====== Install Elastic Search ======

First, make sure that all of the latest patches are installed.

<code bash>
sudo apt update
sudo apt dist-upgrade
sudo reboot
</code>


Configure Firewall:<code bash>
sudo ufw allow ssh
sudo ufw allow 9200/tcp
sudo ufw allow 9300/tcp
sudo ufw enable
</code>

Install [[linux:install:java]]

Add the Elastic Search Key and Software:<code bash>
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

VERSION=7
CLUSTERNAME=escluster-1

cat > /tmp/elastic-$VERSION.x.list << EOF
deb https://artifacts.elastic.co/packages/$VERSION.x/apt stable main
EOF

sudo mv /tmp/elastic-$VERSION.x.list /etc/apt/sources.list.d/

sudo apt update

sudo apt install -y elasticsearch=$VERSION.\*

# If some software requires a specific version of elasticsearch, hold the package from upgrades:
sudo apt-mark hold elasticsearch
</code>

Configure the ElasticSearch configuration:<code bash>
sudo sed -i "s/#cluster.name: my-application/cluster.name: $CLUSTERNAME/g"  /etc/elasticsearch/elasticsearch.yml
sudo sed -i "s/#node.name: node-1/node.name: $CLUSTERNAME-1/g"  /etc/elasticsearch/elasticsearch.yml
sudo sed -i "s/#network.host: 192.168.0.1/network.host: [_eth0_, _local_]/g"  /etc/elasticsearch/elasticsearch.yml
sudo sed -i "s/#cluster.initial_master_nodes: \[\"node-1\", \"node-2\"\]/cluster.initial_master_nodes: \[\"$CLUSTERNAME-1\"\]/g"  /etc/elasticsearch/elasticsearch.yml
</code>

Start ElasticSearch Server, configure it to automatically start and validate the service is running:<code bash>
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch
sudo systemctl start elasticsearch

curl http://localhost:9200
</code>

===== Elasticsearch Data Role =====

If you are creating an Elasticsearch cluster using client, master, and data roles or a single Elasticsearch server which includes all of these roles, you should execute the below on servers that have the data role as ElasticSearch uses a lot of memory-mapped files for indexing so we need to increase the limits allowed by the OS and the JVM:<code bash>
head -n -1 /etc/security/limits.conf > /tmp/limits.conf

cat >> /tmp/limits.conf << EOF
*       soft    nofile  64000
*       hard    nofile  64000
root    soft    nofile  64000
root    hard    nofile  64000

# End of file
EOF

sudo cp /tmp/limits.conf /etc/security/limits.conf

cat /etc/pam.d/common-session > /tmp/common-session

cat >> /tmp/common-session << EOF
session     required        pam_limits.so
EOF

sudo cp /tmp/common-session /etc/pam.d/common-session

cat /etc/pam.d/common-session-interactive > /tmp/common-session-interactive

cat >> /tmp/common-session-interactive << EOF
session     required        pam_limits.so
EOF

sudo cp /tmp/common-session-interactive /etc/pam.d/common-session-interactive

# Give Elasticsearch half of the memory of the server
awk '{ printf "%.2f", $2/1024/1024 ; exit}' /proc/meminfo
sudo sed -i "s/-Xms1g/-Xms`awk '( $1 == "MemTotal:" ) { printf "%.0f", ($2/1024/1024)/2 ; exit }' /proc/meminfo`g/g"  /etc/elasticsearch/jvm.options
sudo sed -i "s/-Xmx1g/-Xmx`awk '( $1 == "MemTotal:" ) { printf "%.0f", ($2/1024/1024)/2 ; exit }' /proc/meminfo`g/g"  /etc/elasticsearch/jvm.options

sudo swapoff -a

cat > /tmp/elasticsearch.conf << EOF
[Service]
LimitMEMLOCK=infinity
EOF

sudo mkdir /etc/systemd/system/elasticsearch.service.d
sudo cp /tmp/elasticsearch.conf /etc/systemd/system/elasticsearch.service.d/elasticsearch.conf

sudo reboot
</code>



====== ======


----

\\ 
Last Updated: April 15, 2020