Installig Elasticsearch on Ubuntu 20.04 on the Raspberry Pi.

Installig Elasticsearch on Ubuntu 20.04 on the Raspberry Pi.

In this article, I'm installing Elasticsearch on Ubuntu for the Raspberry Pi 8GB,

Elasticsearch is a distributed, RESTful search and analytics engine capable of addressing a growing number of use cases.

because it's a requirement for Graylog, which I'll install in a next post.

Graylog is a leading centralized log management solution for capturing, storing, and enabling real-time analysis of terabytes of machine data.

Elasticsearch 6.8, and version 7 up to 7.10

Follow these instructions to install Elasticsearch.

wget -q https://artifacts.elastic.co/GPG-KEY-elasticsearch -O myKey

ubuntu@ubuntu:~$ wget -q https://artifacts.elastic.co/GPG-KEY-elasticsearch -O myKey

sudo apt-key add myKey

ubuntu@ubuntu:~$ sudo apt-key add myKey
OK

echo "deb https://artifacts.elastic.co/packages/oss-7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list

ubuntu@ubuntu:~$ echo "deb https://artifacts.elastic.co/packages/oss-7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
deb https://artifacts.elastic.co/packages/oss-7.x/apt stable main

sudo apt-get update && sudo apt-get install elasticsearch-oss

ubuntu@ubuntu:~$ sudo apt-get update && sudo apt-get install elasticsearch-oss
Hit:1 http://ports.ubuntu.com/ubuntu-ports focal InRelease
Ign:2 https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 InRelease
Hit:3 https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 Release
Hit:4 http://ports.ubuntu.com/ubuntu-ports focal-updates InRelease
Get:5 https://artifacts.elastic.co/packages/oss-7.x/apt stable InRelease [10.4 kB]
Hit:6 http://ports.ubuntu.com/ubuntu-ports focal-backports InRelease
Hit:7 http://ports.ubuntu.com/ubuntu-ports focal-security InRelease
Get:9 https://artifacts.elastic.co/packages/oss-7.x/apt stable/main arm64 Packages [32.9 kB]
Fetched 43.3 kB in 3s (17.1 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following package was automatically installed and is no longer required:
  mongodb-mongosh
Use 'sudo apt autoremove' to remove it.
The following NEW packages will be installed:
  elasticsearch-oss
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 228 MB of archives.
After this operation, 419 MB of additional disk space will be used.
Get:1 https://artifacts.elastic.co/packages/oss-7.x/apt stable/main arm64 elasticsearch-oss arm64 7.10.2 [228 MB]
Fetched 228 MB in 3min 35s (1062 kB/s)
Selecting previously unselected package elasticsearch-oss.
(Reading database ... 67050 files and directories currently installed.)
Preparing to unpack .../elasticsearch-oss_7.10.2_arm64.deb ...
Creating elasticsearch group... OK
Creating elasticsearch user... OK
Unpacking elasticsearch-oss (7.10.2) ...
Setting up elasticsearch-oss (7.10.2) ...
Created elasticsearch keystore in /etc/elasticsearch/elasticsearch.keystore
Processing triggers for systemd (245.4-4ubuntu3.11) ...

Modify the Elasticsearch configuration file  (/etc/elasticsearch/elasticsearch.yml) and set the cluster name to graylog and uncomment action.auto_create_index: false to enable the action:

sudo tee -a /etc/elasticsearch/elasticsearch.yml > /dev/null <<EOTcluster.name: graylogaction.auto_create_index: falseEOT

ubuntu@ubuntu:~$ sudo tee -a /etc/elasticsearch/elasticsearch.yml > /dev/null <<EOT
> cluster.name: graylog
> action.auto_create_index: false
> EOT

Start Elasticsearch and verify it is running.

sudo systemctl daemon-reload

ubuntu@ubuntu:~$ sudo systemctl daemon-reload

sudo systemctl enable elasticsearch.service

ubuntu@ubuntu:~$ sudo systemctl enable elasticsearch.service
Synchronizing state of elasticsearch.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable elasticsearch
Created symlink /etc/systemd/system/multi-user.target.wants/elasticsearch.service → /lib/systemd/system/elasticsearch.service.

sudo systemctl restart elasticsearch.service

ubuntu@ubuntu:~$ sudo systemctl restart elasticsearch.service

sudo systemctl --type=service --state=active | grep elasticsearch

ubuntu@ubuntu:~$ sudo systemctl --type=service --state=active | grep elasticsearch
  elasticsearch.service                                    loaded active running Elasticsearch

Next, as mentioned, I will install Graylog.