您当前的位置:首页 > 学海无涯 > 其他网站首页其他
Elasticsearch安装
发布时间:2021-01-23作者:♂逸風★淩軒
一、准备工作
1.1 下载 Elasticsearch 7.12.0
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.12.0-x86_64.rpm rpm -ivh elasticsearch-7.12.0-x86_64.rpm
修改系统参数
vim /etc/sysctl.conf 添加 vm.max_map_count=262144 后执行sysctl -p
vim /etc/security/limits.conf 添加: elasticsearch soft nofile 65536 elasticsearch hard nofile 65536
1.2 破解工具
我这里使用的是 Luyten 工具
本地需要安装 jdk
# 软件下载地址
https://github.com/deathmarine/Luyten/releases/tag/v0.5.4_Rebuilt_with_Latest_depenencies
1.3 安装 JDK 8
推荐用 jdk 8 高版本可能 Luyten 无法运行
https://www.oracle.com/java/technologies/javase/javase-jdk8-downloads.html
二、破解 X-PACK
2.1 找到 x-pack-core-7.12.0.jar 文件
文件位置:/usr/share/elasticsearch/modules/x-pack-core/
2.1.1 找到 LicenseVerifier.class文件
路径:org.elasticsearch.license/LicenseVerifier.class
package org.elasticsearch.license;
import java.nio.*;
import org.elasticsearch.common.bytes.*;
import java.security.*;
import java.util.*;
import org.elasticsearch.common.xcontent.*;
import org.apache.lucene.util.*;
import org.elasticsearch.core.internal.io.*;
import java.io.*;
public class LicenseVerifier
{
public static boolean verifyLicense(final License license, final byte[] publicKeyData) {
byte[] signedContent = null;
byte[] publicKeyFingerprint = null;
try {
final byte[] signatureBytes = Base64.getDecoder().decode(license.signature());
final ByteBuffer byteBuffer = ByteBuffer.wrap(signatureBytes);
final int version = byteBuffer.getInt();
final int magicLen = byteBuffer.getInt();
final byte[] magic = new byte[magicLen];
byteBuffer.get(magic);
final int hashLen = byteBuffer.getInt();
publicKeyFingerprint = new byte[hashLen];
byteBuffer.get(publicKeyFingerprint);
final int signedContentLen = byteBuffer.getInt();
signedContent = new byte[signedContentLen];
byteBuffer.get(signedContent);
final XContentBuilder contentBuilder = XContentFactory.contentBuilder(XContentType.JSON);
license.toXContent(contentBuilder, (ToXContent.Params)new ToXContent.MapParams((Map)Collections.singletonMap("license_spec_view", "true")));
final Signature rsa = Signature.getInstance("SHA512withRSA");
rsa.initVerify(CryptUtils.readPublicKey(publicKeyData));
final BytesRefIterator iterator = BytesReference.bytes(contentBuilder).iterator();
BytesRef ref;
while ((ref = iterator.next()) != null) {
rsa.update(ref.bytes, ref.offset, ref.length);
}
return rsa.verify(signedContent);
}
catch (IOException ex) {}
catch (NoSuchAlgorithmException ex2) {}
catch (SignatureException ex3) {}
catch (InvalidKeyException e) {
throw new IllegalStateException(e);
}
finally {
if (signedContent != null) {
Arrays.fill(signedContent, (byte)0);
}
}
}
public static boolean verifyLicense(final License license) {
byte[] publicKeyBytes;
try {
final InputStream is = LicenseVerifier.class.getResourceAsStream("/public.key");
try {
final ByteArrayOutputStream out = new ByteArrayOutputStream();
Streams.copy(is, (OutputStream)out);
publicKeyBytes = out.toByteArray();
if (is != null) {
is.close();
}
}
catch (Throwable t) {
if (is != null) {
try {
is.close();
}
catch (Throwable t2) {
t.addSuppressed(t2);
}
}
throw t;
}
}
catch (IOException ex) {
throw new IllegalStateException(ex);
}
return verifyLicense(license, publicKeyBytes);
}
}
2.1.2 新建 LicenseVerifier.java 文件
全部返回 True
cat > LicenseVerifier.java << EOF
package org.elasticsearch.license;
