x-pack是ELK的一个插件,集监控、权限、告警等于一体。支持集群级别、节点级别、索引级别的监控;支持索引、字段级别的权限控制。x-pack目前并不开源,试用期一个月。本着自用方便,尝试破解。
多master下,只需要增加master节点,修改下discovery.zen.minimum_master_nodes参数即可。

结点规划

节点 角色
node1 master-1、x-pack
node2 data-1、x-pack
node3 data-2、x-pack
node4 client-1、kibana、x-pack(client-1)、x-pack(kibana)

搭建elasticsearch集群

增加用户

useradd elk
passwd elk

下载elasticsearch安装包

wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.4.tar.gz

解压分发安装包

[elk@node1 ~]$ tar -zxvf elasticsearch-6.2.4.tar.gz
[elk@node1 ~]$ scp -r elasticsearch-6.2.4 elk@node2:~
[elk@node1 ~]$ scp -r elasticsearch-6.2.4 elk@node3:~
[elk@node1 ~]$ scp -r elasticsearch-6.2.4 elk@node4:~

配置master-1

多master配置,只需要增加机器简单修改即可。

[elk@node1 ~]$ vim elasticsearch-6.2.4/config/elasticsearch.yml#集群名称cluster.name: my-elk#节点名称node.name: master-1#是否是master节点,master节点存元数据node.master: true#是否是data数据节点,data数据节点存数据node.data: false#是否是ingest节点,ingest节点可以在数据真正进入index前,通过配置pipline拦截器对数据ETLnode.ingest: false#数据目录,可挂载多个盘path.data: /home/elk/elasticsearch-6.2.4/es-data/data#日志目录path.logs: /home/elk/elasticsearch-6.2.4/es-data/logs/#http host和portnetwork.host: node1http.port: 9200#组成该集群的节点discovery.zen.ping.unicast.hosts: [node1, node2,node3,node4]#防止脑裂配置,注意在多master时,这个值应该等于 Math.floor(master候选节点数/2)+1#意思是master候选节点的数目最少达到多少个,才去选举master#没有这个配置,在多master时容易造成脑裂,出现多个集群#这里只有一个master就设置成1即可discovery.zen.minimum_master_nodes: 1

配置data-1

[elk@node2 ~]$ vim elasticsearch-6.2.4/config/elasticsearch.ymlcluster.name: my-elknode.name: data-1node.master: falsenode.data: truenode.ingest: truepath.data: /home/elk/elasticsearch-6.2.4/es-data/datapath.logs: /home/elk/elasticsearch-6.2.4/es-data/logs/network.host: node2http.port: 9200discovery.zen.ping.unicast.hosts: ["node1", "node2","node3","node4"]discovery.zen.minimum_master_nodes: 1

配置data-2

[elk@node3 ~]$ vim elasticsearch-6.2.4/config/elasticsearch.ymlcluster.name: my-elknode.name: data-2node.master: falsenode.data: truenode.ingest: truepath.data: /home/elk/elasticsearch-6.2.4/es-data/datapath.logs: /home/elk/elasticsearch-6.2.4/es-data/logs/network.host: node3http.port: 9200discovery.zen.ping.unicast.hosts: ["node1", "node2","node3","node4"]discovery.zen.minimum_master_nodes: 1

配置client-1

[elk@node4 ~]$ vim elasticsearch-6.2.4/config/elasticsearch.ymlcluster.name: my-elknode.name: client-1#都设置成false后,此节点就成为了client,起到路由请求和结果聚合的作用。生成环境下应该配置成大内存。#client有两种类型 client-coordinate 和 client-tribe#client-coordinate 请求路由到elasticsearch节点#client-tribe 请求路由到不同elasticsearch集群,需要增加其他配置#这里默认是client-coordinatenode.master: falsenode.data: falsenode.ingest: falsepath.data: /home/elk/elasticsearch-6.2.4/es-data/datapath.logs: /home/elk/elasticsearch-6.2.4/es-data/logs/network.host: node4http.port: 9200discovery.zen.ping.unicast.hosts: ["node1", "node2","node3","node4"]discovery.zen.minimum_master_nodes: 1

配置kibana

下载解压

[elk@node4 ~]$ wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.2.4.tar.gz
[elk@node4 ~]$ tar -zxvf kibana-6.2.4-linux-x86_64.tar.gz

