Installing Elasticsearch

What is Elasticsearch ?

Elasticsearch is a highly scalable open source search engine. Elasticsearch supports multi-tenancy, meaning it can store multiple indices on a server, and information can be retrieved from multiple indices using a single query. It uses documents with JSON format; for requests, responses, and during transfer, they are automatically indexed. Elasticsearch has three main uses: web search, log analysis, and big data analytics.

If you are familiar with relational databases, the table below shows equivalent terms in Elasticsearch:

Index: A collection of documents that contain similar characteristics is called an index. An index is similar to a database. The term index should not be confused with a database index, as someone familiar with traditional SQL might assume. There is no limit on how many indices there can be in a cluster. The word indexing means inserting/updating the documents into an Elasticsearch index. The name of the index must be unique and typed in all lowercase letters.

Type: A type is similar to a database table, an index can have one or more types. Type is a logical separation of different kinds of data.

Document: A document is a JSON object that contains the actual data in key value pairs. A row contains columns; similarly, a document contains fields. Elasticsearch documents are very flexible and support storing nested objects.

Installing Elasticsearch on RedHat 8

We need to download Elasticsearch, take the following steps:

1. Install the rpm package manually using the following steps.

We can download the rpm package for Elasticsearch v8.3.2 from the website using the following command:

sudo wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.3.2-x86_64.rpm

2. After downloading the rpm package we can compare the SHA of the downloaded rpm using the following command:

sudo wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.3.2-x86_64.rpm.sha512
shasum -a 512 -c elasticsearch-8.3.2-x86_64.rpm.sha512

3. Once the rpm package is downloaded, we can install it using the following command:

sudo rpm --install elasticsearch-8.3.2-x86_64.rpm

As seen in the above command output, security features are enabled and configured by default in Elasticsearch installation. elastic user’s password is also created at installation.

4. This way we can manually install the rpm package. After installing Elasticsearch, we can run the service using the systemd method.

We can configure Elasticsearch to start automatically every time the system boots up by running the following commands:

sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service

5.Using the below command we can start Elasticsearch and check its status:

sudo systemctl start elasticsearch.service
sudo systemctl status elasticsearch.service

6. We can check whether Elasticsearch is running by sending an HTTP request on the Elasticsearch host and port. For example, if Elasticsearch is installed on the local machine, we can test by hitting the following command in the command line:

curl -X GET "https://localhost:9200/_cluster/health?wait_for_status=yellow&timeout=50s&pretty" --key certificates/elasticsearch-ca.pem  -k -u elastic

Elasticsearch uses port 9200 by default. You can check /etc/elasticsearch/elasticsearch.yml file for port and host settings.

I briefly talked about elasticsearch installation. For more detailed information, you can check elasticsearch’s website.