This post will guide you how to install and configure an ElasticSearch server on your CentOS or RHEL Linux 7 system. How do I set up a distributed real-time search and analytics by set up an Elasticsearch server on CentOS Linux.
- What is ElasticSearch?
- Prerequisites
- Step1: Installing JAVA
- Step2: Downloading ElasticSearch
- Step3: Installing ElasticSearch
- Step4: Configuring ElasticSearch
- Step5: Securing ElasticSearch
- Step6: Installing ElasticSearch Head Plugin
- Step7: Using ElasticSearch
What is ElasticSearch?
Elasticsearch is an open source search engine based on the Lucene library. And it provides a distributed, multitenant-capable full-text search engine with an HTTP web interface (RESTful) and schema-free JSON documents. So you can use HTTP methods in combination with an HTTP URI to operate your data.
Elasticsearch is the most popular enterprise search engine followed by Apache Solr, also based on Lucene. And it can be use to search for all kind of text documents or analyzing big volumes of data in real time.
Elasticsearch is developed in JAVA. It is freely available under the Apache 2 license, so it provide the most flexibility.
Prerequisites
As Elasticsearch is developed in Java, so you need to have the latest JDK installed on your current CentOS or RHEL system.
The logging user also need to have sudo privileges so that you can install packages.
Step1: Installing JAVA
You need to have a JAVA Runtime Environment (JRE) on your Elsticsearch server, As Elasticsearch is developed in the JAVA programming language. So you can install the OpenJDK package from the default CentOS or RHEL repository with the following command:
$ sudo yum install java-1.8.0-openjdk.x86_64
Outputs:
[devops@devops ~]$ sudo yum install java-1.8.0-openjdk.x86_64
[sudo] password for devops:
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* epel: mirrors.yun-idc.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package java-1.8.0-openjdk.x86_64 1:1.8.0.212.b04-0.el7_6 will be installed
--> Processing Dependency: java-1.8.0-openjdk-headless(x86-64) = 1:1.8.0.212.b04-0.el7_6 for package: 1:java-1.8.0-openjdk-1.8.0.212.b04-0.el7_6.x86_64
.....
---> Package python-lxml.x86_64 0:3.2.1-4.el7 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
====================================================================================================================
Package Arch Version Repository Size
====================================================================================================================
Installing:
java-1.8.0-openjdk x86_64 1:1.8.0.212.b04-0.el7_6 updates 270 k
Installing for dependencies:
......
Transaction Summary
====================================================================================================================
Install 1 Package (+16 Dependent packages)
Total download size: 34 M
Installed size: 109 M
Is this ok [y/d/N]: y
Total 4.0 MB/s | 34 MB 00:00:08
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing :
Installing : 1:java-1.8.0-openjdk-headless-1.8.0.212.b04-0.el7_6.x86_64 16/17
Installing : 1:java-1.8.0-openjdk-1.8.0.212.b04-0.el7_6.x86_64 17/17
Verifying :
Verifying : 1:java-1.8.0-openjdk-headless-1.8.0.212.b04-0.el7_6.x86_64 14/17
Verifying : 1:java-1.8.0-openjdk-1.8.0.212.b04-0.el7_6.x86_64 15/17
Installed:
java-1.8.0-openjdk.x86_64 1:1.8.0.212.b04-0.el7_6
Complete!
After JDK package is installed, you can check the installation of JDK package by print the version of JDK installed, type:
$ java -version
Outputs:
[devops@devops ~]$ java -version openjdk version "1.8.0_212" OpenJDK Runtime Environment (build 1.8.0_212-b04) OpenJDK 64-Bit Server VM (build 25.212-b04, mixed mode)
From the above outputs, you would see that the OpenJDK Runtime Environment is available. You can also install Oracle JDK 8 to set up JRE.
Step2: Downloading ElasticSearch
Once JAVA is installed on your system, and then you can download installation package of Elasticsearch to your local disk.
