Elasticsearch Single Node - In Linux
This section explains the installation and configuration of Elasticsearch (ES) in Linux.
Install and configure ES on HTTP
Installing with tar.gz file
Perform the following steps to Install tar.gz file:
Download Elasticsearch 8.6.2
Unzip the file in a preferred location using the command tar -xvf elasticsearch-8.6.2-linux-x86_64.tar.gz
Notice
You need not add configurations in .yml file. The configurations get added in .yml file, once you start the ES.
Go to {directory}/elasticsearch-8.6.2/bin folder.
Run ES with the ./elasticsearch command.
When you run ES in the terminal for the first time, you get a password on the terminal (As default Elasticsearch will run as HTTPS)
Note down the password for future reference.
Stop Elasticsearch to make ES run on HTTP
Make the changes mentioned in the below sample elasticsearch.yml file.
cluster.name: zephyr node.name: node-1 http.port: 9200 network.host: 192.168.0.1 xpack.security.enabled: false xpack.security.enrollment.enabled: false xpack.security.http.ssl: enabled: false xpack.security.transport.ssl: enabled: false http.host: 0.0.0.0 indices.query.bool.max_clause_count: 9024 action.auto_create_index: ".watches,.triggered_watches,.watcher-history-*,-zephyr*,+*"
Save the changes and start the ES.
Check if the ES is started by executing the curl command.
curl -XGET 'http://localhost:9200'
Install Zephyr with ES URL http://localhost:9200
Installation with .rmp file
Download Elasticsearch 8.6.2
Install the ES 8.6.2 by using command
yum install elasticsearch-8.6.2-x86_64.rpm
Once ES is installed, the password for built in super user will be displayed as shown in the screen below.
To run on HTTP, go to the location of .yml file etc/elasticsearch/elasticsearch.yml
To run on HTTP, make the SSL security false. The sample .yml file is as follows:
cluster.name: zephyr node.name: node-1 path.data: /var/lib/elasticsearch path.logs: /var/log/elasticsearch http.port: 9200 network.host: 192.168.0.1 # Enable security features xpack.security.enabled: false xpack.security.enrollment.enabled: false # Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents xpack.security.http.ssl: enabled: false keystore.path: certs/http.p12 # Enable encryption and mutual authentication between cluster nodes xpack.security.transport.ssl: enabled: false # Allow HTTP API connections from anywhere # Connections are encrypted and require user authentication http.host: 0.0.0.0
Start ES.
Check ES is installed by executing the cURL command:
curl -XGET 'http://localhost:9200'
Install Zephyr application by giving ES URL as http://localhost:9200
Install and Configure ES on HTTPS (with authentication using username and password)
Download Elasticsearch 8.6.2
Unzip the file in a preferred location using the command tar -xvf elasticsearch-8.6.2-linux-x86_64.tar.gz
Notice
You need not add configurations in .yml file. The configurations get added in .yml file, once you start the ES.
Go to {directory}/elasticsearch-8.6.2/bin folder.
Run ES with the ./elasticsearch command.
When you run ES in the terminal for the first time, you get a password on the terminal (As default Elasticsearch will run as HTTPS). Note down the password for future reference.
The following is the sample .yml file.
cluster.name: zephyr node.name: node-1 http.port: 9200 network.host: 192.168.0.1 xpack.security.enabled: true xpack.security.enrollment.enabled: true xpack.security.http.ssl: enabled: true keystore.path: certs/http.p12 xpack.security.transport.ssl: enabled: true verification_mode: certificate keystore.path: certs/transport.p12 truststore.path: certs/transport.p12 http.host: 0.0.0.0 indices.query.bool.max_clause_count: 9024 action.auto_create_index: ".watches,.triggered_watches,.watcher-history-*,-zephyr*,+*"
Run https://localhost:9200 in browser with default user 'elastic'. Use the ES password that you got in the step 5.
Install Zephyr by giving ES URL as
Upon successful Zephyr installation, stop the Zephyr and navigate to the
{ZephyrDir}/tomcat/webapps/flex/WEB-INF/classes location.
Make changes as mentioned in the below steps, to the
jdbc.properties for ES running on HTTPS.
