How to configure Elasticsearch for production

Preparing Elasticsearch for production involves adjusting resources, security features, and index parameters to handle high-volume traffic and complex queries. Key optimizations include setting appropriate heap sizes, enabling X-Pack security, and tuning mappings for efficient data retrieval.

Critical configuration details reside in files such as elasticsearch.yml and jvm.options, where parameters like TLS encryption and user authentication can be enforced. Implementing these measures secures data and prevents unauthorized access.

By applying well-chosen settings, administrators create a resilient, scalable, and secure production environment capable of managing large-scale indexing, querying, and analytics workloads with minimal downtime.

Steps to configure Elasticsearch for production:

Edit the main configuration file elasticsearch.yml to specify essential cluster parameters.
```
$ sudo nano /etc/elasticsearch/elasticsearch.yml
```
Use a text editor to adjust Elasticsearch settings.
Set a cluster.name to identify the production environment.
Configure network.host to your server’s IP for controlled remote access.
Adjust Xms and Xmx values in jvm.options to allocate appropriate heap size.
```
$ sudo nano /etc/elasticsearch/jvm.options
```
Allocating about 50% of system memory to heap (up to 32GB) is recommended.
Enable X-Pack security and TLS to protect data in transit and control access.
Implement user authentication with built-in realms or external directories.
Restart Elasticsearch to apply changes.
```
$ sudo systemctl restart elasticsearch
```
Test connectivity and security settings after restarting to confirm successful configuration.

Verify production settings by checking cluster health and querying secure endpoints.

$ curl --request GET --silent --user "elastic:password" https://myserver:9200/_cluster/health | jq
{
  "cluster_name": "prod-cluster",
  "status": "green",
  ...
}

A green status and secure connections confirm proper production readiness.

Check logs and metrics for stable performance under load.

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.

Discuss the article:

Comment anonymously. Login not required.