You can download the latest Elasticsearch archive file from official download page of elastic. And you can also download directly rpm package of Elasticsearch from the official download page. Use one of the following command to get the Elasticsearch package, type:
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.0.0-linux-x86_64.tar.gz
Or
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.0.0-x86_64.rpm
Ouptuts:
[devops@devops ~]$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.0.0-linux-x86_64.tar.gz --2019-04-23 06:41:12-- https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.0.0-linux-x86_64.tar.gz Resolving artifacts.elastic.co (artifacts.elastic.co)... 151.101.110.222, 2a04:4e42:1a::734 Connecting to artifacts.elastic.co (artifacts.elastic.co)|151.101.110.222|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 346760090 (331M) [application/x-gzip] Saving to: ‘elasticsearch-7.0.0-linux-x86_64.tar.gz’ 100%[======================================================================================================================>] 346,760,090 6.35MB/s in 58s 2019-04-23 06:42:11 (5.72 MB/s) - ‘elasticsearch-7.0.0-linux-x86_64.tar.gz’ saved [346760090/346760090] [devops@devops ~]$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.0.0-x86_64.rpm --2019-04-23 06:43:37-- https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.0.0-x86_64.rpm Resolving artifacts.elastic.co (artifacts.elastic.co)... 151.101.230.222, 2a04:4e42:36::734 Connecting to artifacts.elastic.co (artifacts.elastic.co)|151.101.230.222|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 346827255 (331M) [application/octet-stream] Saving to: ‘elasticsearch-7.0.0-x86_64.rpm’ 100%[======================================================================================================================>] 346,827,255 6.03MB/s in 57s 2019-04-23 06:44:35 (5.77 MB/s) - ‘elasticsearch-7.0.0-x86_64.rpm’ saved [346827255/346827255]
Note: At the time of writing this post, the latest version of Elasticsearch is 7.0.
Step3: Installing ElasticSearch
If you downloaded Elasticsearch Archive file, you just need to extract it on your system, type:
$ tar -zxvf elasticsearch-7.0.0-linux-x86_64.tar.gz
If you downloaded the native rpm package of Elasticsearch on your system, you can install it with rpm or yum install command, type:
$ rpm -ivh elasticsearch-7.0.0-x86_64.rpm
Or
$ yum install elasticsearch-7.0.0-x86_64.rpm
Outputs:
[devops@devops ~]$ sudo yum install elasticsearch-7.0.0-x86_64.rpm
[sudo] password for devops:
Loaded plugins: fastestmirror
Examining elasticsearch-7.0.0-x86_64.rpm: elasticsearch-7.0.0-1.x86_64
Marking elasticsearch-7.0.0-x86_64.rpm to be installed
Resolving Dependencies
--> Running transaction check
---> Package elasticsearch.x86_64 0:7.0.0-1 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================================================================================================
Package Arch Version Repository Size
================================================================================================================================================================
Installing:
elasticsearch x86_64 7.0.0-1 /elasticsearch-7.0.0-x86_64 545 M
Transaction Summary
================================================================================================================================================================
Install 1 Package
Total size: 545 M
Installed size: 545 M
Is this ok [y/d/N]: y
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Creating elasticsearch group... OK
Creating elasticsearch user... OK
Installing : elasticsearch-7.0.0-1.x86_64 1/1
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
sudo systemctl start elasticsearch.service
Created elasticsearch keystore in /etc/elasticsearch
Verifying : elasticsearch-7.0.0-1.x86_64 1/1
Installed:
elasticsearch.x86_64 0:7.0.0-1
Complete!
Elasticsearch will be installed in /usr/share/elasticsearch directory, and its configuration files locates in /etc/elasticsearch directory. And its init script is added into /etc/init.d/ directory.
Once the installation process is complete, you need to start and enable elaticsearch service by the following command:
$ sudo systemctl start elasticsearch.service $ sudo systemctl enable elasticsearch.service
Outputs:
[devops@devops ~]$ sudo systemctl start elasticsearch.service [sudo] password for devops: [devops@devops ~]$ sudo systemctl enable elasticsearch.service Created symlink from /etc/systemd/system/multi-user.target.wants/elasticsearch.service to /usr/lib/systemd/system/elasticsearch.service.