配置

[elk@node4 ~]$ vim kibana-6.2.4-linux-x86_64/config/kibana.ymlserver.port: 5601server.host: "node4"elasticsearch.url: "http://node4:9200"

安装x-pack插件

下载x-pack并分发到各节点

wget https://artifacts.elastic.co/downloads/packs/x-pack/x-pack-6.2.4.zip

es安装x-pack

[elk@node1 ~]$ elasticsearch-6.2.4/bin/elasticsearch-plugin install file:///home/elk/x-pack-6.2.4.zip
[elk@node2 ~]$ elasticsearch-6.2.4/bin/elasticsearch-plugin install file:///home/elk/x-pack-6.2.4.zip
[elk@node3 ~]$ elasticsearch-6.2.4/bin/elasticsearch-plugin install file:///home/elk/x-pack-6.2.4.zip
[elk@node4 ~]$ elasticsearch-6.2.4/bin/elasticsearch-plugin install file:///home/elk/x-pack-6.2.4.zip

kibana安装x-pack

[elk@node4 ~]$ kibana-6.2.4-linux-x86_64/bin/kibana-plugin install file:///home/elk/x-pack-6.2.4.zip

启动elasticsearch

[elk@node1 ~]$ elasticsearch-6.2.4/bin/elasticsearch
[elk@node2 ~]$ elasticsearch-6.2.4/bin/elasticsearch
[elk@node3 ~]$ elasticsearch-6.2.4/bin/elasticsearch
[elk@node4 ~]$ elasticsearch-6.2.4/bin/elasticsearch

启动elasticsearch时异常解决

参考网上的帖子即可
注意:异常解决后,需要重新登录,才可生效。

设置kibana通过x-pack连接client-1的用户名密码

[elk@node4 ~]$ elasticsearch-6.2.4/bin/x-pack/setup-passwords interactive
#kibana.yml中增加用户名密码
[elk@node4 ~]$ vim kibana-6.2.4-linux-x86_64/config/kibana.ymlelasticsearch.username: "elastic"#这里就是上边设置的密码elasticsearch.password: "123456"

启动kibana查看Monitoring

[elk@node4 ~]$ kibana-6.2.4-linux-x86_64/bin/kibana
#用上边设置的用户名密码登录
http://node4:5601/
#但试用期只有一个月,自用不放便。

破解x-pack

下载运行反编译软件

[wangpei@localhost ~/gitHub]$ git clone https://github.com/deathmarine/Luyten.git
[wangpei@localhost ~/gitHub/Luyten]$ mvn clean install
[wangpei@localhost ~/gitHub/Luyten]$ java -jar target/luyten-0.5.3.jar

反编译类

反编译elasticsearch-6.2.4/plugins/x-pack/x-pack-core/x-pack-core-6.2.4.jar中的两个类

反编译LicenseVerifier.class

找到org.elasticsearch.license.LicenseVerifier.class,反编译结果拷贝至IDE,建同样的包和类LicenseVerifier.java,内容替换如下(即替换掉License验证部分)

package org.elasticsearch.license;public class LicenseVerifier
{public static boolean verifyLicense(final License license, final byte[] encryptedPublicKeyData) {return true;}public static boolean verifyLicense(final License license) {return true;}
}

反编译XPackBuild.class

找到org.elasticsearch.xpack.core.XPackBuild.class,反编译结果拷贝至IDE,建同样的包和类XPackBuild.java,内容替换如下

package org.elasticsearch.xpack.core;import org.elasticsearch.common.io.*;
import java.net.*;
import org.elasticsearch.common.*;
import java.nio.file.*;
import java.io.*;
import java.util.jar.*;public class XPackBuild
{public static final XPackBuild CURRENT;private String shortHash;private String date;@SuppressForbidden(reason = "looks up path of xpack.jar directly")static Path getElasticsearchCodebase() {final URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();try {return PathUtils.get(url.toURI());}catch (URISyntaxException bogus) {throw new RuntimeException(bogus);}}XPackBuild(final String shortHash, final String date) {this.shortHash = shortHash;this.date = date;}public String shortHash() {return this.shortHash;}public String date() {return this.date;}static {final Path path = getElasticsearchCodebase();String shortHash = null;String date = null;Label_0157: {shortHash = "Unknown";date = "Unknown";}CURRENT = new XPackBuild(shortHash, date);}
}

