Set up Elasticsearch on Debian 12 Bookworm: Comprehensive Guide

By Posted on

Set up Elasticsearch on Debian 12 Bookworm: Comprehensive Guide

In this guide, we will teach you how to Set up Elasticsearch on Debian 12 Bookworm. Elasticsearch is a distributed, open-source search and analytics engine built on Apache Lucene and written in Java. It allows you to store, search, and analyze large volumes of data quickly and in near real-time, returning results in milliseconds. Elasticsearch is a powerful tool for indexing and searching various data sources.

Now, follow the steps below to begin your Elasticsearch installation and configuration on Debian 12.

Before you begin to Set up Elasticsearch on Debian 12 Bookworm, you will need a few prerequisites.

Requirements for Elasticsearch Setup

Firstly, you must have access to your server as a non-root user with sudo privileges and have a basic firewall configured. You can follow this guide on Initial Server Setup with Debian 12 Bookworm for assistance.

Secondly, because Elasticsearch is developed in Java, you must have Java installed on your server. To do this, you can check this guide to install the default JDK: Install Default JDK on Debian 12. Remember to set up your JAVA_HOME environment path.

Now, follow the steps below to Set up Elasticsearch on Debian 12 Bookworm.

Step 1 – Install APT Transport HTTPS on Debian 12

To Set up Elasticsearch on Debian 12 Bookworm, you need to update your system and install the apt-transport-https package. This package allows APT to access repositories over HTTPS. Execute the following commands:

# sudo apt update
# sudo apt install apt-transport-https -y

Note: APT transport allows the use of repositories accessed via the HTTP Secure protocol (HTTPS), also referred to as HTTP over TLS.

Step 2 – Download and Install Elasticsearch on Debian 12

To Set up Elasticsearch on Debian 12 Bookworm, visit the Elasticsearch Official page and obtain the latest stable version using the wget command:

sudo wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-8.8.1-amd64.deb

Once the download is complete, install the Elasticsearch deb package using the following command:

sudo dpkg -i elasticsearch-8.8.1-amd64.deb
**<mark>Output</mark>**
Selecting previously unselected package elasticsearch.
(Reading database ... 43423 files and directories currently installed.)
Preparing to unpack elasticsearch-8.8.1-amd64.deb ...
Creating elasticsearch group... OK
Creating elasticsearch user... OK
Unpacking elasticsearch (8.8.1) ...
Setting up elasticsearch (8.8.1) ...
--------------------------- Security autoconfiguration information ------------------------------
Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.

The generated password for the elastic built-in superuser is : **YMAUA7Kgtw0vbqzADW70**

....

Make sure to note down the password generated for the superuser from the output. This password will be needed for accessing Elasticsearch later.

Step 3 – How To Start Elasticsearch on Debian 12 Bookworm?

First, reload the system daemon with the command below:

sudo systemctl daemon-reload

Then, use the following commands to start and enable the Elasticsearch service to start on boot:

# sudo systemctl start elasticsearch.service
# sudo systemctl enable elasticsearch.service

Verify that your Elasticsearch service is active and running on your Debian 12 server:

sudo systemctl status elasticsearch.service
**<mark>Output</mark>**
● elasticsearch.service - Elasticsearch
     Loaded: loaded (/lib/systemd/system/elasticsearch.service; enabled; preset>
     Active: **<mark>active</mark>** (**<mark>running</mark>**) since Tue 2023-06-27 04:23:13 EDT; 1min 14s ago
       Docs: https://www.elastic.co
   Main PID: 14849 (java)
      Tasks: 70 (limit: 4653)
     Memory: 2.3G
        CPU: 1min 10.322s
     CGroup: /system.slice/elasticsearch.service
...

Step 4 – Configure Elasticsearch on Debian 12 Bookworm

At this point, you need to make some basic configuration changes to the Elasticsearch configuration file.

Open the Elasticsearch configuration file with your favorite text editor; in this example, we use the vi editor:

sudo vi /etc/elasticsearch/elasticsearch.yml

In the file, search for the network.host directive, uncomment it by removing the hashtag, and set it to 0.0.0.0 to listen on all interfaces and make it available publicly. You can use your LAN address for LAN access only:

network.host: 0.0.0.0 or internal-ip-address

Also, find the lines below, uncomment them, and replace the names with your own:

cluster.name: <mark>myCluster1</mark>
node.name: <mark>myNode1</mark>

Then, find the discovery.seed_hosts directive, uncomment it, and set it to your Node name:

discovery.seed_hosts: ["myNode1"]

When you are done, save and close the file.

Now, restart Elasticsearch on Debian 12 with the following command:

sudo systemctl restart elasticsearch.service

Step 5 – Configure Firewall for Elasticsearch

Here, we assume that you have enabled the UFW firewall. Elasticsearch listens on port 9200. You must allow port 9200 through the UFW firewall. To do this, run the command below:

sudo ufw allow 9200/tcp

Then, reload the firewall to apply the new rules:

sudo ufw reload

Note: For more information about the UFW firewall, you can visit this guide on UFW Firewall configuration on Debian 12.

