es配置x-pack使用账号密码验证
1.修改配置添加如下选项
xpack.security.enabled: true
2.启动测试
curl -H “Content-Type:application/json” -XPOST http://172.16.10.61:29200/_xpack/license/start_trial?acknowledge=true
{“acknowledged”:true,“trial_was_started”:true,“type”:“trial”}3.设置密码
[esuser@esuser-oracle-9e96168-prd bin]$ ./elasticsearch-setup-passwords interactive
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]yEnter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana]:
Reenter password for [kibana]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic]4.步骤2启用的license只有30天的免费试用,下面需要进行破解
[esuser@esuser-oracle-9e96168-prd bin]$ curl -u elastic:elastic “172.16.10.61:29200/_license”
{
“license” : {
“status” : “active”,
“uid” : “2dae74d3-beb3-446b-bfbd-208ab0104fff”,
“type” : “trial”,
“issue_date” : “2019-10-22T09:14:55.966Z”,
“issue_date_in_millis” : 1571735695966,
“expiry_date” : “2019-11-21T09:14:55.966Z”,
“expiry_date_in_millis” : 1574327695966,
“max_nodes” : 1000,
“issued_to” : “elasticsearch”,
“issuer” : “elasticsearch”,
“start_date_in_millis” : -1
}
}这个时候不使用密码是无法使用了
curl -X GET ‘http://172.16.10.61:29200/_cat/indices?v’
{“error”:{“root_cause”:[{“type”:“security_exception”,“reason”:“missing authentication token for REST request [/_cat/indices?v]”,“header”:{“WWW-Authenticate”:"Basic realm=“security” charset=“UTF-8"”}}],“type”:“security_exception”,“reason”:“missing authentication token for REST request [/_cat/indices?v]”,“header”:{“WWW-Authenticate”:"Basic realm=“security” charset=“UTF-8"”}},“status”:401}curl -u elastic:elastic -X GET ‘http://172.16.10.61:29200/_cat/indices?v’
[esuser@esuser-oracle-9e96168-prd bin]$ curl -u elastic:elastic -X GET ‘http://172.16.10.61:29200/_cat/indices?v’
health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
green open .security-6 VdNkBc8fS628pPWUTvMgjA 1 0 6 0 19.5kb 19.5kb
yellow open index02 CWrRaT0aRTCwwbjWqLi8Tw 5 1 9 0 33kb 33kb
yellow open index01 sbMbdhSgTSao90DFaiqPxg 5 1 201648 13003 54.1mb 54.1mb5.破解
5.1 创建两个java文件
[esuser]$ cd /home/esuser
[esuser]$ mkdir javacode
[esuser]$ cd javacode
vi LicenseVerifier.javapackage org.elasticsearch.license;
import java.nio.; import java.util.;
import java.security.;
import org.elasticsearch.common.xcontent.;
import org.apache.lucene.util.;
import .;
import java.io.*;public class LicenseVerifier {
public static boolean verifyLicense(final License license, final byte[] encryptedPublicKeyData) {
return true;
}public static boolean verifyLicense(final License license) {
return true;
}}
vi XPackBuild.java
package org.elasticsearch.xpack.core;
import .;
import .;
import org.elasticsearch.common.;
import java.nio.file.;
import java.io.;
import java.util.jar.;
public class XPackBuild {
public static final XPackBuild CURRENT;
private String shortHash;
private String date;
@SuppressForbidden(reason = “looks up path of xpack.jar directly”) static Path getElasticsearchCodebase() {
final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
try { return PathUtils.get(url.toURI()); }
catch (URISyntaxException bogus) {
throw new RuntimeException(bogus); }
}XPackBuild(final String shortHash, final String date) {
this.shortHash = shortHash;
this.date = date;
}
public String shortHash() {
return this.shortHash;
}
public String date(){
return this.date;
}
static {
final Path path = getElasticsearchCodebase();
String shortHash = null;
String date = null;
Label_0157: { shortHash = "Unknown"; date = "Unknown";
}
CURRENT = new XPackBuild(shortHash, date);
}}
生成的两个文件如下:
[esuser]$ ls -1
LicenseVerifier.java
XPackBuild.java5.2.将刚创建的两个java包打包成class文件,我们需要做的就是替换这两个class文件(因里面需要引用到其他的jar,故需要用到javac -cp命令)
javac -cp “/usr/local/services/elasticsearch/lib/elasticsearch-6.5.0.jar:/usr/local/services/elasticsearch/lib/lucene-core-7.5.0.jar:/usr/local/services/elasticsearch/modules/x-pack-core/x-pack-core-6.5.0.jar” LicenseVerifier.java
javac -cp “/usr/local/services/elasticsearch/lib/elasticsearch-6.5.0.jar:/usr/local/services/elasticsearch/lib/lucene-core-7.5.0.jar:/usr/local/services/elasticsearch/modules/x-pack-core/x-pack-core-6.5.0.jar:/usr/local/services/elasticsearch/lib/elasticsearch-core-6.5.0.jar” XPackBuild.java这里的路径/usr/local/services/elasticsearch 是我自己机器部署的es路径,根据个人部署情况进行修改
执行如上的两个命令后查看目录多生成了2个class文件
[esuser]$ ls -1
LicenseVerifier.class
LicenseVerifier.java
XPackBuild.class
XPackBuild.java5.3.把原来的文件给解压出来,然后覆盖
下面操作所在目录为:/home/esuser/javacode
[esuser]cp -a /usr/local/services/elasticsearch-esuser/modules/x-pack-core/x-pack-core-6.5.0.jar .
