How to install Elasticsearch on Linux, MacOS and Windows
Related Tags:1.Understanding CPU Interrupts in Linux
2. Apache Performance Tuning on Linux
In today's article, I want to introduce how to install Elasticsearch on Linux and MacOS . The installation of Elasticsearch is very straight forward. In today's article, we introduce how to install Elasticsearch directly from a compiled archive (.tar.gz). If you want to have a general understanding of Elasticsearch, please refer to my article " Introduction to Elasticsearch "
This package is free to use under the Elastic license. It contains open source and free commercial features as well as paid commercial features. Start a 30-day trial to try all paid commercial features. For information on flexible license levels, see the Subscriptions page.
can be found on the Download Elasticsearch page. Other versions can be found on the " Version History " page.
OpenJDK from the JDK maintainers (GPLv2 + CE) . To use your own version of Java, see JVM version requirements . If you want to learn how to install JAVA on Ubuntu/Linux, please refer to my article " How to Install Java on Ubuntu ". The Java version cannot be lower than 1.7_55. Since Elastic 7.0, we can not install JAVA. The installation package contains a matching JAVA version in it.
In the following installation, we take 7.3.0 as an example to install. In an actual installation, you can replace 7.3.0 on the command line with the latest release version number, such as 7.5.1. If you want to download the version you want directly from the website, you can download it directly at Past Releases of Elastic Stack Software | Elastic .
The Linux archive for Elasticsearch v7.3.0 can be downloaded and installed as follows:
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.0-linux-x86_64.tar.gz
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.0-linux-x86_64.tar.gz.sha512
$ shasum -a 512 -c elasticsearch-7.3.0-linux-x86_64.tar.gz.sha512
$ tar -xzf elasticsearch-7.3.0-linux-x86_64.tar.gz
$ cd elasticsearch-7.3.0/
On the third line above, compare the SHA of the downloaded .tar.gz archive with the published checksum, which should output elasticsearch-{version}-linux-x86_64.tar.gz: OK. This is to verify that the downloaded file is correct.
The directory where the last line above is located represents $ES_HOME. In the following representation we use it to represent our installation directory.
Alternatively, you can download the following package, which contains only Apache 2.0 licensed code: https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-7.3.0-linux-x86_64.tar.gz
For the installation of the DEB package, see another article " Elasticsearch: Installing Elasticsearch with Debian Packages ".
Elasticsearch uses the mmapfs directory by default to store its indexes. The default operating system's limit on mmap counts may be too low, which may result in out of memory exceptions.
On Linux, you can increase the limit by running the following command as root:
sysctl -w vm.max_map_count=262144
To set this value permanently, update the vm.max_map_count setting in /etc/sysctl.conf. Once configured, we can use the following command to make it work:
sysctl -p
To verify after reboot, run
sysctl vm.max_map_count
RPM and Debian packages will automatically configure this setting. No further configuration is required.
You can also directly use DEB and RPM packages to install directly.
Note: Since Elasticsearch iterates faster, you can download the latest version and install it. The latest version can be found at: Download Elasticsearch Free | Get Started Now | Elastic | Elastic
The MacOS archive for Elasticsearch v7.3.0 can be downloaded and installed as follows:
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.0-darwin-x86_64.tar.gz
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.0-darwin-x86_64.tar.gz.sha512
$ shasum -a 512 -c elasticsearch-7.3.0-darwin-x86_64.tar.gz.sha512
$ tar -xzf elasticsearch-7.3.0-darwin-x86_64.tar.gz
$ cd elasticsearch-7.3.0/
On the third line above, compare the SHA of the downloaded .tar.gz archive with the published checksum, which should output elasticsearch-{version}-linux-x86_64.tar.gz: OK. This is to verify that the downloaded file is correct.
The directory where the last line above is located represents $ES_HOME. In the following representation we use it to represent our installation directory.
