Prerequisites

1. Install OpenJDK 11 by running the following command:
   sudo yum install java-11-openjdk-devel -y

2. Verify the java installation by running the following command:
   java -version

3. Install wget by running the following command:
   yum install wget -y

4. Increase the map count by running the following command:
   sysctl -w vm.max_map_count=262144
   Add the line to the file to set this permanently in /etc/sysctl.conf :
   vm.max_map_count=262144

   To check the map count you can use the following command:
   sysctl -q vm.max_map_count

5. Increase ulimit value and validate system settings

   To change the file descriptor setting, add the line to the file /etc/sysctl.conf.
   fs.file-max=100000 to it.

   Apply the changes by running the following command:
   sysctl -p

   To change the ulimit setting, edit the file /etc/security/limits.conf and set the hard and soft limits:
   * soft nofile 100000
* hard nofile 100000

   After these changes, please reboot the server by running the following command:
   reboot

   Check the ulimit settings by running the following command:
   ulimit -a

Installation

1. Please login as root using sudo su if you are not the root user.

2. Create a SearchBlox user by running the following commands:
   sudo adduser searchblox
sudo passwd searchblox

3. SearchBlox has to be installed in /opt folder, so change the directory to /opt by running the following command:
   cd /opt

4. Download SearchBlox rpm package by running the following command:
   sudo wget https://d2fco3ozzrfhhd.cloudfront.net/v10.5.1/searchblox-10.5.1-0.noarch.rpm

5. Install the rpm package by running the following command:
   sudo rpm -ivh searchblox-10.5.1-0.noarch.rpm

6. Change permission for few folders by running the following commands:
   sudo chown -R searchblox:searchblox /opt/searchblox
sudo chmod -R 755 /opt/searchblox/bin
sudo chmod -R 755 /opt/searchblox/elasticsearch/bin
sudo chmod -R 755 /opt/searchblox/analytics
sudo chmod -R 755 /opt/searchblox/logs
sudo chmod -R 755 /opt/searchblox/elasticsearch/logs
sudo chmod -R 755 /opt/searchblox/connectors

7. Start SearchBloxv services by running the following command:
   systemctl start searchblox

👍

Note:

SearchBlox service will start elasticsearch and analytics services internally unlike previous versions. If service start up gives any issues, enable searchblox.service using the command below:
systemctl daemon-reload

8. Stop SearchBlox services by running the following command:
   systemctl stop searchblox

9. To verify the status of the SearchBlox service please use the following command:
   systemctl status searchblox

Verify Installation

• After you start the services, wait for 30 seconds then go to HTTPS://<Hostname or Host IP>:8443/console/ to access the SearchBlox Management Console.

• You can also verify if SearchBlox has started successfully by viewing the status.log file in the /opt/searchblox/webapps/ROOT/logs folder.

• Please confirm the message "Started Successfully" is shown in the log.

• In case of any errors, this log will provide additional information for troubleshooting.

📘

Note

• To learn more on Troubleshooting visit: Logging and Troubleshooting

• To learn about accessing SearchBlox visit: Overview of SearchBlox

• To learn about tuning after installation visit: Installation Tuning

🚧

SearchBlox Admin Console Access using IP Address or Domain Name

• You can use your IP instead of localhost in the URL to access the SearchBlox Admin Console.
• If a domain name is mapped to the IP address, you can use the domain name:
  https://exampledomain:port/console
  https://exampledomain:port/search/index.html

Change SearchBlox Server Port

• SearchBlox Server runs on port 8443 by default.

You can change the port by following the steps as shown in the following:

1. Stop SearchBlox service

2. Edit the file /opt/searchblox/start.d/https.ini and add the below line to set the required port number:
   jetty.ssl.port=443

3. Save the file https.ini

4. Start SearchBlox service

🚧

Port Update

Fix the permission denied error while using searchblox service on less than ports 1024, run the below commands:
Check the Java Path

readlink -f $(which java)

Set the capability to bind low ports for non-root searchblox user.

setcap cap_net_bind_service+ep <javapath>

Uninstall

Uninstall or remove SearchBlox by running the following command:
yum remove searchblox

📘

Note

For clean SearchBlox uninstallation, it is required to remove SearchBlox directory, /opt/searchblox manually by running the following command:
rm -rf /opt/searchblox

Disk Encryption

🚧

Additional Disk is required for disk encryption

• Installation of cryptsetup
  for RHEL / CentOS
  yum install cryptsetup-luks

• LUKS Format disk
  Note: while formatting the disk we have to give some password
  cryptsetup luksFormat /dev/sdb

WARNING!
========
This will overwrite data on /dev/sdb irrevocably.
Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:

• Luks open
  Note: We have to use the password created earlier while formatting the disk.
  cryptsetup luksOpen /dev/sda data

Enter passphrase for /dev/sdb:

• Create a filesystem
  mkfs -t ext4 /dev/mapper/data

mke2fs 1.42.13 (17-May-2015)
Creating filesystem with 52428288 4k blocks and 13107200 inodes
Filesystem UUID: 1c71b0f4-f95d-46d6-93e0-cbd19cb95edb
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
	4096000, 7962624, 11239424, 20480000, 23887872
Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

• Mounting the new file system at /opt
mount /dev/mapper/data /opt
• To get UUID
  blkid /dev/mapper/data

/dev/mapper/data: UUID="0a228c13-06d8-4739-99c3-f596c2dcce8e" TYPE="ext4"

• We need to add the UUID into /etc/fstab like this and save it
  Note: We need to add the UUID into etc/fstab file

LABEL=cloudimg-rootfs   /        ext4   defaults,discard        0 0
UID="4539b70d-66ab-4c07-b2a2-d4583f461a2f"   /secret   ext4 defaults 0 0
UID="4539b70d-66ab-4c07-b2a2-d4583f461a2f"   /opt      ext4 defaults 0 0
UUID="0a228c13-06d8-4739-99c3-f596c2dcce8e"   /opt  ext4  defaults 0  0
===================================================

• To close encryption
  cryptsetup luksClose /dev/mapper/data

• To open encryption
  cryptsetup luksOpen /dev/mapper/data

CentOS Full Disk Encryption

❗️

Important Note

Before installation of OS, the entire root volume can be encrypted using the following steps for GUI based CentOS systems

1. To enable the disk encryption please go to installation destination

2. While installing Centos7 Installation Enable the Encryption.

3. Next create Disk Encryption Passphrase.

4. On reboot you would get the following prompt to enter the passphrase so that you can successfully unlock the drive:

5. Please use the command as in the following screenshot to verify the disk Encryption