Read in 4 minutes

last updated 

How to Install Elasticsearch on Debian 9

Elasticsearch is an open source distributed full-text search and analytics engine. It supports RESTful operations and allows you to store, search, and analyze big volumes of data in real time.

Elasticsearch is one of the most popular search engines powering applications that have complex search requirements such as big e-commerce stores and analytic applications.

This tutorial will guide you through the process of installing Elasticsearch on Debian 9.

Prerequisites

You’ll need to be logged in as a user with sudo privileges to be able to install packages on your Debian server.

Installing Elasticsearch

The easiest way to install Elasticsearch on Debian is via the official Elasticsearch repository. At the time of writing this article, the latest version of Elasticsearch is 7.0.0 and requires Java 8 to be installed on the system.

Start by updating the packages index and installing the apt-transport-https package that is necessary to access a repository over HTTPS:

sudo apt update
sudo apt install apt-transport-https

Install OpenJDK 8:

sudo apt install openjdk-8-jdk

Verify the Java installation by printing the Java version:

java -version

The output should look something like this:

openjdk version "1.8.0_181"
OpenJDK Runtime Environment (build 1.8.0_181-8u181-b13-2~deb9u1-b13)
OpenJDK 64-Bit Server VM (build 25.181-b13, mixed mode)

The next step is to add the Elasticsearch repository.

Import the repository’s public key using the following wget command:

wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

The command above should output OK which means that the key has been successfully imported and packages from this repository will be considered trusted.

Next, add the Elasticsearch repository to the system by running:

sudo sh -c 'echo "deb https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list'
If you want to install a different version of Elasticsearch, change 7.x in the command above with the version you need.

Update the packages index and install the Elasticsearch engine:

sudo apt update
sudo apt install elasticsearch

When the installation process is complete, start and enable the service using the following commands:

sudo systemctl enable elasticsearch.service
sudo systemctl start elasticsearch.service

To verify that Elasticsearch is running send an HTTP request to port 9200 on localhost using the following curl command:

curl -X GET "localhost:9200/"

The output should look similar to this:

{
  "name" : "stretch",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "Nj2W3PswRuWvJW8JG75O1Q",
  "version" : {
    "number" : "7.0.0",
    "build_flavor" : "default",
    "build_type" : "deb",
    "build_hash" : "b7e28a7",
    "build_date" : "2019-04-05T22:55:32.697037Z",
    "build_snapshot" : false,
    "lucene_version" : "8.0.0",
    "minimum_wire_compatibility_version" : "6.7.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

It may take 5-10 seconds for the service to start. If you see curl: (7) Failed to connect to localhost port 9200: Connection refused, wait for a few seconds and try again.

To view the messages logged by the Elasticsearch service, use the command below:

sudo journalctl -u elasticsearch

That’s it. Elasticsearch has been installed on your Debian server.

Configuring Elasticsearch

Elasticsearch data is stored in the /var/lib/elasticsearch directory. Configuration files are located in /etc/elasticsearch and Java start-up options can be configured in the /etc/default/elasticsearch file.

By default, Elasticsearch is configured to listen on localhost only. If the client connecting to the database is also running on the same host and you are setting up a single node cluster you don’t need to enable remote access.

Remote Access

Out of box Elasticsearch, does not implement authentication so it can be accessed by anyone who can access the HTTP API. If you want to allow remote access to your Elasticsearch server, you will need to configure your firewall and allow access to the Elasticsearch port 9200 only from trusted clients.

If you are using UFW as your firewall tool of choice run the following command to allow assess on port 9200 from the remote trusted IP address:

sudo ufw allow from 192.168.100.20 to any port 9200
Do not forget to change 192.168.100.20 with your remote IP Address.

Otherwise, if you are using plain old iptables run:

sudo iptables -A INPUT -p tcp -s 192.168.100.20 --dport 9200 -j ACCEPT

Once your firewall is configured the next step is to edit the configuration and set Elasticsearch to listen for external connections.

To do so, open the elasticsearch.yml configuration file:

sudo nano /etc/elasticsearch/elasticsearch.yml

Search for the line that contains network.host, uncomment it, and change the value to 0.0.0.0:

/etc/elasticsearch/elasticsearch.yml
network.host: 0.0.0.0

If you have multiple network interfaces on your machine you can specify the interface IP address which will cause Elasticsearch to listen only on the specified interface.

Restart the Elasticsearch service for the changes to take effect:

sudo systemctl restart elasticsearch

At this point, you should be able to connect to the Elasticsearch server from your remote location.

Conclusion

You have successfully installed Elasticsearch on your Debian 9 system. For more information about how to get started with Elasticsearch visit their official Documentation page.

If you hit a problem or have feedback, leave a comment below.