Alternatively, you can download the following package, which contains only Apache 2.0 licensed code: https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-7.3.0-linux-x86_64.tar.gz
Download the .zip archive of Elasticsearch v7.3.1 from:
https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.1-windows-x86_64.zip
Alternatively, you can download the following packages, which contain only the functionality available under the Apache 2.0 license:
Elasticsearch can be started from the command line as follows:
./bin/elasticsearch
By default, Elasticsearch runs in the foreground, prints its logs to STDOUT, and can be stopped by pressing Ctrl-C.
There are two important configuration options
elasticsearch.yml (the file is located in the config subdirectory of the installation directory): path.data: /data/elasticsearch
jvm.options: -Xms512m, configure the memory size of the JVM
If you want your Elasticsearch to bind to all network interfaces on your computer, not just localhost, then you need to modify the following settings in the config/elasticsearch.yml file:
network.host: 0.0.0.0
discovery.type: single-node
By setting network.host to 0.0.0.0, it indicates that Elasticsearch can bind to any IP address of the computer. You can use the private address http://:9200 to access. Of course you can access it via http://localhost:9200. Above, we set discovery.type to single-node, which indicates a single-node cluster. If you don't set this, then your single node cluster may fail to start.
We can configure these two options on the command line as follows:
$ ./bin/elasticsearch -E path.data=/data/elasticsearch
or:
$ ES_JAVA_OPTS="-Xms512m" ./bin/elasticsearch
or
$ ES_JAVA_OPTS="-Xms512m -Xmx512m" ./bin/elasticsearch
We can also use the following method to override the default node name elasticsearch:
$ ./bin/elasticsearch -E node.name=mynodename
This is very useful for us to start two or more different nodes for replica deployment testing.
Some commercial functions automatically create system indexes in Elasticsearch. By default, Elasticsearch is configured to allow automatic index creation and no additional steps are required. However, if automatic index creation is disabled in Elasticsearch, action.auto_create_index must be configured in elasticsearch.yml to allow business functions to create the following indexes:
action.auto_create_index: .monitoring*,.watches,.triggered_watches,.watcher-history*,.ml*
important hint:
If you are using Logstash or Beats, you will most likely need a different index name in the action.auto_create_index setting, depending on your local configuration. If you're not sure about the correct value for your environment, consider setting the value to *, which will allow all indexes to be created automatically.
If you want to install via docker, please refer to my document " Elastic: Deploying the Elastic Stack with Docker ". Through the use of docker-compose, we can install multiple software in the Elastic stack at one time.
For Docker installation, you can follow my other article " Elasticsearch: Install Elasticsearch from scratch and load a CSV with Python and read and write it " to deploy your Elasticsearch and Kibana.
Elasticsearch can be started from the command line as follows:
./bin/elasticsearch
By default, Elasticsearch runs in the foreground, prints its logs to stdout, and can be stopped by pressing Ctrl-C.
Note: All scripts packaged with Elasticsearch require a version of Bash that supports arrays and assumes that Bash is available in /bin/bash. Therefore, Bash should be available at this path either directly or via a symlink.
You can test that your Elasticsearch node is running by sending an HTTP request to port 9200 on localhost:
GET /
Log printing to stdout can be disabled using the -q or --quiet option on the command line.
In addition to using the browser to check whether our Elasticsearch is running correctly, we can also run it through the following command line:
curl 'http://localhost:9200/?pretty'
From the above we can see that by default we have created a cluster named "elasticsearch".
If you have created secure access for your cluster, you can run the above curl command as follows:
curl -XGET "http://elastic:password@localhost:9200/"
or:
curl -u elastic:password -XGET "http://localhost:9200/"
The elastic and password here are the username and password for accessing Elasticsearch, respectively. For how to configure security, read my article " Setting up Elastic Account Security ".
For developers familiar with Postman , we can easily use Postman and Elasticsearch together. It's a great debugging tool:
We can use Postman tool without Kibana. If you're interested in this, you can read my article " Elastic: Accessing the Elastic Stack with Postman ".
To run Elasticsearch as a daemon, specify -d on the command line and use the -p option to record the process ID in a file:
./bin/elasticsearch -d -p pid
The above command stores the running process in a file called pid, in order to facilitate the following termination. On top of that Elasticsearch runs in the background (daemon). Log messages can be found in the $ES_HOME/logs/ directory.
