声明:本文仅作为学习交流,请勿用于商业用途,否则后果自负。如需使用黄金或白金版X-Pack请购买正版。从5.0版本开始,Elastic将一些重要的插件整合成了X-Pack。免费的license只能使用
声明:本文仅作为学习交流,请勿用于商业用途,否则后果自负。如需使用黄金或白金版X-Pack请购买正版。从5.0版本开始,Elastic将一些重要的插件整合成了X-Pack。免费的license只能使用一年,而且很多插件无法使用。如果想要试用,需要进行破解。
需求:
Elasticsearch在部门使用越来越多,应用的搜索引擎、日志收集等等,ES的安全性也提上了日程,Kibana本身的安全也需要关注起来了。X-Pack是ES在5.0之后提供的一个插件,里面整合了在5.0之前分布在其他收费插件中的功能。
环境:
基础环境:
OS:CentOS release 6.7
java:Oracle JDK 1.8.0_131
Elasticsearch:elasticsearch-5.4.3
Kibana:kibana-5.4.3
X-Pack:x-pack-5.4.3
ES软件下载:
JDK:
wget 'http://download.oracle.com/otn-pub/java/jdk/8u131-b11/d54c1d3a095b4ff2b6607d096fa80163/jdk-8u131-linux-x64.tar.gz?AuthParam=1499385457_68345976225f9b1312f794730f59bc56'Elasticsearch:
wget 'https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.4.3.rpm'Kibana:
wget 'https://artifacts.elastic.co/downloads/kibana/kibana-5.4.3-x86_64.rpm'X-Pack:
wget 'https://artifacts.elastic.co/downloads/packs/x-pack/x-pack-5.4.3.zip'部署:
操作家目录:/opt/programs/es
安装Elasticsearch:
rpm -ivh elasticsearch-5.4.3.rpm
安装Kibana:
rpm -ivh kibana-5.4.3-x86_64.rpm
Elasticsearch安装X-Pack:
elasticsearch-plugin install file:///opt/programs/es/x-pack-5.4.3.zip
Kibana安装X-Pack:
kibana-plugin install file:///opt/programs/es/x-pack-5.4.3.zip
默认认证密码:
用户名:elastic
密码:changeme
登录查看:
破解:
创建文件:
LicenseVerifier.java
package org.elasticsearch.license;import java.nio.*;import java.util.*;import java.security.*;import org.elasticsearch.common.xcontent.*;import org.apache.lucene.util.*;import org.elasticsearch.common.io.*;import java.io.*;public class LicenseVerifier{ public static boolean verifyLicense(final License license, final byte[] encryptedPublicKeyData) { return true; } public static boolean verifyLicense(final License license) { return true; }}编译class文件:
javac -cp "/usr/share/elasticsearch/lib/elasticsearch-5.4.3.jar:/usr/share/elasticsearch/lib/lucene-core-6.5.1.jar:/usr/share/elasticsearch/plugins/x-pack/x-pack-5.4.3.jar" LicenseVerifier.java 
替换class文件:
解压:
cd /usr/share/elasticsearch/plugins/x-pack/mkdir testmv x-pack-5.4.3.jar test/jar xvf x-pack-5.4.3.jar替换:
cd org/elasticsearch/licenserm -f LicenseVerifier.classmv /opt/programs/es/LicenseVerifier.class .打包:
cd /usr/share/elasticsearch/plugins/x-pack/testjar cvf x-pack-5.4.3.jar .mv x-pack-5.4.3.jar ../申请license:
#来此注册,并下载license文件https://license.elastic.co/registration修改license文件:
{"license":{"uid":"d3cbbbee-9155-4e1a-a5ed-a7e8940d6564","type":"platinum","issue_date_in_millis":1499299200000,"expiry_date_in_millis":2524579200999,"max_nodes":1000,"issued_to":"guo dalu (eastmoney)","issuer":"Web Form","signature":"AAAAAwAAAA0C9L3AjL50eKgiW55YAAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQB2gL4WXN64P0+c5q6TDyhqPllFvkboZMWjzJHid05qCtI86/I0aSsFgYF3AkVA1qoz7UHsjC/xBsoyhuXfmHn6LbsZYXweZ4LsllG8RJ8HH/bBYVTBt+Mag+wXE/QZUS7HnSA8iAReQ7tY//wyuEVrxFDeAI9cgwWN90RoZ3sAgkzGq0jVr2JoUYeYwNJ4GZ2GMDS7GsHBxNWBJVgfDkZXvLya/jOJhaKi2GvW8mIzFp19/FO+t2+ReUkbF3T35nVIZnqFDVhXtOz981By4ArffE8ythlI4X67Nabtzoy87V5gXanBvsSdHiHpYJMrYwn7DU+93Ie6t56Lesjkj//b","start_date_in_millis":1499299200000}}ps:platinum表示白金版,可以使用所有功能。其他的如expiry_date_in_millis、max_nodes等根据自己需要修改即可。
重启集群:
service elasticsearch restartservice kibana restart注册新license:
查看当前license:
curl -XGET -u elastic:changeme 'http://172.31.217.157:9200/_license'
注册新license:
curl -XPUT -u elastic:changeme 'http://172.31.217.157:9200/_xpack/license?acknowledge=true' -d @guodalu.json
查看新license:
