diff --git a/deploy-manage/deploy/self-managed/_snippets/wolfi.md b/deploy-manage/deploy/self-managed/_snippets/wolfi.md index fd7c45fd8d..34377f5820 100644 --- a/deploy-manage/deploy/self-managed/_snippets/wolfi.md +++ b/deploy-manage/deploy/self-managed/_snippets/wolfi.md @@ -4,6 +4,21 @@ To use the Wolfi image, append `-wolfi` to the image tag in the Docker command. For example: +::::{tab-set} +:group: docker +:::{tab-item} Latest +:sync: latest ```sh subs=true docker pull docker.elastic.co/elasticsearch/elasticsearch-wolfi:{{version.stack}} -``` \ No newline at end of file +``` +::: + +:::{tab-item} Specific version +:sync: specific +```sh subs=true +docker pull docker.elastic.co/elasticsearch/elasticsearch-wolfi: +``` +You can download and install a specific version of the {{stack}} by replacing `` with the version number you want. For example, you can replace `` with {{version.stack.base}}. +::: + +:::: \ No newline at end of file diff --git a/deploy-manage/deploy/self-managed/air-gapped-install.md b/deploy-manage/deploy/self-managed/air-gapped-install.md index 08a90fbe95..2baff63b4e 100644 --- a/deploy-manage/deploy/self-managed/air-gapped-install.md +++ b/deploy-manage/deploy/self-managed/air-gapped-install.md @@ -87,10 +87,13 @@ Besides setting up the EPR service, you also need to [configure {{kib}}](/deploy ### Additional {{package-registry}} examples -:::{dropdown} Script to generate a SystemD service file on a RHEL 8 system +:::::{dropdown} Script to generate a SystemD service file on a RHEL 8 system The following script generates a SystemD service file on a RHEL 8 system in order to run EPR with Podman in a production environment. +::::{tab-set} + +:::{tab-item} Latest ```sh subs=true #!/usr/bin/env bash @@ -115,10 +118,42 @@ podman create \ ``` ::: -:::{dropdown} SystemD service file launched as a Podman service +:::{tab-item} Specific version +Replace `` with the {{stack}} version number you want. For example, you can replace `` with {{version.stack.base}}. +```sh subs=true +#!/usr/bin/env bash + +EPR_BIND_ADDRESS="0.0.0.0" +EPR_BIND_PORT="8443" +EPR_TLS_CERT="/etc/elastic/epr/epr.pem" +EPR_TLS_KEY="/etc/elastic/epr/epr-key.pem" +EPR_IMAGE="docker.elastic.co/package-registry/distribution:" + +podman create \ + --name "elastic-epr" \ + -p "$EPR_BIND_ADDRESS:$EPR_BIND_PORT:$EPR_BIND_PORT" \ + -v "$EPR_TLS_CERT:/etc/ssl/epr.crt:ro" \ + -v "$EPR_TLS_KEY:/etc/ssl/epr.key:ro" \ + -e "EPR_ADDRESS=0.0.0.0:$EPR_BIND_PORT" \ + -e "EPR_TLS_CERT=/etc/ssl/epr.crt" \ + -e "EPR_TLS_KEY=/etc/ssl/epr.key" \ + "$EPR_IMAGE" + +## creates service file in the root directory +# podman generate systemd --new --files --name elastic-epr --restart-policy always +``` +::: +:::: + +::::: + +:::::{dropdown} SystemD service file launched as a Podman service The following is an example of an actual SystemD service file for an EPR, launched as a Podman service. +::::{tab-set} + +:::{tab-item} Latest ```ini subs=true # container-elastic-epr.service # autogenerated by Podman 4.1.1 @@ -160,6 +195,52 @@ WantedBy=default.target ``` ::: +::::::{tab-item} Specific version +Replace `` with the {{stack}} version number you want. For example, you can replace `` with {{version.stack.base}}. +```ini subs=true +# container-elastic-epr.service +# autogenerated by Podman 4.1.1 +# Wed Oct 19 13:12:33 UTC 2022 + +[Unit] +Description=Podman container-elastic-epr.service +Documentation=man:podman-generate-systemd(1) +Wants=network-online.target +After=network-online.target +RequiresMountsFor=%t/containers + +[Service] +Environment=PODMAN_SYSTEMD_UNIT=%n +Restart=always +TimeoutStopSec=70 +ExecStartPre=/bin/rm -f %t/%n.ctr-id +ExecStart=/usr/bin/podman run \ + --cidfile=%t/%n.ctr-id \ + --cgroups=no-conmon \ + --rm \ + --sdnotify=conmon \ + -d \ + --replace \ + --name elastic-epr \ + -p 0.0.0.0:8443:8443 \ + -v /etc/elastic/epr/epr.pem:/etc/ssl/epr.crt:ro \ + -v /etc/elastic/epr/epr-key.pem:/etc/ssl/epr.key:ro \ + -e EPR_ADDRESS=0.0.0.0:8443 \ + -e EPR_TLS_CERT=/etc/ssl/epr.crt \ + -e EPR_TLS_KEY=/etc/ssl/epr.key docker.elastic.co/package-registry/distribution: +ExecStop=/usr/bin/podman stop --ignore --cidfile=%t/%n.ctr-id +ExecStopPost=/usr/bin/podman rm -f --ignore --cidfile=%t/%n.ctr-id +Type=notify +NotifyAccess=all + +[Install] +WantedBy=default.target +``` +::: +:::: + +::::: + ## {{artifact-registry}} [air-gapped-elastic-artifact-registry] Air-gapped install of the {{artifact-registry}} is necessary in order to enable {{agent}} deployments to perform self-upgrades and install certain components which are needed for some of the data integrations (that is, in addition to what is also retrieved from the EPR). To learn more, refer to [Host your own artifact registry for binary downloads](/reference/fleet/air-gapped.md#host-artifact-registry) in the {{fleet}} and {{elastic-agent}} Guide. @@ -170,10 +251,13 @@ When setting up own web server, such as NGINX, to function as the {{artifact-reg ### Additional {{artifact-registry}} examples -:::{dropdown} Artifact download script +:::::{dropdown} Artifact download script The following example script downloads artifacts from the internet to be later served as a private Elastic Package Registry. +::::{tab-set} + +:::{tab-item} Latest ```sh subs=true #!/usr/bin/env bash set -o nounset -o errexit -o pipefail @@ -241,6 +325,77 @@ done ``` ::: +::::::{tab-item} Specific version +Replace `` with the {{stack}} version number you want. For example, you can replace `` with {{version.stack.base}}. +```sh subs=true +#!