To shut down Elasticsearch, kill the process ID recorded in the pid file:
$ pkill -F pid
Or use the following command to terminate its operation:
$ kill `cat pid`
We can also check the operation of Elasticsearch through the following jps (Java Virtual Machine Process Status Tool):
jps | grep Elasticsearch
The above will display the process ID of the current Elasticsearch running:
We can stop Elasticsearch running with the following command:
kill -9 6253
The startup scripts provided in the RPM and Debian packages are responsible for starting and stopping the Elasticsearch process for you.
Check the log file to make sure the process is closed. You will see the text Native controller process stopped, stopped, closed, closed near the end of the file:
$ pwd
/Users/liuxg/elastic/elasticsearch-7.3.0/logs
(base) liuxg:logs liuxg$ ls *.log
elasticsearch.log
elasticsearch_deprecation.log
elasticsearch_index_indexing_slowlog.log
elasticsearch_index_search_slowlog.log
gc.log
Above, I can see that there is a file called elasticsearch.log. We can view Elasticsearch logs with the following command (run in the Elasticsearch installation directory):
tail logs/elasticsearch.log
By default, Elasticsearch loads its configuration from the $ES_HOME/config/elasticsearch.yml file. The format of this configuration file is described in Configuring Elasticsearch.
Any setting that can be specified in a configuration file can also be specified on the command line using the -E syntax, as follows:
./bin/elasticsearch -d -Ecluster.name=my_cluster -Enode.name=node_1
This situation is particularly suitable for running multiple instances of Elasticsearch on the same Elasticsearch installation, so that we can easily set up replicas.
We can also configure the value of http.host as follows:
./bin/elasticsearch -d -Ecluster.name=my_cluster -Enode.name=node_1 -E http.host="localhost","mac"
The above command can also be expressed in the following way:
./bin/elasticsearch -d -E cluster.name=my_cluster -E node.name=node_1 -E http.host="localhost","mac"
Note the extra space between -E and the argument.
Note that both Mac and localhost above are pingable addresses.
You can specify its address on your computer through the /etc/hosts file. This way our Elasticsearch will be accessed by http://localhost:9200 and http://mac:9200.
Tip: In general, any cluster-wide settings (such as cluster.name) should be added to the elasticsearch.yml configuration file, while any node-specific settings (such as node.name) can be specified on the command line.
Archive distribution is completely self-contained. By default, all files and directories are included in $ES_HOME - the directory created when the archive is unpacked.
This is very convenient because you don't have to create any directories to start using Elasticsearch, and uninstalling Elasticsearch is as easy as deleting the $ES_HOME directory. However, it is recommended to change the default locations of the config directory, data directory and logs directory so that important data is not deleted later.
Set up a secure account
If we're deploying, we don't want our deployment to be available to everyone. We only want access to users with accounts, so we can set up security for our Elastic. This requires the use of x-pack related functions. Please refer to my other article " Elasticsearch: Setting up Elastic Account Security " for specific installation.
Next step
You have now set up a test Elasticsearch environment. Before you can start serious development or go into production with Elasticsearch, you must do some additional setup:
Learn how to configure Elasticsearch.
Configure important Elasticsearch settings.
Configure important system settings.
We can install Kibana next. Kibana has a web interface. It helps us display and analyze our data. At the same time, it can also help us easily enter our data into the database in Elasticsearch through the user interface. See the article:
How to Install Kibana in Elastic Stack on Linux, MacOS and Windows
Getting started with Elasticsearch (1)
Elastic: How to simulate multiple nodes simultaneously on one machine
If you want to deploy an Elastic cluster on the cloud, then you can read my two articles:
Elastic:: Deploy Elastic Cluster on Elastic Cloud in 3 Minutes
Elastic: How to Build an Elastic Cluster on Alibaba Cloud
2. Apache Performance Tuning on Linux
In today's article, I want to introduce how to install Elasticsearch on Linux and MacOS . The installation of Elasticsearch is very straight forward. In today's article, we introduce how to install Elasticsearch directly from a compiled archive (.tar.gz). If you want to have a general understanding of Elasticsearch, please refer to my article " Introduction to Elasticsearch "
This package is free to use under the Elastic license. It contains open source and free commercial features as well as paid commercial features. Start a 30-day trial to try all paid commercial features. For information on flexible license levels, see the Subscriptions page.
can be found on the Download Elasticsearch page. Other versions can be found on the " Version History " page.