解压原来的包
[esuser]rm -rf LicenseVerifier.java XPackBuild.java x-pack-core-6.5.0.jar
将class文件拷贝到相应目录
[esuser]cp -a XPackBuild.class org/elasticsearch/xpack/core/
删除class文件
[esuser]jar -cvf x-pack-core-6.5.0.jar *
将生成的java包覆盖原来的
[esuser]$cp -a x-pack-core-6.5.0.jar /usr/local/services/elasticsearch-esuser/modules/x-pack-core/6.重新启动es
kill掉es进程,然后重新启动
[esuser@localhost bin]$ ./elasticsearch -d7.License申请
申请地址
https://license.elastic.co/registration 填写信息后,会有一个邮件发到注册的邮箱,然后安装提示点击链接进行下载
下载后上传服务器,修改过期时间expiry_date_in_millis,我这里修改为2524579200000,即2050-01-01 00:00:00,type修改为platinum
将下载的文件上传到es所在的服务器的相应目录,我这里是cd /home/esuser/soft
cd /home/esuser/soft
my.json文件内如如下
{“license”:{“uid”:“1e9a1465-3398-44e8-aa06-c76062dcfedf”,“type”:“platinum”,“issue_date_in_millis”:1544659200000,“expiry_date_in_millis”:2524579200000,“max_nodes”:100,“issued_to”:“xueliang huang (richinfo)”,“issuer”:“Web Form”,“signature”:“AAAAAwAAAA0CkXSNg+Yl6jgouxuAAAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQBbRJOy1WgeFasn9hkqXcUu4jbVTH5B51CpsbpQTIukDJUeyo9z0DW1DzXzgUn1y0LQ62VDVcjiJvi0Xci5w9ZYDQPPVwf8PN0Pg8rOkawcJpr4ZmCiBgh/dFmgcOsjOjro1EcVOp3rm9zil89FsACMUcgRiYf//Ejahsx7giFEyYnUNOqfy4umh3aHj+awlg76P1OVxnyu74IjJdWGXluMw+hTJ0EKXcaUEfJpJgBLtPUmyD6jd/LtzV8ysKL6JQTxkUzdlWVdzipskQ8MWt5Nn6ClddwJFVb5lTAOJvLy6jyEmro4Fho5LJ6eRW2NvsWS4Y1Yu6lHVoWBVW4v++Wx”,“start_date_in_millis”:1544659200000}}curl -XPUT -u elastic:elastic ‘http://172.16.10.61:29200/_xpack/license’ -H “Content-Type: application/json” -d @my.json
这里报错:
{“error”:{“root_cause”:[{“type”:“illegal_state_exception”,“reason”:“Cannot install a [PLATINUM] license unless TLS is configured or security is disabled”}],“type”:“illegal_state_exception”,“reason”:“Cannot install a [PLATINUM] license unless TLS is configured or security is disabled”},“status”:500}解决办法:
在elasticsearch.yml将xpack.security.enabled先修改成flase重新启动
xpack.security.enabled: false再次导入,可以看到导入成功
cd /home/esuser/soft
curl -XPUT -u elastic:elastic ‘http://172.16.10.61:29200/_xpack/license’ -H “Content-Type: application/json” -d @my.json
{“acknowledged”:true,“license_status”:“valid”}curl -u elastic:elastic “172.16.10.61:29200/_license”
{
“license” : {
“status” : “active”,
“uid” : “1e9a1465-3398-44e8-aa06-c76062dcfedf”,
“type” : “platinum”,
“issue_date” : “2018-12-13T00:00:00.000Z”,
“issue_date_in_millis” : 1544659200000,
“expiry_date” : “2049-12-31T16:00:00.000Z”,
“expiry_date_in_millis” : 2524579200000,
“max_nodes” : 100,
“issued_to” : “xueliang huang (richinfo)”,
“issuer” : “Web Form”,
“start_date_in_millis” : 1544659200000
}
}8.将如下参数修改为true后重新启动
xpack.security.enabled: true发现启动的时候报错误
[1]: Transport SSL must be enabled for setups with production licenses. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]安装提示将如下参数设置为true
xpack.security.transport.ssl.enabled: true如果有多个节点ES集群,先将xpack.security.enabled设置为false后启动整个集群,然后再导入license.
9.修改密码
curl -H “Content-Type:application/json” -XPUT -u elastic:elastic ‘http://172.16.10.61:29200/_xpack/security/user/elastic/_password’ -d ‘{ “password” : “elastic123” }’
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