/usr/bin/env bash +set -o nounset -o errexit -o pipefail + +STACK_VERSION= +ARTIFACT_DOWNLOADS_BASE_URL=https://artifacts.elastic.co/downloads + +DOWNLOAD_BASE_DIR=${DOWNLOAD_BASE_DIR:?"Make sure to set DOWNLOAD_BASE_DIR when running this script"} + +COMMON_PACKAGE_PREFIXES="apm-server/apm-server beats/auditbeat/auditbeat beats/elastic-agent/elastic-agent beats/filebeat/filebeat beats/heartbeat/heartbeat beats/metricbeat/metricbeat beats/osquerybeat/osquerybeat beats/packetbeat/packetbeat cloudbeat/cloudbeat endpoint-dev/endpoint-security fleet-server/fleet-server" + +WIN_ONLY_PACKAGE_PREFIXES="beats/winlogbeat/winlogbeat" + +RPM_PACKAGES="beats/elastic-agent/elastic-agent" +DEB_PACKAGES="beats/elastic-agent/elastic-agent" + +function download_packages() { + local url_suffix="$1" + local package_prefixes="$2" + + local _url_suffixes="$url_suffix ${url_suffix}.sha512 ${url_suffix}.asc" + local _pkg_dir="" + local _dl_url="" + + for _download_prefix in $package_prefixes; do + for _pkg_url_suffix in $_url_suffixes; do + _pkg_dir=$(dirname ${DOWNLOAD_BASE_DIR}/${_download_prefix}) + _dl_url="${ARTIFACT_DOWNLOADS_BASE_URL}/${_download_prefix}-${_pkg_url_suffix}" + (mkdir -p $_pkg_dir && cd $_pkg_dir && curl -O "$_dl_url") + done + done +} + +# and we download +for _os in linux windows; do + case "$_os" in + linux) + PKG_URL_SUFFIX="${STACK_VERSION}-${_os}-x86_64.tar.gz" + ;; + windows) + PKG_URL_SUFFIX="${STACK_VERSION}-${_os}-x86_64.zip" + ;; + *) + echo "[ERROR] Something happened" + exit 1 + ;; + esac + + download_packages "$PKG_URL_SUFFIX" "$COMMON_PACKAGE_PREFIXES" + + if [[ "$_os" = "windows" ]]; then + download_packages "$PKG_URL_SUFFIX" "$WIN_ONLY_PACKAGE_PREFIXES" + fi + + if [[ "$_os" = "linux" ]]; then + download_packages "${STACK_VERSION}-x86_64.rpm" "$RPM_PACKAGES" + download_packages "${STACK_VERSION}-amd64.deb" "$DEB_PACKAGES" + fi +done + + +## selinux tweaks +# semanage fcontext -a -t "httpd_sys_content_t" '/opt/elastic-packages(/.*)?' +# restorecon -Rv /opt/elastic-packages +``` +::: +:::: +::::: + :::{dropdown} NGINX config for private {{artifact-registry}} web server The following is an example NGINX configuration for running a web server for the {{artifact-registry}}. diff --git a/deploy-manage/deploy/self-managed/install-elasticsearch-docker-basic.md b/deploy-manage/deploy/self-managed/install-elasticsearch-docker-basic.md index 089ca3afe2..a533f16214 100644 --- a/deploy-manage/deploy/self-managed/install-elasticsearch-docker-basic.md +++ b/deploy-manage/deploy/self-managed/install-elasticsearch-docker-basic.md @@ -34,12 +34,29 @@ Use Docker commands to start a single-node {{es}} cluster for development or tes 3. Pull the {{es}} Docker image. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true docker pull docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} ``` + ::: + + :::{tab-item} Specific version + :sync: specific + Replace `` with the {{stack}} version number you want. For example, you can replace `` with {{version.stack.base}}. You'll use this same version number throughout this tutorial. + ```sh subs=true + docker pull docker.elastic.co/elasticsearch/elasticsearch: + ``` + ::: 4. Optional: Install [Cosign](https://docs.sigstore.dev/cosign/system_config/installation/) for your environment. Then use Cosign to verify the {{es}} image’s signature. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest $$$docker-verify-signature$$$ ```sh subs=true @@ -56,9 +73,37 @@ Use Docker commands to start a single-node {{es}} cluster for development or tes - Existence of the claims in the transparency log was verified offline - The signatures were verified against the specified public key ``` + ::: + + :::{tab-item} Specific version + :sync: specific + Replace `` with the version of the Docker image you downloaded. + $$$docker-verify-signature$$$ + + ```sh subs=true + wget https://artifacts.elastic.co/cosign.pub + cosign verify --key cosign.pub docker.elastic.co/elasticsearch/elasticsearch: + ``` + + The `cosign` command prints the check results and the signature payload in JSON format: + + ```sh subs=true + Verification for docker.elastic.co/elasticsearch/elasticsearch: -- + The following checks were performed on each of these signatures: + - The cosign claims were validated + - Existence of the claims in the transparency log was verified offline + - The signatures were verified against the specified public key + ``` + ::: + :::: + 5. Start an {{es}} container. + ::::::{tab-set} + :group: docker + :::::{tab-item} Latest + :sync: latest ```sh subs=true docker run --name es01 --net elastic -p 9200:9200 -it -m 1GB docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} ``` @@ -67,7 +112,6 @@ Use Docker commands to start a single-node {{es}} cluster for development or tes Use the `-m` flag to set a memory limit for the container. This removes the need to [manually set the JVM size](/deploy-manage/deploy/self-managed/install-elasticsearch-docker-prod.md#docker-set-heap-size). :::: - {{ml-cap}} features such as [semantic search with ELSER](/solutions/search/semantic-search/semantic-search-elser-ingest-pipelines.md) require a larger container with more than 1GB of memory. If you intend to use the {{ml}} capabilities, then start the container with this command: ```sh subs=true @@ -75,6 +119,28 @@ Use Docker commands to start a single-node {{es}} cluster for development or tes ``` The command prints the `elastic` user password and an enrollment token for {{kib}}. + ::::: + + :::::{tab-item} Specific version + :sync: specific + Use the same {{stack}} version number as the Docker image you pulled earlier and replace `` with it. + ```sh subs=true + docker run --name es01 --net elastic -p 9200:9200 -it -m 1GB docker.elastic.co/elasticsearch/elasticsearch: + ``` + + ::::{tip} + Use the `-m` flag to set a memory limit for the container. This removes the need to [manually set the JVM size](/deploy-manage/deploy/self-managed/install-elasticsearch-docker-prod.md#docker-set-heap-size). + :::: + + {{ml-cap}} features such as [semantic search with ELSER](/solutions/search/semantic-search/semantic-search-elser-ingest-pipelines.md) require a larger container with more than 1GB of memory. If you intend to use the {{ml}} capabilities, then start the container with this command: + + ```sh subs=true + docker run --name es01 --net elastic -p 9200:9200 -it -m 6GB -e "xpack.ml.use_auto_machine_memory_percent=true" docker.elastic.co/elasticsearch/elasticsearch: + ``` + + The command prints the `elastic` user password and an enrollment token for {{kib}}. + ::::: + :::::: 6. Copy the generated `elastic` password and enrollment token. These credentials are only shown when you start {{es}} for the first time. You can regenerate the credentials using the following commands. @@ -113,9 +179,22 @@ Use Docker commands to start a single-node {{es}} cluster for development or tes 2. Start a new {{es}} container. Include the enrollment token as an environment variable. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true docker run -e ENROLLMENT_TOKEN="" --name es02 --net elastic -it -m 1GB docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} ``` + ::: + :::{tab-item} Specific version + :sync: specific + Use the same {{stack}} version number as the Docker image you pulled earlier and replace `` with it. + ```sh subs=true + docker run -e ENROLLMENT_TOKEN="" --name es02 --net elastic -it -m 1GB docker.elastic.co/elasticsearch/elasticsearch: + ``` + ::: + :::: 3. Call the [cat nodes API](https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-cat-nodes) to verify the node was added to the cluster. @@ -127,22 +206,63 @@ Use Docker commands to start a single-node {{es}} cluster for development or tes 1. Pull the {{kib}} Docker image. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true docker pull docker.elastic.co/kibana/kibana:{{version.stack}} ``` + ::: + :::{tab-item} Specific version + :sync: specific + Use the same {{stack}} version number as the Docker image you pulled earlier and replace `` with it. + ```sh subs=true + docker pull docker.elastic.co/kibana/kibana: + ``` + ::: + :::: 2. Optional: Verify the {{kib}} image’s signature. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true wget https://artifacts.elastic.co/cosign.pub cosign verify --key cosign.pub docker.elastic.co/kibana/kibana:{{version.stack}} ``` + ::: + :::{tab-item} Specific version + :sync: specific + Use the same {{stack}} version number as the Docker image you pulled earlier and replace `` with it. + ```sh subs=true + wget https://artifacts.elastic.co/cosign.pub + cosign verify --key cosign.pub docker.elastic.co/kibana/kibana: + ``` + ::: + :::: + 3. Start a {{kib}} container. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true docker run --name kib01 --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana:{{version.stack}} ``` + ::: + :::{tab-item} Specific version + :sync: specific + Use the same {{stack}} version number as the Docker image you pulled earlier and replace `` with it. + ```sh subs=true + docker run --name kib01 --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana: + ``` + ::: + :::: 4. When {{kib}} starts, it outputs a unique generated link to the terminal. To access {{kib}}, open this link in a web browser. 5. In your browser, enter the enrollment token that was generated when you started {{es}}. diff --git a/deploy-manage/deploy/self-managed/install-elasticsearch-docker-compose.md b/deploy-manage/deploy/self-managed/install-elasticsearch-docker-compose.md index 038bef4541..1864d9c948 100644 --- a/deploy-manage/deploy/self-managed/install-elasticsearch-docker-compose.md +++ b/deploy-manage/deploy/self-managed/install-elasticsearch-docker-compose.md @@ -39,14 +39,31 @@ Use Docker Compose to start a three-node {{es}} cluster with {{kib}}. Docker Com ... ``` -5. In the `.env` file, set `STACK_VERSION` to the current {{stack}} version. +5. Edit the `.env` file to set the `STACK_VERSION`: + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest + Set the stack version to the current {{stack}} version. ```txt subs=true ... # Version of Elastic products STACK_VERSION={{version.stack}} ... ``` + ::: + + :::{tab-item} Specific version + :sync: specific + Replace `` with the {{es}} version number you want. For example, you can replace `` with {{version.stack.base}}. + ```txt subs=true + ... + # Version of Elastic products + STACK_VERSION= + ... + ::: + :::: 6. By default, the Docker Compose configuration exposes port `9200` on all network interfaces. diff --git a/deploy-manage/deploy/self-managed/install-elasticsearch-docker-configure.md b/deploy-manage/deploy/self-managed/install-elasticsearch-docker-configure.md index 3f79072ba2..9d55ab9f22 100644 --- a/deploy-manage/deploy/self-managed/install-elasticsearch-docker-configure.md +++ b/deploy-manage/deploy/self-managed/install-elasticsearch-docker-configure.md @@ -63,15 +63,36 @@ To encrypt your secure settings with a password and have them persist outside th For example: +::::{tab-set} +:group: docker +:::{tab-item} Latest +:sync: latest ```sh subs=true docker run -it --rm \ -v full_path_to/config:/usr/share/elasticsearch/config \ docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} \ bin/elasticsearch-keystore create -p ``` +::: + +:::{tab-item} Specific version +:sync: specific +Replace `` with the version of the Docker image you downloaded. +```sh subs=true +docker run -it --rm \ +-v full_path_to/config:/usr/share/elasticsearch/config \ +docker.elastic.co/elasticsearch/elasticsearch: \ +bin/elasticsearch-keystore create -p +``` +::: +:::: You can also use a `docker run` command to add or update secure settings in the keystore. You’ll be prompted to enter the setting values. If the keystore is encrypted, you’ll also be prompted to enter the keystore password. +::::{tab-set} +:group: docker +:::{tab-item} Latest +:sync: latest ```sh subs=true docker run -it --rm \ -v full_path_to/config:/usr/share/elasticsearch/config \ @@ -80,6 +101,21 @@ bin/elasticsearch-keystore \ add my.secure.setting \ my.other.secure.setting ``` +::: + +:::{tab-item} Specific version +:sync: specific +Replace `` with the version of the Docker image you downloaded. +```sh subs=true +docker run -it --rm \ +-v full_path_to/config:/usr/share/elasticsearch/config \ +docker.elastic.co/elasticsearch/elasticsearch: \ +bin/elasticsearch-keystore \ +add my.secure.setting \ +my.other.secure.setting +``` +::: +:::: If you’ve already created the keystore and don’t need to update it, you can bind-mount the `elasticsearch.keystore` file directly. You can use the `KEYSTORE_PASSWORD` environment variable to provide the keystore password to the container at startup. For example, a `docker run` command might have the following options: @@ -93,10 +129,25 @@ If you’ve already created the keystore and don’t need to update it, you can In some environments, it might make more sense to prepare a custom image that contains your configuration. A `Dockerfile` to achieve this might be as simple as: +::::{tab-set} +:group: docker +:::{tab-item} Latest +:sync: latest ```sh subs=true FROM docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} COPY --chown=elasticsearch:elasticsearch elasticsearch.yml /usr/share/elasticsearch/config/ ``` +::: + +:::{tab-item} Specific version +:sync: specific +Replace `` with the version of the Docker image you downloaded. +```sh subs=true +FROM docker.elastic.co/elasticsearch/elasticsearch: +COPY --chown=elasticsearch:elasticsearch elasticsearch.yml /usr/share/elasticsearch/config/ +``` +::: +:::: You could then build and run the image with: diff --git a/deploy-manage/deploy/self-managed/install-elasticsearch-docker-prod.md b/deploy-manage/deploy/self-managed/install-elasticsearch-docker-prod.md index 24de6e0da7..2ceae2eb42 100644 --- a/deploy-manage/deploy/self-managed/install-elasticsearch-docker-prod.md +++ b/deploy-manage/deploy/self-managed/install-elasticsearch-docker-prod.md @@ -131,9 +131,23 @@ Increased ulimits for [nofile](setting-system-settings.md) and [nproc](/deploy-m To check the Docker daemon defaults for ulimits, run: +::::{tab-set} +:group: docker +:::{tab-item} Latest +:sync: latest ```sh subs=true docker run --rm docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} /bin/bash -c 'ulimit -Hn && ulimit -Sn && ulimit -Hu && ulimit -Su' ``` +::: + +:::{tab-item} Specific version +:sync: specific +Replace `` with the version of the Docker image you downloaded. +```sh subs=true +docker run --rm docker.elastic.co/elasticsearch/elasticsearch: /bin/bash -c 'ulimit -Hn && ulimit -Sn && ulimit -Hu && ulimit -Su' +``` +::: +:::: If needed, adjust them in the Daemon or override them per container. For example, when using `docker run`, set: @@ -166,9 +180,23 @@ To manually set the heap size in production, bind mount a [JVM options](elastics For testing, you can also manually set the heap size using the `ES_JAVA_OPTS` environment variable. For example, to use 1GB, use the following command. +::::{tab-set} +:group: docker +:::{tab-item} Latest +:sync: latest ```sh subs=true docker run -e ES_JAVA_OPTS="-Xms1g -Xmx1g" -e ENROLLMENT_TOKEN="" --name es01 -p 9200:9200 --net elastic -it docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} ``` +::: + +:::{tab-item} Specific version +:sync: specific +Replace `` with the version of the Docker image you downloaded. +```sh subs=true +docker run -e ES_JAVA_OPTS="-Xms1g -Xmx1g" -e ENROLLMENT_TOKEN="" --name es01 -p 9200:9200 --net elastic -it docker.elastic.co/elasticsearch/elasticsearch: +``` +::: +:::: The `ES_JAVA_OPTS` variable overrides all other JVM options. We do not recommend using `ES_JAVA_OPTS` in production. @@ -177,9 +205,23 @@ The `ES_JAVA_OPTS` variable overrides all other JVM options. We do not recommend Pin your deployments to a specific version of the {{es}} Docker image. For example: +::::{tab-set} +:group: docker +:::{tab-item} Latest +:sync: latest ```sh subs=true docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} ``` +::: + +:::{tab-item} Specific version +:sync: specific +Replace `` with the version of the Docker image you downloaded. +```sh subs=true +docker.elastic.co/elasticsearch/elasticsearch: +``` +::: +:::: ## Always bind data volumes [_always_bind_data_volumes] diff --git a/deploy-manage/deploy/self-managed/install-elasticsearch-from-archive-on-linux-macos.md b/deploy-manage/deploy/self-managed/install-elasticsearch-from-archive-on-linux-macos.md index 42992bb614..7fd307328b 100644 --- a/deploy-manage/deploy/self-managed/install-elasticsearch-from-archive-on-linux-macos.md +++ b/deploy-manage/deploy/self-managed/install-elasticsearch-from-archive-on-linux-macos.md @@ -43,8 +43,13 @@ Download and install the archive for Linux or MacOS. ### Linux [install-linux] -The Linux archive for {{es}} {{version.stack}} can be downloaded and installed as follows: +The Linux archive for {{es}} can be downloaded and installed as follows: +::::{tab-set} +:group: docker +:::{tab-item} Latest +:sync: latest +To download and install the {{es}} {{version.stack}} archive, enter: ```sh subs=true wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-linux-x86_64.tar.gz wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-linux-x86_64.tar.gz.sha512 @@ -52,32 +57,66 @@ shasum -a 512 -c elasticsearch-{{version.stack}}-linux-x86_64.tar.gz.sha512 <1> tar -xzf elasticsearch-{{version.stack}}-linux-x86_64.tar.gz cd elasticsearch-{{version.stack}}/ <2> ``` - 1. Compares the SHA of the downloaded `.tar.gz` archive and the published checksum, which should output `elasticsearch--linux-x86_64.tar.gz: OK`. 2. This directory is known as `$ES_HOME`. +::: +:::{tab-item} Specific version +:sync: specific +Replace `` with the {{es}} version number you want. For example, you can replace `` with {{version.stack.base}}. +```sh subs=true +wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch--linux-x86_64.tar.gz +wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch--linux-x86_64.tar.gz.sha512 +shasum -a 512 -c elasticsearch--linux-x86_64.tar.gz.sha512 <1> +tar -xzf elasticsearch--linux-x86_64.tar.gz +cd elasticsearch-/ <2> +``` +1. Compares the SHA of the downloaded `.tar.gz` archive and the published checksum, which should output `elasticsearch--linux-x86_64.tar.gz: OK`. +2. This directory is known as `$ES_HOME`. +::: +:::: ### MacOS [install-macos] -The MacOS archive for {{es}} {{version.stack}} can be downloaded and installed as follows: +The MacOS archive for {{es}} can be downloaded and installed as follows: +::::{tab-set} +:group: docker +:::{tab-item} Latest +:sync: latest +To download and install the {{es}} {{version.stack}} archive, enter: ```sh subs=true curl -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-darwin-x86_64.tar.gz curl https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-darwin-x86_64.tar.gz.sha512 | shasum -a 512 -c - <1> tar -xzf elasticsearch-{{version.stack}}-darwin-x86_64.tar.gz cd elasticsearch-{{version.stack}}/ <2> ``` - 1. Compares the SHA of the downloaded `.tar.gz` archive and the published checksum, which should output `elasticsearch--darwin-x86_64.tar.gz: OK`. 