OpenJDK from the JDK maintainers (GPLv2 + CE) . To use your own version of Java, see JVM version requirements . If you want to learn how to install JAVA on Ubuntu/Linux, please refer to my article " How to Install Java on Ubuntu ". The Java version cannot be lower than 1.7_55. Since Elastic 7.0, we can not install JAVA. The installation package contains a matching JAVA version in it.
Download and install the Linux archive
In the following installation, we take 7.3.0 as an example to install. In an actual installation, you can replace 7.3.0 on the command line with the latest release version number, such as 7.5.1. If you want to download the version you want directly from the website, you can download it directly at Past Releases of Elastic Stack Software | Elastic .
The Linux archive for Elasticsearch v7.3.0 can be downloaded and installed as follows:
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.0-linux-x86_64.tar.gz
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.0-linux-x86_64.tar.gz.sha512
$ shasum -a 512 -c elasticsearch-7.3.0-linux-x86_64.tar.gz.sha512
$ tar -xzf elasticsearch-7.3.0-linux-x86_64.tar.gz
$ cd elasticsearch-7.3.0/
On the third line above, compare the SHA of the downloaded .tar.gz archive with the published checksum, which should output elasticsearch-{version}-linux-x86_64.tar.gz: OK. This is to verify that the downloaded file is correct.
The directory where the last line above is located represents $ES_HOME. In the following representation we use it to represent our installation directory.
Alternatively, you can download the following package, which contains only Apache 2.0 licensed code: https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-7.3.0-linux-x86_64.tar.gz
For the installation of the DEB package, see another article " Elasticsearch: Installing Elasticsearch with Debian Packages ".
Virtual memory
Elasticsearch uses the mmapfs directory by default to store its indexes. The default operating system's limit on mmap counts may be too low, which may result in out of memory exceptions.
On Linux, you can increase the limit by running the following command as root:
sysctl -w vm.max_map_count=262144
To set this value permanently, update the vm.max_map_count setting in /etc/sysctl.conf. Once configured, we can use the following command to make it work:
sysctl -p
To verify after reboot, run
sysctl vm.max_map_count
RPM and Debian packages will automatically configure this setting. No further configuration is required.
You can also directly use DEB and RPM packages to install directly.
Note: Since Elasticsearch iterates faster, you can download the latest version and install it. The latest version can be found at: Download Elasticsearch Free | Get Started Now | Elastic | Elastic
Download and install the archive for MacOS
The MacOS archive for Elasticsearch v7.3.0 can be downloaded and installed as follows:
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.0-darwin-x86_64.tar.gz
$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.0-darwin-x86_64.tar.gz.sha512
$ shasum -a 512 -c elasticsearch-7.3.0-darwin-x86_64.tar.gz.sha512
$ tar -xzf elasticsearch-7.3.0-darwin-x86_64.tar.gz
$ cd elasticsearch-7.3.0/
On the third line above, compare the SHA of the downloaded .tar.gz archive with the published checksum, which should output elasticsearch-{version}-linux-x86_64.tar.gz: OK. This is to verify that the downloaded file is correct.
The directory where the last line above is located represents $ES_HOME. In the following representation we use it to represent our installation directory.
Alternatively, you can download the following package, which contains only Apache 2.0 licensed code: https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-oss-7.3.0-linux-x86_64.tar.gz
Download and install the Windows .zip file
Download the .zip archive of Elasticsearch v7.3.1 from:
https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.3.1-windows-x86_64.zip
Alternatively, you can download the following packages, which contain only the functionality available under the Apache 2.0 license:
Running Elasticsearch from the command line
Elasticsearch can be started from the command line as follows:
./bin/elasticsearch
By default, Elasticsearch runs in the foreground, prints its logs to STDOUT, and can be stopped by pressing Ctrl-C.
