elasticsearch操作
文件:LicenseVerifier.java
路徑:elasticsearch/x-pack/plugin/core/src/main/java/org/elasticsearch/license/
文件:XPackBuild.java
路徑:elasticsearch/x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core
1. ES安裝前進行破解
軟件名稱:elasticsearch-7.3.0-linux-x86_64.tar.gz
操作環境:
系統:windows 10系統
解壓縮軟件:7z
反編譯工具:Luyten
操作步驟:
- 解壓縮文件elasticsearch-7.3.0-linux-x86_64.tar.gz,得到elasticsearch-7.3.0-linux-x86_64.tar文件夾,進入該文件夾,解壓縮elasticsearch-7.3.0-linux-x86_64.tar,得到目錄elasticsearch-7.3.0-linux-x86_64,再進入該文件夾,里面有一個elasticsearch-7.3.0文件夾,進入.
這些操作在linux系統下操作的話就很簡單:tar -zxv -f elasticsearch-7.3.0-linux-x86_64.tar.gz 直接得到文件夾elasticsearch-7.3.0
- 進入modules\x-pack-core文件夾內,找到x-pack-core-7.3.0.jar文件,這個就是要操作的文件
2. 下載反編譯工具Luyten
破解x-pack-core-7.3.0.jar需要反編譯工具Luyten(https://github.com/deathmarine/Luyten/releases),我們可以前往下載地址下載Luyten工具。
我們這里下載Luyten.exe windows版本,下載下來后打開,並將x-pack-core-7.3.0.jar文件拖進去,即可展開jar包的源代碼了。
3. 修改X-Pack源碼文件
在Luyten工具中我們需要把2個文件提取出來進行修改。org.elasticsearch.license.LicenseVerifier和org.elasticsearch.xpack.core.XPackBuild。
導出LicenseVerifier.class文件為LicenseVerifier.java源碼文件,導出XPackBuild.class文件為XPackBuild.java源碼文件
導出步驟
1. 修改LicenseVerifier.java
LicenseVerifier中有兩個靜態方法,這就是驗證授權文件是否有效的方法,把它修改為全部返回true.
修改后的文檔如下:
package org.elasticsearch.license;
import java.nio.*;
import org.elasticsearch.common.bytes.*;
import java.security.*;
import java.util.*;
import org.elasticsearch.common.xcontent.*;
import org.apache.lucene.util.*;
import org.elasticsearch.core.internal.io.*;
import java.io.*;
public class LicenseVerifier
{
public static boolean verifyLicense(final License license, final byte[] publicKeyData) {
return true;
}
public static boolean verifyLicense(final License license) {
return true;
}
}
2. 修改XPackBuild.java
XPackBuild中最后一個靜態代碼塊中try的部分全部刪除,這部分會驗證jar包是否被修改.
修改后的文檔如下:
package org.elasticsearch.xpack.core;
import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;
public class XPackBuild
{
public static final XPackBuild CURRENT;
private String shortHash;
private String date;
@SuppressForbidden(reason = "looks up path of xpack.jar directly")
static Path getElasticsearchCodebase() {
final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
try {
return PathUtils.get(url.toURI());
}
catch (URISyntaxException bogus) {
throw new RuntimeException(bogus);
}
}
XPackBuild(final String shortHash, final String date) {
this.shortHash = shortHash;
this.date = date;
}
public String shortHash() {
return this.shortHash;
}
public String date() {
return this.date;
}
static {
CURRENT = new XPackBuild("Unknown", "Unknown");
}
}
或者這樣的:
package org.elasticsearch.xpack.core;
import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;
public class XPackBuild
{
public static final XPackBuild CURRENT;
private String shortHash;
private String date;
@SuppressForbidden(reason = "looks up path of xpack.jar directly")
static Path getElasticsearchCodebase() {
final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
try {
return PathUtils.get(url.toURI());
}
catch (URISyntaxException bogus) {
throw new RuntimeException(bogus);
}
}
XPackBuild(final String shortHash, final String date) {
this.shortHash = shortHash;
this.date = date;