Then you can use curl command to send an HTTP request to the default port 9200 of Elasticsearch service, type:
$ curl -X GET "localhost:9200/"
Outputs:
[devops@devops ~]$ curl -X GET "localhost:9200/" { "name" : "devops", "cluster_name" : "elasticsearch", "cluster_uuid" : "xsMDZ1XrR3ytwWlQXvh3sA", "version" : { "number" : "7.0.0", "build_flavor" : "default", "build_type" : "rpm", "build_hash" : "b7e28a7", "build_date" : "2019-04-05T22:55:32.697037Z", "build_snapshot" : false, "lucene_version" : "8.0.0", "minimum_wire_compatibility_version" : "6.7.0", "minimum_index_compatibility_version" : "6.0.0-beta1" }, "tagline" : "You Know, for Search" }
If you get the output similar to the above, it indicates that Elasticsearch server is successfully installed on your CentOS or RHEL Linux.
Step4: Configuring ElasticSearch
After Elasticsarch is installed, you can go to the configuration directory /etc/elasticsearch/ direcotry to edit the elasticsearch.yml configuration file.
You can change node.name and cluster.name as you need in the elasticsearch.yml file. If you do not change these name variables, node.name will be assigned automatically with the default hostname. And the cluster.name will be automatically set to the name of the default cluster as “elasticsearch“.
$ sudo vim /etc/elasticsearch/elasticsearch.yml
Then you need to remove the # character at the begainning of the lines for node.name and cluster.name to uncomment them. And then change their values as you need.
For example, changing node.name as osetcnode, and changing cluster.name as osetccluster:
node.name: "osetcnode" cluster.name: "osetccluster"
Save and close the file. and restart the elasticsearch service by the following command:
$ sudo systemctl restart elasticsearch.service
Then you can test it again by sending a HTTP GET request with curl command, type:
$ curl -X GET 'http://localhost:9200'
Outputs:
[devops@devops ~]$ curl -X GET "localhost:9200/" curl: (7) Failed connect to localhost:9200; Connection refused [devops@devops ~]$ curl -X GET "localhost:9200/" { "name" : "osetcnode", "cluster_name" : "osetccluster", "cluster_uuid" : "xsMDZ1XrR3ytwWlQXvh3sA", "version" : { "number" : "7.0.0", "build_flavor" : "default", "build_type" : "rpm", "build_hash" : "b7e28a7", "build_date" : "2019-04-05T22:55:32.697037Z", "build_snapshot" : false, "lucene_version" : "8.0.0", "minimum_wire_compatibility_version" : "6.7.0", "minimum_index_compatibility_version" : "6.0.0-beta1" }, "tagline" : "You Know, for Search" }
Note: the elasticsearch service will take at least 5 seconds to fully start. So if you see the following error message: curl: (7) Failed connect to localhost:9200; Connection refused, and you just wait a few seconds and try it again.
Step5: Securing ElasticSearch
As Elasticsearch do not provide any security, so it can be accessed by anyone who can access the HTTP API. So if you want to allow the specified remote hosts to access your Elasticsearch server, you need to change network.host variable so that Elasticsearch service can only be accessed from those remote hosts.
Editing elasticsearch.yml configuration file, and finding the line that contains network.host, and uncomment it by removing the # character at the beginning of the line, and change its value as IP address of your remote host.