Step 6 – Test Elasticsearch Installation on Debian 12

At this point, you can test your installation by sending an HTTPS request by attaching the certificate using the below command. To do this, run the following command:

Take note of the password you received earlier; you will need to use that when prompted.

# sudo su
# curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://<mark>INTERNAL_IP</mark>:9200

You will get the following output:

Enter host password for user 'elastic': <mark>enter-your-elastic-password</mark>
{
  "name" : "myNode1",
  "cluster_name" : "myCluster1",
  "cluster_uuid" : "74j-YF9FT-WCPcQfb6Q9_Q",
  "version" : {
    "number" : "8.8.1",
    "build_flavor" : "default",
    "build_type" : "deb",
    "build_hash" : "f8edfccba429b6477927a7c1ce1bc6729521305e",
    "build_date" : "2023-06-05T21:32:25.188464208Z",
    "build_snapshot" : false,
    "lucene_version" : "9.6.0",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

As you can see from the output, your Elasticsearch is working correctly.

Step 7 – Connect Elasticsearch from the Web Interface

Here, you can connect to your Elasticsearch by typing your server’s IP address in your web browser followed by port 9200:

https://<mark>server-ip-address</mark>:9200

You should enter your Elastic user and password and click sign in:

Elasticsearch login screen

Then, you should see:

For more information, you can visit Elasticsearch Docs.

Conclusion

At this point, you have learned how to Set up Elasticsearch on Debian 12 Bookworm. You have downloaded the latest deb package, configured your cluster and node, and tested your Elasticsearch to see if it is working correctly.

Hope you enjoy it. You may like these articles too:

Install Elasticsearch on Ubuntu 22.04

Install and Configure Elasticsearch on AlmaLinux 8

Set up ElasticSearch on Centos 7

FAQs

What is the default port for Elasticsearch?

By default, Elasticsearch listens on port 9200.

Where is the Elasticsearch config file in Linux?

The main configuration file for Elasticsearch is under the  /etc/elasticsearch/elasticsearch directory.

Alternative Solutions for Installing Elasticsearch on Debian 12

While the above guide details installing Elasticsearch using the .deb package, there are alternative methods for achieving the same goal. Here are two different approaches:

1. Installing Elasticsearch Using the APT Repository

This method involves adding the Elasticsearch repository to your system’s APT sources. This allows you to install and update Elasticsearch using the standard apt package manager. This method is beneficial for keeping your Elasticsearch installation up-to-date with ease.

Steps:

  1. Add the Elasticsearch GPG key:

    wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

  2. Install the apt-transport-https package (if not already installed):

    sudo apt update
sudo apt install apt-transport-https

  3. Add the Elasticsearch repository to your APT sources:

    echo "deb https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-8.x.list

  4. Update the APT package lists:

    sudo apt update

  5. Install Elasticsearch:

    sudo apt install elasticsearch

The subsequent steps for configuring and starting Elasticsearch remain largely the same as outlined in the original guide, starting from Step 3. This method simplifies the initial installation process and streamlines future updates.

2. Installing Elasticsearch Using Docker

Docker provides a containerized environment for running applications, including Elasticsearch. This approach offers isolation, reproducibility, and simplified deployment.

Steps:

  1. Install Docker (if not already installed):

    sudo apt update
sudo apt install docker.io
sudo systemctl start docker
sudo systemctl enable docker

  2. Pull the Elasticsearch Docker image:

    docker pull docker.elastic.co/elasticsearch/elasticsearch:8.8.1

  3. Run the Elasticsearch container:

    docker run -d -p 9200:9200 -p 9300:9300 -e "discovery.type=single-node" docker.elastic.co/elasticsearch/elasticsearch:8.8.1

    Explanation:

    • -d: Runs the container in detached mode (background).
    • -p 9200:9200 -p 9300:9300: Maps the container’s ports 9200 and 9300 to the host’s ports 9200 and 9300, respectively. Port 9200 is used for HTTP access, and port 9300 is used for transport communication between nodes.
    • -e "discovery.type=single-node": Sets the discovery.type environment variable to single-node, indicating that this is a single-node cluster. This is suitable for testing or development environments. For production, you’ll need a cluster setup.

  4. Access Elasticsearch:

    After the container starts, you can access Elasticsearch at http://localhost:9200 (or the appropriate IP address of your server). You’ll likely need to configure authentication as with the .deb installation.

Configuration Considerations for Docker:

  • Data Persistence: By default, data within the Docker container is not persistent. To persist data, you can use Docker volumes to map a directory on the host machine to the Elasticsearch data directory inside the container.
  • Resource Limits: You may want to configure resource limits (CPU, memory) for the Docker container to prevent it from consuming excessive resources.
  • Environment Variables: Docker allows you to configure Elasticsearch through environment variables. This is useful for setting options like cluster name, node name, and passwords.

This Docker-based approach offers a self-contained and portable way to run Elasticsearch, simplifying deployment and management, especially in environments where containerization is already used. It is also helpful if you wish to avoid polluting your host operating system with extra packages.

Related posts: