Install Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8

Today we are going to learn how to install Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8. Elasticsearch is an open source, distributed, RESTful, JSON-based search and analytics engine based on the Lucene library. It is one of the major components of Elastic (ELK) stack.

Installing Elasticsearch 7.x on Ubuntu/Debian

There are different methods in which you can install Elasticsearch 7.0.0 on Ubuntu 18.04 or Debian 9.8. These include the use of the tar.gz archive, the Debian package (DEB) or from the APT repository.

Install Elasticsearch 7.x using APT Repository

Before you can proceed, re-synchronize your system packages to the latest versions.

apt update

Import the Elasticsearch PGP Key

To install Elasticsearch 7.0.0 from APT repository, you need to import the Elasticsearch Signing Key by running the command below;

sudo apt install gnupg2 -y

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | gpg --dearmor > /etc/apt/trusted.gpg.d/elk.gpg

Add Elasticsearch 7.x APT repository

Next, you need to create Elasticsearch 7.x repository by executing the command below;

echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list

Install Elasticsearch 7.x on Ubuntu/Debian

Once you have the repo in place, update your system and install Elasticsearch 7.0.0 by running the commands below. Note that Elasticsearch includes a bundled version of OpenJDK from the JDK maintainers.

apt update

apt-get install apt-transport-https

apt install elasticsearch

There you go.

You have successfully installed Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8.

You can find the Elasticsearch configuration file as /etc/elasticsearch/elasticsearch.yml.

Installing Elasticsearch 7.x Using the Debian Package

As stated above, another option of installing Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8 is by using the Debian package (DEB).

Download Elasticsearch Debian package

Run the command below to download Elasticsearch debian package.

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.9-amd64.deb

Once the download is done, you need to verify the integrity of the Debian package. Hence, download the checksum file.

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.9-amd64.deb.sha512

Run the comparison of SHA of the downloaded Debian package and the published checksum as shown below. If all is well, you should get an OK output.

shasum -a 512 -c elasticsearch-7.17.9-amd64.deb.sha512 

elasticsearch-7.17.9-amd64.deb: OK

Install Elasticsearch 7.17.9 using the Debian package

sudo apt install ./elasticsearch-7.17.9-amd64.deb

Running Elasticsearch

To configure Elasticsearch to start on system boot, run the following commands:

systemctl daemon-reload
systemctl enable elasticsearch

To start and stop Elasticsearch, run the commands below respectively:

systemctl enable --now elasticsearch

To check the status, run the command below;

● elasticsearch.service - Elasticsearch
     Loaded: loaded (/lib/systemd/system/elasticsearch.service; disabled; vendor preset: enabled)
     Active: active (running) since Fri 2023-04-07 19:16:41 EAT; 3h 11min ago
       Docs: https://www.elastic.co
   Main PID: 636 (java)
      Tasks: 86 (limit: 4679)
     Memory: 1.2G
        CPU: 10min 17.111s
     CGroup: /system.slice/elasticsearch.service
             ├─636 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m>
             └─840 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller

Apr 07 19:16:09 ubuntu systemd[1]: Starting Elasticsearch...
Apr 07 19:16:41 ubuntu systemd[1]: Started Elasticsearch.

You can also check Elasticsearch log file, /var/log/elasticsearch/elasticsearch.log, for more details.

You can also use curl command to check if Elasticsearch is running. Note that Elasticsearch listens on tcp port 9200 by default.

apt install curl

curl -XGET "localhost:9200/"

{ “name” : “ubuntu”, “cluster_name” : “elasticsearch”, “cluster_uuid” : “pE3v-1oSTfaiF3Dp2VbOjg”, “version” : { “number” : “7.17.0”, “build_flavor” : “default”, “build_type” : “deb”, “build_hash” : “bee86328705acaa9a6daede7140defd4d9ec56bd”, “build_date” : “2022-01-28T08:36:04.875279988Z”, “build_snapshot” : false, “lucene_version” : “8.11.1”, “minimum_wire_compatibility_version” : “6.8.0”, “minimum_index_compatibility_version” : “6.0.0-beta1” }, “tagline” : “You Know, for Search” }

Bootstrap Checks/Single-node discovery.

Elasticsearch is listening on localhost by default. If you are running Elasticsearch for testing and you need to access it from outside, you need to change the network bind address. However, for this to work, you need to configure single-node discovery.

Hence, open the configuration file and;

vim /etc/elasticsearch/elasticsearch.yml

• configure specific Interface IP by uncommenting and changing the value of network.host and uncomment the http.port line under the Network settings section. Be sure to implement strict firewall rules for security purposes.

# ———————————- Network ———————————– # # Set the bind address to a specific IP (IPv4 or IPv6): # #network.host: 192.168.0.1 network.host: 192.168.0.101 # # Set a custom port for HTTP: # #http.port: 9200 http.port: 9200 # # For more information, consult the network module documentation. #

• add the line, discovery.type: single-node, under the Discovery settings section.

# ——————————— Discovery ———————————- # # Pass an initial list of hosts to perform discovery when this node is started: # The default list of hosts is [“127.0.0.1”, “[::1]”] # #discovery.seed_hosts: [“host1”, “host2”] # # Bootstrap the cluster using an initial set of master-eligible nodes: # #cluster.initial_master_nodes: [“node-1”, “node-2”] # # For more information, consult the discovery and cluster formation module documentation. # discovery.type: single-node

Restart Elasticsearch and confirm that it is listening on an interface IP.

curl -X GET "192.168.0.101:9200/"

{ “name” : “ubuntu”, “cluster_name” : “elasticsearch”, “cluster_uuid” : “pE3v-1oSTfaiF3Dp2VbOjg”, “version” : { “number” : “7.17.0”, “build_flavor” : “default”, “build_type” : “deb”, “build_hash” : “bee86328705acaa9a6daede7140defd4d9ec56bd”, “build_date” : “2022-01-28T08:36:04.875279988Z”, “build_snapshot” : false, “lucene_version” : “8.11.1”, “minimum_wire_compatibility_version” : “6.8.0”, “minimum_index_compatibility_version” : “6.0.0-beta1” }, “tagline” : “You Know, for Search” }

Well, Elasticsearch is now running.

You can also check our guide on how to install Elasticsearch 7.x on CentOS 7/Fedora 29. Enjoy.

To build Elastic Stack, you need to install and configure other Components such as Kibana, Logstash, Beats. See the links below;

Install Kibana 7 on Ubuntu 18.04/Debian 9.8

Install and Configure Logstash 7 on Ubuntu 18/Debian 9.8

Install and Configure Filebeat 7 on Ubuntu 18.04/Debian 9.8