}
public String shortHash() {
return this.shortHash;
}
public String date() {
return this.date;
}
static {
final Path path = getElasticsearchCodebase();
String shortHash = null;
String date = null;
Label_0109: {
shortHash = "Unknown";
date = "Unknown";
}
CURRENT = new XPackBuild(shortHash, date);
}
}
3. 生成.class文件
上述LicenseVerifier.java和XPackBuild.java兩個文件在本地電腦windows修改完成后,需要將其復制到elasticsearch服務器上並編譯成class文件,然后打包到x-pack-core-7.3.0.jar中。這里將這2個文件放到了/opt目錄下。
# 生成LicenseVerifier.class文件
javac -cp "/opt/elasticsearch-7.3.0/lib/elasticsearch-7.3.0.jar:/opt/elasticsearch-7.3.0/lib/lucene-core-8.1.0.jar:/opt/elasticsearch-7.3.0/modules/x-pack-core/x-pack-core-7.3.0.jar:/opt/elasticsearch-7.3.0/modules/x-pack-core/netty-common-4.1.36.Final.jar:/opt/elasticsearch-7.3.0/lib/elasticsearch-core-7.3.0.jar" /opt/LicenseVerifier.java
# 生成XPackBuild.class文件
javac -cp "/opt/elasticsearch-7.3.0/lib/elasticsearch-7.3.0.jar:/opt/elasticsearch-7.3.0/lib/lucene-core-8.1.0.jar:/opt/elasticsearch-7.3.0/modules/x-pack-core/x-pack-core-7.3.0.jar:/opt/elasticsearch-7.3.0/lib/elasticsearch-core-7.3.0.jar" /opt/XPackBuild.java
# 查看編譯后的文件
LicenseVerifier.class
XPackBuild.class
4. 替換LicenseVerifier.class和XPackBuild.class
把/opt/elasticsearch-7.3.0/modules/x-pack-core/目錄下的x-pack-core-7.3.0.jar提取出來,放到/opt/tmp目錄中。
cp /opt/elasticsearch-7.3.0/modules/x-pack-core/x-pack-core-7.3.0.jar /opt/tmp
cd /opt/tmp
# 解壓x-pack-core-7.3.0.jar
jar -xvf x-pack-core-7.3.0.jar
# 替換.class文件
cp /opt/XPackBuild.class /opt/tmp/org/elasticsearch/xpack/core/
cp /opt/LicenseVerifier.class /opt/tmp/org/elasticsearch/license/
5. 打包新x-pack-core-7.3.0.jar文件
cd /opt/tmp
rm -rf x-pack-core-7.3.0.jar # 刪除臨時拷貝過來的源文件
jar cvf x-pack-core-7.3.0.jar .
至此在/opt/tmp目錄下會新生成一個x-pack-core-7.3.0.jar文件,也就是破解后的文件。
6. 替換x-pack-core-7.3.0.jar文件
cp /opt/tmp/x-pack-core-7.3.0.jar /opt/elasticsearch-7.3.0/modules/x-pack-core/
7. 申請License
完成以上步驟后,還需要去elastic官網申請一個license, License申請地址,申請完成后,下載下來的License格式為json格式。並將該License的type、expiry_date_in_millis、max_nodes分別修改成platinum、2524579200999、1000。如下:
{"license":
{
"uid":"537c5c48-c1dd-43ea-ab69-68d209d80c32",
"type":"platinum",
"issue_date_in_millis":1558051200000,
"expiry_date_in_millis":2524579200999,
"max_nodes":1000,
"issued_to":"hkd",
"issuer":"Web Form",
"signature":"AAAAAwAAAA3fIq7NLN3Blk2olVjbAAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQCjNd8mwy8B1sm9rGrgTmN2Gjm/lxqfnTEpTc+HOEmAgwQ7Q1Ye/FSGVNIU/enZ5cqSzWS2mY8oZ7FM/7UPKVQ4hkarWn2qye964MW+cux54h7dqxlSB19fG0ZJOJZxxwVxxi8iyJPUSQBa+QN8m7TFkK2kVmP+HnhU7mGUrqXt3zTk5d3pZw3QBQ/Rr3wmSYC5pxV6/o2UHFgu1OPDcX+kEb+UZtMrVNneR+cEwyx7o5Bg3rbKC014T+lMtt69Y080JDI5KfHa7e9Ul0c3rozIL975fP45dU175D4PKZy98cvHJgtsCJF3K8XUZKo2lOcbsWzhK2mZ5kFp0BMXF3Hs",
"start_date_in_millis":1558051200000
}
}
文件存為license.json
將過期時間寫到2049年,type改為platinum 白金版,這樣我們就會擁有全部的x-pack功能。
8. 配置elasticsearch安全協議
完成以上所有操作在啟動elasticsearch前,需要配置elasticsearch的SSL/TLS安全協議,如果不配置的話,需要禁止security才能配置License。
當License配置完成后我們需要再開啟security,並開啟SSL\TLS。
# 加載License到elasticsearch之前操作
echo "xpack.security.enabled: false" >> /opt/elasticsearch-7.3.0/config/elasticsearch.yml
