Install and crack x-pack based on ES6.6.2

Statement: This article does not contain any transactions. If there is any infringement, please contact me to delete it.

The version of this environment is: elasticsearch-6.6.2

Starting from version 6.3+, xpack is built into es and there is no need to install a plug-in.

Start the main topic:

Step 1: Generate ca certificate

Execute in the elasticsearch/bin directory: (I kept pressing Enter for all four commands without setting a password)

./elasticsearch-certutil ca ## will ask you to enter the password, or you can directly press Enter to use the default password.
./elasticsearch-certutil cert --ca elastic-stack-ca.p12
./elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
./elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password

After the execution is completed, two files elastic-stack-ca.p12 and elastic-certificates.p12 will be generated in the bin, and the elasticsearch.keystore file will be generated in the config directory (if it is not under config, move elasticsearch.keystore to config). Send the three files to the corresponding directories of all es services.

Step 2: Configure x-pack

Create the certs directory under config. (All es services require operation)

mkdir certs

Place the two files elastic-stack-ca.p12 and elastic-certificates.p12 in the certs directory (all es services require operation)

The three file structures are as follows: (Be sure to pay attention to the file location!!)

Add configuration elasticsearch.yml (all es services require operation)

xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true

xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12

Step 3: Start x-pack trial and crack

Start trial:

curl -H "Content-Type:application/json" -XPOST http://10.91.1.87:9200/_xpack/license/start_trial?acknowledge=true

Without starting the trial, executing ./elasticsearch-setup-passwords interactive will report the following error

Hack the x-pack method

Create a temporary directory and enter the directory

mkdir /root/xpack

Create LicenseVerifier.java

vim LicenseVerifier.java

package org.elasticsearch.license;
import java.nio.*; import java.util.*;
import java.security.*;
import org.elasticsearch.common.xcontent.*;
import org.apache.lucene.util.*;
import org.elasticsearch.common.io.*;
import java.io.*;

public class LicenseVerifier {
    public static boolean verifyLicense(final License license, final byte[] encryptedPublicKeyData) {
        return true;
    }
    
    public static boolean verifyLicense(final License license) {
        return true;
    }
}

Create XPackBuild.java

vim XPackBuild.java

package org.elasticsearch.xpack.core;
import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;
public class XPackBuild {
    public static final XPackBuild CURRENT;
    private String shortHash;
    private String date;
    @SuppressForbidden(reason = "looks up path of xpack.jar directly") static Path getElasticsearchCodebase() {
        final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
        try { return PathUtils.get(url.toURI()); }
        catch (URISyntaxException bogus) {
            throw new RuntimeException(bogus); }
        }
        
    XPackBuild(final String shortHash, final String date) {
            this.shortHash = shortHash;
            this.date = date;
            }
            
    public String shortHash() {
        return this.shortHash;
        }
    public String date(){
        return this.date;
        }
        
    static {
        final Path path = getElasticsearchCodebase();
        String shortHash = null;
        String date = null;
        Label_0157: { shortHash = "Unknown"; date = "Unknown";
    }
    
    CURRENT = new XPackBuild(shortHash, date);
    }
}

Compile LicenseVerifier.java and XPackBuild.java respectively

javac -cp "/opt/bdp/data01/es01/elasticsearch-6.6.2/lib/elasticsearch-6.6.2.jar:/opt/bdp/data01/es01/elasticsearch-6.6.2/lib/ lucene-core-7.6.0.jar:/opt/bdp/data01/es01/elasticsearch-6.6.2/modules/x-pack-core/x-pack-core-6.6.2.jar" LicenseVerifier.java
javac -cp "/opt/bdp/data01/es01/elasticsearch-6.6.2/lib/elasticsearch-6.6.2.jar:/opt/bdp/data01/es01/elasticsearch-6.6.2/lib/lucene-core -7.6.0.jar:/opt/bdp/data01/es01/elasticsearch-6.6.2/modules/x-pack-core/x-pack-core-6.6.2.jar:/opt/bdp/data01/es01 /elasticsearch-6.6.2/lib/elasticsearch-core-6.6.2.jar" XPackBuild.java

After compilation, two .class files with the same name as .java are generated.

Overwrite the original x-pack-core-6.6.2.jar class file.

mkdir tmp & amp; & amp; cd tmp
cp /opt/bdp/data01/es01/elasticsearch-6.6.2/modules/x-pack-core/x-pack-core-6.6.2.jar ./
jar -xf x-pack-core-6.6.2.jar ##Decompression
cp ../LicenseVerifier.class org/elasticsearch/license/ ##Replacement file
cp ../XPackBuild.class org/elasticsearch/xpack/core/ ##Replacement file
jar -cvf x-pack-core-6.6.2.jar * ##Recompress

Send the generated x-pack-core-6.6.2.jar to all es, overwriting the original jar file

Step 4: Restart the machine and set a password

restartes

At this time, the cluster status cannot be observed through curl http://10.91.1.87:9200/_cluster/health?pretty

Observe the log of one of the masters. The cluster status changes from red to yellow.

Cluster health status changed from [RED] to [YELLOW]

Execute to generate password:

./elasticsearch-setup-passwords interactive

Enter your password. until the end.

Check the health status of the cluster through the user password. You can check it and x-pack takes effect.

Step 5: Apply for license

View the license information of the current es cluster

curl -u "elastic":"123123" http://10.91.1.81:9200/_license

type indicates that it is on trial, expiry_date indicates that it will expire in one month

Log in to the official website and apply for a license

Register | Elastic

Select china as the country, write the email address that you can receive emails from, and write whatever else you want.

Receive emails and download json files.

Open the file and modify the contents:

“type”: “platinum” ##Platinum version

“expiry_date_in_millis”: 2547615064000 ##Expiration date 2050-09-24 14:51:04

Step 6: Upload license

Uploading the license must be executed on all three masters.

curl -XPUT -u "elastic":"123123" 'http://10.91.1.81:9200/_xpack/license' -H "Content-Type: application/json" - d @license.json

Check the license information again. The expiration date has changed to 2050.

This is the end. I have been working on it for a day and a half (very annoying) and checked various documentation blogs. This article is my overall sad process that combines my own operations and documentation support. I hope others will not step in and complete it smoothly.

references:

Thanks to all the bloggers for providing documentation support! ! ! ! !

Elasticsearch6.3.2 x-pack-Tencent Cloud Developer Community-Tencent Cloud

Elasticsearch installation X-pack_elasticsearch xpack-CSDN blog

ElasticSearch learning (12) – es7.2 log warning SSLHandshakeException: no cipher suites in common-CSDN blog

Configure elk cluster and crack x-pack, deploy elk – Developer Blog