Elasticsearch is a distributed and open-source search and analytics engine used for storing, searching, and analyzing data. Popular for its speed, scalability, and powerful set of features, Elasticsearch is capable of addressing a number of use cases like website searching, application performance monitoring, application search, Logging and log analytics, and much more.
Here at LinuxAPT, as part of our Server Management Services, we regularly help our Customers to perform related system analysis queries on Ubuntu Linux System.
In this context, we shall look into how to install Elasticsearch on the CentOS system. You can read this post to Install Elasticsearch on Ubuntu.
Before performing this Installation procedure, you will need to either log in as a root user or run the installation commands.
You can apply the following steps to do it.
1. Download Elasticsearch
As of June 2021, the latest version of Elasticsearch available on its official website is 1.13.2. To download Elasticsearch 7.13.2, you can either use the commands described here or you can visit the Elasticsearch website page for the latest or any other previous version.
Use the following commands to download Elasticsearch version 7.13.2 and its checksum:
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.13.2-x86_64.rpm
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.13.2-x86_64.rpm.sha512
Alternatively, you can manually download Elasticsearch and its published checksum SHA file from website, by visiting the Downloads page and download the RPM file and SHA file for the latest version. To download the previous version, visit Past Releases.
After downloading the Elasticsearch and SHA file, you can verify the file integrity. With both Elasticsearch .rpm and published checksum file rpm.sha512 in the current Terminal directory, run the following command in Terminal:
$ shasum -a 512 -c elasticsearch-7.13.2-x86_64.rpm.sha512
If the SHA checksum matches, you will get an OK along with the Elasticsearch filename in the output. Otherwise, a failed message will be displayed.
2. Install Elasticsearch
The downloaded Elasticsearch package is in .rpm format. This can be installed using the RPM package manager.
Use the below command to install Elasticsearch on your system:
$ sudo rpm --install elasticsearch-7.13.2-x86_64.rpm
Make sure to replace elasticsearch-7.13.2-x86_64.rpm with your Elasticsearch package name if you have downloaded any other version.
After the installation is completed, you will need to start and enable the Elasticsearch service using the commands below:
$ sudo systemctl start elasticsearch.service
$ sudo systemctl enable elasticsearch.service
Now check the status of the service:
$ sudo systemctl status elasticsearch.service
If everything is alright then you will see an active running status of Elasticsearch service.
3. Configure Elasticsearch
Elasticsearch is by default set up to listen just on the localhost. If you want to connect Elasticsearch from any other host, you will need to configure the Elasticsearch and your firewall.
First, you will need to configure Elasticsearch to listen on any other network interfaces. To do so, edit the elasticsearch.yml file:
$ sudo nano /etc/elasticsearch/elasticsearch.yml
In the file, search and uncomment the line network.host:. Then change the IP address with your network interface name:
network.host: 192.168.72.190
Also, add your IP address in the discovery.seed_hosts variable by uncommenting it first:
discovery.seed_hosts: ["localhost", "192.168.72.190"]
There are other two variables that you might also want to change: node.name and cluster.name. The node specified by the node.name is an instance of Elasticsearch whereas cluster defined by the cluster.name is a collection of one or more nodes.
To change the names of the node and cluster, search for node.name and cluster.name in the file. Then uncomment and rename them:
cluster.name: test-cluster
node.name: test-node
Now save the elasticsearch.yml file and restart the Elasticsearch service:
$ sudo service elasticsearch restart
Now you will need to add a firewall rule to allow access from any other trusted host (Let's say 192.168.72.200 in our case) to TCP port 9200:
$ sudo firewall-cmd --permanent --add-source=192.168.72.200
$ sudo firewall-cmd --permanent --add-port=9200/tcp
Make sure to replace 192.168.72.200 with the IP address of your trusted host.
Then reload firewall:
$ sudo firewall-cmd --reload
4. Test Elasticsearch
By default, Elasticsearch listens for HTTP traffic on port 9200 on localhost or on a different interface address if you have configured it.
To verify it, send a GET request to port 9200 on localhost or on the configured IP address using the command below in the Terminal:
$ curl -X GET "http://localhost:9200"
Or
$ curl -X GET "http://<ip-address>:9200"
This article covers the installation and basic configuration of Elasticsearch on the CentOS system. For how to use Elasticsearch, visit the Quick start guide available on its website. Elasticsearch is an open source search and analytics engine that allows you to store, search, and analyze big volumes of data in real time. Elasticsearch powers millions of Applications that rely on intensive search operations such as e-commerce platforms and big data applications.
Elasticsearch supports RESTful operations. This means that you can use HTTP methods (GET, POST, PUT, DELETE, etc.) in combination with an HTTP URI (/collection/entry) to manipulate your data. The intuitive RESTful approach is both developer and user friendly, which is one of the reasons for Elasticsearch's popularity.