Elasticsearch Standalone Cluster

This guide will take you through the process of setting up your first standalone (also known as single-node) Elasticsearch cluster using ClusterControl. By following this tutorial, you’ll have a fully functional (but non-replicated) database node that you can monitor, manage, and later scale if your requirements change.

A standalone Elasticsearch node is the simplest deployment option, but it isn’t recommended for production workloads or day-to-day operations in medium- to large-scale organisations. Use it in production only for low-stakes workloads where downtime and potential data loss are acceptable.

This tutorial applies to the deployment of a database cluster for Elasticsearch by Elastics.

Prerequisites

Before proceeding, ensure you have:

ClusterControl installed and running. If not, follow the instructions in Quickstart or use the Installer Script.
At least two hosts (bare-metal or virtual machines):
- One for the ClusterControl server.
- One for the Elasticsearch single-node or server.
SSH access to all servers.
Internet access on the database host to install required packages.
Network Time Protocol (NTP) configured and running on both hosts to keep their clocks synchronized.

Architecture

Below is a sequence diagram of the final architecture for a single-node deployment:

sequenceDiagram
    participant User_or_App as Users/Apps
    participant Elasticsearch_Node as Elasticsearch Node <br><br>(192.168.40.68)
    participant ClusterControl

    User_or_App->>Elasticsearch_Node: Search/Index Request
    activate Elasticsearch_Node
    Elasticsearch_Node-->>User_or_App: Response
    deactivate Elasticsearch_Node

    ClusterControl->>Elasticsearch_Node: Monitor/Manage
    activate Elasticsearch_Node
    Elasticsearch_Node-->>ClusterControl: Metrics/Logs
    deactivate Elasticsearch_Node

    ClusterControl->>Elasticsearch_Node: Initiate Backup
    activate Elasticsearch_Node
    Elasticsearch_Node-->>ClusterControl: Backup Status
    deactivate Elasticsearch_Node

Elasticsearch in ClusterControl is deployed without any external supporting load balancers to be added. Although Elasticsearch has its load balancing and high-availability capabilities or mechanisms that can act to provide its functionality. But for a single node, it's goes to its default node type which can function as as a master node, data node, ingest node, or even a coordinating node.

Step 1: Set up SSH key-based authentication

On the ClusterControl server, generate a new SSH key as the root user:
```
ssh-keygen -t rsa
```
Copy the public key to your standalone database node (replace 192.168.40.68 with your node’s IP/hostname):
```
ssh-copy-id -i /root/.ssh/id_rsa [email protected]
```
If the target node uses a custom SSH key or port, you can add options:
```
ssh-copy-id -i /root/.ssh/id_rsa -p 22 -o 'IdentityFile /root/myprivatekey.pem' [email protected]
```
For some advance setup where the user (for example mymainacc) is only allowed to access non-root with only public keys are allowed and password challenge is disabled but has sudo privileges, as root OS user, you can do this:
```
[root@pupnode7 ~]# ssh -i /home/mymainacc/.ssh/id_rsa [email protected]   "sudo bash -c '
umask 077
mkdir -p   /root/.ssh
cat >>     /root/.ssh/authorized_keys
'" < ~/.ssh/id_rsa.pub
```
this copies your root public key to the target node you will be setting up for single-node Elasticsearch cluster deployment
Test passwordless SSH from the ClusterControl server:
```
ssh [email protected] "stat \$PWD/"
```
Ensure there is no password prompt. If the command returns directory system status, you're set.

Step 2: Deploy a new cluster (single node)

Open a web browser and go to the ClusterControl server’s IP or hostname.
On the ClusterControl dashboard, click Deploy a cluster (top-right) → Create a database cluster. This opens the Deploy cluster wizard.
Select Elasticsearch from the Database dropdown. Specify also the version you desired to choose by clicking Version dropdown. Click Continue.
In the Deploy MySQL Replication wizard, configure the database cluster as below:
(1) Cluster details(2) SSH configuration(3) Node configuration(4) Add node(5) Snapshot storage configuration(5) Preview
Name: For example, ES-stand-alone-node.

