This document describes how to install Elasticsearch 7.9.2 on Ubuntu operating system. It is recommended that Ubuntu 22.04 LTS Live Server to be used.


Before Starting the Installation

Important for Installation

In order for the installation to be healthy, Apinizer Kubernetes servers must access the following addresses.


To install Elasticsearch:

https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.9.2-linux-x86_64.tar.gz

Important

While updating the packages, Ubuntu tries to pull from the server located in Turkey. However, from time to time, there may be a problem at tr.archive.ubuntu.com. In this case, you need to make the following change.

sudo vi /etc/apt/sources.list

#Replace all addresses starting with .tr with "Replace All".

#Example: 

Old: http://tr.archive.ubuntu.com/ubuntu

New: http://archive.ubuntu.com/ubuntu

#1) Operating System Configurations (All Servers)



# Elasticsearch user is created and authorized
sudo adduser elasticsearch
sudo usermod -aG sudo elasticsearch

# Transactions are continued by switching to the user
sudo su - elasticsearch

# It is recommended that the following tools be installed on all servers 
sudo apt update
sudo apt install -y curl wget net-tools gnupg2 software-properties-common apt-transport-https ca-certificates

# The firewall is turned off.
sudo systemctl stop ufw
sudo systemctl disable ufw

# Swap is turned off and the swap line in the /etc/fstab file is commented out to prevent it from restarting
sudo swapoff -a
sudo vi /etc/fstab
# Then the file is closed (:wq)
POWERSHELL


#2) Installation of Elasticsearch


#2.1) Operating System Configuration and Installation of Elasticsearch Application (On All Elasticsearch Servers)


sudo vi /etc/security/limits.conf
elasticsearch  -  nofile  65535
elasticsearch soft memlock unlimited
elasticsearch hard memlock unlimited
 
sudo sysctl -w vm.swappiness=1
sudo sysctl -w vm.max_map_count=262144
 
sudo vi /etc/sysctl.conf
vm.max_map_count=262144 elasticsearch
  
sudo sysctl -p
sudo sysctl vm.max_map_count
BASH

#2.2) Elasticsearch Installation (On All Elasticsearch Servers)

sudo mkdir /opt/elasticsearch
cd /opt/elasticsearch
sudo wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.9.2-linux-x86_64.tar.gz
sudo tar -xzf elasticsearch-7.9.2-linux-x86_64.tar.gz
 
sudo chown -Rf elasticsearch:elasticsearch /opt/elasticsearch
sudo chmod -Rf 775 /opt/elasticsearch
 
##At this point, pay attention to where the appropriate disk is mounted or tell the system administrators to add the disk to the following path
#The commands below can be used for this purpose
df -h
lsblk
 
sudo mkdir /mnt/elastic-data/
sudo mkdir /mnt/elastic-snapdata/
 
sudo chown -Rf elasticsearch:elasticsearch /mnt/elastic-*
sudo chmod -Rf 775 /mnt/elastic-*
BASH

#2.3) Setting Elasticsearch Parameters According to the Environment (On All Elasticsearch Servers)

The following parameters must be adjusted and added according to your environment.

  • cluster.initial_master_nodes
  • network.host
  • node.name



sudo vi /opt/elasticsearch/elasticsearch-7.9.2/config/elasticsearch.yml
BASH

Important

Here, the path.data address should be given as the address of the disk in the system where your log file is added.

cluster.name: ApinizerEsCluster

node.name: "<ELASTICSEARCH_IP_ADDRESS>"
node.master: true
node.data: true

network.host: <ELASTICSEARCH_IP_ADDRESS>
http.port: 9200
  
cluster.initial_master_nodes: ["<ELASTICSEARCH_IP_ADDRESS>"]
  
discovery.seed_hosts: []
path.data: /mnt/elastic-data/
path.repo: ["/mnt/elastic-snapdata"]
  
bootstrap.memory_lock: true
  
http.cors.enabled : true
http.cors.allow-origin : "*"
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : X-Requested-With,X-Auth-Token,Content-Type, Content-Length
YML