编译并替换

#编译用到的依赖来自于elasticsearch-6.2.4/lib目录#编译LicenseVerifier.java
javac -cp "elasticsearch-6.2.4.jar:lucene-core-7.2.1.jar:x-pack-core-6.2.4.jar:elasticsearch-core-6.2.4.jar" LicenseVerifier.java#编译XPackBuild.java
javac -cp "elasticsearch-6.2.4.jar:lucene-core-7.2.1.jar:x-pack-core-6.2.4.jar:elasticsearch-core-6.2.4.jar" XPackBuild.java#替换LicenseVerifier.class
mkdir -p org/elasticsearch/license/
cp LicenseVerifier.class org/elasticsearch/license
jar uf x-pack-core-6.2.4.jar org/elasticsearch/license/LicenseVerifier.class#替换XPackBuild.class
mkdir -p org/elasticsearch/xpack/core
cp XPackBuild.class org/elasticsearch/xpack/core
jar uf x-pack-core-6.2.4.jar org/elasticsearch/xpack/core/XPackBuild.class

替换破解后的jar包

用上边得到的破解包x-pack-core-6.2.4.jar替换所有elasticsearch节点中,elasticsearch-6.2.4/plugins/x-pack/x-pack-core目录下的x-pack-core-6.2.4.jar

上传授权文件

#(1)需要在所有elasticsearch节点elasticsearch-6.2.4/config/elasticsearch.yml增加配置项,用于上传授权文件
xpack.security.enabled: false#(2)申请licene授权文件并在邮箱中下载
https://license.elastic.co/registration#(3)修改type 为platinum 铂金 有效期到2050年 "expiry_date_in_millis":2524579200999#(4)启动4台elasticsearch#(5)4个节点替换licene
curl -XPUT -u elastic:changeme 'http://node1:9200/_xpack/license' -H "Content-Type: application/json" -d @license.json

制作SSL

#(1)master节点生成证书
[elk@node1 elasticsearch-6.2.4]$ pwd/home/elk/elasticsearch-6.2.4
[elk@node1 elasticsearch-6.2.4]$ bin/x-pack/certutil ca#这里需要设置密码,后边会用到
[elk@node1 elasticsearch-6.2.4]$ bin/x-pack/certutil cert --ca elastic-stack-ca.p12[elk@node1 elasticsearch-6.2.4]$ mkdir config/certs
[elk@node1 elasticsearch-6.2.4]$ cp elastic-certificates.p12 config/certs#(2)证书拷贝至所有elasticsearch节点
[elk@node1 elasticsearch-6.2.4]$ scp -r config/certs/ elk@node2:~/elasticsearch-6.2.4/config/
[elk@node1 elasticsearch-6.2.4]$ scp -r config/certs/ elk@node3:~/elasticsearch-6.2.4/config/
[elk@node1 elasticsearch-6.2.4]$ scp -r config/certs/ elk@node4:~/elasticsearch-6.2.4/config/#(3)所有elasticsearch节点启用SSL
elasticsearch.yml中增加配置
#xpack.security.enabled: false
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12#(4)所有elasticsearch节点和kibana节点将密码添加至elasticsearch-keystore
#注意:这里输入的密码是生成证书时设置的密码
[elk@node1 elasticsearch-6.2.4]$ bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
[elk@node1 elasticsearch-6.2.4]$ bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password

重启所有elasticsearch节点和kibana节点

查看有效期

登录后可以看到,有效期到2050年 Your Platinum license will expire on January 1, 2050.

查看数据

#(1)创建索引
PUT user_web_info#(2)设置mapping
PUT user_web_info/_mapping/user
{"properties": {"uuid":{"type":"long"},"name":{"type":"text","fields":{"keyword":{"type": "keyword"}}},"nickname":{"type":"text"},"age":{"type":"integer"},"dt":{"type":"date","format": "yyyy-MM-dd"}}
}#(3)插入数据
POST user_web_info/user/_bulk
{ "create": {"_id": "1" }}
{"uuid":1,"name":"jack chen","nickname":"apple pear","age":20,"dt":"2016-06-25"}
{ "create": {"_id": "2" }}
{"uuid":2,"name":"jack ma","nickname":"apple pear pear","age":22,"dt":"2016-08-23"}
{ "create": {"_id": "3" }}
{"uuid":3,"name":"lucy","nickname":"apple pear apple","age":23,"dt":"2016-08-25"}#(4)创建Index Patterns
Management=>Index Patterns=>user_web_info#(5)Discover页浏览数据

Elasticsearch多master配置及x-pack破解相关推荐

  1. elasticsearch安装和配置,elasticsearch启动报错:can not run elasticsearch as root

    elasticsearch安装和配置 elasticsearch启动报错:can not run elasticsearch as root elasticsearch启动报错:ERROR: [3] ...

