Elasticsearch is a distributed search and analytics engine built on Apache Lucene. It provides a distributed, multitenant-capable full-text search engine with an HTTP web interface and schema-free JSON documents. Elasticsearch has quickly become the most popular search engine and is commonly used for log analytics, full-text search, security intelligence, business analytics, and operational intelligence use cases.
In this guide, we will learn how to install and configure Elasticsearch on Rocky Linux 9. This guide will also work on other RHEL 9 based distrributions like Alma Linux 9 and Oracle Linux 9.
Related Content
- How to Install and Configure Elasticsearch on Rocky Linux 8
- How to Install and Configure Elasticsearch 8 on Ubuntu 22.04
- How to Install and Configure Elasticsearch on Debian 11
- Using Ansible to install and configure Elasticsearch on Ubuntu 20.04
Prerequisites
To follow along, ensure that you have:
- An updated Rock Linux 9 server with at least 2 GB of RAM and 2 cores
- Root access to the server or user with sudo access
- Access to the internet from the server
Table of Content
- Ensure the server is up to date
- Installing Java on the server
- Import the elasticsearch gpg key
- Install Elasticsearch from the RPM Repo
- Start and enable the Elasticsearch service
- Verify Elasticsearch installation
- Performing simple operations with Elasticsearch
1. Ensuring that the server is up to date
Before proceeding, let us ensure that our server is up to date and all the packages are the latest version. Use these commands to achieve this:
sudo dnf -y update
If there are packages to upgrade, the above command may take a couple of minutes.
2. Install Java on the server
Elasticsearch depends on Java to run. Install java 11 runtime
sudo dnf install java-11-openjdk
Verify the installed version.
$ java -version
openjdk version "11.0.17" 2022-10-18 LTS
OpenJDK Runtime Environment (Red_Hat-11.0.17.0.8-2.el9_0) (build 11.0.17+8-LTS)
OpenJDK 64-Bit Server VM (Red_Hat-11.0.17.0.8-2.el9_0) (build 11.0.17+8-LTS, mixed mode, sharing)
3. Import the Elasticsearch GPG Key
Elasticsearch signs all of our packages with the Elasticsearch Signing Key (PGP key D88E42B4, available from https://pgp.mit.edu) with fingerprint:
4609 5ACC 8548 582C 1A26 99A9 D27D 666C D88E 42B4
Download and install the public signing key:
sudo rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch
4. Install Elasticsearch from the RPM repository
Create a file called elasticsearch.repo
in the /etc/yum.repos.d/
. Use your text editor to open the file:
sudo vim /etc/yum.repos.d/elasticsearch.repo
Then add the following the content:
[elasticsearch] name=Elasticsearch repository for 8.x packages baseurl=https://artifacts.elastic.co/packages/8.x/yum gpgcheck=1 gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch enabled=0 autorefresh=1 type=rpm-md
And your repository is ready for use. You can now install Elasticsearch.
Use this command to install elasticsearch
sudo dnf install --enablerepo=elasticsearch -y elasticsearch
Confirm
$ rpm -qi elasticsearch
Name : elasticsearch
Epoch : 0
Version : 8.5.2
Release : 1
Architecture: x86_64
Install Date: Mon 28 Nov 2022 12:58:00 PM UTC
Group : Application/Internet
Size : 1193883320
License : Elastic License
Signature : RSA/SHA512, Thu 17 Nov 2022 08:32:33 PM UTC, Key ID d27d666cd88e42b4
Source RPM : elasticsearch-8.5.2-1-src.rpm
Build Date : Thu 17 Nov 2022 07:04:47 PM UTC
Build Host : packer-virtualbox-iso-1646848364
Relocations : /usr
Packager : Elasticsearch
Vendor : Elasticsearch
URL : https://www.elastic.co/
Summary : Distributed RESTful search engine built for the cloud
Description :
Reference documentation can be found at
https://www.elastic.co/guide/en/elasticsearch/reference/current/index.html
and the 'Elasticsearch: The Definitive Guide' book can be found at
https://www.elastic.co/guide/en/elasticsearch/guide/current/index.html
5. Start and enable the Elasticsearch service
The Elasticsearch service won’t be started by default. Use this command to start:
sudo systemctl start elasticsearch
Confirm the service status using this command:
$ sudo systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; disabled; vendor preset: disabled)
Active: active (running) since Mon 2022-11-28 12:59:13 UTC; 1min 19s ago
Docs: https://www.elastic.co
Main PID: 210240 (java)
Tasks: 82 (limit: 45121)
Memory: 4.1G
CPU: 55.837s
CGroup: /system.slice/elasticsearch.service
├─210240 /usr/share/elasticsearch/jdk/bin/java -Xms4m -Xmx64m -XX:+UseSerialGC -Dcli.name=server -Dcli.script=/usr/share/elasticsear>
├─210299 /usr/share/elasticsearch/jdk/bin/java -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -Djava.sec>
└─210322 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller
Nov 28 12:58:41 fiddle-rockysrv systemd[1]: Starting Elasticsearch...
