service
Send requests to the server to verify that Elasticsearch is up and running:
curl -XGET https://localhost:9200 -u 'admin:admin' --insecure curl -XGET https://localhost:9200/_cat/nodes?v -u 'admin:admin' --insecure curl -XGET https://localhost:9200/_cat/plugins?v -u 'admin:admin' --insecure
For instructions on installing and running Kibana, see Kibana.
To check the status of the service:
systemctl status elasticsearch.service
You might notice some errors if you are using Java 8. If the service is still
active (running), you can safely ignore them:
elasticsearch: java.security.policy: error adding Entry: elasticsearch: java.net.MalformedURLException: unknown protocol: jrt elasticsearch: java.security.policy: error adding Entry: elasticsearch: java.net.MalformedURLException: unknown protocol: jrt
To stop Open Distro for Elasticsearch:
sudo systemctl stop elasticsearch.service
To run Open Distro for Elasticsearch when the system starts:
sudo /bin/systemctl daemon-reload sudo /bin/systemctl enable elasticsearch.service
You can also modify the values in
JAVA_HOME, most notably),
/etc/elasticsearch/jvm.options (to set the heap size, most notably). To learn more, see Elasticsearch configuration and Important Settings on the Docker page.
(Optional) Set up Performance Analyzer
By default, Performance Analyzer’s endpoints are not accessible from outside the host machine.
To edit this behavior, modify the plugin configuration. First navigate to
ES_HOME, which is
/usr/share/elasticsearch for a standard installation.
cd $ES_HOME # navigate to the Elasticsearch home directory cd plugins/opendistro_performance_analyzer/pa_config/ vi performance-analyzer.properties
Uncomment the line
#webservice-bind-host and set it to
# ======================== Elasticsearch performance analyzer plugin config ========================= # NOTE: this is an example for Linux. Please modify the config accordingly if you are using it under other OS. # WebService bind host; default to all interfaces webservice-bind-host = 0.0.0.0 # Metrics data location metrics-location = /dev/shm/performanceanalyzer/ # Metrics deletion interval (minutes) for metrics data. # Interval should be between 1 to 60. metrics-deletion-interval = 1 # If set to true, the system cleans up the files behind it. So at any point, we should expect only 2 # metrics-db-file-prefix-path files. If set to false, no files are cleaned up. This can be useful, if you are archiving # the files and wouldn't like for them to be cleaned up. cleanup-metrics-db-files = true # WebService exposed by App's port webservice-listener-port = 9600 # Metric DB File Prefix Path location metrics-db-file-prefix-path = /tmp/metricsdb_ https-enabled = false #Setup the correct path for certificates certificate-file-path = specify_path private-key-file-path = specify_path # Plugin Stats Metadata file name, expected to be in the same location plugin-stats-metadata = plugin-stats-metadata # Agent Stats Metadata file name, expected to be in the same location agent-stats-metadata = agent-stats-metadata
Finally, restart the Elasticsearch service. After the restart, Performance Analyzer is accessible from outside the machine:
sudo systemctl restart elasticsearch.service
Where are the files?
The RPM package installs files to the following locations:
|Elasticsearch home, management scripts, and plugins|| |
|Configuration files|| |
|Environment variables|| |
|Shard data|| |