Elasticsearch is a distributed and open-source search and analytics engine used for storing, searching, and analyzing data. Popular for its speed, scalability, and powerful set of features, Elasticsearch is capable of addressing a number of use cases like website searching, application performance monitoring, application search, Logging and log analytics, and much more.
In today’s post, we are going to show how to install Elasticsearch on the CentOS system. For installing Elasticsearch on Ubuntu, visit this post.
Note: The method shown here has been tested on CentOS 8. Also, note that you will need to either log in as a root user or run the installation commands.
Step 1: Downloading Elasticsearch
As of June 2021, the latest version of Elasticsearch available on its official website is 1.13.2. To download Elasticsearch 7.13.2, you can either use the commands described here or you can visit the Elasticsearch website page for the latest or any other previous version.
Use the following commands to download Elasticsearch version 7.13.2 and its checksum:
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.13.2-x86_64.rpm
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.13.2-x86_64.rpm.sha512
On the other hand, to manually download Elasticsearch and its published checksum SHA file from website, visit the Downloads page and download the RPM file and SHA file for the latest version. To download the previous version, visit Past Releases.
After downloading the Elasticsearch and SHA file, you can verify the file integrity. With both Elasticsearch .rpm and published checksum file rpm.sha512 in the current Terminal directory, run the following command in Terminal:
$ shasum -a 512 -c elasticsearch-7.13.2-x86_64.rpm.sha512
If the SHA checksum matches, you will get an OK along with the Elasticsearch filename in the output. Otherwise, a failed message will be displayed.
Step 2: Installing Elasticsearch
The downloaded Elasticsearch package is in .rpm format. This can be installed using the RPM package manager.
Use the below command to install Elasticsearch on your system:
$ sudo rpm --install elasticsearch-7.13.2-x86_64.rpm
Make sure to replace elasticsearch-7.13.2-x86_64.rpm with your Elasticsearch package name if you have downloaded any other version.
After running the installation command, you will see something similar to the result below:
After the installation is completed, you will need to start and enable the Elasticsearch service using the commands below:
$ sudo systemctl start elasticsearch.service
$ sudo systemctl enable elasticsearch.service
Now check the status of the service:
$ sudo systemctl status elasticsearch.service
The output below verifies that the Elasticsearch is running fine.
Step 3: Configuring Elasticsearch
Elasticsearch is by default set up to listen just on the localhost. If you want to connect Elasticsearch from any other host, you will need to configure the Elasticsearch and your firewall.
First, you will need to configure Elasticsearch to listen on any other network interfaces. To do so, edit the elasticsearch.yml file.
$ sudo nano /etc/elasticsearch/elasticsearch.yml
In the file, search and uncomment the line network.host:. Then change the IP address with your network interface name.
Also, add your IP address in the discovery.seed_hosts variable by uncommenting it first.
discovery.seed_hosts: ["localhost", "192.168.72.192"]
There are other two variables that you might also want to change: node.name and cluster.name. The node specified by the node.name is an instance of Elasticsearch whereas cluster defined by the cluster.name is a collection of one or more nodes.
To change the names of the node and cluster, search for node.name and cluster.name in the file. Then uncomment and rename them.
cluster.name: test-cluster node.name: test-node
Now save the elasticsearch.yml file and restart the Elasticsearch service:
$ sudo service elasticsearch restart
Now you will need to add a firewall rule to allow access from any other trusted host (Let’s say 192.168.72.200 in our case) to TCP port 9200:
$ sudo firewall-cmd --permanent --add-source=192.168.72.200 $ sudo firewall-cmd --permanent --add-port=9200/tcp
Make sure to replace 192.168.72.200 with the IP address of your trusted host.
Then reload firewall:
$ sudo firewall-cmd --reload
Step 4: Testing Elasticsearch
By default, Elasticsearch listens for HTTP traffic on port 9200 on localhost or on a different interface address if you have configured it.
To verify it, send a GET request to port 9200 on localhost or on the configured IP address using the command below in the Terminal:
$ curl -X GET “http://localhost:9200”
$ curl -X GET “http://<ip-address>:9200”
You should see the following output:
In this post, we covered the installation and basic configuration of Elasticsearch on the CentOS system. For how to use Elasticsearch, visit the Quick start guide available on its website.
Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications including CCNA RS, SCP, and ACE. As an IT engineer and technical author, he writes for various websites.