Installig Elasticsearch on Ubuntu 20.04 on the Raspberry Pi.

DBplatz Support -

In this article, I'm installing Elasticsearch on Ubuntu for the Raspberry Pi 8GB,

Elasticsearch is a distributed, RESTful search and analytics engine capable of addressing a growing number of use cases.

because it's a requirement for Graylog, which I'll install in a next post.

Graylog is a leading centralized log management solution for capturing, storing, and enabling real-time analysis of terabytes of machine data.

Elasticsearch 6.8, and version 7 up to 7.10

Follow these instructions to install Elasticsearch.

wget -q https://artifacts.elastic.co/GPG-KEY-elasticsearch -O myKey

ubuntu@ubuntu:~$ wget -q https://artifacts.elastic.co/GPG-KEY-elasticsearch -O myKey

sudo apt-key add myKey

ubuntu@ubuntu:~$ sudo apt-key add myKey
OK

echo "deb https://artifacts.elastic.co/packages/oss-7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list

ubuntu@ubuntu:~$ echo "deb https://artifacts.elastic.co/packages/oss-7.x/apt stable main" | sudo tee -a /etc/apt/sources.list.d/elastic-7.x.list
deb https://artifacts.elastic.co/packages/oss-7.x/apt stable main

sudo apt-get update && sudo apt-get install elasticsearch-oss

ubuntu@ubuntu:~$ sudo apt-get update && sudo apt-get install elasticsearch-oss
Hit:1 http://ports.ubuntu.com/ubuntu-ports focal InRelease
Ign:2 https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 InRelease
Hit:3 https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 Release
Hit:4 http://ports.ubuntu.com/ubuntu-ports focal-updates InRelease
Get:5 https://artifacts.elastic.co/packages/oss-7.x/apt stable InRelease [10.4 kB]
Hit:6 http://ports.ubuntu.com/ubuntu-ports focal-backports InRelease
Hit:7 http://ports.ubuntu.com/ubuntu-ports focal-security InRelease
Get:9 https://artifacts.elastic.co/packages/oss-7.x/apt stable/main arm64 Packages [32.9 kB]
Fetched 43.3 kB in 3s (17.1 kB/s)
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following package was automatically installed and is no longer required:
  mongodb-mongosh
Use 'sudo apt autoremove' to remove it.
The following NEW packages will be installed:
  elasticsearch-oss
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 228 MB of archives.
After this operation, 419 MB of additional disk space will be used.
Get:1 https://artifacts.elastic.co/packages/oss-7.x/apt stable/main arm64 elasticsearch-oss arm64 7.10.2 [228 MB]
Fetched 228 MB in 3min 35s (1062 kB/s)
Selecting previously unselected package elasticsearch-oss.
(Reading database ... 67050 files and directories currently installed.)
Preparing to unpack .../elasticsearch-oss_7.10.2_arm64.deb ...
Creating elasticsearch group... OK
Creating elasticsearch user... OK
Unpacking elasticsearch-oss (7.10.2) ...
Setting up elasticsearch-oss (7.10.2) ...
Created elasticsearch keystore in /etc/elasticsearch/elasticsearch.keystore
Processing triggers for systemd (245.4-4ubuntu3.11) ...

Modify the Elasticsearch configuration file  (/etc/elasticsearch/elasticsearch.yml) and set the cluster name to graylog and uncomment action.auto_create_index: false to enable the action:

sudo tee -a /etc/elasticsearch/elasticsearch.yml > /dev/null <<EOTcluster.name: graylogaction.auto_create_index: falseEOT

ubuntu@ubuntu:~$ sudo tee -a /etc/elasticsearch/elasticsearch.yml > /dev/null <<EOT
> cluster.name: graylog
> action.auto_create_index: false
> EOT

Start Elasticsearch and verify it is running.

sudo systemctl daemon-reload

ubuntu@ubuntu:~$ sudo systemctl daemon-reload

sudo systemctl enable elasticsearch.service

ubuntu@ubuntu:~$ sudo systemctl enable elasticsearch.service
Synchronizing state of elasticsearch.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable elasticsearch
Created symlink /etc/systemd/system/multi-user.target.wants/elasticsearch.service → /lib/systemd/system/elasticsearch.service.

sudo systemctl restart elasticsearch.service

ubuntu@ubuntu:~$ sudo systemctl restart elasticsearch.service

sudo systemctl --type=service --state=active | grep elasticsearch

ubuntu@ubuntu:~$ sudo systemctl --type=service --state=active | grep elasticsearch
  elasticsearch.service                                    loaded active running Elasticsearch

Next, as mentioned, I will install Graylog.