Install Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8

koromicha

Updated on:

Install Elastic Stack 7 on Ubuntu

Last updated on April 7th, 2023 at 10:45 pm

Today we are going to learn how to install Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8. Elasticsearch is an open source, distributed, RESTful, JSON-based search and analytics engine based on the Lucene library. It is one of the major components of Elastic (ELK) stack.

Install Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8

There are different methods in which you can install Elasticsearch 7.0.0 on Ubuntu 18.04 or Debian 9.8. These include the use of the tar.gz archive, the Debian package (DEB) or from the APT repository.

Install Elasticsearch 7.x using APT Repository

Before you can proceed, re-synchronize your system packages to the latest versions.

apt update

Import the Elasticsearch PGP Key

To install Elasticsearch 7.0.0 from APT repository, you need to import the Elasticsearch Signing Key by running the command below;

sudo apt install gnupg2 -y
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | gpg --dearmor > /etc/apt/trusted.gpg.d/elk.gpg

Add Elasticsearch 7.x APT repository

Next, you need to create Elasticsearch 7.x repository by executing the command below;

echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-7.x.list

Install Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8

Once you have the repo in place, update your system and install Elasticsearch 7.0.0 by running the commands below. Note that Elasticsearch includes a bundled version of OpenJDK from the JDK maintainers.

apt update
apt-get install apt-transport-https
apt install elasticsearch

There you go.

You have successfully installed Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8.

You can find the Elasticsearch configuration file as /etc/elasticsearch/elasticsearch.yml.

Installing Elasticsearch 7.x Using the Debian Package

As stated above, another option of installing Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8 is by using the Debian package (DEB).

Download Elasticsearch Debian package

Run the command below to download Elasticsearch debian package.

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.9-amd64.deb

Once the download is done, you need to verify the integrity of the Debian package. Hence, download the checksum file.

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.9-amd64.deb.sha512

Run the comparison of SHA of the downloaded Debian package and the published checksum as shown below. If all is well, you should get an OK output.

shasum -a 512 -c elasticsearch-7.17.9-amd64.deb.sha512 
elasticsearch-7.17.9-amd64.deb: OK

Install Elasticsearch 7.17.9 using the Debian package

sudo apt install ./elasticsearch-7.17.9-amd64.deb

Running Elasticsearch

To configure Elasticsearch to start on system boot, run the following commands:

systemctl daemon-reload
systemctl enable elasticsearch

To start and stop Elasticsearch, run the commands below respectively:

systemctl enable --now elasticsearch

To check the status, run the command below;


● elasticsearch.service - Elasticsearch
     Loaded: loaded (/lib/systemd/system/elasticsearch.service; disabled; vendor preset: enabled)
     Active: active (running) since Fri 2023-04-07 19:16:41 EAT; 3h 11min ago
       Docs: https://www.elastic.co
   Main PID: 636 (java)
      Tasks: 86 (limit: 4679)
     Memory: 1.2G
        CPU: 10min 17.111s
     CGroup: /system.slice/elasticsearch.service
             ├─636 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m>
             └─840 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller

Apr 07 19:16:09 ubuntu systemd[1]: Starting Elasticsearch...
Apr 07 19:16:41 ubuntu systemd[1]: Started Elasticsearch.

You can also check Elasticsearch log file, /var/log/elasticsearch/elasticsearch.log, for more details.

You can also use curl command to check if Elasticsearch is running. Note that Elasticsearch listens on tcp port 9200 by default.

apt install curl
curl -XGET "localhost:9200/"
{ “name” : “ubuntu”, “cluster_name” : “elasticsearch”, “cluster_uuid” : “pE3v-1oSTfaiF3Dp2VbOjg”, “version” : { “number” : “7.17.0”, “build_flavor” : “default”, “build_type” : “deb”, “build_hash” : “bee86328705acaa9a6daede7140defd4d9ec56bd”, “build_date” : “2022-01-28T08:36:04.875279988Z”, “build_snapshot” : false, “lucene_version” : “8.11.1”, “minimum_wire_compatibility_version” : “6.8.0”, “minimum_index_compatibility_version” : “6.0.0-beta1” }, “tagline” : “You Know, for Search” }

Bootstrap Checks/Single-node discovery.

Elasticsearch is listening on localhost by default. If you are running Elasticsearch for testing and you need to access it from outside, you need to change the network bind address. However, for this to work, you need to configure single-node discovery.

Hence, open the configuration file and;

vim /etc/elasticsearch/elasticsearch.yml
  • configure specific Interface IP by uncommenting and changing the value of network.host and uncomment the http.port line under the Network settings section. Be sure to implement strict firewall rules for security purposes.
# ———————————- Network ———————————– # # Set the bind address to a specific IP (IPv4 or IPv6): # #network.host: 192.168.0.1 network.host: 192.168.0.101 # # Set a custom port for HTTP: # #http.port: 9200 http.port: 9200 # # For more information, consult the network module documentation. #
  • add the line, discovery.type: single-node, under the Discovery settings section.
# ——————————— Discovery ———————————- # # Pass an initial list of hosts to perform discovery when this node is started: # The default list of hosts is [“127.0.0.1”, “[::1]”] # #discovery.seed_hosts: [“host1”, “host2”] # # Bootstrap the cluster using an initial set of master-eligible nodes: # #cluster.initial_master_nodes: [“node-1”, “node-2”] # # For more information, consult the discovery and cluster formation module documentation. # discovery.type: single-node

Restart Elasticsearch and confirm that it is listening on an interface IP.

curl -X GET "192.168.0.101:9200/"
{ “name” : “ubuntu”, “cluster_name” : “elasticsearch”, “cluster_uuid” : “pE3v-1oSTfaiF3Dp2VbOjg”, “version” : { “number” : “7.17.0”, “build_flavor” : “default”, “build_type” : “deb”, “build_hash” : “bee86328705acaa9a6daede7140defd4d9ec56bd”, “build_date” : “2022-01-28T08:36:04.875279988Z”, “build_snapshot” : false, “lucene_version” : “8.11.1”, “minimum_wire_compatibility_version” : “6.8.0”, “minimum_index_compatibility_version” : “6.0.0-beta1” }, “tagline” : “You Know, for Search” }

Well, Elasticsearch is now running.

Upto that end, you have learnt how to install Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8.

You can also check our guide on how to install Elasticsearch 7.x on CentOS 7/Fedora 29. Enjoy.

To build Elastic Stack, you need to install and configure other Components such as Kibana, Logstash, Beats. See the links below;

Install Kibana 7 on Ubuntu 18.04/Debian 9.8

Install and Configure Logstash 7 on Ubuntu 18/Debian 9.8

Install and Configure Filebeat 7 on Ubuntu 18.04/Debian 9.8

I am the Co-founder of Kifarunix.com, Linux and the whole FOSS enthusiast, Linux System Admin and a Blue Teamer who loves to share technological tips and hacks with others as a way of sharing knowledge as: "In vain have you acquired knowledge if you have not imparted it to others".

Related Posts

Install and Configure Tripwire Security Monitoring tool on CentOS 8
Install Nagios NRPE Agents on Ubuntu 22.04/Ubuntu 20.04
Install Grafana Data Visualization Tool on Ubuntu 18.04

4 thoughts on “Install Elasticsearch 7.x on Ubuntu 18.04/Debian 9.8”

  1. Thank you so much. You saved my time. I tried different tutorial on different blog but no one were helpful to install elasticsearch 7.10 version. This tutorial was very helpful for me and other to install any version of elastic search

    Reply

Leave a Comment