There are two important configuration options
elasticsearch.yml (the file is located in the config subdirectory of the installation directory): path.data: /data/elasticsearch
jvm.options: -Xms512m, configure the memory size of the JVM
If you want your Elasticsearch to bind to all network interfaces on your computer, not just localhost, then you need to modify the following settings in the config/elasticsearch.yml file:
network.host: 0.0.0.0
discovery.type: single-node
By setting network.host to 0.0.0.0, it indicates that Elasticsearch can bind to any IP address of the computer. You can use the private address http://:9200 to access. Of course you can access it via http://localhost:9200. Above, we set discovery.type to single-node, which indicates a single-node cluster. If you don't set this, then your single node cluster may fail to start.
We can configure these two options on the command line as follows:
$ ./bin/elasticsearch -E path.data=/data/elasticsearch
or:
$ ES_JAVA_OPTS="-Xms512m" ./bin/elasticsearch
or
$ ES_JAVA_OPTS="-Xms512m -Xmx512m" ./bin/elasticsearch
We can also use the following method to override the default node name elasticsearch:
$ ./bin/elasticsearch -E node.name=mynodename
This is very useful for us to start two or more different nodes for replica deployment testing.
Enable automatic creation of system indexes
Some commercial functions automatically create system indexes in Elasticsearch. By default, Elasticsearch is configured to allow automatic index creation and no additional steps are required. However, if automatic index creation is disabled in Elasticsearch, action.auto_create_index must be configured in elasticsearch.yml to allow business functions to create the following indexes:
action.auto_create_index: .monitoring*,.watches,.triggered_watches,.watcher-history*,.ml*
important hint:
If you are using Logstash or Beats, you will most likely need a different index name in the action.auto_create_index setting, depending on your local configuration. If you're not sure about the correct value for your environment, consider setting the value to *, which will allow all indexes to be created automatically.
Docker installation
If you want to install via docker, please refer to my document " Elastic: Deploying the Elastic Stack with Docker ". Through the use of docker-compose, we can install multiple software in the Elastic stack at one time.
For Docker installation, you can follow my other article " Elasticsearch: Install Elasticsearch from scratch and load a CSV with Python and read and write it " to deploy your Elasticsearch and Kibana.
Running Elasticsearch from the command line
Elasticsearch can be started from the command line as follows:
./bin/elasticsearch
By default, Elasticsearch runs in the foreground, prints its logs to stdout, and can be stopped by pressing Ctrl-C.
Note: All scripts packaged with Elasticsearch require a version of Bash that supports arrays and assumes that Bash is available in /bin/bash. Therefore, Bash should be available at this path either directly or via a symlink.
Check if Elasticsearch is running
You can test that your Elasticsearch node is running by sending an HTTP request to port 9200 on localhost:
GET /
Log printing to stdout can be disabled using the -q or --quiet option on the command line.
In addition to using the browser to check whether our Elasticsearch is running correctly, we can also run it through the following command line:
curl 'http://localhost:9200/?pretty'
From the above we can see that by default we have created a cluster named "elasticsearch".
If you have created secure access for your cluster, you can run the above curl command as follows:
curl -XGET "http://elastic:password@localhost:9200/"
or:
curl -u elastic:password -XGET "http://localhost:9200/"
The elastic and password here are the username and password for accessing Elasticsearch, respectively. For how to configure security, read my article " Setting up Elastic Account Security ".
For developers familiar with Postman , we can easily use Postman and Elasticsearch together. It's a great debugging tool:
We can use Postman tool without Kibana. If you're interested in this, you can read my article " Elastic: Accessing the Elastic Stack with Postman ".
run as a daemon
To run Elasticsearch as a daemon, specify -d on the command line and use the -p option to record the process ID in a file:
./bin/elasticsearch -d -p pid
The above command stores the running process in a file called pid, in order to facilitate the following termination. On top of that Elasticsearch runs in the background (daemon). Log messages can be found in the $ES_HOME/logs/ directory.
