In this guide, we will learn how to install and configure Elasticsearch on Ubuntu 22.04
Elasticsearch is a distributed search and analytics engine built on Apache Lucene. It provides a distributed, multitenant-capable full-text search engine with an HTTP web interface and schema-free JSON documents. Elasticsearch has quickly become the most popular search engine and is commonly used for log analytics, full-text search, security intelligence, business analytics, and operational intelligence use cases.
Related Content
- How to Install and Configure Elasticsearch on Debian 11
- How to Install and Configure Elasticsearch on Ubuntu 20.04
Prerequisites
To follow along, ensure that you have:
- An updated Ubuntu 22.04 server with at least 2 GB of RAM and 2 cores
- Root access to the server or user with sudo access
- Access to the internet from the server
Table of Content
- Ensure the server is up to date
- Import Elasticsearch pgp key
- Install Elasticsearch from the APT repository
- Starting and enabling the Elasticsearch service
- Start and enable the Elasticsearch service
- Verify the Elasticsearch service
- Performing simple operations with Elasticsearch
1. Ensuring that the server is up to date
Before proceeding, let us ensure that our server is up to date and all the packages are the latest version. Use these commands to achieve this:
sudo apt update
sudo apt upgrade -y
If there are packages to upgrade, the above command may take a couple of minutes.
Let us also install some common packages that we will need later:
sudo apt install -y vim wget
2. Import the Elasticsearch PGP Key
Elasticsearch signs all of our packages with the Elasticsearch Signing Key (PGP key D88E42B4, available from https://pgp.mit.edu) with fingerprint:
4609 5ACC 8548 582C 1A26 99A9 D27D 666C D88E 42B4
Download and install the public signing key:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
3. Install Elasticsearch from the APT repository
Save the repository definition to /etc/apt/sources.list.d/elastic-8.x.list
:
echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list
You can then install the Elasticsearch package with:
sudo apt-get update && sudo apt-get install elasticsearch
5. Starting and enabling the Elasticsearch service
To start Elasticsearch service, issue this command:
sudo systemctl start elasticsearch
Confirm the status using this command:
$ sudo systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
Loaded: loaded (/lib/systemd/system/elasticsearch.service; disabled; vendor preset: enabled)
Active: active (running) since Fri 2022-06-17 06:43:33 UTC; 10s ago
Docs: https://www.elastic.co
Main PID: 1891 (java)
Tasks: 70 (limit: 4623)
Memory: 2.3G
CPU: 54.629s
CGroup: /system.slice/elasticsearch.service
├─1891 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -Djava.security.manager=allow -XX:+AlwaysPreTouch -Xss1m >
└─2164 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller
Jun 17 06:43:09 kip-ubuntu2204srv.citizix.com systemd[1]: Starting Elasticsearch...
Jun 17 06:43:33 kip-ubuntu2204srv.citizix.com systemd[1]: Started Elasticsearch.
From the above we can see that the service is up and running. To enable the service on boot, use this command:
sudo systemctl enable elasticsearch
If Elasticsearch fails to start for any reason, it will print the reason for failure to STDOUT. Log files can be found in /var/log/elasticsearch/
.
By default the Elasticsearch service doesn’t log information in the systemd
journal. To enable journalctl
logging, the --quiet
option must be removed from the ExecStart
command line in the elasticsearch.service
file.
When systemd
logging is enabled, the logging information are available using the journalctl
commands:
To tail the journal:
sudo journalctl -f
To list journal entries for the elasticsearch service:
sudo journalctl --unit elasticsearch
To list journal entries for the elasticsearch service starting from a given time:
sudo journalctl --unit elasticsearch --since "2016-10-30 18:17:16"
6. Verify Elasticsearch
At this point, ElasticSearch is started and listening on port 9200. You can check it with the following command:
$ ss -antpl | grep 9200 LISTEN 0 4096 [::ffff:127.0.0.1]:9200 *:* LISTEN 0 4096 [::1]:9200 [::]:*
You can test that your Elasticsearch node is running by sending an HTTPS request to port 9200
on localhost
:
curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
Please note that you might have to use sudo with the above command to access the cert file /etc/elasticsearch/certs/http_ca.crt
.
Ensure that you use https in your call, or the request will fail.--cacert Path to the generated http_ca.crt certificate for the HTTP layer. |
Enter the password for the elastic
user that was generated during installation, which should return a response like this:
$ sudo curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
Enter host password for user 'elastic':
{
"name" : "kip-ubuntu2204srv.citizix.com",
"cluster_name" : "elasticsearch",
"cluster_uuid" : "KlmzgLhMRcmTnpAY1wHv5w",
"version" : {
"number" : "8.2.3",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "9905bfb62a3f0b044948376b4f607f70a8a151b4",
"build_date" : "2022-06-08T22:21:36.455508792Z",
"build_snapshot" : false,
"lucene_version" : "9.1.0",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
7. Performing simple operations with Elasticsearch
You can use the Curl command to add data to the ElasticSearch as shown below:
sudo curl -H 'Content-Type: application/json' -X POST --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic 'http://localhost:9200/todo/task/1' -d '{ "name": "Go to the mall." }'
You should see the following output after entering the password:
{"_index":"todo","_type":"task","_id":"1","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":0,"_primary_term":1}
You can now retrieve your data using the GET request:
curl -X GET --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic 'http://localhost:9200/todo/task/1'
You should see the following output:
{"_index":"todo","_type":"task","_id":"1","_version":1,"_seq_no":0,"_primary_term":1,"found":true,"_source":{ "name": "Go to the mall." }}
To retrieve the data in human-readable format, run the following command:
curl -X GET --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic 'http://localhost:9200/todo/task/1?pretty'
You should get the following output:
{ "_index" : "todo", "_type" : "task", "_id" : "1", "_version" : 1, "_seq_no" : 0, "_primary_term" : 1, "found" : true, "_source" : { "name" : "Go to the mall." } }
Conclusion
That’s it. In this guide, you we learned how to install and use ElasticSearch 8 on Ubuntu 22.04 server. You can now easily add, read, delete, and update data in Elasticsearch cluster.