How Do You Install the Elastic Stack on Any Type of Linux?

Updated on 9/24/19

Problem scenario
You want to install Elastic Stack on different distributions of Linux with the same exact script.  What should you do?

Solution
Prerequisites
i. You should have at least 3 GB of total memory (a combination of virtual memory and RAM) allocated to the server. If you need to add memory, see this posting.

ii. Install the Java Development Kit version 8.  If you need assistance, try running a script with the following content:

#!/bin/bash
# Written by www.continualintegration.com

distro=$(cat /etc/*-release | grep NAME)

debflag=$(echo $distro | grep -i "ubuntu")
if [ -z "$debflag" ]
then   # If it is not Ubuntu, test if it is Debian.
  debflag=$(echo $distro | grep -i "debian")
  echo "determining Linux distribution..."
else
   echo "You have Ubuntu Linux!"
fi

rhflag=$(echo $distro | grep -i "red*hat")
if [ -z "$rhflag" ]
then   #If it is not RedHat, see if it is CentOS or Fedora.
  rhflag=$(echo $distro | grep -i "centos")
  if [ -z "$rhflag" ]
    then    #If it is neither RedHat nor CentOS, see if it is Fedora.
    echo "It does not appear to be CentOS or RHEL..."
    rhflag=$(echo $distro | grep -i "fedora")
    fi
fi

if [ -z "$rhflag" ]
  then
  echo "...still determining Linux distribution..."
else
  echo "You have a RedHat distribution (e.g., CentOS, RHEL, or Fedora)"
  yum -y install java-1.8.0-openjdk*
  JAVA_HOME=/usr/lib/jvm/jre-1.8.0-openjdk
  echo 'export JAVA_HOME=/usr/lib/jvm/jre-1.8.0-openjdk' >> ~/.bashrc
  source ~/.bashrc
  source /etc/environment
fi

if [ -z "$debflag" ]
then
  echo "...still determining Linux distribution..."
else
   echo "You are using either Ubuntu Linux or Debian Linux."
   apt-get -y update # This is necessary on new AWS Ubuntu servers.
   apt -y install openjdk-8-jre-headless
fi

suseflag=$(echo $distro | grep -i "suse")
if [ -z "$suseflag" ]
then
  if [ -z "$debflag" ]
  then
    if [ -z "$rhflag" ]
      then
      echo "*******************************************"
      echo "Could not determine the Linux distribution!"
      echo "Installation aborted. Nothing was done."
      echo "******************************************"
      exit
    fi
  fi
else
   zypper -n install java-1_8_0-openjdk java-1_8_0-openjdk-devel
fi

Procedures
Warning: This script requires access to the internet.  It bypasses the HTTPS feature provided by elastic.co.  This may not be recommended in some environments.

1.  Create a script called "elasticstack.sh" with the following stanzas:

#!/bin/bash
# Define variables for version, Elastic Stack user and group
version=6.4.0
esu=esu
esg=esg

echo $esu"    -    nofile    65536" >> /etc/security/limits.conf

useradd $esu  # For SUSE
adduser $esu # For Red Hat and Ubuntu/Debian distributions
groupadd $esg # For SUSE
addgroup $esg # For Red Hat and Ubuntu/Debian distributions

curl -k https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-$version.tar.gz > /tmp/elasticsearch-$version.tar.gz
cd /opt
cp /tmp/elasticsearch-$version.tar.gz /opt
tar -zxvf elasticsearch-$version.tar.gz
mv elasticsearch-$version elasticsearch
sudo chown -R $esu:$esg /opt/elasticsearch

curl -k https://artifacts.elastic.co/downloads/logstash/logstash-$version.tar.gz > /tmp/logstash-$version.tar.gz
cd /opt
cp /tmp/logstash-$version.tar.gz /opt
tar -zxvf logstash-$version.tar.gz
mv logstash-$version logstash
sudo chown -R $esu:$esg /opt/logstash

curl -k https://artifacts.elastic.co/downloads/kibana/kibana-$version-linux-x86_64.tar.gz > /tmp/kibana-$version-linux-x86_64.tar.gz
cd /opt
cp /tmp/kibana-$version-linux-x86_64.tar.gz /opt
tar -zxvf kibana-$version-linux-x86_64.tar.gz
mv kibana-$version-linux-x86_64 kibana
sudo chown -R $esu:$esg /opt/kibana

cat >/etc/systemd/system/elasticsearch.service <<EOL
[Unit]
Description=elasticsearch

[Service]
Type=simple
User=$esu
Group=$esg

ExecStart=/opt/elasticsearch/bin/elasticsearch
Restart=always
WorkingDirectory=/
Nice=19
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
EOL

cat >/opt/logstash/config/logstash-simple.conf   <<EOL
input { stdin { } }
output {
  elasticsearch { hosts => ["localhost:9200"] }
  stdout { codec => rubydebug }
}
EOL

cat >/etc/systemd/system/logstash.service <<EOL
[Unit]
Description=logstash

[Service]
Type=simple
User=$esu
Group=$esg

EnvironmentFile=/opt/logstash/config/startup.options
ExecStart=/opt/logstash/bin/logstash "-f" "/opt/logstash/config/logstash-simple.conf"
Restart=always
WorkingDirectory=/
Nice=19
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
EOL

cat >/etc/systemd/system/kibana.service <<EOL
[Unit]
Description=kibana

[Service]
Type=simple
User=$esu
Group=$esg

ExecStart=/opt/kibana/bin/kibana
Restart=always
WorkingDirectory=/
Nice=19
LimitNOFILE=65536

[Install]
WantedBy=multi-user.target
EOL

echo "The script has finished."
echo " "
echo "Try starting the services like this:
sudo systemctl start elasticsearch
sudo systemctl start logstash
sudo systemctl start kibana"

2.  Run the script above like this: sudo bash elasticstack.sh

Leave a comment

Your email address will not be published. Required fields are marked *