How to Install and Configure Elasticsearch on Rocky Linux 10

Elasticsearch is a free, open-source, distributed search and analytics engine capable of handling a large amounts of data. It is used for real-time full-text searches in applications where a large amount of data needs to be analyzed. It is very popular due to its usability, powerful features, and scalability. It supports RESTful with an HTTP URI to manipulate data. Elasticsearch is easy to use, offering features such as automatic node recovery, improved security, scalability and resiliency, automatic data balancing, and more.

In this post, we will show you how to install and configure Elasticsearch on Rocky Linux 10.

Step 1 – Install Java

Elasticsearch is a Java-based application, so Java must be installed on your server. If not installed, you can install it by running the following command:

dnf install java-21-openjdk-devel -y

After the installation, verify the Java version using the following command:

java --version

Sample output:

openjdk 21.0.8 2025-07-15 LTS
OpenJDK Runtime Environment (Red_Hat-21.0.8.0.9-1) (build 21.0.8+9-LTS)
OpenJDK 64-Bit Server VM (Red_Hat-21.0.8.0.9-1) (build 21.0.8+9-LTS, mixed mode, sharing)

Step 2 – Create Elasticsearch Repository

By default, Elasticsearch is not included in the Rocky Linux default repository, so you will need to create a repository for it.

First, download and import the GPG key with the following command:

rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

Next, create an Elasticsearch repo with the following command:

nano /etc/yum.repos.d/elasticsearch.repo

Add the following lines:

[elasticsearch]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

Save and close the file when you are finished.

Step 3 – Install and Configure Elasticsearch

Now, install the Elasticsearch package with the following command:

dnf install elasticsearch -y

After installing Elasticsearch, edit the Elasticsearch main configuration file:

nano /etc/elasticsearch/elasticsearch.yml

Change the following lines:

cluster.name: my-cluster
node.name: rocky

# Data paths
path.data: /var/lib/elasticsearch
path.logs: /var/log/elasticsearch

# Bind locally for testing
network.host: 127.0.0.1
http.port: 9200

xpack.security.enabled: true
xpack.security.http.ssl.enabled: false

#cluster.initial_master_nodes: ["rocky"]

Save and close the file, then start the Elasticsearch service and enable it to start at system reboot:

systemctl start elasticsearch
systemctl enable elasticsearch

Now, check the status of the Elasticsearch with the following command:

systemctl status elasticsearch

You should get the following output:

● elasticsearch.service - Elasticsearch
     Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; disabled; preset: disabled)
     Active: active (running) since Tue 2025-10-21 04:49:30 EDT; 33s ago
 Invocation: 0be86d5fa6094c57afcd326ff343cd5a
       Docs: https://www.elastic.co
   Main PID: 9012 (java)
      Tasks: 80 (limit: 24809)
     Memory: 2.3G (peak: 2.3G)
        CPU: 46.807s
     CGroup: /system.slice/elasticsearch.service
             ├─9012 /usr/share/elasticsearch/jdk/bin/java -Xms4m -Xmx64m -XX:+UseSerialGC -Dcli.name=server -Dcli.script=/usr/share/elasticsearch/bin/elasticsearch -Dcli.libs=lib/tool>
             ├─9072 /usr/share/elasticsearch/jdk/bin/java -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=tru>

You can now verify Elasticsearch using the following command:

curl -X GET 'http://localhost:9200'

If everything is fine, you should get the following output:

{
  "name" : "node-1",
  "cluster_name" : "my-application",
  "cluster_uuid" : "_na_",
  "version" : {
    "number" : "8.19.5",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "d6dd0417f05cd69706f4f103c69bbb8b7688db9c",
    "build_date" : "2025-10-03T16:35:50.165700789Z",
    "build_snapshot" : false,
    "lucene_version" : "9.12.2",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

Step 4 – How to Use Elasticsearch

After installing Elasticsearch, we will need to reset the Elasticsearch default password for the elastic user.

Run the below command to reset the password:

/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic --url http://localhost:9200

You will see the output below.

This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y


Password for the [elastic] user successfully reset.
New value: pSzZn-lUl66pWYVALC2W

Now, run the following command to test the Elasticsearch API using the password:

curl -u elastic:pSzZn-lUl66pWYVALC2W -k http://127.0.0.1:9200

Sample output:

{
  "name" : "rocky",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "LyC76-Z8Tk6mSYQFQwPyKw",
  "version" : {
    "number" : "8.19.6",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "d2c42d91a1eb9e14b1a37c4d87eb2533ec859e2b",
    "build_date" : "2025-10-21T22:05:27.062491219Z",
    "build_snapshot" : false,
    "lucene_version" : "9.12.2",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

Conclusion

In the above guide, you learned how to install and use Elasticsearch on Rocky Linux 10. You can now use Elasticsearch with other tools, such as Kibana and Logstash to search and display data via a graphical interface. Start using Elasticsearch on dedicated hosting from Atlantic.Net.