直接使用的证书和jar包下载地址
阿里云盘下载地址:
jar包:x-pack-core-6.4.2.jar
https://www.aliyundrive.com/s/x3oce6a26fV
证书许可json文件:6.4.json
https://www.aliyundrive.com/s/9LW2zLAHh1H
可以直接使用如上的jar包和json文件完成步骤四的x-pack配置后; 步骤五、步骤六不用操作。
直接到
步骤5.3.1、替换新的jar包
步骤6.2、上传许可
环境准备
Java环境:1.8
vim /etc/sysconfig/elasticsearch
JAVA_HOME=/usr/local/java
一、下载部署es6.4.2
cd /data/
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.4.2.rpm
rpm -ivh elasticsearch-6.4.2.rpm
二、下载部署kibana6.4.2
部署kibana是因为es6.4.2直接设置密钥会提示:
ERROR: X-Pack Security is not available
cd /data/
wget https://artifacts.elastic.co/downloads/kibana/kibana-6.4.2-x86_64.rpm
rpm -ivh kibana-6.4.2-x86_64.rpm
三、修改配置文件
3.1、配置es
mkdir /data/{esdata,eslog} //创建es数据、日志目录
vim /etc/elasticsearch/elasticsearch.yml
cluster.name: node3
node.name: node3
path.data: /data/esdata
path.logs: /data/eslog
network.host: [10.0.0.3]
discovery.zen.ping.unicast.hosts: ["10.0.0.3"]
discovery.zen.minimum_master_nodes: 1
vim /etc/sysconfig/elasticsearch //创建es Java环境
JAVA_HOME=/usr/local/java
3.2、配置kibana
server.port: 5601
server.host: "10.0.0.3"
server.name: "node3"
elasticsearch.url: "http://10.0.0.3:9200"
elasticsearch.username: "elastic"
elasticsearch.password: "EtvoeemoHcpwonr9dyHk"
i18n.defaultLocale: zh-CN
3.3、启动es、kibana
chown -R elasticsearch:elasticsearch /data/es*
四、配置x-pack
4.1、启动x-pack的相关证书
4.2、生成证书
mkdir /etc/elasticsearch/certs/
cd /usr/share/elasticsearch/bin
./elasticsearch-certutil ca -out /etc/elasticsearch/certs/elastic-certificates.p12 -pass ""
chmod 660 /etc/elasticsearch/certs/*
4.3、配置证书文件:
vim /etc/elasticsearch/elasticsearch.yml
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12
4.4、重启es
systemctl restart elasticsearch.service
4.5、验证
kiabna、和es api都需要密钥才能登陆了
kibana界面提示
Cannot connect to the Elasticsearch cluster currently configured for Kibana.
Refer to the Kibana logs for more details and refresh to try again.
到此配置证书成功
4.6、设置密钥:
echo "y" | ./elasticsearch-setup-passwords auto \\ 可以不用输入回车
4.7、配置Kibana连接Elasticsearch的凭据
若使用kibana账户则无法链接
vim /etc/kibana/kibana.yml
server.port: 5601
server.host: "10.0.0.3"
server.name: "node3"
elasticsearch.url: "http://10.0.0.3:9200"
elasticsearch.username: "elastic"
elasticsearch.password: "UTsWXYoMs8R1p367XXyW"
i18n.defaultLocale: zh-CN
重新刷新kibana界面就可以账号登陆
现在只有一个月的使用期限
五、x-pack更新许可
更新许可步骤:
1、使用反编译工具修改两个文件的代码
2、替换掉jar包里面原来的这2文件
3、打成新的jar包
4、新的jar包替换elasticsearch原始的jar包 x-pack-core-6.4.2.jar
没被更新许可的x-pack直接更新许可是不成功的。
5.1、Java反编译工具luyten
luyten项目地址:https://github.com/deathmarine/Luyten
5.1.1、下载反编译工具
https://github.com/deathmarine/Luyten/releases/tag/v0.5.4_Rebuilt_with_Latest_depenencies
https://github.com/deathmarine/Luyten/releases/download/v0.5.4_Rebuilt_with_Latest_depenencies/luyten-0.5.4.exe
双击打开工具
打开es的x-pack-core-6.4.2.jar包;
包路径:/usr/share/elasticsearch/modules/x-pack-core/x-pack-core-6.4.2.jar
5.2、修改jar包里面原来的2个配置文件
5.2.1、修改文件 ./org/elasticsearch/xpack/core/XPackBuild.class
XPackBuild 中 最后一个静态代码块中 try的部分全部删除,这部分会验证jar包是否被修改
package org.elasticsearch.xpack.core;
import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;
public class XPackBuild
{
public static final XPackBuild CURRENT;
private String shortHash;
private String date;
@SuppressForbidden(reason = "looks up path of xpack.jar directly")
static Path getElasticsearchCodebase() {