2. This directory is known as `$ES_HOME`. +::: + +:::{tab-item} Specific version +:sync: specific +Replace `` with the {{es}} version number you want. For example, you can replace `` with {{version.stack.base}}. +```sh subs=true +curl -O https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch--darwin-x86_64.tar.gz +curl https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch--darwin-x86_64.tar.gz.sha512 | shasum -a 512 -c - <1> +tar -xzf elasticsearch--darwin-x86_64.tar.gz +cd elasticsearch-/ <2> +``` +1. Compares the SHA of the downloaded `.tar.gz` archive and the published checksum, which should output `elasticsearch--darwin-x86_64.tar.gz: OK`. +2. This directory is known as `$ES_HOME`. +::: +::: +:::: ::::{admonition} macOS Gatekeeper warnings :class: important Apple’s rollout of stricter notarization requirements affected the notarization of the {{version.stack}} {{es}} artifacts. If macOS displays a dialog when you first run {{es}} that interrupts it, then you need to take an action to allow it to run. -To prevent Gatekeeper checks on the {{es}} files, run the following command on the downloaded .tar.gz archive or the directory to which was extracted: +To prevent Gatekeeper checks on the {{es}} files, run the following command on the downloaded `.tar.gz` archive or the directory to which it was extracted: ```sh xattr -d -r com.apple.quarantine diff --git a/deploy-manage/deploy/self-managed/install-elasticsearch-with-debian-package.md b/deploy-manage/deploy/self-managed/install-elasticsearch-with-debian-package.md index 413ad087fb..4127a56d20 100644 --- a/deploy-manage/deploy/self-managed/install-elasticsearch-with-debian-package.md +++ b/deploy-manage/deploy/self-managed/install-elasticsearch-with-debian-package.md @@ -99,16 +99,32 @@ Examine `/etc/apt/sources.list.d/elasticsearch-9.x.list` for the duplicate entry ### Download and install the Debian package manually [install-deb] -The Debian package for {{es}} {{version.stack}} can be downloaded from the website and installed as follows: +The Debian package for {{es}} can be downloaded from the website and installed as follows: +::::{tab-set} + +:::{tab-item} Latest +To download and install the {{es}} {{version.stack}} package, enter: ```sh subs=true wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-amd64.deb wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-amd64.deb.sha512 shasum -a 512 -c elasticsearch-{{version.stack}}-amd64.deb.sha512 <1> sudo dpkg -i elasticsearch-{{version.stack}}-amd64.deb ``` - 1. Compares the SHA of the downloaded Debian package and the published checksum, which should output `elasticsearch--amd64.deb: OK`. +::: + +:::{tab-item} Specific version +Replace `` with the {{es}} version number you want. For example, you can replace `` with {{version.stack.base}}. +```sh subs=true +wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch--amd64.deb +wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch--amd64.deb.sha512 +shasum -a 512 -c elasticsearch--amd64.deb.sha512 <1> +sudo dpkg -i elasticsearch--amd64.deb +``` +1. Compares the SHA of the downloaded Debian package and the published checksum, which should output `elasticsearch--amd64.deb: OK`. +::: +:::: ## Step 3: Set up the node for connectivity diff --git a/deploy-manage/deploy/self-managed/install-elasticsearch-with-rpm.md b/deploy-manage/deploy/self-managed/install-elasticsearch-with-rpm.md index ad0c9d0c21..6275624564 100644 --- a/deploy-manage/deploy/self-managed/install-elasticsearch-with-rpm.md +++ b/deploy-manage/deploy/self-managed/install-elasticsearch-with-rpm.md @@ -83,19 +83,44 @@ sudo zypper modifyrepo --enable elasticsearch && \ ### Download and install the RPM manually [install-rpm] -1. Download and install the RPM for {{es}} {{version.stack}} with the following commands: +1. Download and install the RPM for {{es}} with the following commands: + +::::{tab-set} + +:::{tab-item} Latest +To download and install the {{es}} {{version.stack}} RPM, enter: + ```sh subs=true + wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-x86_64.rpm + wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-x86_64.rpm.sha512 + shasum -a 512 -c elasticsearch-{{version.stack}}-x86_64.rpm.sha512 <1> + sudo rpm --install elasticsearch-{{version.stack}}-x86_64.rpm + ``` + 1. Compares the SHA of the downloaded RPM and the published checksum, which should output `elasticsearch--x86_64.rpm: OK`. + + :::{include} _snippets/skip-set-kernel-params.md + ::: + +::: + +:::{tab-item} Specific version +Replace `` with the {{es}} version number you want. For example, you can replace `` with {{version.stack.base}}. + ```sh subs=true + wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch--x86_64.rpm + wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch--x86_64.rpm.sha512 + shasum -a 512 -c elasticsearch--x86_64.rpm.sha512 <1> + sudo rpm --install elasticsearch--x86_64.rpm + ``` + 1. Compares the SHA of the downloaded RPM and the published checksum, which should output `elasticsearch--x86_64.rpm: OK`. + + :::{include} _snippets/skip-set-kernel-params.md + ::: - ```sh subs=true - wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-x86_64.rpm - wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-x86_64.rpm.sha512 - shasum -a 512 -c elasticsearch-{{version.stack}}-x86_64.rpm.sha512 <1> - sudo rpm --install elasticsearch-{{version.stack}}-x86_64.rpm - ``` +::: +:::: + - 1. Compares the SHA of the downloaded RPM and the published checksum, which should output `elasticsearch--x86_64.rpm: OK`. + - :::{include} _snippets/skip-set-kernel-params.md - ::: 2. Copy the terminal output from the install command to a local file. In particular, you’ll need the password for the built-in `elastic` superuser account. The output also contains the commands to enable {{es}} to [run as a service](#running-systemd). diff --git a/deploy-manage/deploy/self-managed/install-elasticsearch-with-zip-on-windows.md b/deploy-manage/deploy/self-managed/install-elasticsearch-with-zip-on-windows.md index afd05b9e22..63e7623a50 100644 --- a/deploy-manage/deploy/self-managed/install-elasticsearch-with-zip-on-windows.md +++ b/deploy-manage/deploy/self-managed/install-elasticsearch-with-zip-on-windows.md @@ -41,14 +41,41 @@ On Windows, the {{es}} {{ml}} feature requires the Microsoft Universal C Runtime ## Step 1: Download and install the `.zip` package [install-windows] +::::{tab-set} + +:::{tab-item} Latest % link url manually set Download the `.zip` archive for {{es}} {{version.stack}} from: [https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-windows-x86_64.zip](https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-{{version.stack}}-windows-x86_64.zip) -Unzip it with your favorite unzip tool. This will create a folder called `elasticsearch-`, which we will refer to as `%ES_HOME%`. In a terminal window, `cd` to the `%ES_HOME%` directory, for instance: +Unzip it with your favorite unzip tool. This will create a folder with the following name: + +```text subs=true +elasticsearch-{{version.stack}} +``` + +We will refer to this folder as `%ES_HOME%`. + +In a terminal window, `cd` to the `%ES_HOME%` directory, for example: ```sh subs=true cd C:\Program Files\elasticsearch-{{version.stack}} ``` +::: + +:::{tab-item} Specific version +Download the `.zip` archive for the {{es}} version that you want from the [Past Releases](https://www.elastic.co/downloads/past-releases) page. + +Unzip it with your favorite unzip tool. This will create a folder called `elasticsearch-`, where `` is the version you downloaded. We will refer to this folder as `%ES_HOME%`. + +In a terminal window, `cd` to the `%ES_HOME%` directory, for example: + +```sh subs=true +cd C:\Program Files\elasticsearch- +``` +Replace `` with the {{es}} version you installed. +::: +:::: + ## Step 2: Enable automatic creation of system indices [windows-enable-indices] diff --git a/deploy-manage/deploy/self-managed/install-kibana-from-archive-on-linux-macos.md b/deploy-manage/deploy/self-managed/install-kibana-from-archive-on-linux-macos.md index 91420be2c5..e24f015332 100644 --- a/deploy-manage/deploy/self-managed/install-kibana-from-archive-on-linux-macos.md +++ b/deploy-manage/deploy/self-managed/install-kibana-from-archive-on-linux-macos.md @@ -29,6 +29,11 @@ macOS is supported for development purposes only and is not covered under the su The Linux archive for {{kib}} {{version.stack}} can be downloaded and installed as follows: +::::{tab-set} +:group: docker-kib +:::{tab-item} Latest +:sync: latest +To download and install the {{kib}} {{version.stack}} archive, enter: ```sh subs=true curl -O https://artifacts.elastic.co/downloads/kibana/kibana-{{version.stack}}-linux-x86_64.tar.gz curl https://artifacts.elastic.co/downloads/kibana/kibana-{{version.stack}}-linux-x86_64.tar.gz.sha512 | shasum -a 512 -c - <1> @@ -38,11 +43,33 @@ cd kibana-{{version.stack}}/ <2> 1. Compares the SHA of the downloaded `.tar.gz` archive and the published checksum, which should output `kibana--linux-x86_64.tar.gz: OK`. 2. This directory is known as `$KIBANA_HOME`. +::: + +:::{tab-item} Specific version +:sync: specific +Because {{kib}} is an {{stack}} product, you must install the same version number as the rest of your {{stack}} components. Replace `` with the version that's used across your entire stack. For example, you can use {{version.stack.base}}. +For more information, refer to [{{es}} version](/deploy-manage/deploy/self-managed/install-kibana.md#elasticsearch-version). +```sh subs=true +curl -O https://artifacts.elastic.co/downloads/kibana/kibana--linux-x86_64.tar.gz +curl https://artifacts.elastic.co/downloads/kibana/kibana--linux-x86_64.tar.gz.sha512 | shasum -a 512 -c - <1> +tar -xzf kibana--linux-x86_64.tar.gz +cd kibana-/ <2> +``` + +1. Compares the SHA of the downloaded `.tar.gz` archive and the published checksum, which should output `kibana--linux-x86_64.tar.gz: OK`. +2. This directory is known as `$KIBANA_HOME`. +::: +:::: ### MacOS [install-darwin64] The Darwin archive for {{kib}} {{version.stack}} can be downloaded and installed as follows: +::::{tab-set} +:group: docker-kib +:::{tab-item} Latest +:sync: latest +To download and install the {{kib}} {{version.stack}} archive, enter: ```sh subs=true curl -O https://artifacts.elastic.co/downloads/kibana/kibana-{{version.stack}}-darwin-x86_64.tar.gz curl https://artifacts.elastic.co/downloads/kibana/kibana-{{version.stack}}-darwin-x86_64.tar.gz.sha512 | shasum -a 512 -c - <1> @@ -52,7 +79,23 @@ cd kibana-{{version.stack}}/ <2> 1. Compares the SHA of the downloaded `.tar.gz` archive and the published checksum, which should output `kibana--darwin-x86_64.tar.gz: OK`. 2. This directory is known as `$KIBANA_HOME`. +::: + +:::{tab-item} Specific version +:sync: specific +Because {{kib}} is an {{stack}} product, you must install the same version number that's used across the stack. Replace `` with the {{stack}} version. +For more information, refer to [{{es}} version](/deploy-manage/deploy/self-managed/install-kibana.md#elasticsearch-version). +```sh subs=true +curl -O https://artifacts.elastic.co/downloads/kibana/kibana--darwin-x86_64.tar.gz +curl https://artifacts.elastic.co/downloads/kibana/kibana--darwin-x86_64.tar.gz.sha512 | shasum -a 512 -c - <1> +tar -xzf kibana--darwin-x86_64.tar.gz +cd kibana-/ <2> +``` +1. Compares the SHA of the downloaded `.tar.gz` archive and the published checksum, which should output `kibana--darwin-x86_64.tar.gz: OK`. +2. This directory is known as `$KIBANA_HOME`. +::: +:::: ::::{admonition} macOS Gatekeeper warnings :class: important diff --git a/deploy-manage/deploy/self-managed/install-kibana-on-windows.md b/deploy-manage/deploy/self-managed/install-kibana-on-windows.md index c0799768ca..6d8ba29ee5 100644 --- a/deploy-manage/deploy/self-managed/install-kibana-on-windows.md +++ b/deploy-manage/deploy/self-managed/install-kibana-on-windows.md @@ -18,13 +18,39 @@ products: ## Step 1: Download and install the `.zip` package [install-windows] +::::{tab-set} + +:::{tab-item} Latest Download the .zip windows archive for {{kib}} {{version.stack}} from [https://artifacts.elastic.co/downloads/kibana/kibana-{{version.stack}}-windows-x86_64.zip](https://artifacts.elastic.co/downloads/kibana/kibana-{{version.stack}}-windows-x86_64.zip) -Unzip it with your favorite unzip tool. This will create a folder called kibana-{{version.stack}}-windows-x86_64, which we will refer to as `$KIBANA_HOME`. In a terminal window, CD to the `$KIBANA_HOME` directory, for instance: +Unzip it with your favorite unzip tool. This will