You can set the JVM (Java Virtual Machine) values and other JVM parameters used by Elasticsearch as follows.

sudo vi /opt/elasticsearch/elasticsearch-7.9.2/config/jvm.options
BASH

Important

Here, it can be up to half of the amount of RAM the operating system has and this value should not exceed 32GB

-Xms8g
-Xmx8g
YML


#2.4) Setting Elasticsearch as Linux Service (On All Elasticsearch Servers)


sudo vi /opt/elasticsearch/elasticsearch-7.9.2/bin/elasticsearch-service.sh
BASH 
#!/bin/sh
SERVICE_NAME=elasticsearch
PATH_TO_APP="/opt/elasticsearch/elasticsearch-7.9.2/bin/$SERVICE_NAME"
PID_PATH_NAME="/opt/elasticsearch/elasticsearch-7.9.2/bin/$SERVICE_NAME.pid"
SCRIPTNAME=elasticsearch-service.sh
ES_USER=$SERVICE_NAME
ES_GROUP=$SERVICE_NAME
 
case $1 in
    start)
        echo "Starting $SERVICE_NAME ..."
        if [ ! -f $PID_PATH_NAME ]; then
        mkdir $(dirname $PID_PATH_NAME) > /dev/null 2>&1 || true
            chown $ES_USER $(dirname $PID_PATH_NAME)
            $SUDO $PATH_TO_APP -d -p $PID_PATH_NAME
        echo "Return code: $?"
            echo "$SERVICE_NAME started ..."
        else
            echo "$SERVICE_NAME is already running ..."
        fi
    ;;
    stop)
        if [ -f $PID_PATH_NAME ]; then
            PID=$(cat $PID_PATH_NAME);
            echo "$SERVICE_NAME stopping ..."
            kill -15 $PID;
            echo "$SERVICE_NAME stopped ..."
            rm $PID_PATH_NAME
        else
            echo "$SERVICE_NAME is not running ..."
        fi
    ;;
    restart)
        if [ -f $PID_PATH_NAME ]; then
            PID=$(cat $PID_PATH_NAME);
            echo "$SERVICE_NAME stopping ...";
            kill -15 $PID;
        sleep 1;
            echo "$SERVICE_NAME stopped ...";
            rm -rf $PID_PATH_NAME
            echo "$SERVICE_NAME starting ..."
            mkdir $(dirname $PID_PATH_NAME) > /dev/null 2>&1 || true
            chown $ES_USER $(dirname $PID_PATH_NAME)
            $SUDO $PATH_TO_APP -d -p $PID_PATH_NAME
            echo "$SERVICE_NAME started ..."
         else
            echo "$SERVICE_NAME is not running ..."
        fi
    ;;
  *)
    echo "Usage: $SCRIPTNAME {start|stop|restart}" >&2
    exit 3
    ;;
esac
BASH 
sudo chmod -Rf 775 /opt/elasticsearch/elasticsearch-7.9.2/*

sudo vi /etc/systemd/system/elasticsearch.service
BASH 
[Unit]
Description=ElasticSearch Server
After=network.target
After=syslog.target

[Install]
WantedBy=multi-user.target

[Service]
Type=forking
ExecStart=/opt/elasticsearch/elasticsearch-7.9.2/bin/elasticsearch-service.sh start
ExecStop=/opt/elasticsearch/elasticsearch-7.9.2/bin/elasticsearch-service.sh stop
ExecReload=/opt/elasticsearch/elasticsearch-7.9.2/bin/elasticsearch-service.sh restart
LimitNOFILE=65536
LimitMEMLOCK=infinity
User=elasticsearch
BASH 
sudo systemctl daemon-reload

sudo systemctl start elasticsearch
sudo systemctl status elasticsearch
sudo systemctl enable elasticsearch
BASH

You can use the following link for a compatible Kibana version.

https://www.elastic.co/downloads/past-releases/kibana-oss-7-9-2
POWERSHELL