network.host: 192.168.3.29 #listening on specified remote host
Save and close the file, restart the Elasticsearch service for the changes to take effect, type:
$ sudo systemctl restart elasticsearc.service
You still need to allow access the default port 9200 from the trusted clients, so you need to add the trusted hosts into your firewall policy, type the following command:
$ sudo firewall-cmd --new-zone=elastic --permanent $ sudo firewall-cmd --reload $ sudo firewall-cmd --zone=elastic --add-source=192.168.3.29/32 --permanent $ sudo firewall-cmd --zone=elastic --add-port=9200/tcp --permanent $ sudo firewall-cmd --reload
Step6: Installing ElasticSearch Head Plugin
You can also install a web front-end plugin called elasticsearc-head. it can be used to browse and interact with an Elasticsearach cluster. Just do the following steps:
#1 try to git ElasticSearch-head files into to your local disk, type:
$ git clone git://github.com/mobz/elasticsearch-head.git
Outputs:
[devops@devops ~]$ git clone git://github.com/mobz/elasticsearch-head.git Cloning into 'elasticsearch-head'... remote: Enumerating objects: 32, done. remote: Counting objects: 100% (32/32), done. remote: Compressing objects: 100% (24/24), done. remote: Total 4260 (delta 8), reused 32 (delta 8), pack-reused 4228 Receiving objects: 100% (4260/4260), 2.21 MiB | 73.00 KiB/s, done. Resolving deltas: 100% (2337/2337), done.
#2 change the current directory to elasticsearch-head, type:
$ cd elasticsearch-head
#3 if your system do not install npm tool ,install it with the following command:
$ yum install npm -y
#4 install and start elasticsearch-head, type:
$ npm install $ npm run start
Outputs:
[devops@devops elasticsearch-head]$ npm run start > elasticsearch-head@0.0.0 start /home/devops/elasticsearch-head > grunt server Running "connect:server" (connect) task Waiting forever... Started connect web server on http://localhost:9100
Then you can open http://localhost:9100 to access front end web server on your web browser.
Note: if you want to access web frond end from remote host, you still need to allow port 9100 for the trusted remote host, type:
$ sudo firewall-cmd --zone=elastic --add-port=9100/tcp --permanent $ sudo firewall-cmd --reload
Step7: Using ElasticSearch
You can add data to your elasticsearch server using a RESTful API with Curl command. Or you can also read, delete or update the data using API.
Let’s try to add your first data into Elasticsearch server, type:
$ curl -H "Content-Type: application/json" -X POST 'http://localhost:9200/osetc/howto/' -d '{ "Title" : "Installing Elasticsearch", "Date" : "Jan 2020", "Tag" : "server,CentOS,Linux" }'
Outputs:
[root@devops ~]# curl -H "Content-Type: application/json" -X POST 'http://localhost:9200/osetc/howto/' -d '{ > "Title" : "Installing Elasticsearch", > "Date" : "Jan 2020", > "Tag" : "server,CentOS,Linux" > }' {"_index":"osetc","_type":"howto","_id":"2BmcSmoB1ug0pWDkkxaV","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":0,"_primary_term":2}
If you want to query the data on Elasticsearch, just type:
$ curl -X GET 'http://localhost:9200/osetc/howto/2BmcSmoB1ug0pWDkkxaV'
Outputs:
[root@devops ~]# curl -X GET 'http://localhost:9200/osetc/howto/2BmcSmoB1ug0pWDkkxaV' {"_index":"osetc","_type":"howto","_id":"2BmcSmoB1ug0pWDkkxaV","_version":1,"_seq_no":0,"_primary_term":2,"found":true,"_source":{ "Title" : "Installing Elasticsearch", "Date" : "Jan 2020", "Tag" : "server,CentOS,Linux" }}
If you want to remove data, just type:
$ curl -X DELETE 'http://localhost:9200/osetc/howto/2BmcSmoB1ug0pWDkkxaV'
Outputs:
[root@devops ~]# curl -X DELETE 'http://localhost:9200/osetc/howto/2BmcSmoB1ug0pWDkkxaV' {"_index":"osetc","_type":"howto","_id":"2BmcSmoB1ug0pWDkkxaV","_version":2,"result":"deleted","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":1,"_primary_term":2}
Conclusion
You should know that how to install and configure ElasticSearch to set up a distributed search engine on your CentOS or RHEL Linux 6/7. If you want to get more detail document about Elasticsearch, you can directly go to its official web site.