2. Prerequisites - Alexandre-Guth/Elastic-Stack-FileBeat-Logspout GitHub Wiki

Deploying Elasticsearch requires some tuning on the host

Java

It is recommended that you use the Oracle JDK version 1.8.0_131

Check your Java version

java -version echo $JAVA_HOME

Install JDK 8 Debian/Ubuntu

sudo apt-get install openjdk-8-jre

Install JDK 8 Redhat/CentOS

su -c "yum install java-1.8.0-openjdk"

VM memory areas

The vm.max_map_count kernel setting needs to be set to at least 262144 for production use

The vm.max_map_count setting should be set permanently in /etc/sysctl.conf:

grep vm.max_map_count /etc/sysctl.conf vm.max_map_count=262144

To apply the setting on a live system type

(you still have to change the vm.max_map_count in /etc/sysctl.conf)

sysctl -w vm.max_map_count=262144

Set up the local host conf files

To add to /etc/security/limits.conf:

#setting up the host for elasticsearch`

root hard nproc 2048
root hard as unlimited
root hard fsize unlimited

elasticsearch hard nproc 2048
elasticsearch hard as unlimited
elasticsearch hard fsize unlimited

Docker volumes

The user of the data directory has be set to 1000:1000

chown -R 1000:1000 /path/to/data/elasticsearch