目錄
1、配置環境
僅供實驗環境環境,生產環境勿破解,破解文件已上傳資源,可直接使用.
Elasticsearch-6.6.1
Kibana-6.6.1
X-Pack-6.6.1
2、反編譯修改驗證文件
1.解壓x-pack-core-6.6.1.jar
cp /elk/elasticsearch-6.6.1/modules/x-pack-core /root
unzip x-pack-core-6.6.0.jar
2.反向編譯和修改兩個驗證文件
反向編譯網站
http://www.javadecompilers.com/processing
將LicenseVerifier.class和XPackBuild.class反編譯成java文件進行修改
編輯LicenseVerifier.java #找到兩個靜態方法,修改返回爲true
文件所在路徑: x-pack-core-6.6.0\org\elasticsearch\license
package org.elasticsearch.license;
import java.io.InputStream;
import java.io.OutputStream;
import org.elasticsearch.core.internal.io.Streams;
import java.io.ByteArrayOutputStream;
import org.apache.lucene.util.BytesRef;
import org.apache.lucene.util.BytesRefIterator;
import org.elasticsearch.common.xcontent.XContentBuilder;
import java.util.Arrays;
import java.security.InvalidKeyException;
import java.security.SignatureException;
import java.security.NoSuchAlgorithmException;
import java.io.IOException;
import org.elasticsearch.common.bytes.BytesReference;
import java.security.Signature;
import java.util.Map;
import org.elasticsearch.common.xcontent.ToXContent;
import java.util.Collections;
import org.elasticsearch.common.xcontent.XContentFactory;
import org.elasticsearch.common.xcontent.XContentType;
import java.nio.ByteBuffer;
import java.util.Base64;public class LicenseVerifier
{
public static boolean verifyLicense(final License license, final byte[] publicKeyData) {return true;
}public static boolean verifyLicense(final License license) {
return true;
}
}
編輯XPackBuild.java
文件所在路徑: x-pack-core-6.6.0\org\elasticsearch\xpack\core
package org.elasticsearch.xpack.core;
import java.util.jar.Manifest;
import java.io.IOException;
import java.util.jar.JarInputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import org.elasticsearch.common.SuppressForbidden;
import java.net.URL;
import java.net.URISyntaxException;
import org.elasticsearch.common.io.PathUtils;
import java.nio.file.Path;public class XPackBuild
{
public static final XPackBuild CURRENT;
private String shortHash;
private String date;@SuppressForbidden(reason = "looks up path of xpack.jar directly")
static Path getElasticsearchCodebase() {
final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
try {
return PathUtils.get(url.toURI());
}
catch (URISyntaxException bogus) {
throw new RuntimeException(bogus);
}
}XPackBuild(final String shortHash, final String date) {
this.shortHash = shortHash;
this.date = date;
}public String shortHash() {
return this.shortHash;
}public String date() {
return this.date;
}static {
final Path path = getElasticsearchCodebase();
String shortHash = null;
String date = null;
Label_0109: {
shortHash = "Unknown";
date = "Unknown";
}
CURRENT = new XPackBuild(shortHash, date);
}
}
3.編譯修改後的文件
[root@master ~]# javac -cp "/app/es/lib/elasticsearch-6.6.1.jar:/app/es/lib/lucene-core-7.6.0.jar:/app/es/modules/x-pack-core/x-pack-core-6.6.1.jar:/app/es/lib/elasticsearch-core-6.6.1.jar" XPackBuild.java
[root@master ~]# javac -cp "/app/es/lib/elasticsearch-6.6.1.jar:/app/es/lib/lucene-core-7.6.0.jar:/app/es/modules/x-pack-core/x-pack-core-6.6.1.jar:/app/es/lib/elasticsearch-core-6.6.1.jar:/app/es/lib/elasticsearch-x-content-6.6.1.jar" LicenseVerifier.java
此時重新生成兩個class文件
4.將編譯好的文件複製回原目錄
cp XPackBuild.class && LicenseVerifier.class 到x-pack-core-6.6.0.jar下面
cp x-pack-core-6.6.0.jar /elk/elasticsearch-6.6.1/modules/x-pack-core
3、導入授權文件
1. 從官網申請basic授權文件
https://license.elastic.co/registration #其他信息隨便寫,郵箱必須真實
2. 授權文件紅字修改
vim license.json
{"license":{"uid":"ac02af3b-dc3b-4180-af0f-8794c21e64c3","type":"platinum","issue_date_in_millis":1566777600000,"expiry_date_in_millis":3107746200000
}
3. 授權文件導入
①禁用security #如果不禁用,將不能正常導入授權文件
vim conf/elasticsearch.yml
xpack.security.enabled: false
②重啓elasticsearch
./bin/elasticsearch -d
③利用API導入授權文件
curl -XPUT -u elastic:changeme "http://10.0.9.24:9200/_xpack/license?acknowledge=true" -d @license.json
或者kinabi頁面直接導入(推薦)。
4、錯誤排查
1、原來的ELK沒有密碼如何重設密碼
①以下操作必須在master節點執行
②cd /elk/elasticsearch-6.6.0/
③./bin/elasticsearch-setup-passwords interactive #手動設置所有用戶密碼,auto隨機設置所有用戶密碼
注:節點健康狀態爲red也可以成功設置,但是在集羣中必須有master節點
2、其他節點es是否也需要替換jar包
我替換了,你可以相關驗證下。
3、kibana頁面直接導入許可證報錯如圖
Version: 6.6.1 Build: 19513 Error: Uncaught NotFoundError: Failed to execute 'removeChild' on 'Node': The node to be removed is not a child of this node. (http://192.168.198.136:5601/dlls/vendors.bundle.dll.js:212) at window.onerror (http://192.168.198.136:5601/bundles/commons.bundle.js:3:935535)
我的google瀏覽器報錯,換360極速瀏覽器成功導入,上哪說理去!
4、如果kibana出現無法監測最近一小時數據
查詢所有ES節點服務器時間是否一致,如果不一致
ntpdata ntp1.aliyun.com