Install and Configure Elasticsearch on Ubuntu 14.04

If you are here, I assume you know what Elasticsearch (ES) is, a platform for distributed search and analysis of data in real time. It's easy to use, it has powerful features and it's scalable.

ES supports RESTful operations, which are both developer and user friendly. That's one of the main reasons for Elasticsearch's popularity.

I will show you how to install, configure and start using ES. I will assume that you have Ubuntu 14.04 and a non-root sudo user. I chose Elasticsearch 2.2.0, but you can download any available version, by changing the version number.

Note: I used these commands on Ubuntu 16.04 too, it should work with minimal changes*.

1. Install Java

ES is written in Java, so you need a JRE (Java Runtime Environment) installed. You can use the Ubuntu OpenJDK native package, which is free, well-supported, and automatically managed through the Ubuntu APT installation manager.

First update the list of available packages by running:

$ sudo apt-get update

Then install OpenJDK with the following command:

$ sudo apt-get install openjdk-7-jre

You can also verify that JRE is installed properly:

$ java -version

The above command will output something like this:

java version "1.7.0_95"  
OpenJDK Runtime Environment (IcedTea 2.6.4) (7u95-2.6.4-0ubuntu0.14.04.2)  
OpenJDK 64-Bit Server VM (build 24.95-b01, mixed mode)  

Update*

It seems that openjdk-7-jre can not be installed on Ubuntu 16.04. If you got an error similar to the one below, then you should install openjdk-8-jre.

Package openjdk-7-jre is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package 'openjdk-7-jre' has no installation candidate

So let's install openjdk-8-jre:

$ sudo apt-get install openjdk-8-jre

ElasticSearch should work with this version too, without any problem.

2. Download and Install Elasticsearch

ES can be downloaded directly from elastic.co in zip, tar.gz, deb, or rpm packages. For Ubuntu, it's best to use the deb (Debian) package which will install everything you need to run ES.

$ wget https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-2.2.0.deb

When it's downloaded install it with the dpkg command:

$ sudo dpkg -i elasticsearch-2.2.0.deb

If you followed all these steps, then ES is installed in /usr/share/elasticsearch. The configuration files are placed in /etc/elasticsearch and the init script is added in /etc/init.d/elasticsearch.

To make sure ES starts and stops automatically add the init script to the default runlevels by running this command:

$ sudo update-rc.d elasticsearch defaults

3. Configure Elasticsearch

As I mentioned before, the ES configuration files are placed in /etc/elasticsearch. You can find two files here:

  • elasticsearch.yml - ES server settings

  • logging.yml - configuration for logging (You can leave the default logging options for now and edit it later if necessary. You can find the resulting logs in /var/log/elasticsearch.)

Anytime you install ES, the first variables to change are node.name and cluster.name in elasticsearch.yml (We will do the most of our settings in this file). These variables specify the name of the server (node) and the cluster to which the latter is associated. If you don't really have the patience to configure these variables, you don't have to. Some automatic values will be assigned.

The cluster.name is used to automatically discover and associate ES nodes to a cluster. So, if you don't change the default value, you might have unwanted nodes, found on the same network, in your cluster.

To start editing the elasticsearch.yml configuration file, open it with your favourite text editor (mine is pico):

$ sudo pico /etc/elasticsearch/elasticsearch.yml

Find the lines starting with # node.name and # cluster.name and remove the # character to uncomment them. Then you can change their values:

...
node.name: <<node_name>>  
cluster.name: <<cluster_name>>  
...

You can do more configuration, but for now we will use the default options.

You can start ES for the first time with the command:

$ sudo service elasticsearch start

It might take up to 10 seconds for ES to fully start. Please be patient and wait 10 seconds, otherwise you may get errors saying that you are not able to connect.

4. Secure Elasticsearch

Elasticsearch has no built-in security and can be controlled by anyone who can access the HTTP API. The first security tweak is to prevent public access. Open the configuration file again:

$ sudo pico /etc/elasticsearch/elasticsearch.yml

Find the line which contains network.host, remove the # character at the beginning of the line to uncomment it, then change the value to localhost:

...
network.host: localhost  
...

I have uncommented the line containing the port too. You can change the port if you wish:

...
http.port: 9200  
...

You should do more security settings, but I will present those in another, advanced tutorial. For now we will use the default settings.

5. Start Using Elasticsearch

ES should be running on port 9200. Test it with the following command:

$ curl -X GET 'http://localhost:9200'

You should see a similar response:

{
  "name" : "Architect",
  "cluster_name" : "elasticsearch",
  "version" : {
    "number" : "2.2.0",
    "build_hash" : "8ff36d139e16f8720f2947ef62c8167a888992fe",
    "build_timestamp" : "2016-01-27T13:32:39Z",
    "build_snapshot" : false,
    "lucene_version" : "5.4.1"
  },
  "tagline" : "You Know, for Search"
}

If you do not see a similar response to the one above, make sure that you have followed my instructions and allowed some time for ES to fully start. (!! It can take up to a few minutes. If it's not fully started it will show this error: curl: (7) Failed to connect to localhost port 9200: Connection refused. !!)

Any suggestions are welcome.