October 26, 2022 . 3 MIN READ
Elasticsearch is a powerful platform designed for real-time distributed search and data analysis. It is widely used because of its flexibility, scalability, and advanced search capabilities. Many organizations rely on Elasticsearch to analyze logs, application data, and large datasets efficiently.
This guide explains how to install Elasticsearch, configure it for your environment, secure the installation, and start using it on an Ubuntu server.
Before starting, ensure the following requirements are met:
A server running Ubuntu 22.04
At least 2 GB RAM and 2 CPU cores
A non-root user with sudo privileges
The hardware requirements for Elasticsearch depend on the amount of data or logs you plan to process. Larger workloads may require additional CPU, memory, and storage resources.
Elasticsearch packages are not included in the default Ubuntu repositories. Instead, they must be installed by adding the official Elastic package repository.
First, import the Elasticsearch GPG key to verify the authenticity of the packages:
Next, add the Elastic package repository:
Update the package list:
Then install Elasticsearch:
Once the installation is complete, Elasticsearch is ready for configuration.
The main configuration file is located at:
Open the file using a text editor:
This file uses YAML format, so it is important to keep proper indentation when editing.
For a basic single-server setup, modify the network host setting to restrict access to the local machine:
This ensures Elasticsearch only accepts connections from the local server, improving security.
After making changes, save the file and exit the editor.
Start the Elasticsearch service:
Enable the service so it automatically starts during system boot:
By default, Elasticsearch can be accessed through its HTTP API. If the service is exposed to external networks, unauthorized users could potentially read data or modify the cluster.
To limit access, configure the system firewall using UFW (Uncomplicated Firewall).
Allow a trusted host to connect to port 9200, which is Elasticsearch’s default API port:
Enable the firewall:
Check the firewall status:
If configured correctly, the firewall will allow access only from the specified IP address.
After installation, Elasticsearch should be running on port 9200.
You can verify the installation using a cURL request:
If Elasticsearch is working correctly, the server will return a JSON response containing information about the cluster, node name, and version.
For a more detailed check, run:
This command displays detailed information about the cluster configuration, node settings, and modules.
Elasticsearch works through a RESTful API, supporting standard operations such as:
Create
Read
Update
Delete
These actions can be performed using HTTP requests.
Adding the pretty parameter formats the output, making it easier to read.
You have successfully installed, configured, and tested Elasticsearch on an Ubuntu 22.04 server. You also learned how to secure the installation and perform basic data operations using the Elasticsearch API.
To explore advanced features such as indexing strategies, clustering, and search optimization, refer to the official Elasticsearch documentation.
Reference:
https://wiki.crowncloud.net/How_to_Install_Lets_Encrypt_SSL_Certificate_with_Nginx_on_Ubuntu_22_04 How_to_Install_Elasticsearch_on_Ubuntu_22_04#How+to+Install+Elasticsearch+on+Ubuntu+22.04
https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-elasticsearch-on-ubuntu-22-04
https://facsiaginsa.com/elastic/setup-elasticsearch-with-xpack-ssl