import java.nio.*;
import org.elasticsearch.common.bytes.*;
import java.security.*;
import java.util.*;
import org.elasticsearch.common.xcontent.*;
import org.apache.lucene.util.*;
import org.elasticsearch.core.internal.io.*;
import java.io.*;
public class LicenseVerifier
{
public static boolean verifyLicense(final License license, final byte[] publicKeyData) {
return true;
}
public static boolean verifyLicense(final License license) {
return true;
}
}
EOF2.1.3 编译 LicenseVerifier.class
我们需要进行编译,正常情况,我们可能需要对这个项目编译。
其实 javac 命令也可以对单个文件进行编译,只需要进入相应的类路径就可以。
# 开始编译
javac -cp "modules/x-pack-core/x-pack-core-7.12.0.jar:lib/lucene-core-8.8.0.jar:lib/elasticsearch-7.12.0.jar:lib/elasticsearch-core-7.12.0.jar" LicenseVerifier.java
# 编译完成会多一个 LicenseVerifier.class 文件
2.2.1 找到 XPackBuild.class文件
路径:org.elasticsearch.xpack.core/XPackBuild.class
package org.elasticsearch.xpack.core;
import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;
public class XPackBuild
{
public static final XPackBuild CURRENT;
private String shortHash;
private String date;
@SuppressForbidden(reason = "looks up path of xpack.jar directly")
static Path getElasticsearchCodebase() {
final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
try {
return PathUtils.get(url.toURI());
}
catch (URISyntaxException bogus) {
throw new RuntimeException(bogus);
}
}
XPackBuild(final String shortHash, final String date) {
this.shortHash = shortHash;
this.date = date;
}
public String shortHash() {
return this.shortHash;
}
public String date() {
return this.date;
}
static {
final Path path = getElasticsearchCodebase();
String shortHash = null;
String date = null;
Label_0109: {
if (path.toString().endsWith(".jar")) {
try {
final JarInputStream jar = new JarInputStream(Files.newInputStream(path, new OpenOption[0]));
try {
final Manifest manifest = jar.getManifest();
shortHash = manifest.getMainAttributes().getValue("Change");
date = manifest.getMainAttributes().getValue("Build-Date");
jar.close();
}
catch (Throwable t) {
try {
jar.close();
}
catch (Throwable t2) {
t.addSuppressed(t2);
}
throw t;
}
break Label_0109;
}
catch (IOException e) {
throw new RuntimeException(e);
}
}
shortHash = "Unknown";
date = "Unknown";
}
CURRENT = new XPackBuild(shortHash, date);
}
}
2.2.2 新建 XPackBuild.java 文件
cat > XPackBuild.java << EOF
package org.elasticsearch.xpack.core;
import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;
public class XPackBuild
{
public static final XPackBuild CURRENT;
private String shortHash;
private String date;
@SuppressForbidden(reason = "looks up path of xpack.jar directly")
static Path getElasticsearchCodebase() {
final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
try {
return PathUtils.get(url.toURI());
}
catch (URISyntaxException bogus) {
throw new RuntimeException(bogus);
}
}
XPackBuild(final String shortHash, final String date) {
this.shortHash = shortHash;
this.date = date;
}
public String shortHash() {
return this.shortHash;
}
public String date() {
return this.date;
}
static {
final Path path = getElasticsearchCodebase();
String shortHash = null;
String date = null;
Label_0109: {
shortHash = "Unknown";
date = "Unknown";
}
CURRENT = new XPackBuild(shortHash, date);
}
}
EOF2.2.3 编译 XPackBuild.class
我们需要进行编译,正常情况,我们可能需要对这个项目编译。
其实 javac 命令也可以对单个文件进行编译,只需要进入相应的类路径就可以。