Tags: (Optional) e.g., standalone, production, dc1.
SSH user: root

SSH user key path: /root/.ssh/id_rsa (ClusterControl will also autofill this field)

SSH port: 22 (default port)

SSH sudo password: (leave blank if you rely on key-based auth)

Install software: On (default)

Disable firewall: Checked (default)

Disable SELinux/AppArmor: Checked (default)
HTTP port: 9200 (disabled text-field with default port specified)

Transfer port: 9200 (disabled text-field with default port specified)

Admin user: admin

Admin password: Password to be assigned to the database admin user

Repository: Use vendor repositories (default)
Eligible master: (Fill in the IP/hostname or FQDN of the node. For example, 192.168.40.65 and press Enter)

Data nodes: (leave it empty)
Repository name: (Fill in the repository name you want. For example, es-s9s-repo)

Storage host: (Click the drop-down field and choose your single-node IP/hostname or FQDN entry)

Default snapshot location: (Path of the shared filesystem use to store your snapshots. For example, /mnt/data/backups/es-snapshot-repositories)

Configure shared filesystem: On (default)
Review your configuration. You can go back and adjust if necessary.
Click Finish to start deployment.
ClusterControl will now install and configure Elasticsearch standalone cluster on 192.168.40.68. You can track progress in the Activity center. After a few minutes, your new single-node cluster will appear on the Home page.

Step 3: Monitor your cluster

Once deployed, you’ll see:

Cluster health: The Home page provides the cluster state, even though it’s a single node, it’s treated as a "cluster" of size one.
Node health: Hover on the honeycomb diagram or check the Nodes tab. You can also see more detailed histograms under ClusterControl GUI → Clusters → choose the cluster → Dashboards.
Recent alarms: Any triggered alarms will appear if there are configuration or resource issues.
Automatic recovery status: If enabled, ClusterControl can attempt to restart a crashed MySQL server automatically.
Topology viewer: You’ll see a very simple topology with only one node.

Step 4: Import data

You can import data into the standalone server in a variety of ways:

For bulk import, using NDJSON fileUsing elasticdump

NDJSON stands for newline delimited JSON. For example, loading data from Wikimedia Foundation from here, I can load data as such:

Adding index first to the file,

jq -c --arg idx enwikiquote '{index:{_index:$idx,_id: .id}}, .' first1000-enwikiquote.json > first1000-enwikiquote.ndjson

Then load with NDJSON

curl --cacert /etc/elasticsearch/certs/elasticsearch-ca.pem -u elastic-s9s:myPassw0rd -H 'Content-Type: application/x-ndjson' --data-binary @first1000-enwikiquote.ndjson -X POST 'https://192.168.40.68:9200/_bulk?pretty'

Install elasticdump first.

For example, you have migrated from another host (in this example, its 192.168.10.100), you can dump your data using elasticdump as follows:

~/node_modules/elasticdump/bin/elasticdump \
     --cert /etc/elasticsearch/certs/elasticsearch-ca.pem \
     --input=https://elastic-s9s:[email protected]:9200/enwikiquote \
     --output=/backups/enwikiquote.json --type=data \
     --limit=10000

Then create an empty index from your target node, in this example, its 192.168.40.65

curl --cacert /etc/elasticsearch/certs/elasticsearch-ca.pem \
     -u elastic-s9s:myPassw0rd \
     -H 'Content-Type: application/json' -X PUT 'https://192.168.40.68:9200/enwikiquote_play' \
     -d '{ "settings": { "number_of_replicas": 0 } }'

Then it's now ready to dump to the target node,

NODE_TLS_REJECT_UNAUTHORIZED=0 ~/node_modules/elasticdump/bin/elasticdump \
  --input=/backups/enwikiquote.json \
  --output=https://elastic-s9s:[email protected]:9200/enwikiquote_play \
  --type=data \
  --limit=10000 \
  --concurrency=4

You can also pass the NODE_TLS_REJECT_UNAUTHORIZED=0 if you are using a self-signed certificate

Always remember, when importing data to your single node, keep in mind that ClusterControl shall mark your standalone node to degraded when it detects indices health are Yellow whenever your indices are set to have replicas. Make sure when creating your indices during import to mark your replicas as 0 by doing the following example (where index is named enwikiquote):

curl --cacert /etc/elasticsearch/certs/elasticsearch-ca.pem -u elastic-s9s:myPassw0rd -X PUT 'https://192.168.40.68:9200/enwikiquote/_settings?pretty' -H 'Content-Type: application/json' -d'
{
  "index" : {
    "number_of_replicas" : 0
  }
}
'

Step 5: Connect to the database

Your application or client will connect directly to the standalone server:

Host: 192.168.40.68
Port: 9200
User/Password: The credentials specified during deployment. You can also inspect the file /etc/cmon.d/cmon_$CID.cnf where $CID is the cluster id of your Elasticsearch deployment.

No load balancer or additional ports are involved.

