Open Distro for Elasticsearch - Installation - Part 2

-
Elasticsearch ecosystem has been in the popular choice for data and analytics purposes. In recent development, Elasticsearch is also available as license based  deployments. Apache 2.0 Licensed Elasticsearch which is free of cost and provides very basic features compared to paid/licensed Elastic stack.  

Open Distro for Elasticsearch is an alternative which is open source(apache 2.0 licensed) and maintained by Amazon. Apart from providing Elasticsearch and Kibana, this distribution also contains security, event monitoring & alerting, performance analysis, SQL query features, SQL JDBC. Open Distro for Elasticsearch and Kibana are available as RPM and Docker containers.

Open Distro for Elasticsearch features

ComponentPurpose
ElasticsearchData store and search engine
KibanaSearch frontend and visualizations
SecurityAuthentication and access control for your cluster
AlertingReceive notifications when your data meets certain conditions
SQLUse SQL or a piped processing language to query your data
Index State ManagementAutomate index operations
KNNFind “nearest neighbors” in your vector data
Performance AnalyzerMonitor and optimize your cluster
Anomaly DetectionIdentify atypical data and receive automatic notifications

Click here to know more for installation options.

Running a DEV setup -- 

I have created a docker compose file to install Elasticsearch, Kibana, Logstash and Filebeat. You will be able to quickly test a complete elastic search setup in your develeopment machine. You can refer the repository

https://gitlab.com/chittapriya/opendistroelk-logstash-filebeat

Note:- vm.max_map_count has to updated as mentioned in the below section.

Running a single instance -

If you want to run container with less RAM allocated to docker, you may try to run individual container.

Running Open Distro for Elastic search - 

docker run --restart always -d -p 9200:9200 -p 9600:9600 -e "discovery.type=single-node" -v opendistro-elk-vol:/usr/share/elasticsearch/data amazon/opendistro-for-elasticsearch:1.12.0

Get the IP address of Elasticsearch container - 
docker inspect -f '{{range.NetworkSettings.Networks}}{{.IPAddress}}{{end}}' ContainerName or ID
72.17.0.2
Running Kibana
docker run --restart always -d -p 5601:5601 -e "ELASTICSEARCH_URL=https://172.17.0.2" -e "ELASTICSEARCH_HOSTS=https://172.17.0.2:9200" amazon/opendistro-for-elasticsearch-kibana:1.12.0
http://localhost:5601/
Default credentials - 
 Username: admin 
 Password: admin
Running cluster mode (single host) -
You may increase vm.max_map_count and allocate at least 8GB RAM 
On LINUX
The vm.max_map_count setting should be set permanently in /etc/sysctl.conf:
/etc/sysctl.conf -- modify in this file
grep vm.max_map_count /etc/sysctl.conf

vm.max_map_count = 262144 

Apply changes  temp

sudo sysctl -w vm.max_map_count = 262144

ON WINDOWS
windows with Docker Desktop WSL 2 
wsl -d docker-desktop
sysctl -w vm.max_map_count=262144
Use docker compose file -- refer this link for more information
version: '3'
services:
  odfe-node1:
    image: amazon/opendistro-for-elasticsearch:1.12.0
    container_name: odfe-node1
    environment:
      - cluster.name=odfe-cluster
      - node.name=odfe-node1
      - discovery.seed_hosts=odfe-node1,odfe-node2
      - cluster.initial_master_nodes=odfe-node1,odfe-node2
      - bootstrap.memory_lock=true # along with the memlock settings below, disables swapping
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m" # minimum and maximum Java heap size, recommend setting both to 50% of system RAM
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536 # maximum number of open files for the Elasticsearch user, set to at least 65536 on modern systems
        hard: 65536
    volumes:
      - odfe-data1:/usr/share/elasticsearch/data
    ports:
      - 9200:9200
      - 9600:9600 # required for Performance Analyzer
    networks:
      - odfe-net
  odfe-node2:
    image: amazon/opendistro-for-elasticsearch:1.12.0
    container_name: odfe-node2
    environment:
      - cluster.name=odfe-cluster
      - node.name=odfe-node2
      - discovery.seed_hosts=odfe-node1,odfe-node2
      - cluster.initial_master_nodes=odfe-node1,odfe-node2
      - bootstrap.memory_lock=true
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - odfe-data2:/usr/share/elasticsearch/data
    networks:
      - odfe-net
  kibana:
    image: amazon/opendistro-for-elasticsearch-kibana:1.12.0
    container_name: odfe-kibana
    ports:
      - 5601:5601
    expose:

      - "5601"
    environment:
      ELASTICSEARCH_URL: https://odfe-node1:9200
      ELASTICSEARCH_HOSTS: https://odfe-node1:9200
    networks:
      - odfe-net

volumes:
  odfe-data1:
  odfe-data2:

networks:
  odfe-net: 
To start -> docker-compose up -d
To stop -> docker-compose down
To stop and delete all volume -> docker-compose down -v
Elasticsearch Command
curl -XGET https://localhost:9200 -u 'admin:admin' --insecure
curl -XGET https://localhost:9200/_cat/nodes?v -u 'admin:admin' --insecure
curl -XGET https://localhost:9200/_cat/plugins?v -u 'admin:admin' --insecure

For WINDOWS machine use "

curl -XGET https://localhost:9200 -u "admin:admin" --insecure
curl -XGET https://localhost:9200/_cat/nodes?v -u "admin:admin" --insecure
curl -XGET https://localhost:9200/_cat/plugins?v -u "admin:admin" --insecure

Kibana -- 
http://localhost:5601/
Managed Open Distro Elasticsearch(AWS) - 

References -
  • https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#_set_vm_max_map_count_to_at_least_262144

Comments

Post a Comment

Popular posts from this blog

Python Development Environment : pyenv & VS Code

-
Image
While working on Python projects, we need to support projects with multiple versions of Python. Managing multiple versions in one machine is adifficult task. But if you use pyenv it becomes easy to manage. What is pyenv? pyenv is a tool to manage multiple Python versions. You may not need to install System Python if you use pyenv. Installing pyenv [Windows] Follow instructions as mentioned in this link  . If you are using WINDOWS operating system the I would prefer Chocolatey package manager. Chocolatey Installation Use powershell with admin rights > choco install pyenv-win To test if the installation is successful  > pyenv To see available python installation > pyenv install -l If you do not see you python version then, > pyenv update Installing pyenv [WSL2 - LINUX/Ubuntu] Install Home Brew package manager. follow the the instructions HomeBrew  and HomeBrew Installations > /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew...
Read more

WSL 2 on Windows - LINUX based development environment and Docker

-
Image
Windows operating system provides "Windows Subsystem for Linux" which can be utilized to develop using Linux operating system and have Linux based tools. Windows operating system is providing a great interoperability so that it is very easy to operate between Linux distribution and base operating system. I still remember the old days where we had to do so many things to have Linux OS with the base operating system. Popular choices were to have dedicated partitions to have different Operating systems or have Virtual Machine to host any OS of your choice. For both the cases, the development experience was not that great. Modern development is based on Containerization technologies and for Windows operating system, Docker Desktop is a popular choice to create docker environment in Windows operating system. Docker Desktop was using Hyper-v based virtualization technology and Linux OS to provide required environment. Later it started supporting WSL to provide containerization capa...
Read more