The following instructions show you how to prepare your hosts on Red Hat Enterprise Linux (RHEL) 7 or later and on CentOS 7 or later.
Install a supported Linux kernel
Elastic Cloud Enterprise requires 3.10 or higher. Before you proceed, update the OS, and reboot the system.

Kernel-LT has a regression on 4.4.156. From the archive repository, install 4.4.155.
Add the repository required to obtain the kernel:
yum update reboot
Add the required options to the kernel boot arguments:
sudo /sbin/grubby --update-kernel=ALL --args='cgroup_enable=memory cgroup.memory=nokmem swapaccount=1'
Enable the
overlay
kernel module:echo "overlay" | sudo tee -a /etc/modules-load.d/overlay.conf
Refresh the dynamically generated grub2 configuration and configure grub to boot the newly installed kernel 3.10 or higher:
sudo grub2-set-default 0 sudo grub2-mkconfig -o /etc/grub2.cfg
Install Docker
We recommend that you install Docker TLS version 18.09.2.

If you are using RHEL 7.5 or later, use the Docker version included with your RHEL distribution. Follow the installation instructions provided by Red Hat and then follow the Docker configuration steps.
Add the Docker repository:
sudo tee /etc/yum.repos.d/docker.repo <<-'EOF' [dockerrepo] name=Docker Repository baseurl=https://download.docker.com/linux/centos/7/x86_64/stable enabled=1 gpgcheck=1 gpgkey=https://download.docker.com/linux/centos/gpg EOF sudo yum makecache fast
Install the latest version of docker-ce:
sudo yum install docker-ce-18.09.2*
Update the configurations settings
Stop the Docker service:
sudo systemctl stop docker
If you plan to run Elasticsearch 5.0 and later: Update the
/etc/sysctl.conf
file to set the maximum number of mapped memory areas a process can have:echo "vm.max_map_count=262144" | sudo tee -a /etc/sysctl.conf
For RHEL only: Verify that
fs.may_detach_mounts
is enabled:cat /proc/sys/fs/may_detach_mounts
If the output of this command is not
1
, you must enable the setting in order for Docker to cleanly remove containers:Update the
/etc/sysctl.conf
file to include this line:fs.may_detach_mounts = 1
Verify that IPv4 forwarding is enabled:
cat /proc/sys/net/ipv4/ip_forward
If the output of this command is not
1
, you must enable IPv4 forwarding so that Docker can work as expected:Update the
/etc/sysctl.conf
file to include this line:net.ipv4.ip_forward = 1
Restart the network service:
sudo service network restart
Verify that the change is applied:
cat /proc/sys/net/ipv4/ip_forward
The output
1
indicates that IPv4 forwarding is turned on.
Adjust the system limits.
Add the following configuration values to the
/etc/security/limits.conf
file. These values are derived from our experience with the Elastic Cloud hosted offering and should be used for Elastic Cloud Enterprise as well.If you are using a user name other than
elastic
, adjust the configuration values accordingly.* soft nofile 1024000 * hard nofile 1024000 * soft memlock unlimited * hard memlock unlimited elastic soft nofile 1024000 elastic hard nofile 1024000 elastic soft memlock unlimited elastic hard memlock unlimited root soft nofile 1024000 root hard nofile 1024000 root soft memlock unlimited
Create the
/mnt/data/
directory as a mount point:sudo install -o $USER -g $USER -d -m 700 /mnt/data
Create the
/mnt/data/docker
directory for the Docker service storage:sudo install -o $USER -g $USER -d -m 700 /mnt/data/docker
Disable the firewalld service. The service is not compatible with Docker and interferes with the installation of ECE. You must disable firewalld before installing or reinstalling ECE.
sudo systemctl disable firewalld
Configure the Docker daemon options
Update the
/etc/systemd/system/docker.service.d/docker.conf
file. If the file path and file do not exist, create them.[Unit] Description=Docker Service After=multi-user.target [Service] ExecStart= ExecStart=/usr/bin/dockerd --data-root /mnt/data/docker --storage-driver=overlay --bip=172.17.42.1/16
Apply the updated Docker daemon configuration:
Reload the Docker daemon configuration:
sudo systemctl daemon-reload
Restart the Docker service:
sudo systemctl restart docker
Enable Docker to start on boot:
sudo systemctl enable docker
Enable your user to communicate with the Docker subsystem by adding it to the
docker
group:sudo usermod -aG docker $USER
Recommended: Tune your network settings.
Create a
70-cloudenterprise.conf
file in the/etc/sysctl.d/
file path that includes these network settings:cat << SETTINGS | sudo tee /etc/sysctl.d/70-cloudenterprise.conf net.ipv4.tcp_max_syn_backlog=65536 net.core.somaxconn=32768 net.core.netdev_max_backlog=32768 SETTINGS
Pin the Docker version to ensure that the
docker-ce
package does not get upgraded:echo "exclude=docker-ce" | sudo tee -a /etc/yum.conf
Reboot your system to ensure that all configuration changes take effect:
sudo reboot
After rebooting, verify that your Docker settings persist as expected:
sudo docker info | grep Root
If the command returns
Docker Root Dir: /mnt/data/docker
, then your changes were applied successfully and persist as expected.If the command returns
Docker Root Dir: /var/lib/docker
, then you need to troubleshoot the previous configuration steps until the Docker settings are applied successfully before continuing with the installation process. For more information, see Custom Docker daemon options in the Docker documentation.- Repeat these steps on other hosts that you want to use with Elastic Cloud Enterprise or follow the steps in the next section to start installing Elastic Cloud Enterprise.