How to install Elasticsearch on Linux (AlmaLinux)

Installing Elasticsearch on AlmaLinux involves setting up a powerful search and analytics engine for managing and analyzing large datasets.

Users can quickly implement Elasticsearch on AlmaLinux by following simple installation steps and using its advanced characteristics, including reliability, flexibility, and real-time search capabilities.

Key takeaways

Reading this article will expand your knowledge in the following areas:

• Defining Elasticsearch as a technology.
• Installing Elasticsearch and all related software components.
• Using Elasticsearch for index and document management.
• Using Elasticsearch for cluster and node management.
• Updating Elasticsearch and all related software components.
• Uninstalling Elasticsearch.

What is Elasticsearch?

Elasticsearch is a Java-based distributed search and analytics engine built on Apache Lucene. It is crucial for search engines, log monitoring, data analysis, and applications requiring fast search functionalities. It efficiently handles large data volumes, provides real-time search results, supports complex queries, and offers advanced analytics features like aggregations, filtering, and geospatial search. Elasticsearch's strength lies in its ease of use, robustness, scalability, and extensive ecosystem, which integrates with tools like Kibana for data visualization and Logstash for data ingestion, making it an essential tool for managing and extracting insights from large datasets.

Install Elasticsearch and all related software components

To install Elasticsearch on Linux (AlmaLinux), use the guidelines in the next section of this article.

Prerequisites

• Operating System and Version: AlmaLinux OS 8.
• Minimum CPU: 2 CPU cores.
  • Recommended: 4 CPU cores.
• Minimum RAM: 4 GB RAM.
  • Recommended: 8 GB RAM.
• Minimum Disk Space: 20 GB available disk space.
  • Recommended: 50 GB.
• Ensure you have root or sudo access to install Elasticsearch.

Step #1. Update your AlmaLinux system

You should update the AlmaLinux system to install the most recent software before installing Elasticsearch. To upgrade the AlmaLinux system, execute the following command:

sudo dnf update

Step #2. Install Java

Elasticsearch requires Java. If Java is not already installed, use the following command to install it:

sudo dnf install java-11-openjdk-devel

2.1 Check the Java version

Once the installation has completed, check the Java version using the following command:

java -version

Here is the output:

]# java -version
openjdk version "11.0.22" 2024-01-16 LTS
OpenJDK Runtime Environment (Red_Hat-11.0.22.0.7-1) (build 11.0.22+7-LTS)
OpenJDK 64-Bit Server VM (Red_Hat-11.0.22.0.7-1) (build 11.0.22+7-LTS, mixed mode, sharing)<!-- wp:code -->
<pre class="wp-block-code"><code>]# java -version
openjdk version "11.0.22" 2024-01-16 LTS
OpenJDK Runtime Environment (Red_Hat-11.0.22.0.7-1) (build 11.0.22+7-LTS)
OpenJDK 64-Bit Server VM (Red_Hat-11.0.22.0.7-1) (build 11.0.22+7-LTS, mixed mode, sharing)</code></pre>
<!-- /wp:code -->

Step #3. Install Elasticsearch

Let's review what all is involved with the install process for Elasticsearch in the next sections.

3.1. Install the GPG key for the RPM packages

Before installing Elasticsearch, use the following command to install the GPG key for the RPM packages:

rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch

3.2. Create a file for the Elasticsearch yum repository

Next, create a file for the Elasticsearch yum repository:

nano /etc/yum.repos.d/elasticsearch.repo

Add the following lines:

[elasticsearch-7.x]
name=Elasticsearch repository for 7.x packages
baseurl=https://artifacts.elastic.co/packages/7.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md

3.3. Install the Elasticsearch package

Once complete, use the following command to install the Elasticsearch package:

sudo dnf install elasticsearch

Here is the output:

