8 Install_Configure_ElasticSearch

Kaimbacher edited this page 2022-07-28 09:52:26 +00:00

Unescape Escape

Table of Contents

• Step 1 - Installing Elasticsearch
• Step2 - Configuring ElasticSearch
• Step 3 - Securing ElasticSearch
• Step 4 - Load GeoNetwork indices
• STEP 5 - Check installation
• Step 6 - Configure connect

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Elasticsearch is a platform for distributed search and analysis of data in real time. It is a popular choice due to its usability, powerful features, and scalability.

This article will guide you through installing Elasticsearch, configuring it for your use case, securing your installation, and beginning to work with your Elasticsearch server.

Step 1 - Installing Elasticsearch

To begin, use cURL, the command line tool for transferring data with URLs, to import the Elasticsearch public GPG key into APT. Note that we are using the arguments -fsSL to silence all progress and possible errors (except for a server failure) and to allow cURL to make a request on a new location if redirected. Pipe the output to the gpg --dearmor command, which converts the key into a format that apt can use to verify downloaded packages.

curl -fsSL https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elastic.gpg

Next, add the Elastic source list to the sources.list.d directory, where apt will search for new sources:

echo "deb [signed-by=/usr/share/keyrings/elastic.gpg] https://artifacts.elastic.co/packages/7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list

Next, update your package lists so APT will read the new Elastic source:

sudo apt update

Then install Elasticsearch with this command: sudo apt install elasticsearch

Step2 - Configuring ElasticSearch

o configure Elasticsearch, we will edit its main configuration file elasticsearch.yml where most of its configuration options are stored. This file is located in the /etc/elasticsearch directory.

sudo nano /etc/elasticsearch/elasticsearch.yml

lasticsearch listens for traffic from everywhere on port 9200. You will want to restrict outside access to your Elasticsearch instance to prevent outsiders from reading your data or shutting down your Elasticsearch cluster through its REST API. To restrict access and therefore increase security, find the line that specifies network.host, uncomment it, and replace its value with localhost so it reads like this:

. . .
# ---------------------------------- Network -----------------------------------
#
# Set the bind address to a specific IP (IPv4 or IPv6):
#
network.host: localhost
. . .

These are the minimum settings you can start with in order to use Elasticsearch. Now you can start Elasticsearch for the first time.

Check if Elasticsearch starts:
sudo systemctl start elasticsearch

Next, run the following command to enable Elasticsearch to start up every time your server boots:
sudo systemctl enable elasticsearch

Let's create a new file called 'memory.options' in the 'jvm.options.d' directory so we can define memory requirements when an Elasticsearch instance starts:
sudo nano /etc/elasticsearch/jvm.options.d/memory.options

In the file, add the minimum and maximum memory requirements:

  -Xms1g
  -Xmx4g

sudo systemctl restart elasticsearch

Step 3 - Securing ElasticSearch

By default, Elasticsearch can be controlled by anyone who can access the HTTP API. This is not always a security risk because Elasticsearch listens only on the loopback interface (that is, 127.0.0.1), which can only be accessed locally. Thus, no public access is possible and as long as all server users are trusted, security may not be a major concern.

If you need to allow remote access to the HTTP API, you can limit the network exposure with Ubuntu’s default firewall, UFW.

We will now configure the firewall to allow access to the default Elasticsearch HTTP API port (TCP 9200) for the trusted remote host, generally the server you are using in a single-server setup, such as 172.16.4.48. To allow access, type the following command:

sudo ufw allow from 172.16.4.48 to any port 9200

Once that is complete, you can enable UFW with the command:
sudo ufw enable

Finally, check the status of UFW with the following command:
sudo ufw status

If you have specified the rules correctly, you should receive output like this:

Output
Status: active

To                         Action      From
--                         ------      ----
9200                       ALLOW      172.16.4.48
...

Step 4 - Load GeoNetwork indices

$ cd /tmp
$ curl -O https://raw.githubusercontent.com/geonetwork/core-geonetwork/3.12.x/es/config/features.json
$ curl -H 'Content-Type: application/json' -X PUT http://localhost:9200/gn-features -d @features.json

$ curl -O https://raw.githubusercontent.com/geonetwork/core-geonetwork/3.12.x/es/config/records.json
$ curl -H 'Content-Type: application/json' -X PUT http://localhost:9200/gn-records -d @records.json

$ curl -O https://raw.githubusercontent.com/geonetwork/core-geonetwork/3.12.x/es/config/searchlogs.json
$ curl  -H 'Content-Type: application/json' -X PUT http://localhost:9200/gn-searchlogs -d @searchlogs.json

STEP 5 - Check installation

Access Elasticsearch admin page from http://localhost:9200/

Step 6 - Configure connect

see also https://geonetwork-opensource.org/manuals/3.10.x/en/install-guide/installing-index.html

Update Elasticsearch URL in 'WEB-INF/config.properties':

sudo nano work/jetty-0_0_0_0-8080-geonetwork_war-_geonetwork-any-/webapp/WEB-INF/config.properties 
es.url=http://127.0.0.1:9200

add ‘es’ to the ‘spring.profiles.active’ in 'WEB-INF/web.xml'` to activate it and restart the application:

sudo nano work/jetty-0_0_0_0-8080-geonetwork_war-_geonetwork-any-/webapp/WEB-INF/web.xml

<context-param>
    <param-name>spring.profiles.active</param-name>
    <param-value>es</param-value>
  </context-param>