Elasticsearch is a powerful, open-source search engine and analytics platform that can be used to store, search, and analyze large volumes of data in real-time. It’s critical for many modern applications and services that require fast, efficient search and analytics capabilities.
Although it’s a useful tool for analytics, it’s not installed by default on RunCloud servers because most RunCloud users don’t need it – and if it was preinstalled it would consume resources unnecessarily. But if you do need to install Elasticsearch on your server, it’s easy to do.
This article is a step-by-step guide that will walk you through the process of installing Elasticsearch on a server managed by RunCloud. Let’s get started!
Connect To Server via SSH
Before installing Elasticsearch you should already have a server connected to RunCloud. If you don’t have a server, you can follow our tutorial on how to set up a Vultr or AWS server on RunCloud.
Once your server is up and running, you need to log in to it via SSH to install Elasticsearch. If you know how to do this already, you can jump to the installing Elasticsearch on RunCloud section.
How To Add Your SSH Key To RunCloud Server
Once your server is connected to RunCloud you can create new users and grant them access to log in to the server directly from the dashboard itself. To do this, first go to the account settings and open your SSH key vault.
In the key vault, you need to add your public SSH key. You can either use your existing key, or generate a new one using the following command:
ssh-keygen -t rsa
After you have added the key it will show up in the key vault. Now you can either create a new user, or add this SSH key to an existing user account on your server.
We will create a new user account to avoid disturbing any files or settings in the existing user’s account. To do this, go to your server settings and open the “System User” tab. In this tab, create a new user with sudo privileges.
After creating the user, go to the SSH tab of your server and click on the “Add New SSH Key” button to use the key that we just added to the vault.
On the next screen, use the saved key from the SSH key vault and select the user that we just created.
After adding the SSH key, log in to your server by running the following command in your terminal. Make sure to add the username, IP address, and the path to the private key before executing the command.
ssh <username>@<ip address> -i <path to private key>Installing Elasticsearch on RunCloud
When you log in to your server, you will see a large banner saying “RunCloud” – this confirms that your login attempt was successful. Now, all of the commands executed in this terminal will run on your server.
Once you log in to the server, you can copy and paste the following commands into your terminal to import the Elasticsearch PGP Key and install it from the APT repository:
wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
sudo apt-get install apt-transport-https
echo "deb [signed-by=/usr/share/keyrings/elasticsearch-keyring.gpg] https://artifacts.elastic.co/packages/8.x/apt stable main" | sudo tee /etc/apt/sources.list.d/elastic-8.x.list
sudo apt-get update && sudo apt-get install elasticsearch
A lot of people use Elasticsearch with Kibana, an open source visualization tool. If you want to install Kibana on your system, you can run the following command as well:
sudo apt-get install kibana
After the installation is complete, pay close attention to the output displayed. The screen displays the default password for the Elasticsearch account. In the above example, the password is 8RF65T*6cB*Y_rjUDedn.
If you accidentally closed the screen, you can generate a new password using the following command:
sudo /usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic
Now, you can configure the Elasticsearch service to start automatically when the server reboots, and then start it using the following commands. You can optionally run the fourth command in the following block to check whether the service is up and running correctly:
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
sudo systemctl start elasticsearch.service
sudo systemctl status elasticsearch.service # Check statusIf you see active (running) status, then your service is configured correctly and you can start using it.
Testing Elasticsearch
After installing Elasticsearch you can test the installation by running the following command. If you receive an output similar to the screenshot attached below, then your Elasticsearch installation is working correctly.
sudo curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
Configuring SSL Certificates For Elasticsearch
When we tested the Elasticsearch instance, as shown in the above example, we connected using the default certificate which is generated automatically. The connection is encrypted using the http_ca.crt certificate file stored in the /etc/elasticsearch/certs/ directory.
If you’re not working in a production environment, you can turn off the TLS/SSL on the HTTP networking layer by editing the /etc/elasticsearch/elasticsearch.yml file and setting the xpack.security.http.ssl.enabled to false.
Generating Certificate Signing Requests for Elasticsearch
If you’re using Elasticsearch in a production environment, there’s a good chance that a high number of people will be connecting to your server, and so using a self-signed certificate is not a good idea in such cases.
If you are part of a large organization you might already have a certification authority (CA) that is trusted by all of the computers, or you might want to use a commercially available certificate authority. In both cases, having a CSR file will make the process of issuing certificates much easier.
Use the following command to create a certificate signing request. The CLI tool will ask you for basic information such as your domain name and IP address. Fill out all the necessary fields and, optionally, you can secure the certificate with a password.
sudo /usr/share/elasticsearch/bin/elasticsearch-certutil httpIf you didn’t change the default path of the output file, then your elasticsearch-ssl-http.zip file will be stored in the /usr/share/elasticsearch/ directory.
Use the following commands to unzip the file and view your certificate signing request. (Don’t forget to update the name of the .csr file to match the filename.)
sudo unzip /usr/share/elasticsearch/elasticsearch-ssl-http.zip
sudo cat /usr/share/elasticsearch/elasticsearch/<mydomain>.csrThe above command will show you your certificate request document. You can use this to generate certificates – usually these are .pem or .cer files.
After you get your certificate from your CA, you can put the certificate and the keys (from the zip folder generated above) in the /etc/elasticsearch/certs/ folder, and update the /etc/elasticsearch/elasticsearch.yml to use your new certificate.
If you configured a password during the key creation, you will need to add that to the key vault. You can use the following command to do this:
sudo /usr/share/elasticsearch/bin/elasticsearch-keystore add xpack.security.http.ssl.keystore.secure_passwordFor more information, refer to the Elasticsearch documentation.
After Action Report
Elasticsearch is an essential tool for anyone who needs to store, search, and analyze large volumes of data, and if you’re looking for an easy and efficient way to manage your servers, RunCloud is a great choice.
By following the step-by-step guide in this article, you can quickly and easily set up Elasticsearch on your RunCloud-managed server and start taking advantage of its powerful capabilities.
If you’re tired of managing your own servers – check out RunCloud’s fast, efficient and visual cloud server management service. RunCloud is built for developers that want to focus on shipping great work, not on managing their infrastructure.
With RunCloud’s user-friendly interface and powerful features, managing your server has never been easier, with a painless server configuration so you don’t need to spend hours figuring it out. Get started with RunCloud today and get up and running in minutes.
