Installing Elasticsearch

Elasticsearch can be downloaded from the following URL: https://www.elastic.co/downloads/elasticsearch

This document is using elasticsearch-7.16.2-linux-x86_64.tar.gz.

Installing a small instance of a single node Elasticsearch cluster will involve the following steps:

1. Logon as the root user (or prefix commands with ‘sudo’).

2. Set the vm.max_map_count setting in the current context and the /etc/sysctl.conf file.

    echo 'vm.max_map_count=262144' >> /etc/sysctl.conf
    sysctl vm.max_map_count=262144
   

3. Create an Elasticsearch user.

    useradd -c "Elasticsearch User" elastic
   

4. Create folder structure and change ownership.

    mkdir -p /opt/es/data
    mkdir -p /opt/es/logs
    mkdir -p /opt/es/backups
    chown -R elastic:elastic /opt/es
   

5. Extract the downloaded Elasticsearch package into /opt, create a symlink and change ownerships.

    cd /opt
    tar xzf /path/to/elasticsearch-7.14.0-linux-x86_64.tar.gz
    ln -s elasticsearch-7.14.0 elasticsearch
    chown -R elastic:elastic elasticsearch-7.14.0
   

6. Create/edit the elasticsearch configuration file and ensure the following are set: /opt/elasticsearch/config/elasticsearch.yml

    cluster.name: esdata
    node.name: solo
    path.data: /opt/es/data
    path.logs: /opt/es/logs
    path.repo: /opt/es/backups
    network.host: ["_local_","_site_"]
    http.port: 9200
    discovery.type: single-node
    xpack.security.enabled: false
   

7. Create/edit the jvm parameters in the configuration file /opt/elasticsearch/config/jvm.options. Set the memory requirements for the Elasticsearch instance. No more than half the available RAM available on a machine. You could use 256m as well.

    -Xms512m
    -Xmx512m
   

8. Create a systemd service (if your system uses systemd) by creating the following file: /etc/systemd/system/elasticsearch.service with the following content:

    [Service]
    User=elastic
    Group=elastic
    LimitNOFILE=65536
    LimitNPROC=4096
    ExecStart=/opt/elasticsearch/bin/elasticsearch
    Restart=always
    RestartSec=10
   
    [Install]
    WantedBy=multi-user.target
   

9. Open the firewall (if using firewalld and the elasticsearch service is already in place)

    firewall-cmd --zone=public --add-service=elasticsearch --permanent
    firewall-cmd --zone=public --add-service=elasticsearch
   

10. Enable and start the elasticsearch service.

     systemctl enable elasticsearch
     systemctl start elasticsearch
    

11. View the startup logs and ensure all looks good:

     journalctl -efu elasticsearch