Elasticsearch: Installation and Configuration

Installation of Elasticsearch

First of all, ensure, that you have required Java installed on your machine.

Download zip package of Elasticsearch

As an example You could do it by doing

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.6.2-linux-x86_64.tar.gz

Elasticsearch can be started from the command line as follows:

./bin/elasticsearch

By default, Elasticsearh is up and listening to HTTP requests on localhost and port 9200. You could try

curl –XGET localhost:9200

and you will see something like this:

{
  "name":"Cp8oag6",
  "cluster_name":"elasticsearch",
  "cluster_uuid":"AT69_T_DTp-1qgIJlatQqA",
  "version":{
    "number":"6.2.4",
    "build_hash":"f27399d",
    "build_date":"2016-03-30T09:51:41.449Z",
    "build_snapshot":false,
    "lucene_version":"7.2.1",
    "minimum_wire_compatibility_version":"1.2.3",
    "minimum_index_compatibility_version":"1.2.3"},
  "tagline":"You Know, for Search"}

Configuration of Elasticsearch

The default configuration of Elasticsearch is pretty good for a lot of scenarios.

Elasticsearch has three configuration files:

  • elasticsearch.yml for configuring Elasticsearch

  • jvm.options for configuring Elasticsearch JVM settings

  • log4j2.properties for configuring logging

let's look to the elasticsearch.yml Some of the very important settings to considered:

  • path.data and path.logs configurations, those are responsible for location of Elasticsearch indices and logs, respectively.

  • cluster.name, Node could only join the cluster if it’s configured to have the same cluster name. Default value elasticsearch should be changed to something meaningful, to avoid clashes with other potential clusters

  • network.host, By default Elasticsearch binds only to localhost (or 127.0.0.1). In the production, you would need to specify it with exact IP address of the node.

  • Heap size, By default Elasticsearch allows to use only 1 Gb of RAM for JVM heap allocation. Most likely you would need to set it up to a bigger values.

    Recommendation is to leave at least 50% of the physical RAM for system file caches. Set up both min and max heap sizes to the same value

There are several things that are recommended to tweak OS, which is running your installation of Elasticsearich. Let’s go through them:

  • Modern OS uses swaps as a method of saving RAM and provide some sort of operating for machines with lower RAM size, however it could affect stability of the node and most importantly performance if the JVM heap will be swapped out to the disk. We would need to disable it completely. On Linux you could do it temporarily by doing so sudo swapoff –a. For proper disabling, you need to edit your /etc/fstab and remove swap related lines

  • Elasticsearch uses a lot of file handles and descriptors during it’s work. Make sure to increase the size of it to more than 200k, by doing something like this: ulimit –n 200000 (this will only change it for the current user session, you want to take a look into /etc/security/limits.conf for a proper changing of this parameter)

PreviousElasticsearchNextKibana

Last updated