]# sudo dnf install elasticsearch
Elasticsearch repository for 7.x packages                                                                            60 MB/s |  58 MB     00:00
Last metadata expiration check: 0:00:18 ago on Sat 10 Feb 2024 07:23:07 AM UTC.
Dependencies resolved.
====================================================================================================================================================
 Package                              Architecture                  Version                          Repository                                Size
====================================================================================================================================================
Installing:
 elasticsearch                        x86_64                        7.17.18-1                        elasticsearch-7.x                        312 M

Transaction Summary
====================================================================================================================================================
Install  1 Package

Total download size: 312 M
Installed size: 520 M
Is this ok [y/N]: y
Downloading Packages:
elasticsearch-7.17.18-x86_64.rpm                                                                                     50 MB/s | 312 MB     00:06
----------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                50 MB/s | 312 MB     00:06
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                            1/1
  Running scriptlet: elasticsearch-7.17.18-1.x86_64                                                                                             1/1
Creating elasticsearch group... OK
Creating elasticsearch user... OK

  Installing       : elasticsearch-7.17.18-1.x86_64                                                                                             1/1
  Running scriptlet: elasticsearch-7.17.18-1.x86_64                                                                                             1/1

—-
—-

Created elasticsearch keystore in /etc/elasticsearch/elasticsearch.keystore

[/usr/lib/tmpfiles.d/elasticsearch.conf:1] Line references path below legacy directory /var/run/, updating /var/run/elasticsearch → /run/elasticsearch; please update the tmpfiles.d/ drop-in file accordingly.

  Verifying        : elasticsearch-7.17.18-1.x86_64                                                                                             1/1

Installed:
  elasticsearch-7.17.18-1.x86_64

Complete!

Step #4. Configure Elasticsearch

Once installation is completed, open the Elasticsearch configuration file /etc/elasticsearch/elasticsearch.yml and set the network host to localhost:

nano /etc/elasticsearch/elasticsearch.yml

Then, add the following lines:

cluster.name: es-almalinux
node.name: es-node
network.host: 127.0.0.1

You can provide the IP address instead of 127.0.0.1 if you want to select a specific address.

4.1. Reload the system configuration

To ensure that any recent changes are recognized and applied, reload the system configuration using the following command:

sudo systemctl daemon-reload

Step #5. Start the service and enable it

Elasticsearch service will not start automatically once the installation process is complete. To start the service and enable it, use the following commands:

sudo systemctl enable elasticsearch
sudo systemctl start elasticsearch

5.1. Check the status of Elasticsearch service

To check the status of the Elasticsearch service, use the following command:

sudo systemctl status elasticsearch

Here is the output:

]# sudo systemctl status elasticsearch
● elasticsearch.service - Elasticsearch
   Loaded: loaded (/usr/lib/systemd/system/elasticsearch.service; enabled; vendor preset: disabled)
   Active: active (running) since Sat 2024-02-10 07:26:52 UTC; 2min 25s ago
     Docs: https://www.elastic.co
 Main PID: 49624 (java)
    Tasks: 63 (limit: 11852)
   Memory: 1.3G
   CGroup: /system.slice/elasticsearch.service
           ├─49624 /usr/share/elasticsearch/jdk/bin/java -Xshare:auto -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -X>
           └─49821 /usr/share/elasticsearch/modules/x-pack-ml/platform/linux-x86_64/bin/controller

Step #6. Test Elasticsearch

By default, Elasticsearch is listening on port 9200. Use the following command to verify that Elasticsearch is working correctly on your AlmaLinux system:

curl -XGET "localhost:9200"

Here is the output:

]# curl -XGET "localhost:9200"
{
  "name" : "es-node",
  "cluster_name" : "es-almalinux",
  "cluster_uuid" : "NPr4CfoKQL6tHOKTeokyAA",
  "version" : {
    "number" : "7.17.18",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "8682172c2130b9a411b1bd5ff37c9792367de6b0",
    "build_date" : "2024-02-02T12:04:59.691750271Z",
    "build_snapshot" : false,
    "lucene_version" : "8.11.1",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

For more information about installing Elasticsearch on Ubuntu, see the How to Install and Configure Elasticsearch article in our knowledge base.

