How to Install and Configure Elasticsearch 8 on Ubuntu 22.04

In this guide, we will learn how to install and configure Elasticsearch on Ubuntu 22.04

Elasticsearch is a distributed search and analytics engine built on Apache Lucene. It provides a distributed, multitenant-capable full-text search engine with an HTTP web interface and schema-free JSON documents. Elasticsearch has quickly become the most popular search engine and is commonly used for log analytics, full-text search, security intelligence, business analytics, and operational intelligence use cases.

Related Content

Prerequisites

To follow along, ensure that you have:

  • An updated Ubuntu 22.04 server with at least 2 GB of RAM and 2 cores
  • Root access to the server or user with sudo access
  • Access to the internet from the server

Table of Content

  1. Ensure the server is up to date
  2. Import Elasticsearch pgp key
  3. Install Elasticsearch from the APT repository
  4. Starting and enabling the Elasticsearch service
  5. Start and enable the Elasticsearch service
  6. Verify the Elasticsearch service
  7. Performing simple operations with Elasticsearch

1. Ensuring that the server is up to date

Before proceeding, let us ensure that our server is up to date and all the packages are the latest version. Use these commands to achieve this:

sudo apt update
sudo apt upgrade -y

If there are packages to upgrade, the above command may take a couple of minutes.

Let us also install some common packages that we will need later:

sudo apt install -y vim wget

2. Import the Elasticsearch PGP Key

Elasticsearch signs all of our packages with the Elasticsearch Signing Key (PGP key D88E42B4, available from https://pgp.mit.edu) with fingerprint:

4609 5ACC 8548 582C 1A26 99A9 D27D 666C D88E 42B4

Download and install the public signing key:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg

3. Install Elasticsearch from the APT repository

Save the repository definition to /etc/apt/sources.list.d/elastic-8.x.list:

echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list

You can then install the Elasticsearch package with:

sudo apt-get update && sudo apt-get install elasticsearch

5. Starting and enabling the Elasticsearch service

To start Elasticsearch service, issue this command:

sudo systemctl start elasticsearch

Confirm the status using this command:

$ sudo systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
     Loaded: loaded (/lib/systemd/system/elasticsearch.service; disabled; vendor preset: enabled)
     Active: active (running) since Fri 2022-06-17 06:43:33 UTC; 10s ago
       Docs: https://www.elastic.co
   Main PID: 1891 (java)
      Tasks: 70 (limit: 4623)
     Memory: 2.3G
        CPU: 54.629s
     CGroup: /system.slice/elasticsearch.service
             ├─1891 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -Djava.security.manager=allow -XX:+AlwaysPreTouch -Xss1m >
             └─2164 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller

Jun 17 06:43:09 kip-ubuntu2204srv.citizix.com systemd[1]: Starting Elasticsearch...
Jun 17 06:43:33 kip-ubuntu2204srv.citizix.com systemd[1]: Started Elasticsearch.

From the above we can see that the service is up and running. To enable the service on boot, use this command:

sudo systemctl enable elasticsearch

If Elasticsearch fails to start for any reason, it will print the reason for failure to STDOUT. Log files can be found in /var/log/elasticsearch/.

By default the Elasticsearch service doesn’t log information in the systemd journal. To enable journalctl logging, the --quiet option must be removed from the ExecStart command line in the elasticsearch.service file.

When systemd logging is enabled, the logging information are available using the journalctl commands:

To tail the journal:

sudo journalctl -f

To list journal entries for the elasticsearch service:

sudo journalctl --unit elasticsearch

To list journal entries for the elasticsearch service starting from a given time:

sudo journalctl --unit elasticsearch --since  "2016-10-30 18:17:16"

6. Verify Elasticsearch

At this point, ElasticSearch is started and listening on port 9200. You can check it with the following command:

$ ss -antpl | grep 9200
LISTEN  0       4096     [::ffff:127.0.0.1]:9200               *:*
LISTEN  0       4096                  [::1]:9200            [::]:*

You can test that your Elasticsearch node is running by sending an HTTPS request to port 9200 on localhost:

curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200

Please note that you might have to use sudo with the above command to access the cert file /etc/elasticsearch/certs/http_ca.crt.

Ensure that you use https in your call, or the request will fail.
--cacertPath to the generated http_ca.crt certificate for the HTTP layer.

Enter the password for the elastic user that was generated during installation, which should return a response like this:

$ sudo curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
Enter host password for user 'elastic':
{
  "name" : "kip-ubuntu2204srv.citizix.com",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "KlmzgLhMRcmTnpAY1wHv5w",
  "version" : {
    "number" : "8.2.3",
    "build_flavor" : "default",
    "build_type" : "deb",
    "build_hash" : "9905bfb62a3f0b044948376b4f607f70a8a151b4",
    "build_date" : "2022-06-08T22:21:36.455508792Z",
    "build_snapshot" : false,
    "lucene_version" : "9.1.0",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

7. Performing simple operations with Elasticsearch

You can use the Curl command to add data to the ElasticSearch as shown below:

sudo curl -H 'Content-Type: application/json' -X POST --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic 'http://localhost:9200/todo/task/1' -d '{ "name": "Go to the mall." }'

You should see the following output after entering the password:

{"_index":"todo","_type":"task","_id":"1","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":0,"_primary_term":1}

You can now retrieve your data using the GET request:

curl -X GET --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic 'http://localhost:9200/todo/task/1'

You should see the following output:

{"_index":"todo","_type":"task","_id":"1","_version":1,"_seq_no":0,"_primary_term":1,"found":true,"_source":{ "name": "Go to the mall." }}

To retrieve the data in human-readable format, run the following command:

curl -X GET --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic 'http://localhost:9200/todo/task/1?pretty'

You should get the following output:

{
  "_index" : "todo",
  "_type" : "task",
  "_id" : "1",
  "_version" : 1,
  "_seq_no" : 0,
  "_primary_term" : 1,
  "found" : true,
  "_source" : {
    "name" : "Go to the mall."
  }
}

Conclusion

That’s it. In this guide, you we learned how to install and use ElasticSearch 8 on Ubuntu 22.04 server. You can now easily add, read, delete, and update data in Elasticsearch cluster.

comments powered by Disqus
Citizix Ltd
Built with Hugo
Theme Stack designed by Jimmy