Elasticsearch: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
(33 intermediate revisions by the same user not shown)
Line 1: Line 1:
=External=
* https://www.elastic.co/products/elasticsearch
=Internal=
=Internal=
* [[System_Design#Search_Index|System Design]]
* [[System_Design#Search_Index|System Design]]
* [[Media_Wiki_CirrusSearch|MediaWiki CirrusSearch]]
* [[Elastic Stack#Overview|Elastic Stack]]
* [[Logstash#Overview|Logstash]]
* [[Kibana#Overview|Kibana]]
* [[Beats#Overview|Beats]]
=Overview=
=Overview=
ElasticSearch is an open source, object store and a distributed search and analytics engine. It comes with a developer-friendly query language covering structured, unstructured and time-series data. By default, ElasticSearch uses TCP port 9300.


=Installation=
=Installation=
* Download the latest RPM from https://www.elastic.co/guide/en/elasticsearch/reference/current/install-elasticsearch.html → Install Electric Search with RPM → https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html
 
For pre-7 versions, Java must be installed as a prerequisite and <code>JAVA_HOME</code> set in the <code>root</code>'s environment in <code>/etc/profile.d/java.sh</code>. See: {{Internal|Bash_Configuration_Files#Setting_Configuration_for_all_Users.2C_Including_root|Setting Configuration for all Users, Including <tt>root</tt>}}
 
For 7 and newer, Java is embedded.
 
Corretto 11 seems to be working with with Elasticsearch 6.8.x.
 
Download the latest RPM from https://www.elastic.co/guide/en/elasticsearch/reference/current/install-elasticsearch.html → Install Electric Search with RPM → https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html
 
<syntaxhighlight lang='bash'>
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.8.20.rpm
sudo rpm --install elasticsearch-6.8.20.rpm
</syntaxhighlight>
 
Set up Java home in <code>/etc/sysconfig/elasticsearch</code>:
<syntaxhighlight lang='bash'>
JAVA_HOME=/opt/java
</syntaxhighlight>
 
Also, correlate the amount of RAM available with -Xmx (<font color=darkgray>Maybe the installation script does it automatically?</font>).
 
Enable start at boot. As root:
<syntaxhighlight lang='bash'>
systemctl daemon-reload
systemctl enable elasticsearch.service
systemctl start elasticsearch
systemctl status elasticsearch
</syntaxhighlight>
 
Reboot and smoke test:
 
<syntaxhighlight lang='bash'>
curl http://localhost:9200/
{
  "name" : "pkb.local",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "37KaoJd3Q6qyBJSU0-7eQw",
  "version" : {
    "number" : "7.15.2",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "93d5a7f6192e8a1a12e154a2b81bf6fa7309da0c",
    "build_date" : "2021-11-04T14:04:42.515624022Z",
    "build_snapshot" : false,
    "lucene_version" : "8.9.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}
</syntaxhighlight>
 
=Configuration=
{{External|https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html#rpm-configuring}}
<code>/etc/elasticsearch/elasticsearch.yml</code>
 
=Operations=
==Layout==
{{External|https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html#rpm-layout}}
 
<code>$ES_HOME</code>: <code>/usr/share/elasticsearch</code>
 
State: <code>/var/lib/elasticsearch</code>
 
==Start/Stop==
<syntaxhighlight lang='bash'>
systemctl stop elasticsearch.service
systemctl start elasticsearch.service
</syntaxhighlight>
==Logs==
<code>/var/log/elasticsearch/</code>
==Queries==
===Indices===
<syntaxhighlight lang='bash'>
curl http://localhost:9200/_cat/indices?v
</syntaxhighlight>
 
<syntaxhighlight lang='bash'>
curl http://localhost:9200/_cat/aliases?h=a
</syntaxhighlight>
 
====Interact with an Index====
<font size=-1>
curl http&#58;//localhost:9200/<''index-name''>/
curl http&#58;//localhost:9200/<''index-name''>/_count
</font>
 
=ElasticSearch and OpenShift=
 
{{Internal|ElasticSearch and OpenShift|ElasticSearch and OpenShift}}

Latest revision as of 04:36, 22 November 2021

External

Internal

Overview

ElasticSearch is an open source, object store and a distributed search and analytics engine. It comes with a developer-friendly query language covering structured, unstructured and time-series data. By default, ElasticSearch uses TCP port 9300.

Installation

For pre-7 versions, Java must be installed as a prerequisite and JAVA_HOME set in the root's environment in /etc/profile.d/java.sh. See:

Setting Configuration for all Users, Including root

For 7 and newer, Java is embedded.

Corretto 11 seems to be working with with Elasticsearch 6.8.x.

Download the latest RPM from https://www.elastic.co/guide/en/elasticsearch/reference/current/install-elasticsearch.html → Install Electric Search with RPM → https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.8.20.rpm
sudo rpm --install elasticsearch-6.8.20.rpm

Set up Java home in /etc/sysconfig/elasticsearch:

JAVA_HOME=/opt/java

Also, correlate the amount of RAM available with -Xmx (Maybe the installation script does it automatically?).

Enable start at boot. As root:

systemctl daemon-reload
systemctl enable elasticsearch.service
systemctl start elasticsearch
systemctl status elasticsearch

Reboot and smoke test:

curl http://localhost:9200/
{
  "name" : "pkb.local",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "37KaoJd3Q6qyBJSU0-7eQw",
  "version" : {
    "number" : "7.15.2",
    "build_flavor" : "default",
    "build_type" : "rpm",
    "build_hash" : "93d5a7f6192e8a1a12e154a2b81bf6fa7309da0c",
    "build_date" : "2021-11-04T14:04:42.515624022Z",
    "build_snapshot" : false,
    "lucene_version" : "8.9.0",
    "minimum_wire_compatibility_version" : "6.8.0",
    "minimum_index_compatibility_version" : "6.0.0-beta1"
  },
  "tagline" : "You Know, for Search"
}

Configuration

https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html#rpm-configuring

/etc/elasticsearch/elasticsearch.yml

Operations

Layout

https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html#rpm-layout

$ES_HOME: /usr/share/elasticsearch

State: /var/lib/elasticsearch

Start/Stop

systemctl stop elasticsearch.service
systemctl start elasticsearch.service

Logs

/var/log/elasticsearch/

Queries

Indices

curl http://localhost:9200/_cat/indices?v
curl http://localhost:9200/_cat/aliases?h=a

Interact with an Index

curl http://localhost:9200/<index-name>/
curl http://localhost:9200/<index-name>/_count

ElasticSearch and OpenShift

ElasticSearch and OpenShift