Elasticsearch is an open-source, distributed analytics engine built on Apache Lucene. It’s designed to take unstructured data from diverse locations, store it based on user-defined mappings, and index it for seamless searching and real-time data analysis.
In this guide, we’ll walk you through the steps to install Elasticsearch on Ubuntu 20.04.
Prerequisites
- A server running Ubuntu 20.04.
- Root access to the server.
Getting Started
Start by updating your system to the latest available version using the following command:
apt-get update -y
After updating, install the required packages with this command:
apt-get install curl gnupg2 apt-transport-https unzip -y
With the necessary packages installed, you can proceed to the Elasticsearch installation.
Install Elasticsearch
Since Elasticsearch is not available in the default Ubuntu repository, you’ll need to add the Elasticsearch repository to your system. First, import the GPG key:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add -
Then, add the Elasticsearch repository with this command:
sh -c 'echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list'
Next, update the repository cache and install Elasticsearch:
apt-get update -y apt-get install elasticsearch -y
After installation, start the Elasticsearch service and enable it to start on boot:
systemctl start elasticsearch systemctl enable elasticsearch
To verify if Elasticsearch is running, use this command:
systemctl status elasticsearch
Expected output:
? elasticsearch.service - Elasticsearch
Loaded: loaded (/lib/systemd/system/elasticsearch.service; disabled; vendor preset: enabled)
Active: active (running) since Sat 2021-01-09 11:13:09 UTC; 5s ago
Docs: https://www.elastic.co
Main PID: 5110 (java)
Tasks: 65 (limit: 2353)
Memory: 1.2G
CGroup: /system.slice/elasticsearch.service
??5110 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl>
??5304 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller
Jan 09 11:12:50 ubuntu2004 systemd[1]: Starting Elasticsearch...
Jan 09 11:13:09 ubuntu2004 systemd[1]: Started Elasticsearch.
Verify Elasticsearch
By default, Elasticsearch listens on port 9200. You can confirm it with this command:
ss -antpl | grep 9200
Expected output:
LISTEN 0 4096 [::ffff:127.0.0.1]:9200 *:* users:(("java",pid=5110,fd=257))
LISTEN 0 4096 [::1]:9200 [::]:* users:(("java",pid=5110,fd=255))
You can further verify Elasticsearch with this command:
curl -X GET "localhost:9200/"
Expected response:
{
"name" : "ubuntu2004",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "mToloP2UQGilY7nUCeBnjg",
"version" : {
"number" : "7.10.1",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "1c34507e66d7db1211f66f3513706fdf548736aa",
"build_date" : "2020-12-05T01:00:33.671820Z",
"build_snapshot" : false,
"lucene_version" : "8.7.0",
"minimum_wire_compatibility_version" : "6.8.0",
"minimum_index_compatibility_version" : "6.0.0-beta1"
},
"tagline" : "You Know, for Search"
}
Configure Elasticsearch
The main configuration file for Elasticsearch is located at /etc/elasticsearch/elasticsearch.yml. You can customize your cluster name, port, and remote connection settings in this file.
Open the configuration file with:
nano /etc/elasticsearch/elasticsearch.yml
Edit the following lines to suit your configuration:
cluster.name: my-cluster network.host: 172.16.0.10 discovery.seed_hosts: 172.16.0.10
Save your changes and restart the Elasticsearch service:
systemctl restart elasticsearch
Configure UFW Firewall
If UFW is not already installed, you can do so with:
apt-get install ufw -y
Allow SSH connections and open the Elasticsearch port for remote access using the commands below:
ufw allow ssh ufw allow from 172.16.0.100 to any port 9200
Enable UFW to apply these rules:
ufw enable
Verify the active firewall rules:
ufw status
Expected output should be similar to:
Status: active To Action From -- ------ ---- 22/tcp ALLOW Anywhere 9200 ALLOW 172.16.0.100 22/tcp (v6) ALLOW Anywhere (v6)
Conclusion
Congratulations! You’ve successfully installed and configured Elasticsearch on an Ubuntu 20.04 server, enabling remote connections. You can now integrate Elasticsearch with your applications. If you need further assistance, feel free to reach out.
Frequently Asked Questions (FAQ)
- Q: What is Elasticsearch?
- A: Elasticsearch is a powerful open-source search and analytics engine that provides real-time data search and analysis capabilities.
- Q: Why do I need to add a repository for Elasticsearch?
- A: Elasticsearch isn’t available in the default Ubuntu repositories, so you need to add its official repository to install it using apt.
- Q: How can I make Elasticsearch accessible remotely?
- A: You can configure remote access by editing the
elasticsearch.ymlfile to set the network host and use firewall rules via UFW to open the necessary port. - Q: What port does Elasticsearch use by default?
- A: Elasticsearch uses port 9200 by default for HTTP REST APIs.
- Q: How do I verify that Elasticsearch is running?
- A: You can use the
systemctl status elasticsearchcommand to check its status or send a curl request tolocalhost:9200to see if it’s operational.