Nov 28 12:59:13 fiddle-rockysrv systemd[1]: Started Elasticsearch.
The above output shows that the service is up and running. Enable the service using this command:
sudo systemctl enable elasticsearch
If Elasticsearch fails to start for any reason, it will print the reason for failure to STDOUT. Log files can be found in /var/log/elasticsearch/
.
By default the Elasticsearch service doesn’t log information in the systemd
journal. To enable journalctl
logging, the --quiet
option must be removed from the ExecStart
command line in the elasticsearch.service
file.
When systemd
logging is enabled, the logging information are available using the journalctl
commands:
To tail the journal:
sudo journalctl -f
To list journal entries for the elasticsearch service:
sudo journalctl --unit elasticsearch
To list journal entries for the elasticsearch service starting from a given time:
sudo journalctl --unit elasticsearch --since "2022-11-28 18:17:16"
6. Verify Elasticsearch Installation
At this point, ElasticSearch is started and listening on port 9200. You can check it with the following command:
ss -antpl | grep 9200
You should see the following output:
$ ss -antpl | grep 9200 LISTEN 0 128 [::ffff:127.0.0.1]:9200 *:* LISTEN 0 128 [::1]:9200 [::]:*
you can also verify ElasticSearch with the following command.
curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
Ensure that you use https
in your call, or the request will fail.
**--cacert
**Path to the generated http_ca.crt
certificate for the HTTP layer.
Enter the password for the elastic
user that was generated during installation, which should return a response like this:
# curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
Enter host password for user 'elastic':
{
"name" : "fiddle-rockysrv",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "rKwMbV7lQOibWfndbULHOw",
"version" : {
"number" : "8.5.2",
"build_flavor" : "default",
"build_type" : "rpm",
"build_hash" : "a846182fa16b4ebfcc89aa3c11a11fd5adf3de04",
"build_date" : "2022-11-17T18:56:17.538630285Z",
"build_snapshot" : false,
"lucene_version" : "9.4.1",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
7. Performing simple operations with Elasticsearch
You can use the Curl command to add data to the ElasticSearch as shown below:
curl -H 'Content-Type: application/json' -X POST 'http://localhost:9200/todo/task/1' -d '{ "name": "Go to the mall." }'
You should see the following output:
{"_index":"todo","_type":"task","_id":"1","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":0,"_primary_term":1}
You can now retrieve your data using the GET request:
curl -X GET 'http://localhost:9200/todo/task/1'
You should see the following output:
{"_index":"todo","_type":"task","_id":"1","_version":1,"_seq_no":0,"_primary_term":1,"found":true,"_source":{ "name": "Go to the mall." }}
To retrieve the data in human-readable format, run the following command:
curl -X GET 'http://localhost:9200/todo/task/1?pretty'
You should get the following output:
{ "_index" : "todo", "_type" : "task", "_id" : "1", "_version" : 1, "_seq_no" : 0, "_primary_term" : 1, "found" : true, "_source" : { "name" : "Go to the mall." } }
Conclusion
That’s it. In this guide, you we learned how to install and use ElasticSearch on Rocky Linux 8 server. You can now easily add, read, delete, and update data in Elasticsearch.