Logo

How to Install Elasticsearch on Ubuntu 22.04

Try this guide with our instant dedicated server for as low as 40 Euros

Install Elasticsearch on Ubuntu

If you’re a data detective searching through gigabytes of logs or a webmaster looking to enhance your site’s search capabilities, Elasticsearch is the solution for you.

Elasticsearch is a real-time full-text search platform used in applications that require extensive data analysis. 

In this tutorial, we will discuss how to install Elasticsearch on Ubuntu 22.04. Next, we will discuss how to configure the module for your better performance. 

But before moving on, let us briefly introduce Elasticsearch.

Table Of Contents

  1. What is Elasticsearch?
  2. The Key Features of Elasticsearch
  3. How to Install Elasticsearch on Ubuntu 22.04
    1. Step #1: Install Necessary Dependencies
    2. Step #2: Add the Elasticsearch Repository
    3. Step #3: Install Elasticsearch
    4. Step #4: Initiate the Elasticsearch Service
    5. Step #5: Check Elasticsearch Status
  4. How to Configure Elasticsearch
    1. Configuration #1: Allow Remote Access
    2. Configuration #2: Use UFW to Secure Elasticsearch (Optional)
  5. How to Test Elasticsearch
  6. Conclusion
  7. FAQs

What is Elasticsearch?

Elasticsearch is a powerful, open-source search and analytics engine primarily used for full-text search, log analytics, and business intelligence. It supports RESTful operations and allows users to store, search, and analyze big volumes of data in real-time.

The Key Features of Elasticsearch 

Some of the key features of Elasticsearch are:

Distributed and Scalable

Elasticsearch is built to scale horizontally. This enables it to distribute and access data across multiple servers seamlessly, improving performance and reliability.

Real-time Search and Analytics

Elasticsearch offers sophisticated full-text search capabilities, including features like phrase matching, relevance scoring, and fuzzy search, crucial for effective information retrieval.

RESTful API

Elasticsearch uses a RESTful API, making it easy to interact with the module via HTTP. This ensures that you can integrate it with various programming languages and platforms.

Schema-free JSON Documents

Elasticsearch supports schema-free document storage, enabling dynamic indexing of JSON documents without requiring predefined schemas.

How to Install Elasticsearch on Ubuntu 22.04

Now that you have a basic understanding of Elasticsearch, let us see how to install it on Ubuntu 22.04.  However, before that, let us take a quick look at the prerequisites. 

The Prerequisites 

Before the installation process, make sure you have the following:

  • A system running Ubuntu 22.04
  • Terminal or command line access
  • A user account with sudo or administrative privileges.

Step #1: Install Necessary Dependencies

Before installing Elasticsearch on Ubuntu, ensure you have the Java Development Kit (JDK) installed.

We suggest printing out the version information to verify JDK is installed on your system. The command in this case will be as following:

# java -version

If Java is present, the version information will be displayed.  If not, an error message will be displayed like bash: /usr/bin/java:

If JDK is installed in your system, you can skip to step #2. 

If not, update your package repository.

# sudo apt update

Next, install the default JDK with the following command:

# sudo apt install openjdk-8-jdk

sudo apt install openjdk

Once installed, verify successful installation by executing the following command that print version information:

# java -version

If the output displays the version of the installed JDK, you have successfully installed it. 

java -version

Next, install the APT transport package.

# sudo apt install apt-transport-https

sudo apt install apt-transport-https

Step #2: Add the Elasticsearch Repository

Update the Elasticsearch repository’s GPG key with the following wget command:

# wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

wget -qO

This command retrieves and adds the GPG key to your terminal, ensuring secure communication when installing Elasticsearch.

When the keys have been successfully added, the output displays OK.

Note: Enter the above command exactly as shown to install Elasticsearch on Ubuntu. Ensure you use the correct uppercase letter spaces, and include the dash at the end of the command.

Next, add the Elasticsearch repository to your system package index:

# echo "deb https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-8.x.list

Note: Adjust version number (here 8) based on your Ubuntu version.

Step #3: Install Elasticsearch

Before installing Elasticsearch, update your package repository again.

# sudo apt update

Next, install Elasticsearch by running the following apt install command.

# sudo apt install elasticsearch

sudo apt install elasticsearch

Step #4: Initiate the Elasticsearch Service

After installing Elasticsearch on Ubuntu, you must start the service manually for the first time. In addition, you should note that Elasticsearch does not start automatically at the system reboots.

Start by reloading the systemd configuration:

# sudo systemctl daemon-reload

Next, enable the Elasticsearch service to start automatically on system boot:

# sudo systemctl enable elasticsearch.service

sudo systemctl enable elasticsearch.service

Note: If you’re using Ubuntu on Windows, the systemctl commands won’t work. 

To start, stop, and restart the Elasticsearch service in Unix like systems, run the appropriate command from the following:

sudo service elasticsearch start

sudo service elasticsearch stop

sudo service elasticsearch restart

In Ubuntu-like systems, use the following commands to restart and stop.

# sudo systemctl restart elasticsearch.service

# sudo systemctl stop elasticsearch.service

Step #5: Check Elasticsearch Status

Once you’ve started or restarted Elasticsearch, verify its status:

# service elasticsearch status

service elasticsearch status

As you can see, the output displays the service status, including tasks and other relevant information.

How to Configure Elasticsearch

Now that you have installed Elasticsearch, you need to configure for your specific needs.

Elasticsearch comes preconfigured for basic usage scenarios. So, for single-node setups, extensive reconfiguration isn’t typically required. But for more complex deployments, adjustments might be required. 

To make changes to the default Elasticsearch configuration, edit the elasticsearch.yml file located in the /etc/elasticsearch directory.

The configuration information for logging can be found in the /var/log/elasticsearch/logging.yml file. You can leave the logging settings at their default values and adjust them later if necessary.

Note: Any time you make changes to the Elasticsearch configuration, execute the following command to restart the service.

# sudo systemctl restart elasticsearch.service

Configuration #1: Allow Remote Access

By default, Elasticsearch restricts access only to your local system. To allow remote connections from other hosts, follow these steps.

Open the elasticsearch.yml file in your preferred text editor. We recommend Vim or Nano.

# sudo vim /etc/elasticsearch/elasticsearch.yml

Navigate to the Network section and find the line #network.host.

Remove the # symbol to uncomment the line. Set the IP address to 0.0.0.0 to allow connections from any host. Next, add the following lines:

transport.host: localhost

transport.tcp.port: 9300

http.port: 9200

The output would be similar.

network

Save and exit changes. If using Vim, press :wq to write and quit.

You can now access Elasticsearch remotely.

Note: Ensure you add all the lines listed above. If your network host is limited to 0.0.0.0, you may experience issues while attempting to restart the Elasticsearch service following this modification.

Configuration #2: Use UFW to Secure Elasticsearch (Optional)

Enabling remote access introduces a security concern. We highly recommend utilizing Uncomplicated Firewall (UFW) to safeguard your Elasticsearch installation.

While UFW comes pre-installed on Ubuntu, it’s usually deactivated by default. 

So, you first need to verify its status by executing this command:

# sudo ufw status

The output displays if UFW is active or not.

Next, add the required rules and activate UFW. 

Enable SSH access for remote management. For this, run this command to grant access to port 22 (or your custom port).

# sudo ufw allow 22

sudo ufw allow 22

Elasticsearch listens on port 9200. Create a rule to allow access from a specific remote IP address.

# sudo ufw allow from external_IP to any port 9200

Replace external_IP with the actual IP address. 

Once you have added the rules, activate UFW.

# sudo ufw enable

Verify the rules are appropriately executed.

# sudo ufw status

sudo ufw status

This command displays both the status and the details of the rules you created.

How to Test Elasticsearch

Now that remote access has been enabled and UFW has been configured, you can test Elasticsearch.

Elasticsearch listens on port 9200 by default. Use the curl command to send a test request.

# curl localhost:9200

curl localhost9200

If the output displays version information and other fields like date, hash, etc., confirming that Elasticsearch is working accurately.

Conclusion

Installing Elasticsearch on Ubuntu involves a few essential steps: updating your system, installing Java, adding the Elasticsearch repository, configuring the service, and enabling remote access. 

Follow this tutorial, to successfully configure a robust search and analytics engine on your Ubuntu machine. 

FAQs

Q. How can I install Elasticsearch using the default package manager on Ubuntu?

To install Elasticsearch on Ubuntu, you must first update your package list and install necessary packages like software-properties-common and apt-transport-https. Then, add the Elasticsearch package source list to your APT sources, and finally, use the package manager to install Elasticsearch.

Q. What is the role of a reverse proxy in an Elasticsearch setup?

A reverse proxy, such as Nginx, can be used with Elasticsearch to enhance security, load balancing, and SSL termination, providing an additional layer of protection and better handling of complex search requirements.

Q. Why do I need the apt-transport-https package to install Elasticsearch?

The apt-transport-https package is required to allow your APT package manager to access repositories over HTTPS, which is necessary for securely downloading Elasticsearch from the Elastic package source list.

Q. How do I configure Elasticsearch for complex search requirements?

You can configure Elasticsearch to handle complex search requirements by modifying the default configuration file (elasticsearch.yml). This involves setting various parameters like node roles, an array of hosts and enabling specific plugins or features to meet your search and analytics needs.

Q. What popular search engines can be compared to Elasticsearch?

Elasticsearch is often compared to other popular search engines like Apache Solr and Sphinx. Unlike these, Elasticsearch provides a robust full-text search and analytics engine with a powerful REST API for handling various search and analytics operations.

Q. What should I do if extra spaces are in my Elasticsearch configuration file?

Ensure there are no extra spaces or formatting errors in your Elasticsearch configuration file (elasticsearch.yml) to avoid configuration issues. Incorrect formatting can prevent Elasticsearch from starting accurately or cause unexpected behavior.

Q. How can I secure my Elasticsearch installation against package spoofing?

To secure your Elasticsearch installation, always download packages from trusted sources, use HTTPS for repository access, and verify GPG keys. Additionally, setting up a reverse proxy and enabling authentication and authorization can further protect your Elasticsearch instance.

Q. How can Elasticsearch be integrated into a developer cloud environment?

Elasticsearch can be integrated into a developer cloud environment by deploying it on cloud platforms like AWS, Google Cloud, or Azure. You can use the cloud provider’s tools to manage and scale your Elasticsearch instances and take advantage of their security features.

Q. How do I check the status of Elasticsearch installed on a remote server?

You can check the status of Elasticsearch on a remote server by using curl to send a request to the server’s IP address and port 9200 or by adding SSH into the server and using the appropriate service management commands to check Elasticsearch’s status.

Q. What are RESTful operations in the context of Elasticsearch?

RESTful operations in Elasticsearch refer to the use of standard HTTP methods like GET, POST, PUT, and DELETE to interact with the Elasticsearch REST API. These operations allow you to perform tasks such as indexing, searching, and managing data.

Q. How can the software-properties-common package assist in managing Elasticsearch repositories?

The software-properties-common package provides tools to manage software sources and PPAs, making it easier to add and manage the Elasticsearch repository in your APT sources list for installation and updates.

Try this guide with our instant dedicated server for as low as 40 Euros