create a folder with the following name: + +```text subs=true +kibana-{{version.stack}}-windows-x86_64 +``` +We will refer to this folder as `$KIBANA_HOME`. + +In a terminal window, CD to the `$KIBANA_HOME` directory, for instance: ```sh subs=true CD c:\kibana-{{version.stack}}-windows-x86_64 ``` +::: + +:::{tab-item} Specific version +Download the `.zip` archive for the {{kib}} version that you want from the [Past Releases](https://www.elastic.co/downloads/past-releases) page. +If you're unsure about which version to install, refer to [{{es}} version](/deploy-manage/deploy/self-managed/install-kibana.md#elasticsearch-version) for more information about version compatibility. + +Unzip it with your favorite unzip tool. This will create a folder called `kibana--windows-x86_64`, where `` is the version you downloaded. We will refer to this folder as `$KIBANA_HOME`. + +In a terminal window, CD to the `$KIBANA_HOME` directory, for instance: + +```sh subs=true +CD c:\kibana-}-windows-x86_64 +``` +Replace `` with the {{kib}} version number you installed. +::: +:::: ## Step 2: Start {{es}} and generate an enrollment token for {{kib}} [windows-enroll] diff --git a/deploy-manage/deploy/self-managed/install-kibana-with-debian-package.md b/deploy-manage/deploy/self-managed/install-kibana-with-debian-package.md index 635504b4da..f1e301277a 100644 --- a/deploy-manage/deploy/self-managed/install-kibana-with-debian-package.md +++ b/deploy-manage/deploy/self-managed/install-kibana-with-debian-package.md @@ -80,6 +80,10 @@ Examine `/etc/apt/sources.list.d/kibana-9.x.list` for the duplicate entry or loc The Debian package for {{kib}} {{version.stack}} can be downloaded from the website and installed as follows: +::::{tab-set} + +:::{tab-item} Latest +To download and install the {{kib}} {{version.stack}} package, enter: ```sh subs=true wget https://artifacts.elastic.co/downloads/kibana/kibana-{{version.stack}}-amd64.deb shasum -a 512 kibana-{{version.stack}}-amd64.deb <1> @@ -87,8 +91,21 @@ sudo dpkg -i kibana-{{version.stack}}-amd64.deb ``` 1. Compare the SHA produced by shasum with the [published SHA](https://artifacts.elastic.co/downloads/kibana/kibana-9.0.0-amd64.deb.sha512). +% version manually specified in the link above +::: + +:::{tab-item} Specific version +Because {{kib}} is an {{stack}} product, you must install the same version number as the rest of your {{stack}} components. Replace `` with the version that's used across your entire stack. For example, you can use {{version.stack.base}}. +```sh subs=true +wget https://artifacts.elastic.co/downloads/kibana/kibana--amd64.deb +shasum -a 512 kibana--amd64.deb <1> +sudo dpkg -i kibana--amd64.deb +``` +1. Compare the SHA produced by shasum with the [published SHA](https://artifacts.elastic.co/downloads/kibana/kibana-9.0.0-amd64.deb.sha512). % version manually specified in the link above +::: +:::: ## Step 3: Start {{es}} and generate an enrollment token for {{kib}} [deb-enroll] diff --git a/deploy-manage/deploy/self-managed/install-kibana-with-docker.md b/deploy-manage/deploy/self-managed/install-kibana-with-docker.md index 1be37fc9f5..f2784be84d 100644 --- a/deploy-manage/deploy/self-managed/install-kibana-with-docker.md +++ b/deploy-manage/deploy/self-managed/install-kibana-with-docker.md @@ -48,12 +48,30 @@ This setup doesn’t run multiple {{es}} nodes by default. To create a multi-nod 3. Pull the {{es}} Docker image. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true docker pull docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} ``` + ::: + + :::{tab-item} Specific version + :sync: specific + Because {{kib}} is an {{stack}} product, you must install the same version number as the rest of your {{stack}} components. Replace `` with the version that's used across your entire stack. For example, you can use {{version.stack.base}}. You'll use this same version number throughout this tutorial. + ```sh subs=true + docker pull docker.elastic.co/elasticsearch/elasticsearch: + ``` + ::: + :::: 4. Optional: Install [Cosign](https://docs.sigstore.dev/system_config/installation/) for your environment. Then use Cosign to verify the {{es}} image’s signature. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true wget https://artifacts.elastic.co/cosign.pub cosign verify --key cosign.pub docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} @@ -68,12 +86,47 @@ This setup doesn’t run multiple {{es}} nodes by default. To create a multi-nod - Existence of the claims in the transparency log was verified offline - The signatures were verified against the specified public key ``` + ::: + + :::{tab-item} Specific version + :sync: specific + Replace `` with the version of the Docker image you downloaded. + ```sh subs=true + wget https://artifacts.elastic.co/cosign.pub + cosign verify --key cosign.pub docker.elastic.co/elasticsearch/elasticsearch: + ``` + + The `cosign` command prints the check results and the signature payload in JSON format: + + ```sh subs=true + Verification for docker.elastic.co/elasticsearch/elasticsearch: -- + The following checks were performed on each of these signatures: + - The cosign claims were validated + - Existence of the claims in the transparency log was verified offline + - The signatures were verified against the specified public key + ``` + ::: + :::: 5. Start an {{es}} container. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true docker run --name es01 --net elastic -p 9200:9200 -it -m 1GB docker.elastic.co/elasticsearch/elasticsearch:{{version.stack}} ``` + ::: + + :::{tab-item} Specific version + :sync: specific + Replace `` with the version of the Docker image you downloaded. + ```sh subs=true + docker run --name es01 --net elastic -p 9200:9200 -it -m 1GB docker.elastic.co/elasticsearch/elasticsearch: + ``` + ::: + :::: ::::{tip} Use the `-m` flag to set a memory limit for the container. This removes the need to [manually set the JVM size](/deploy-manage/deploy/self-managed/install-elasticsearch-docker-prod.md#docker-set-heap-size). @@ -91,22 +144,65 @@ This setup doesn’t run multiple {{es}} nodes by default. To create a multi-nod 7. Pull the {{kib}} Docker image. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true docker pull docker.elastic.co/kibana/kibana:{{version.stack}} ``` + ::: + + :::{tab-item} Specific version + :sync: specific + Replace `` with the version of the Docker image you downloaded. + ```sh subs=true + docker pull docker.elastic.co/kibana/kibana: + ``` + ::: + :::: 8. Optional: Verify the {{kib}} image’s signature. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true wget https://artifacts.elastic.co/cosign.pub cosign verify --key cosign.pub docker.elastic.co/kibana/kibana:{{version.stack}} ``` + ::: + + :::{tab-item} Specific version + :sync: specific + Replace `` with the version of the Docker image you downloaded. + ```sh subs=true + wget https://artifacts.elastic.co/cosign.pub + cosign verify --key cosign.pub docker.elastic.co/kibana/kibana: + ``` + ::: + :::: 9. Start a {{kib}} container. + ::::{tab-set} + :group: docker + :::{tab-item} Latest + :sync: latest ```sh subs=true docker run --name kib01 --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana:{{version.stack}} ``` + ::: + + :::{tab-item} Specific version + :sync: specific + Replace `` with the version of the Docker image you downloaded. + ```sh subs=true + docker run --name kib01 --net elastic -p 5601:5601 docker.elastic.co/kibana/kibana: + ``` + ::: + :::: 10. When {{kib}} starts, it outputs a unique generated link to the terminal. To access {{kib}}, open this link in a web browser. 11. In your browser, enter the enrollment token that was generated when you started {{es}}. @@ -150,6 +246,10 @@ The Docker images provide several methods for configuring {{kib}}. The conventio One way to configure {{kib}} on Docker is to provide `kibana.yml` via bind-mounting. With `docker-compose`, the bind-mount can be specified like this: +::::{tab-set} +:group: docker-kib +:::{tab-item} Latest +:sync: latest ```yaml subs=true version: '2' services: @@ -158,16 +258,46 @@ services: volumes: - ./kibana.yml:/usr/share/kibana/config/kibana.yml ``` +::: + +:::{tab-item} Specific version +:sync: specific +Replace `` with the version of the Docker image you downloaded. +```yaml subs=true +version: '2' +services: + kibana: + image: docker.elastic.co/kibana/kibana: + volumes: + - ./kibana.yml:/usr/share/kibana/config/kibana.yml +``` +::: +:::: ## Persist the {{kib}} keystore [_persist_the_kib_keystore] By default, {{kib}} auto-generates a keystore file for secure settings at startup. To persist your [secure settings](/deploy-manage/security/secure-settings.md), use the `kibana-keystore` utility to bind-mount the parent directory of the keystore to the container. For example: +::::{tab-set} +:group: docker-kib +:::{tab-item} Latest +:sync: latest ```sh subs=true docker run -it --rm -v full_path_to/config:/usr/share/kibana/config -v full_path_to/data:/usr/share/kibana/data docker.elastic.co/kibana/kibana:{{version.stack}} bin/kibana-keystore create docker run -it --rm -v full_path_to/config:/usr/share/kibana/config -v full_path_to/data:/usr/share/kibana/data docker.elastic.co/kibana/kibana:{{version.stack}} bin/kibana-keystore add test_keystore_setting ``` +::: + +:::{tab-item} Specific version +:sync: specific +Replace `` with the version of the Docker image you downloaded. +```sh subs=true +docker run -it --rm -v full_path_to/config:/usr/share/kibana/config -v full_path_to/data:/usr/share/kibana/data docker.elastic.co/kibana/kibana: bin/kibana-keystore create +docker run -it --rm -v full_path_to/config:/usr/share/kibana/config -v full_path_to/data:/usr/share/kibana/data docker.elastic.co/kibana/kibana: bin/kibana-keystore add test_keystore_setting +``` +::: +:::: ### Environment variable configuration [environment-variable-config] @@ -195,6 +325,10 @@ Supplying array options can be tricky. The following example shows the syntax fo These variables can be set with `docker-compose` like this: +::::{tab-set} +:group: docker-kib +:::{tab-item} Latest +:sync: latest ```yaml subs=true version: '2' services: @@ -204,6 +338,22 @@ services: SERVER_NAME: kibana.example.org ELASTICSEARCH_HOSTS: '[":9200",":9200",":9200"]' ``` +::: + +:::{tab-item} Specific version +:sync: specific +Replace `` with the version of the Docker image you downloaded. +```yaml subs=true +version: '2' +services: + kibana: + image: docker.elastic.co/kibana/kibana: + environment: + SERVER_NAME: kibana.example.org + ELASTICSEARCH_HOSTS: '[":9200",":9200",":9200"]' +``` +::: +:::: Since environment variables are translated to CLI arguments, they take precedence over settings configured in `kibana.yml`. diff --git a/deploy-manage/deploy/self-managed/install-kibana-with-rpm.md b/deploy-manage/deploy/self-managed/install-kibana-with-rpm.md index 04a98ca2dc..7fae5cbfb6 100644 --- a/deploy-manage/deploy/self-managed/install-kibana-with-rpm.md +++ b/deploy-manage/deploy/self-managed/install-kibana-with-rpm.md @@ -69,6 +69,10 @@ sudo zypper install kibana <3> The RPM for {{kib}} {{version.stack}} can be downloaded from the website and installed as follows: +::::{tab-set} + +:::{tab-item} Latest +To download and install the {{kib}} {{version.stack}} RPM, enter: ```sh subs=true wget https://artifacts.elastic.co/downloads/kibana/kibana-{{version.stack}}-x86_64.rpm wget https://artifacts.elastic.co/downloads/kibana/kibana-{{version.stack}}-x86_64.rpm.sha512 @@ -77,7 +81,20 @@ sudo rpm --install kibana-{{version.stack}}-x86_64.rpm ``` 1. Compares the SHA of the downloaded RPM and the published checksum, which should output `kibana--x86_64.rpm: OK`. +::: +:::{tab-item} Specific version +Because {{kib}} is an {{stack}} product, you must install the same version number as the rest of your {{stack}} components. Replace `` with the version that's used across your entire stack. For example, you can use {{version.stack.base}}. +```sh subs=true +wget https://artifacts.elastic.co/downloads/kibana/kibana--x86_64.rpm +wget https://artifacts.elastic.co/downloads/kibana/kibana--x86_64.rpm.sha512 +shasum -a 512 -c kibana--x86_64.rpm.sha512 <1> +sudo rpm --install kibana--x86_64.rpm +``` + +1. Compares the SHA of the downloaded RPM and the published checksum, which should output `kibana--x86_64.rpm: OK`. +::: +:::: ## Step 3: Start {{es}} and generate an enrollment token for {{kib}} [rpm-enroll]