Step 6: Enable automatic backups

Elasticsearch does not offer the traditional sense of backup. Instead, it uses snapshots which have more capability and robust way to create a consistent backup copy. It is the most recommended method for creating consistent point-in-time backups for an entire cluster or specific indices, and its native to Elasticsearch.

Even a single-node, standalone Elasticsearch cluster needs reliable backups, and ClusterControl makes it easy to schedule them automatically.

Go to ClusterControl GUI → choose the cluster → Backups.
Click Create Backup → Schedule a Backup. The Create a backup schedule wizard will open and proceed to configure your backup as below:
(1) Configuration(2) Advanced settings(3) Schedule(4) Preview
Schedule name: Daily ES-standalone cluster snapshot

Cluster: (defaults to your Elasticsearch standalone cluster)

Repository: (defaults to the repository you created during deployment)

Backup method: elasticsearch-snapshot (default) [disabled text field]
Retention: On (default)

Retention [textfield]: 4 (Set to your desired number of days to retain backup)
Set backup schedule: Simple

Every: day at 02:00

Timezone: select your local timezone
Verify all settings. You can go back to adjust if needed.
Click Create to schedule it.

ClusterControl will now automatically perform your backups. You may also restore your backups from the elasticsearch snapshots in the future if necessary for disaster recovery.

Step 7: Configure alerts

To keep track of any issues or incidents in your cluster, it's important to set up alerting. ClusterControl supports sending alarms and alerts to email, web hooks and third-party notification services like Slack or Telegram. In this example, we are going to use email.

Firstly, configure the mail server. Go to ClusterControl GUI → Settings → You don't have a mail server configured. Configure now → SMTP Server. Fill up all necessary information about the SMTP server. You can also opt for Sendmail, however a mail transfer agent (sendmail, postfix or exim) must be installed on the ClusterControl server.

Once configured, we can configure the alert and recipients as below:

ClusterControl GUI → choose the cluster → Settings → Email Notifications.
Select a User group (your group) from the User group dropdown.
Select your email address to from the Users in the selected group dropdown.
Click Enable.
Set the Digest delivery time when you want a digested (summarized events) to be sent to you every day.
Set all Critical events to "Deliver" (default), all Warning events to "Digest" and you may ignore the Info events.

This ensures timely notifications when something goes wrong.

Tip

You can also configure alarms to be sent to third-party notification systems (Slack, Telegram), incident management systems (PagerDuty, ServiceNow, OpsGenie) or web hooks. See Integration → Notification Services.

Step 8: Manage your node

ClusterControl provides monitoring for your cluster and system overview which displays workloads based on metrics. Once your Elasticsearch cluster is done deployed, agents using Prometheus exporters are deployed to gather metrics and provide more granular monitoring of your cluster and system workload for your standalone cluster in Elastitcsearch.

Apart from the monitoring, you can manage your node with the most available options for this cluster:

Database node management: Perform start/stop/restart node, reboot host. These features are available at ClusterControl GUI → choose the cluster → Nodes → Actions.
Configuration management: Perform database configuration changes globally. This feature is available at ClusterControl GUI → choose the cluster → Manage 🡒 Configuration.
Backup management: Create, schedule, restore, store snapshot in an off-cluster storage location such as AWS S3 or any S3 Compatiable storage, while allowing you to set retention period for your backup snapshots. These features are available at ClusterControl GUI → choose the cluster → Backups → Actions and ClusterControl GUI → choose the cluster → Backups → More.
Maintenance management: Activate, deactivate, remark and schedule maintenance mode for all nodes. This feature is available at ClusterControl GUI → choose the cluster → Nodes → Actions → Schedule maintenance.
SSH console: Access your nodes directly from ClusterControl GUI via web SSH console. This feature is available at ClusterControl GUI → choose the cluster → Nodes → Actions → SSH Console.

Conclusion

Congratulations! You’ve deployed, monitored, and managed a standalone Elasticsearch server using ClusterControl. Currently, a single node or standalone node in ClusterControl for Elasticsearch is limited to only one node, without any feature to scale, but make sure you follow for such updates or request for features if necessary for your requirements. While it limits you to some extent in your single node, its available functions does not stop you from doing your favorite things to do. Make sure you always practice to do the following:

Keep your backups snapshots current and up to date.
Monitor performance and resource usage.
Secure your node by restricting access and using strong passwords.
Expand to multi-node topologies if your needs grow (this time by deploying a multi-node or high-availability cluster in Elasticsearch)

Enjoy your streamlined single-node database deployment for Elasticsearch, backed by ClusterControl’s powerful operations for backups, alerts, scaling, and more!