To shut down Elasticsearch, kill the process ID recorded in the pid file:
$ pkill -F pid
Or use the following command to terminate its operation:
$ kill `cat pid`
We can also check the operation of Elasticsearch through the following jps (Java Virtual Machine Process Status Tool):
jps | grep Elasticsearch
The above will display the process ID of the current Elasticsearch running:
We can stop Elasticsearch running with the following command:
kill -9 6253
The startup scripts provided in the RPM and Debian packages are responsible for starting and stopping the Elasticsearch process for you.
Check the log file to make sure the process is closed. You will see the text Native controller process stopped, stopped, closed, closed near the end of the file:
$ pwd
/Users/liuxg/elastic/elasticsearch-7.3.0/logs
(base) liuxg:logs liuxg$ ls *.log
elasticsearch.log
elasticsearch_deprecation.log
elasticsearch_index_indexing_slowlog.log
elasticsearch_index_search_slowlog.log
gc.log
Above, I can see that there is a file called elasticsearch.log. We can view Elasticsearch logs with the following command (run in the Elasticsearch installation directory):
tail logs/elasticsearch.log
Configure Elasticsearch on the command line
By default, Elasticsearch loads its configuration from the $ES_HOME/config/elasticsearch.yml file. The format of this configuration file is described in Configuring Elasticsearch.
Any setting that can be specified in a configuration file can also be specified on the command line using the -E syntax, as follows:
./bin/elasticsearch -d -Ecluster.name=my_cluster -Enode.name=node_1
This situation is particularly suitable for running multiple instances of Elasticsearch on the same Elasticsearch installation, so that we can easily set up replicas.
We can also configure the value of http.host as follows:
./bin/elasticsearch -d -Ecluster.name=my_cluster -Enode.name=node_1 -E http.host="localhost","mac"
The above command can also be expressed in the following way:
./bin/elasticsearch -d -E cluster.name=my_cluster -E node.name=node_1 -E http.host="localhost","mac"
Note the extra space between -E and the argument.
Note that both Mac and localhost above are pingable addresses.
You can specify its address on your computer through the /etc/hosts file. This way our Elasticsearch will be accessed by http://localhost:9200 and http://mac:9200.
Tip: In general, any cluster-wide settings (such as cluster.name) should be added to the elasticsearch.yml configuration file, while any node-specific settings (such as node.name) can be specified on the command line.
Installation file directory layout
Archive distribution is completely self-contained. By default, all files and directories are included in $ES_HOME - the directory created when the archive is unpacked.
This is very convenient because you don't have to create any directories to start using Elasticsearch, and uninstalling Elasticsearch is as easy as deleting the $ES_HOME directory. However, it is recommended to change the default locations of the config directory, data directory and logs directory so that important data is not deleted later.
Set up a secure account
If we're deploying, we don't want our deployment to be available to everyone. We only want access to users with accounts, so we can set up security for our Elastic. This requires the use of x-pack related functions. Please refer to my other article " Elasticsearch: Setting up Elastic Account Security " for specific installation.
Next step
You have now set up a test Elasticsearch environment. Before you can start serious development or go into production with Elasticsearch, you must do some additional setup:
Learn how to configure Elasticsearch.
Configure important Elasticsearch settings.
Configure important system settings.
We can install Kibana next. Kibana has a web interface. It helps us display and analyze our data. At the same time, it can also help us easily enter our data into the database in Elasticsearch through the user interface. See the article:
How to Install Kibana in Elastic Stack on Linux, MacOS and Windows
Getting started with Elasticsearch (1)
Elastic: How to simulate multiple nodes simultaneously on one machine
If you want to deploy an Elastic cluster on the cloud, then you can read my two articles:
Elastic:: Deploy Elastic Cluster on Elastic Cloud in 3 Minutes
Elastic: How to Build an Elastic Cluster on Alibaba Cloud
Related Articles
-
6 Optional Technologies for Data Storage
Knowledge Base Team
Explore More Special Offers
-
Short Message Service(SMS) & Mail Service
50,000 email package starts as low as USD 1.99, 120 short messages start at only USD 1.00