final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
try {
return PathUtils.get(url.toURI());
}
catch (URISyntaxException bogus) {
throw new RuntimeException(bogus);
}
}
XPackBuild(final String shortHash, final String date) {
this.shortHash = shortHash;
this.date = date;
}
public String shortHash() {
return this.shortHash;
}
public String date() {
return this.date;
}
static {
final Path path = getElasticsearchCodebase();
String shortHash = null;
String date = null;
Label_0157: {
shortHash = "Unknown";
date = "Unknown";
}
CURRENT = new XPackBuild(shortHash, date);
}
}
5.2.2、修改文件jar/org/elasticsearch/license/LicenseVerifier.class
LicenseVerifier 中有两个静态方法,这就是验证授权文件是否有效的方法,我们把它修改为全部返回true
package org.elasticsearch.license;
import java.nio.*;
import java.util.*;
import java.security.*;
import org.elasticsearch.common.xcontent.*;
import org.apache.lucene.util.*;
import org.elasticsearch.common.io.*;
import java.io.*;
public class LicenseVerifier
{
public static boolean verifyLicense(final License license, final byte[] encryptedPublicKeyData) {
return true;
}
public static boolean verifyLicense(final License license) {
return true;
}
}
5.2.3、保存到Windows下是以.Java结尾的,然后修改成上面内容。
LicenseVerifier.java
XPackBuild.java
5.2.4、编译Java程序
把es源代码x-pack-core-6.4.2.jar解压,替换掉这2个文件 LicenseVerifier.java、XPackBuild.java
mkdir /mnt/jar/
//把x-pack-core-6.4.2.jar备份下,并解压到其他目录中修改.class文件
cp /usr/share/elasticsearch/modules/x-pack-core/x-pack-core-6.4.2.jar /mnt/jar/
解压:
jar -xvf x-pack-core-6.4.2.jar 该命令会解压到当前目录
unzip x-pack-core-6.4.2.jar -d ./mnt/jar/该命令可以指定目录
修改完成的2个.java的配置文件上传到当前路径
cd /mnt/jar/
unzip x-pack-core-6.4.2.jar -d ./mnt/jar/
# rz -be
LicenseVerifier.java
XPackBuild.java
编译Java程序,把2个.java文件编译为class文件
//编译LicenseVerifier.java es程序目录/usr/share/elasticsearch/modules/根据实际安装路径决定
javac -cp "/usr/share/elasticsearch/modules/x-pack-core/*:/usr/share/elasticsearch/lib/*" LicenseVerifier.java
//编译XPackBuild.java es程序目录/usr/share/elasticsearch/modules/根据实际安装路径决定
javac -cp "/usr/share/elasticsearch/modules/x-pack-core/*:/usr/share/elasticsearch/lib/*" XPackBuild.java
5.3、打成新jar包
将修改好的配置文件编译后的class替换到相同的位置中
替换成修改后的.class文件
cp /mnt/LicenseVerifier.class /mnt/jar/org/elasticsearch/license/
cp /mnt/XPackBuild.class /mnt/jar/org/elasticsearch/xpack/core/
重新打成es的jar包
cd /mnt/
jar -cvf x-pack-core-6.4.2.crack.jar -C jar/ . //把jar目录下所有打包成名为x-pack-core-6.4.2.crack.jar
5.3.1、替换新的jar包
将重新打包后的破译jar包替换到Elasticsearch对应的目录中:
cp x-pack-core-6.4.2.crack.jar /usr/share/elasticsearch/modules/x-pack-core/x-pack-core-6.4.2.jar
5.3.2、重启验证
systemctl restart elasticsearch.service
六、更新普通版本为白金版
6.1、申请许可
在官网上申请一个许可证:https://register.elastic.co/marvel_register
填写资料后会有一个送邮件,下载对应的es版本,是一个json格式的文件,修改完成后kibana上传。
6.2、上传许可
修改type字段为platinum,表示铂金版
修改expiry_date_in_millis字段为2147482800000,表示时间尽头,时间戳格式必须和官方的一致不然上传不成功。
修改max_nodes字段为1000,表示集群数量
{
"license": {
"uid": "aa",
"type": "platinum",
"issue_date_in_millis": 1519689600000,
"expiry_date_in_millis": 2524579200999,
"max_nodes": 1000,
"issued_to": "aa",
"issuer": "Web Form",
"signature": "AAAAAwAAAA019",
"start_date_in_millis": 1519689600000
}
}
6.3、命令行上传许可
curl -XPUT -u elastic 'http://192.168.100.201:9200/_xpack/license' -H "Content-Type: application/json" -d @6.4.json
license_status返回valid说明license上传成功