Uncomment elastic.rest.prop.xpack.security.user and change password after colon(:) with the ES password you got after step 4. The default username is “elastic”.
transport.nodes=https://localhost:9200 rest.nodes=https://localhost:9200 elastic.rest.prop.xpack.security.user=elastic:e16AISb=rYSvNBK36DSz
Start the Zephyr application after making these changes.
Install and Configure ES on HTTPS (using id and secret key)
Download Elasticsearch 8.6.2
Unzip the file in a preferred location using the command tar -xvf elasticsearch-8.6.2-linux-x86_64.tar.gz
You need not add configurations in .yml file. The configurations get added in .yml file, once you start the ES.
Go to {directory}/elasticsearch-8.6.2/bin folder.
Run ES with the ./elasticsearch command.
When you run ES in the terminal for the first time, you get a password on the terminal (As default Elasticsearch will run as HTTPS). Note down the password for future reference.
The following is the sample .yml file.
cluster.name: zephyr node.name: node-1 http.port: 9200 network.host: 192.168.0.1 xpack.security.enabled: true xpack.security.enrollment.enabled: true xpack.security.http.ssl: enabled: true keystore.path: certs/http.p12 xpack.security.transport.ssl: enabled: true verification_mode: certificate keystore.path: certs/transport.p12 truststore.path: certs/transport.p12 http.host: 0.0.0.0 indices.query.bool.max_clause_count: 9024 action.auto_create_index: ".watches,.triggered_watches,.watcher-history-*,-zephyr*,+*"
Execute the below given CURL to generate an API key:
curl --location --request POST 'https://localhost:9200/_security/api_key' \ --header 'Authorization: Basic ZWxhc3RpYzpwYXNzd29yZA==' \ --header 'Content-Type: application/json' \ --data-raw '{ "name": "my-api-key", "role_descriptors": { "role-zephyr": { "cluster": [ "all" ], "index": [ { "names": [ "zephyr-*" ], "privileges": [ "all" ] } ] } } }'Refer to the generated API key response:
{ "id": "i_n-KIgBbJC5TV1xKsjr", "name": "my-api-key", "api_key": "oSkuars1Rh-m4diuKe18hw", "encoded": "aV9uLUtJZ0JiSkM1VFYxeEtzanI6b1NrdWFyczFSaC1tNGRpdUtlMThodw==" }8. The <apiKey> would be base64 encoding of id:api_key that is base64 encoding of
o3PG-n0Bf9efLymhVjzN:eR9bKD5OTeywOxovC7It2Q. We can use online utility like this (Base64 Encode and Decode - Online ) for base64 encoding.Install the Zephyr application.
Stop Zephyr. Make changes in jdbc.properties file as mentioned below.
Add following properties in jdbc.properties file:
elastic.rest.prop.api.key.id=<id> elastic.rest.prop.api.key.secret=<api_key>
Start the Zephyr application.
Enable TLS 1.2 and 1.3 versions for Elasticsearch
You need to add these two lines in the elasticsearch.yml file:
xpack.security.http.ssl: supported_protocols: TLSv1.3, TLSv1.2 xpack.security.transport.ssl: supported_protocols: TLSv1.3, TLSv1.2
The following is the sample .yml file:
cluster.name: zephyr node.name: node-1 http.port: 9200 network.host: 192.168.0.1 xpack.security.enabled: true xpack.security.enrollment.enabled: true xpack.security.http.ssl: enabled: true keystore.path: certs/http.p12 supported_protocols: TLSv1.3, TLSv1.2 xpack.security.transport.ssl: enabled: true verification_mode: certificate keystore.path: certs/transport.p12 truststore.path: certs/transport.p12 supported_protocols: TLSv1.3, TLSv1.2 http.host: 0.0.0.0 indices.query.bool.max_clause_count: 9024 action.auto_create_index: ".watches,.triggered_watches,.watcher-history-*,-zephyr*,+*"
Connect Zephyr to Elasticsearch
Elasticsearch must be running before you install Zephyr Enterprise. You connect Zephyr to ES during the product installation. To do this, specify either the IP address of your ES server, or its host name depending on the settings you have specified in the elasticsearch.yml file.
Single-node installation
Specify
http://192.168.0.1:9200, orhttp://localhost:9200when prompted to configure Elasticsearch.