# 加載License到elasticsearch之后操作
echo "xpack.security.transport.ssl.enabled: true" >> /opt/elasticsearch-7.3.0/config/elasticsearch.yml
./bin/elasticsearch -d # 啟動elasticsearch
9. 加載License到elasticsearch
curl -XPUT 'http://localhost:9200/_xpack/license' -H "Content-Type: application/json" -d @license.json
{"acknowledged":true,"license_status":"valid"} # license寫入成功
# 在es日志中可以查看到如下信息,
license [65eafbab-c360-4f64-900d-449499b3d530] mode [basic] - valid
Active license is now [BASIC]; Security is disabled
license [537c5c48-c1dd-43ea-ab69-68d209d80c32] mode [platinum] - valid
Active license is now [PLATINUM]; Security is enabled
但是再次查看證書信息的話會報錯,因為沒有開啟ssl/tls
curl 'http://localhost:9200/_xpack/license'
`{"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication credentials for REST request [/_xpack/license]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}}],"type":"security_exception","reason":"missing authentication credentials for REST request [/_xpack/license]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-8\""}},"status":401}`
# 開啟ssl/tls,打開認證
sed -i 's/xpack.security.enabled: false/xpack.security.enabled: true/g' /opt/elasticsearch-7.3.0/config/elasticsearch.yml
# 如果需要重新設置密碼,手動設置密碼
./bin/elasticsearch-setup-passwords interactive
# 自動生成密碼:
./bin/elasticsearch-setup-passwords auto
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,logstash_system,beats_system,remote_monitoring_user.
The passwords will be randomly generated and printed to the console.
Please confirm that you would like to continue [y/N]y
Changed password for user apm_system
PASSWORD apm_system = 7zkIYUXQpq8xZdaapTuQ
Changed password for user kibana
PASSWORD kibana = aQi7k57swBAaDOtvzdm2
Changed password for user logstash_system
PASSWORD logstash_system = CboSzpSIq60Zkk0SgpAo
Changed password for user beats_system
PASSWORD beats_system = ZErooCE4ybll3UcLTsAP
Changed password for user remote_monitoring_user
PASSWORD remote_monitoring_user = EDYQShIhk5P1vjvpeijI
Changed password for user elastic
PASSWORD elastic = 3tdAyUIFLMdg79EBnrsg
10. 查看License
curl -XGET -u elastic:3tdAyUIFLMdg79EBnrsg http://localhost:9200/_license
{
"license" : {
"status" : "active",
"uid" : "537c5c48-c1dd-43ea-ab69-68d209d80c32",
"type" : "platinum",
"issue_date" : "2019-05-17T00:00:00.000Z",
"issue_date_in_millis" : 1558051200000,
"expiry_date" : "2049-12-31T16:00:00.999Z",
"expiry_date_in_millis" : 2524579200999,
"max_nodes" : 1000,
"issued_to" : "hkd",
"issuer" : "Web Form",
"start_date_in_millis" : 1558051200000
}
}
由結果可以看出x-pack到期時間為2049-12-31,破解完成。也可以在kibana web頁面管理中查看破解詳情。
kibana操作
useradd kibana
cd /opt
tar -zxv -f kibana-7.3.0-linux-x86_64.tar.gz
chown -R kibana:kibana kibana-7.3.0-linux-x86_64
su - kibana
cd /opt/kibana-7.3.0-linux-x86_64
cat config/kibana.yml
server.port: 5601
server.host: "192.168.0.253"
elasticsearch.hosts: ["http://localhost:9200"]
elasticsearch.username: "kibana"
elasticsearch.password: "aQi7k57swBAaDOtvzdm2"
瀏覽器訪問:http://192.168.0.253:5601
左側導航查看
ES安裝后操作
之前已經開啟ssl/tls並設置賬號等
停用es,關閉security驗證,替換jar包,開啟es,導入license,啟動es
說明:此方法暫時走不通。
以上說的步驟指的是尚未開啟security,未設置賬號密碼的情況。
破解文件和license下載地址:https://files.cnblogs.com/files/sanduzxcvbnm/7.3.0破解文件和license.7z
ES版本升級操作
先按照上述步驟生成破解文件,然后再替換操作