Chat Zalo Chat Messenger Phone Number Đăng nhập
Install Elasticsearch on Ubuntu for Next Level Searching

Install Elasticsearch on Ubuntu for Next Level Searching

Are you looking for a way to optimize and improve the performance of your website? Why not install Elasticsearch on Ubuntu? Elasticsearch is a powerful open source search engine that helps you index and search through large amounts of data quickly and easily.

Not a reader? Watch this related video tutorial! Don’t see the video? Make sure your ad blocker is turned off.

In this article, you’ll learn how to install Elasticsearch on Ubuntu and improve your website’s performance.

Read on to find out how to optimize your website like you never imagined!


This tutorial will be a hands-on demonstration. If you want to move forward, make sure you have the following.

  • An Ubuntu server. This tutorial uses Ubuntu 20.04.

Related:How to Install Ubuntu 20.04 [Step by Step]

  • A user account with root privileges. Although this redundantly demonstrates sudo with the root account, sudo is usually only necessary for a less privileged account.


Java on Ubuntu Before you

get your hands on Elasticsearch, you’ll first need to install Java on your server. Java installation is required for Elasticsearch to run.

You will install OpenJDK, the open source Java Development Kit (JDK). This JDK is the recommended Java development environment for Elasticsearch.

While it is possible to install Java after Elasticsearch, installing Java first is best practice. Doing so ensures that your environment is configured correctly and that there are no unexpected errors.

To install Java on your Ubuntu machine:

1. Run the apt update command to make sure your Ubuntu package repository is up to date.

2. Next, run the apt install command to install OpenJDK (default-jdk).

You can install Java in

other ways, but it is recommended to use the apt package manager to install Java on Ubuntu. apt ensures that all necessary dependencies are installed


Related: Learning Ubuntu Apt Get Through 3 Examples

. Finally, run the following command to verify the installed version of Java.

At the time of writing, the latest version below is, but yours might be different. This output indicates that Java is installed correctly.

Install Elasticsearch on Ubuntu Now that Java

is installed d, you can install Elasticsearch on your server. Elasticsearch is not available in Ubuntu repositories, so you will install it from a third-party source.

1. Run the apt-get install command below to install the apt-transport-https package. This package ensures communication between your Ubuntu server and the package repository.

2. Next, run the curl command below to add the Elasticsearch GPG key to your system (apt-key add). This key is used to verify the authenticity of the Elasticsearch package.

3. After adding the GPG key, run the following command to add the latest Elasticsearch repository (master stable to your system.

The -a flag is used to add the text to the /etc/apt/sources.list.d/elastic-7.x.list file. The elastic-7.x.list file is a list of files that contain a repository list, where your apt searches for packages to install.

Visit the Elasticsearch repository page to find other repositories with different versions of Elasticsearch

The repository is

added to your system, but the new repository cannot be used until you update its apt-cache


4. Now, run the apt update command below to update your apt-cache.

You can see in the output below that the Elasticsearch repository has been added to your system.

5. Finally, run the apt install command below to install Elasticsearch on your server.


up Elasticsearch

You’ve fully installed Elasticsearch, but you’ll still need to set up Elasticsearch before using it. The main Elasticsearch configuration file (elasticsearch.yml) is located in the /etc/elasticsearch directory.

You can find all available configuration options in the elasticsearch.yml file, and most of them are preconfigured. But you may need to change some of them according to your needs. And in this tutorial, you will only adjust the network host settings.

1. Open the elasticsearch.yml file in your favorite text editor.

2. Scroll down to the line that says, as shown below.

3. Uncomment the line by removing the leading # symbol and replacing its value with localhost. Doing so increases security by restricting external access to your Elasticsearch instance.

Save your changes and exit your editor.

Note that redundant spaces in this document will cause parsing problems, resulting in an error. Never add extra spaces at the beginning and end of any line, and only use spaces between keys and dictionary values.

4. Now, run each systemctl command below to reload the daemon and restart the elasticsearch service for your changes to take effect.

These commands have no output. But at this point, your Elasticsearch instance on port 9200 is now configured to allow traffic only from machines on your local network.