How to use Elasticsearch

Module #1. Index and document management

There are a set of features that you can use manage indexing and documents with regard to Elasticsearch. These features are covered in the following sections.

1.1. Create an index

To create an index, use this command:

curl -XPUT 'localhost:9200/sample_index'

An index is like a database in Elasticsearch. This command creates a new index named sample_index.

Here is the output:

]# curl -XPUT 'localhost:9200/sample_index'
{"acknowledged":true,"shards_acknowledged":true,"index":"sample_index"}

1.2. Index a document

To index a document, issue the following command:

curl -H 'Content-Type: application/json' -XPOST 'localhost:9200/sample_index/_doc/1' -d '{"title": "Sample Title", "content": "Sample Content"}'

Indexing involves adding data to Elasticsearch. This command indexes a sample document with an ID of 1 in the sample_index index.

Here is the output:

]# curl -H 'Content-Type: application/json' -XPOST 'localhost:9200/sample_index/_doc/1' -d '{"title": "Sample Title", "content": "Sample Content"}'
{"_index":"sample_index","_type":"_doc","_id":"1","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":0,"_primary_term":1}

1.3. Get document by ID

Next, you will get the document using the ID number:

curl -XGET 'localhost:9200/sample_index/_doc/1'

This command retrieves the document with ID of 1 from the sample_index index.

Here is the output:

]# curl -XGET 'localhost:9200/sample_index/_doc/1'
{"_index":"sample_index","_type":"_doc","_id":"1","_version":1,"_seq_no":0,"_primary_term":1,"found":true,"_source":{"title": "Sample Title", "content": "Sample Content"}}

1.4. Search documents

This command searches for documents in the sample_index index where the title field contains the "Sample" text string.

curl -XGET 'localhost:9200/sample_index/_search?q=title:Sample'

Here is the output:

]# curl -XGET 'localhost:9200/sample_index/_search?q=title:Sample'
{"took":746,"timed_out":false,"_shards":{"total":1,"successful":1,"skipped":0,"failed":0},"hits":{"total":{"value":1,"relation":"eq"},"max_score":0.2876821,"hits":[{"_index":"sample_index","_type":"_doc","_id":"1","_score":0.2876821,"_source":{"title": "Sample Title", "content": "Sample Content"}}]}}

1.5. Delete index

This command deletes the sample_index index:

curl -XDELETE 'localhost:9200/sample_index'

Here is the output:

]# curl -XDELETE 'localhost:9200/sample_index'
{"acknowledged":true}

Module #2. Cluster and node management

For cluster and node management, Elasticsearch provides the functionality documented in the next sections.

2.1. Check cluster health

To check the status of the cluster, run this command:

curl -XGET 'localhost:9200/_cluster/health'

This command checks the health of the Elasticsearch cluster.

Here is the output:

]# curl -XGET 'localhost:9200/_cluster/health'
{"cluster_name":"es-almalinux","status":"green","timed_out":false,"number_of_nodes":1,"number_of_data_nodes":1,"active_primary_shards":3,"active_shards":3,"relocating_shards":0,"initializing_shards":0,"unassigned_shards":0,"delayed_unassigned_shards":0,"number_of_pending_tasks":0,"number_of_in_flight_fetch":0,"task_max_waiting_in_queue_millis":0,"active_shards_percent_as_number":100.0}

2.2. List all indices

This command lists all indices in Elasticsearch:

curl -XGET 'localhost:9200/_cat/indices'

Here is the output:

]# curl -XGET 'localhost:9200/_cat/indices'
green open .geoip_databases kll0aU0PSPSXTDpGPHkh7Q 1 0 41 0 38.3mb 38.3mb

2.3. Get node information

This command provides information about the Elasticsearch nodes:

curl -XGET 'localhost:9200/_cat/nodes?v'

Here is the output:

]# curl -XGET 'localhost:9200/_cat/nodes?v'
ip        heap.percent ram.percent cpu load_1m load_5m load_15m node.role   master name
127.0.0.1           54          96   2    0.00    0.01     0.07 cdfhilmrstw *      es-node

To learn more about Elasticsearch commands, see the article How to employ basic Elasticsearch commands.