  2. elasticsearch 出现master not discovered yet, this node has not previously joined a bootstrapped (v7+)

    elasticsearch 出现master not discovered yet, this node has not previously joined a bootstrapped (v7+) ...

  3. 一文教懂你关于Elasticsearch的安装配置

    请一定要更新JDK到最新版本 我们去官网https://www.elastic.co/cn/elasticsearch/下载最新版本的软件包并解压软件包. 然后启动运行elasticsearch ./ ...

  4. ElasticSearch基础杂烩-配置-索引-优化

    2019独角兽企业重金招聘Python工程师标准>>> ElasticSearch基础杂烩-配置-索引-优化 博客分类: java 前言 ElasticSearch是一个基于Luce ...

  5. elasticsearch 第二篇(配置篇)

    配置 在es启动之前可以通过设置启动命令行启动参数.环境变量.文件等方式优化和配置es进行参数 环境变量 名称 示例 说明 ES_MIN_MEM 256M 用于配置java进程分配的最小内存 ES_M ...

  6. mysql master 配置_MySQL双Master配置的方法详解

    刚刚抽空做了一下MYSQL 的主主同步.把步骤写下来,至于会出现的什么问题,以后随时更新.这里我同步的数据库是TEST1.环境描述.主机:192.168.0.231(A)主机:192.168.0.23 ...

  7. Elasticsearch集群配置以及REST API使用

    ES安装与启动 在官网下载压缩包,解压后直接运行bin目录下的.bat文件即可.下载地址戳这里. ES配置集群 Elasticsearch配置集群很简单,只要配置一个集群的 名称 ,ES就会自动寻找并 ...

  8. 华为路由交换精讲系列⑦:super密码配置 密码重置与破解 权限级别 [肖哥]视频课程-肖宗鹏-专题视频课程...

    华为路由交换精讲系列⑦:super密码配置 密码重置与破解 权限级别 [肖哥]视频课程-587人已学习 课程介绍         华为路由器.交换机配置 单个技术详细介绍.本课程是一个系列,每个系列讲 ...

  9. Elasticsearch集群配置

    Elasticsearch集群 配置 报错 集群状态查看 启动 配置 cluster.name: es node.name: node-3 path.data: /home/elasticsearch ...

最新文章

  1. mysql show 原理_mysql事务的实现原理
  2. Mysql主从复制及Tomcat的相关介绍
  3. 一文读懂spring boot 和微服务的关系
  4. 如何自定义SAP Spartacus 产品明细的url pattern
  5. 转: 虚拟IP(VIP)原理
  6. 《DSP using MATLAB》示例Example4.6
  7. 周期三角波频谱图_雷达物位计厂家告诉你,什么是调频连续波雷达物位计
  8. 大学四年,自学编程常用的10个学习网站
  9. ToDesk版本更新,引入RTC传输技术,是否早以替代向日葵远程控制?
  10. 安装oh my zsh后出现的目录权限问题
  11. 华为机试4.27:公式修正
  12. python创建模式对象_【python设计模式-创建型】单例模式
  13. 金立android怎么升级包,金立S6升级刷机教程[多图]
  14. Leetcode小白上线第三十三天
  15. 分析早期关节炎队列发现冬春季发病者的短期放射学进展更重
  16. 逆战班---《JS操作汉字时钟详解》
  17. 学画画软件app推荐_超好用的学习绘画的APP
  18. 2021年1月4日-Vulnhub-DerpNStink渗透学习
  19. H.264学习网站及资源(不定时更新)
  20. python用turtle写字_python编程课---turtle

热门文章

  1. Python OpenCV 人脸识别
  2. 14.String常量池:什么是字符常量???常量池在内存空间中的位置在哪里???判断s7、s8、s9是不是字符常量???代码
  3. 你一直都是我温馨的眷恋
  4. 抖音商家找达人带货需要什么条件?达人带货靠谱吗
  5. 自选功能创建项目(vue2)
  6. HG,GIT,SVN版本控制系统
  7. fikker反向代理服务器的网站缓存加速特别说明
  8. JavaWeb知识点汇总
  9. 二维码 生成、读取, 以及调整图片大小,截屏
  10. 中国区块链产业全景图