On port 9200, Elasticsearch listens for traffic from anywhere by default.

Related: Systemd Service Control with Ubuntu systemctl

5. Run the following command to start the elasticsearch service and verify that the service is running.

As shown below, the Elasticsearch service must start in an active (running) state.

6. Finally, run the following netstat command to verify that your Elasticsearch server is listening on the localhost interface on port 9200.

You can see that the Elasticsearch process is running and listening on the

IPv6 and IPv4 loopback interfaces on port 9200, as shown below. 18718/java is the process ID (PID) for the Elasticsearch process.

Securing Elasticsearch

using the UFW firewall Your

Elasticsearch service

is active, and you’ll naturally want to protect your Elasticsearch installation. But how? Ubuntu’s default firewall, UFW, is powerful enough and should be enough.

The Elasticsearch server can only be accessed from the local network, which is sufficient for development and test environments. But in a production environment, you’ll want to allow access to Elasticsearch only from specific hosts.

For example, your website may run on the server at

, but you want to access Elasticsearch data from a different machine on the network at You can add a rule to allow traffic only from

Run the following command to add a UFW rule that allows traffic from to your Elasticsearch instance on port 9200. Replace the IP address with the one you want to allow traffic.

Now, run the ufw status command below to check the status of your UFW firewall.

The following output shows that the rule you added is active.

You may want to delete a rule. If so, run the following command. It is strongly recommended to remove unused rules to keep your firewall tighter. Replace IP_ADD accordingly. sudo ufw delete allow from IP_ADD to any port 9200

Search documents with Elasticsearch

Your Elasticsearch installation is now secure, so feel free to start using it, searching documents with the curl -XGET command. But first, you’ll get information about nodes in your Elasticsearch cluster that you can use to debug issues with your Elasticsearch installation.

1. Run any of the following curl commands to get information (-XGET) about the nodes in your Elasticsearch cluster in human-readable or YAML format.

You will see similar output below when you choose the JSON format. You can use the JSON output below to debug issues with your Elasticsearch installation.

Instead, you would get the following output if you choose the YAML format.

2. Next, run the following curl command to add an index named ata. An index in Elasticsearch is like a “database” in a relational database, such as MySQL.

This command adds a JSON document (application/json) to the ata index and makes it searchable. 1 is the unique identifier of the document in the ata index.

Documents in an index are usually stored in JSON (JavaScript Object Notation) format. Your ecommerce website, for example, may have one index with related product data and another index with related customer data.

Note that the index name should only be lowercase. Uppercase letters are not allowed in index names, and the same goes for special characters such as , /, *, ?, “, <, >, |, ‘ ‘ (space character). You receive an error message like the one shown below if you try to create an index with a name that is not valid.

3. Run the following curl command to find the document you just created in step two into a more concise, human-readable JSON output (?pretty).

You will see the output in JSON format similar to the following.

4. Now, run the following command to PUT a new value in the ata index with “Go to the supermarket”.

The PUT command replaces data in an existing document as long as you specify the same ID.

You can see below that this time the version number is 2. When you add a new document to an index, Elasticsearch sets the _version field to 1. When you update a document, Elasticsearch sets the _version field to 2.

The version number is incremented by one each time you update a document. This behavior allows you to track changes made to a document.

5. Run the following command to DELETE the ata index. Deleting unused indexes saves you disk space.

This command deletes everything related to the specified unused index, such as its documents, partitions, and metadata. So be careful before using this command.

6. Finally, run the following command to check if the ata index is still available.

You receive a 404 “not found” message, as shown below, indicating that the ata index has been successfully deleted.


In this article, you have learned how to install Elasticsearch on Ubuntu. You have added documents to an index, updated documents, and removed unused indexes.

Elasticsearch is more than a search engine that provides human-readable results in JSON and YAML format. Many data analysts, DevOps experts, and marketers use Elasticsearch regularly.

Your Elasticsearch journey is just beginning. Why not start performing text analysis on Star Wars movies to see what ideas you can uncover? May the force be with you!

Contact US