# 开始编译
javac -cp "modules/x-pack-core/x-pack-core-7.12.0.jar:lib/lucene-core-8.8.0.jar:lib/elasticsearch-7.12.0.jar:lib/elasticsearch-core-7.12.0.jar" XPackBuild.java
# 编译完成会多一个 XPackBuild.class 文件
2.3、解压打包
# 创建临时文件夹解压 jar
mkdir temp
# 将 x-pack-core-7.12.1.jar 复制到 elasticsearch 目录中
cp modules/x-pack-core/x-pack-core-7.12.0.jar temp
# 进入 pack-tmp 目录
cd temp
# 解压 x-pack-core
jar -xvf x-pack-core-7.12.0.jar
# 删除 x-pack-core-7.9.1.jar
rm -rf x-pack-core-7.12.0.jar
# 删除原文件,将新编译的拷贝到该位置
rm -rf org/elasticsearch/license/LicenseVerifier.class rm -rf org/elasticsearch/xpack/core/XPackBuild.class cp ../LicenseVerifier.class org/elasticsearch/license/ cp ../XPackBuild.class org/elasticsearch/xpack/core/
# 重新打包
jar -cvf x-pack-core-7.12.0.jar ./*
2.5、替换 X-PACK 包
将破解好的包替换进去
\cp -f x-pack-core-7.12.0.jar ../modules/x-pack-core/
三、申请 license 证书
邮箱认真写,用来接收json文件的
country写china,其它都可以随便写
点击申请后邮箱马上会收到一个邮件
https://license.elastic.co/registration
3.1、修改申请到的证书
主要修改这几个地方
1) "type":"basic" 替换为 "type":"platinum" # 基础版变更为铂金版
2) "expiry_date_in_millis":1561420799999 替换为 "expiry_date_in_millis":3107746200000# 1年变为50年
# 例子
{"license":{"uid":"ba9ae270-28ee-4051-810f-09469dfd4aa4","type":"platinum","issue_date_in_millis":1498694400000,"expiry_date_in_millis":2524579200999,"max_nodes":100,"issued_to":"yu tao (shanghai)","issuer":"Web Form","signature":"AAAAAwAAAA0d3SXUL/5bRSxB/OU4AAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQCBFriH7K2dVFXmsQLHDvpY0Ppda0FHGTDSjAmnCcplQWaNKHtX+DR6znV+vOiokhQ8s/Yz5PmI5GFhsqkLEWXl975x1/8GHaDgb7aMv7UzciFw2duWsrH8mKTGGr2wHUKMVW7pUx2Kcr5WkH0G3ax3gynsvnYTApqWiyWdkdPX/jR/T1UhfjEqpCKCQryj+aNLxy2GP+4wF/wH4NvmDF0aWALFCKDAWhuDMCNmm+oKrLrgcIXyQERk7JBf5rZG5Xm7ViiyQ8aFf8X4CN7hA8xxrPmT57jtTrX9d4Q3Kf4jEBVeUnk/qa1Doj0/Ezn2G0vVE2oRQOXmUp9nwo0JTAHj","start_date_in_millis":1498694400000}}
3.2、激活证书
curl -XPUT -u elastic 'http://IP:9200/_xpack/license' -H 'Content-Type: application/json' -d @x.json
四、开启 ES 登录功能
重置登陆权限密码,默认为changeme
按步骤分别重置elastic/kibana等账号的密码
elastic就是登陆elasticsearch服务的最高权限账号
4.1、 修改 elasticsearch.yml 配置
xpack.security.enabled: true xpack.security.transport.ssl.enabled: true
# 开启x-pack安全验证 # 设置密码 ./bin/elasticsearch-setup-passwords interactive # 生成es秘钥 ./bin/elasticsearch-certutil cert -out elastic-cert.p12 -pass "" mv elastic-cert.p12 /etc/elasticsearch/ chown -R elasticsearch.elasticsearch elastic-cert.p12
xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/elastic-cert.p12 xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/elastic-cert.p12
4.2、修改 kibana 配置
elasticsearch.username: "elastic" elasticsearch.password: "填写密码"
4.3、x-pack 设置完毕后,head 无法登陆的问题
# 在elasticsearch.yml中添加如下三行配置 http.cors.enabled: true http.cors.allow-origin: "*" http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
4.4、更新 license 文件
直接kinbana管理端上传3.1生成的json文件
4.5 设置LDAP登录
xpack:
security:
authc:
realms:
active_directory:
my_ad:
order: 0
domain_name: 52aiops.cn
url: "ldap://IP:389"
bind_dn: "administrator@52aiops.cn"
bind_password: "密码"
user_search:
base_dn: "OU=IT,DC=52aiops,DC=com"
filter: "(&(objectClass=user)(sAMAccountName={0}))"
group_search:
base_dn: "OU=IT,DC=52aiops,DC=com"
files:
role_mapping: "role_mapping.yml"
unmapped_groups_as_roles: false4.6创建普通角色
4.6.1 赋予基础索引权限
4.6.2 赋予额外业务索引的权限 参照.security-7 只读(按需)
4.6.3 赋予Kibana工作区权限(按需)
4.6.4 创建LDAP角色映射
关键字词:elk,破解
上一篇:Linux LVM磁盘无损扩容
相关文章
-
无相关信息