Elastic Stack 8 : Install Elasticsearch2022/12/09

	Install Full-Text search engine [Elasticsearch].
[1]	Install and Run Elasticsearch. Installing Java is not required because integrated Java is included in Elasticsearch.

[root@dlp ~]#

cat > /etc/yum.repos.d/elasticsearch.repo <<EOF
[elasticsearch-8.x]
name=Elasticsearch repository for 8.x packages
baseurl=https://artifacts.elastic.co/packages/8.x/yum
gpgcheck=1
gpgkey=https://artifacts.elastic.co/GPG-KEY-elasticsearch
enabled=1
autorefresh=1
type=rpm-md
EOF

[root@dlp ~]#

update-crypto-policies --set DEFAULT:SHA1

[root@dlp ~]#

dnf -y install elasticsearch

.....
.....
--------------------------- Security autoconfiguration information ------------------------------

Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.

The generated password for the elastic built-in superuser is : WsdNReT=WiRbB__*Ejal

If this node should join an existing cluster, you can reconfigure this with
'/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node --enrollment-token <token-here>'
after creating an enrollment token on your existing cluster.

You can complete the following actions at any time:

Reset the password of the elastic built-in superuser with
'/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'.

Generate an enrollment token for Kibana instances with
 '/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'.

Generate an enrollment token for Elasticsearch nodes with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.

-------------------------------------------------------------------------------------------------

[root@dlp ~]#

systemctl enable --now elasticsearch

# verify status
# password is the one that is shown during the installation above

[root@dlp ~]#

curl -u elastic --cacert /etc/elasticsearch/certs/http_ca.crt https://127.0.0.1:9200

Enter host password for user 'elastic':
{
  "name" : "dlp.srv.world",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "ilb6UzwQQdiBj752QE0YmQ",
  "version" : {
    "number" : "8.5.3",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "4ed5ee9afac63de92ec98f404ccbed7d3ba9584e",
    "build_date" : "2022-12-05T18:22:22.226119656Z",
    "build_snapshot" : false,
    "lucene_version" : "9.4.2",
    "minimum_wire_compatibility_version" : "7.17.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
}

[2]	If you use Elasticsearch from other Hosts, refer to the setting for Clustering. It needs to configure the same settings with Clustering even if single node using if receiving requests from other Hosts.

[3]	This is the basic usage of Elasticsearch. Create an Index first, it is like Database on RDB.

# show Index list ([pretty] means it shows JSON with human readable)

[root@dlp ~]#

curl -u elastic --cacert /etc/elasticsearch/certs/http_ca.crt https://127.0.0.1:9200/_aliases?pretty

Enter host password for user 'elastic':
{
  ".security-7" : {
    "aliases" : {
      ".security" : {
        "is_hidden" : true
      }
    }
  }
}

# create Index

[root@dlp ~]#

curl -u elastic --cacert /etc/elasticsearch/certs/http_ca.crt -X PUT "https://127.0.0.1:9200/test_index"

Enter host password for user 'elastic':
{"acknowledged":true,"shards_acknowledged":true,"index":"test_index"}

# verify

[root@dlp ~]#

curl -u elastic --cacert /etc/elasticsearch/certs/http_ca.crt https://127.0.0.1:9200/_aliases?pretty

Enter host password for user 'elastic':
{
  ".security-7" : {
    "aliases" : {
      ".security" : {
        "is_hidden" : true
      }
    }
  },
  "test_index" : {
    "aliases" : { }
  }
}

[root@dlp ~]#

curl -u elastic --cacert /etc/elasticsearch/certs/http_ca.crt https://127.0.0.1:9200/test_index/_settings?pretty

Enter host password for user 'elastic':
{
  "test_index" : {
    "settings" : {
      "index" : {
        "routing" : {
          "allocation" : {
            "include" : {
              "_tier_preference" : "data_content"
            }
          }
        },
        "number_of_shards" : "1",
        "provided_name" : "test_index",
        "creation_date" : "1624321329152",
        "number_of_replicas" : "1",
        "uuid" : "Vh0HutpLRciaMWX3pFo7Zg",
        "version" : {
          "created" : "7130299"
        }
      }
    }
  }
}

[4]	Define Mapping and insert test data. Mapping defines structure of Index. If inserting data, Mapping will be defined automatically, but it's possible to define manually, of course.

# insert data

[root@dlp ~]# curl -u elastic --cacert /etc/elasticsearch/certs/http_ca.crt \
-H "Content-Type: application/json" \
-X PUT "https://127.0.0.1:9200/test_index/_doc/001" -d '{
    "subject" : "Test Post No.1",
    "description" : "This is the initial post",
    "content" : "This is the test message for using Elasticsearch."
}'
Enter host password for user 'elastic':
{"_index":"test_index","_id":"001","_version":1,"result":"created","_shards":{"total":2,"successful":1,"failed":0},"_seq_no":0,"_primary_term":1}

# show Mapping

[root@dlp ~]#

curl -u elastic --cacert /etc/elasticsearch/certs/http_ca.crt "https://127.0.0.1:9200/test_index/_mapping/?pretty"

Enter host password for user 'elastic':
{
  "test_index" : {
    "mappings" : {
      "properties" : {
        "content" : {
          "type" : "text",
          "fields" : {
            "keyword" : {
              "type" : "keyword",
              "ignore_above" : 256
            }
          }
        },
        "description" : {
          "type" : "text",
          "fields" : {
            "keyword" : {
              "type" : "keyword",
              "ignore_above" : 256
            }
          }
        },
        "subject" : {
          "type" : "text",
          "fields" : {
            "keyword" : {
              "type" : "keyword",
              "ignore_above" : 256
            }
          }
        }
      }
    }
  }
}

# show data

[root@dlp ~]#

curl -u elastic --cacert /etc/elasticsearch/certs/http_ca.crt "https://127.0.0.1:9200/test_index/_doc/001?pretty"

Enter host password for user 'elastic':
{
  "_index" : "test_index",
  "_id" : "001",
  "_version" : 1,
  "_seq_no" : 0,
  "_primary_term" : 1,
  "found" : true,
  "_source" : {
    "subject" : "Test Post No.1",
    "description" : "This is the initial post",
    "content" : "This is the test message for using Elasticsearch."
  }
}

# search data
# example of Search conditions below means [description] field includes a word [initial]

[root@dlp ~]#

curl -u elastic --cacert /etc/elasticsearch/certs/http_ca.crt "https://127.0.0.1:9200/test_index/_search?q=description:initial&pretty=true"

Enter host password for user 'elastic':
{
  "took" : 12,
  "timed_out" : false,
  "_shards" : {
    "total" : 1,
    "successful" : 1,
    "skipped" : 0,
    "failed" : 0
  },
  "hits" : {
    "total" : {
      "value" : 1,
      "relation" : "eq"
    },
    "max_score" : 0.2876821,
    "hits" : [
      {
        "_index" : "test_index",
        "_id" : "001",
        "_score" : 0.2876821,
        "_source" : {
          "subject" : "Test Post No.1",
          "description" : "This is the initial post",
          "content" : "This is the test message for using Elasticsearch."
        }
      }
    ]
  }
}

Matched Content