How to update Elasticsearch and all related software components

To update Elasticsearch and its components, please follow the steps provided.

Step #1. Check current version

To check the currently installed version of Elasticsearch, type the following command:

sudo dnf list installed elasticsearch

Here is the output:

]# sudo dnf list installed elasticsearch
Installed Packages
elasticsearch.x86_64                                                  7.17.18-1                                                   @elasticsearch-7.x

Step #2. Back up you data

It's recommended to back up your Elasticsearch data if it is important before updating.

Step #3. Update Elasticsearch repository

To update the Elasticsearch repository so that it will use the latest version, issue the following command:

sudo dnf makecache

Here is the output:

]# sudo dnf makecache
AlmaLinux 8 - BaseOS                                                                                                 39 kB/s | 3.8 kB     00:00
AlmaLinux 8 - AppStream                                                                                              49 kB/s | 4.1 kB     00:00
AlmaLinux 8 - Extras                                                                                                 46 kB/s | 3.8 kB     00:00
Elasticsearch repository for 7.x packages                                                                            28 kB/s | 1.3 kB     00:00
Metadata cache created.

Step #4. Upgrade Elasticsearch

To upgrade Elasticsearch to the newest version, use the following command:

sudo dnf upgrade elasticsearch

Step #5. Restart Elasticsearch

After the update, restart Elasticsearch using the following command to apply the changes:

sudo systemctl restart elasticsearch

Step #6. Verify the success of the update

To verify that the update was successful and the new version is running, use the following command:

curl -XGET 'localhost:9200'

Uninstall Elasticsearch and all related software components

To uninstall Elasticsearch, you can use the steps given in the following sections.

Step #1. Stop Elasticsearch

Before uninstalling, stop the Elasticsearch service using the following command:

sudo systemctl stop elasticsearch

Step #2. Remove the Elasticsearch package

To remove the Elasticsearch package, use the following command:

sudo dnf remove elasticsearch

Step #3. Remove Configuration Files

To remove Elasticsearch configuration files, use the following command:

sudo rm -rf /etc/elasticsearch

Warning: Exercise extreme caution when executing rm -rf command to remove Elasticsearch configuration files, data, and logs, as improper usage may permanently lose critical system information and potentially damage your system. One errant space changes the command drastically.

Step #4. Remove data and logs

To remove Elasticsearch data and logs, use the following commands:

sudo rm -rf /var/lib/elasticsearch/
sudo rm -rf /var/log/elasticsearch/

Step #5. Clean up

To clean up any residual configuration or data files, use the following command:

sudo dnf autoremove

Step #6. Verify the successful uninstallation

To verify that Elasticsearch has been uninstalled, enter the following command:

curl -XGET 'localhost:9200'

This step should return a connection error if Elasticsearch is no longer installed.

Unlocking the full potential of Elasticsearch on AlmaLinux with Liquid Web

The easy installation of Elasticsearch on AlmaLinux provides robust data management and search features. After successfully configuring Elasticsearch, users may quickly index, search, and analyze large volumes of data. Elasticsearch on AlmaLinux offers a solid basis for a wide range of applications, whether for boosting business intelligence, optimizing website search capabilities, or for advanced data analysis. Those following this article's guidelines can confidently utilize Elasticsearch, knowing they have the skills and resources to use this powerful search engine fully.

Liquid Web's hosting solutions are recommended for those planning to install Elasticsearch on AlmaLinux to enhance data management and search capabilities. These solutions offer unmatched performance, scalability, and dependability, ensuring optimal performance from your Elasticsearch installation. Liquid Web servers are designed to work with Elasticsearch, providing resources and flexibility to optimize your data architecture. Liquid Web offers 24/7 support and can help you upgrade your Elasticsearch experience.