目录
1、配置环境
仅供实验环境环境,生产环境勿破解,破解文件已上传资源,可直接使用.
Elasticsearch-6.6.1
Kibana-6.6.1
X-Pack-6.6.1
2、反编译修改验证文件
1.解压x-pack-core-6.6.1.jar
cp /elk/elasticsearch-6.6.1/modules/x-pack-core /root
unzip x-pack-core-6.6.0.jar
2.反向编译和修改两个验证文件
反向编译网站
http://www.javadecompilers.com/processing
将LicenseVerifier.class和XPackBuild.class反编译成java文件进行修改
编辑LicenseVerifier.java #找到两个静态方法,修改返回为true
文件所在路径: x-pack-core-6.6.0\org\elasticsearch\license
package org.elasticsearch.license;
import java.io.InputStream;
import java.io.OutputStream;
import org.elasticsearch.core.internal.io.Streams;
import java.io.ByteArrayOutputStream;
import org.apache.lucene.util.BytesRef;
import org.apache.lucene.util.BytesRefIterator;
import org.elasticsearch.common.xcontent.XContentBuilder;
import java.util.Arrays;
import java.security.InvalidKeyException;
import java.security.SignatureException;
import java.security.NoSuchAlgorithmException;
import java.io.IOException;
import org.elasticsearch.common.bytes.BytesReference;
import java.security.Signature;
import java.util.Map;
import org.elasticsearch.common.xcontent.ToXContent;
import java.util.Collections;
import org.elasticsearch.common.xcontent.XContentFactory;
import org.elasticsearch.common.xcontent.XContentType;
import java.nio.ByteBuffer;
import java.util.Base64;public class LicenseVerifier
{
public static boolean verifyLicense(final License license, final byte[] publicKeyData) {return true;
}public static boolean verifyLicense(final License license) {
return true;
}
}
编辑XPackBuild.java
文件所在路径: x-pack-core-6.6.0\org\elasticsearch\xpack\core
package org.elasticsearch.xpack.core;
import java.util.jar.Manifest;
import java.io.IOException;
import java.util.jar.JarInputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import org.elasticsearch.common.SuppressForbidden;
import java.net.URL;
import java.net.URISyntaxException;
import org.elasticsearch.common.io.PathUtils;
import java.nio.file.Path;public class XPackBuild
{
public static final XPackBuild CURRENT;
private String shortHash;
private String date;@SuppressForbidden(reason = "looks up path of xpack.jar directly")
static Path getElasticsearchCodebase() {
final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();
try {
return PathUtils.get(url.toURI());
}
catch (URISyntaxException bogus) {
throw new RuntimeException(bogus);
}
}XPackBuild(final String shortHash, final String date) {
this.shortHash = shortHash;
this.date = date;
}public String shortHash() {
return this.shortHash;
}public String date() {
return this.date;
}static {
final Path path = getElasticsearchCodebase();
String shortHash = null;
String date = null;
Label_0109: {
shortHash = "Unknown";
date = "Unknown";
}
CURRENT = new XPackBuild(shortHash, date);
}
}
3.编译修改后的文件
[root@master ~]# javac -cp "/app/es/lib/elasticsearch-6.6.1.jar:/app/es/lib/lucene-core-7.6.0.jar:/app/es/modules/x-pack-core/x-pack-core-6.6.1.jar:/app/es/lib/elasticsearch-core-6.6.1.jar" XPackBuild.java
[root@master ~]# javac -cp "/app/es/lib/elasticsearch-6.6.1.jar:/app/es/lib/lucene-core-7.6.0.jar:/app/es/modules/x-pack-core/x-pack-core-6.6.1.jar:/app/es/lib/elasticsearch-core-6.6.1.jar:/app/es/lib/elasticsearch-x-content-6.6.1.jar" LicenseVerifier.java
此时重新生成两个class文件
4.将编译好的文件复制回原目录
cp XPackBuild.class && LicenseVerifier.class 到x-pack-core-6.6.0.jar下面
cp x-pack-core-6.6.0.jar /elk/elasticsearch-6.6.1/modules/x-pack-core
3、导入授权文件
1. 从官网申请basic授权文件
https://license.elastic.co/registration #其他信息随便写,邮箱必须真实
2. 授权文件红字修改
vim license.json
{"license":{"uid":"ac02af3b-dc3b-4180-af0f-8794c21e64c3","type":"platinum","issue_date_in_millis":1566777600000,"expiry_date_in_millis":3107746200000
}
3. 授权文件导入
①禁用security #如果不禁用,将不能正常导入授权文件
vim conf/elasticsearch.yml
xpack.security.enabled: false
②重启elasticsearch
./bin/elasticsearch -d
③利用API导入授权文件
curl -XPUT -u elastic:changeme "http://10.0.9.24:9200/_xpack/license?acknowledge=true" -d @license.json
或者kinabi页面直接导入(推荐)。
4、错误排查
1、原来的ELK没有密码如何重设密码
①以下操作必须在master节点执行
②cd /elk/elasticsearch-6.6.0/
③./bin/elasticsearch-setup-passwords interactive #手动设置所有用户密码,auto随机设置所有用户密码
注:节点健康状态为red也可以成功设置,但是在集群中必须有master节点
2、其他节点es是否也需要替换jar包
我替换了,你可以相关验证下。
3、kibana页面直接导入许可证报错如图
Version: 6.6.1 Build: 19513 Error: Uncaught NotFoundError: Failed to execute 'removeChild' on 'Node': The node to be removed is not a child of this node. (http://192.168.198.136:5601/dlls/vendors.bundle.dll.js:212) at window.onerror (http://192.168.198.136:5601/bundles/commons.bundle.js:3:935535)
我的google浏览器报错,换360极速浏览器成功导入,上哪说理去!
4、如果kibana出现无法监测最近一小时数据
查询所有ES节点服务器时间是否一致,如果不一致
ntpdata ntp1.aliyun.com
