First, make sure that all of the latest patches are installed.
sudo apt update sudo apt dist-upgrade sudo reboot
Configure Firewall:
sudo ufw allow ssh sudo ufw allow 9200/tcp sudo ufw allow 9300/tcp sudo ufw enable
Install Install Java
Add the Elastic Search Key and Software:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - VERSION=7 CLUSTERNAME=escluster-1 cat > /tmp/elastic-$VERSION.x.list << EOF deb https://artifacts.elastic.co/packages/$VERSION.x/apt stable main EOF sudo mv /tmp/elastic-$VERSION.x.list /etc/apt/sources.list.d/ sudo apt update sudo apt install -y elasticsearch=$VERSION.\* # If some software requires a specific version of elasticsearch, hold the package from upgrades: sudo apt-mark hold elasticsearch
Configure the ElasticSearch configuration:
sudo sed -i "s/#cluster.name: my-application/cluster.name: $CLUSTERNAME/g" /etc/elasticsearch/elasticsearch.yml sudo sed -i "s/#node.name: node-1/node.name: $CLUSTERNAME-1/g" /etc/elasticsearch/elasticsearch.yml sudo sed -i "s/#network.host: 192.168.0.1/network.host: [_eth0_, _local_]/g" /etc/elasticsearch/elasticsearch.yml sudo sed -i "s/#cluster.initial_master_nodes: \[\"node-1\", \"node-2\"\]/cluster.initial_master_nodes: \[\"$CLUSTERNAME-1\"\]/g" /etc/elasticsearch/elasticsearch.yml
Start ElasticSearch Server, configure it to automatically start and validate the service is running:
sudo systemctl daemon-reload sudo systemctl enable elasticsearch sudo systemctl start elasticsearch curl http://localhost:9200
If you are creating an Elasticsearch cluster using client, master, and data roles or a single Elasticsearch server which includes all of these roles, you should execute the below on servers that have the data role as ElasticSearch uses a lot of memory-mapped files for indexing so we need to increase the limits allowed by the OS and the JVM:
head -n -1 /etc/security/limits.conf > /tmp/limits.conf cat >> /tmp/limits.conf << EOF * soft nofile 64000 * hard nofile 64000 root soft nofile 64000 root hard nofile 64000 # End of file EOF sudo cp /tmp/limits.conf /etc/security/limits.conf cat /etc/pam.d/common-session > /tmp/common-session cat >> /tmp/common-session << EOF session required pam_limits.so EOF sudo cp /tmp/common-session /etc/pam.d/common-session cat /etc/pam.d/common-session-interactive > /tmp/common-session-interactive cat >> /tmp/common-session-interactive << EOF session required pam_limits.so EOF sudo cp /tmp/common-session-interactive /etc/pam.d/common-session-interactive # Give Elasticsearch half of the memory of the server awk '{ printf "%.2f", $2/1024/1024 ; exit}' /proc/meminfo sudo sed -i "s/-Xms1g/-Xms`awk '( $1 == "MemTotal:" ) { printf "%.0f", ($2/1024/1024)/2 ; exit }' /proc/meminfo`g/g" /etc/elasticsearch/jvm.options sudo sed -i "s/-Xmx1g/-Xmx`awk '( $1 == "MemTotal:" ) { printf "%.0f", ($2/1024/1024)/2 ; exit }' /proc/meminfo`g/g" /etc/elasticsearch/jvm.options sudo swapoff -a cat > /tmp/elasticsearch.conf << EOF [Service] LimitMEMLOCK=infinity EOF sudo mkdir /etc/systemd/system/elasticsearch.service.d sudo cp /tmp/elasticsearch.conf /etc/systemd/system/elasticsearch.service.d/elasticsearch.conf sudo reboot
Last Updated: April 15, 2020