解锁x-pack 8.x白金限制
解锁x-pack白金限制
x-pack
只给了30天的试用,可能我们摸清楚Elasticsearch怎么用就不止30天了。所以我们还是主动延长一下x-pack
的使用期。
接下来我们演示在8.0.1
版本下延长x-pack的试用期限。
获取elastic
的源码
首先先去elastic的github仓库获取源码,我们需要以下两个文件:
elasticsearch-8.0.1\x-pack\plugin\core\src\main\java\org\elasticsearch\license\LicenseVerifier.java
elasticsearch-8.0.1\x-pack\plugin\core\src\main\java\org\elasticsearch\xpack\core\XPackBuild.java
修改x-pack
源码
首先注释掉LicenseVerifier.java
的校验代码:
/** Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one* or more contributor license agreements. Licensed under the Elastic License* 2.0; you may not use this file except in compliance with the Elastic License* 2.0.*/
package org.elasticsearch.license;import org.apache.lucene.util.BytesRef;
import org.apache.lucene.util.BytesRefIterator;
import org.elasticsearch.common.bytes.BytesReference;
import org.elasticsearch.core.internal.io.Streams;
import org.elasticsearch.xcontent.ToXContent;
import org.elasticsearch.xcontent.XContentBuilder;
import org.elasticsearch.xcontent.XContentFactory;
import org.elasticsearch.xcontent.XContentType;import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.nio.ByteBuffer;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collections;/*** Responsible for verifying signed licenses*/
public class LicenseVerifier {/*** verifies the license content with the signature using the packaged* public key* @param license to verify* @return true if valid, false otherwise*/public static boolean verifyLicense(final License license, PublicKey publicKey) {/*byte[] signedContent = null;byte[] publicKeyFingerprint = null;try {byte[] signatureBytes = Base64.getDecoder().decode(license.signature());ByteBuffer byteBuffer = ByteBuffer.wrap(signatureBytes);@SuppressWarnings("unused")int version = byteBuffer.getInt();int magicLen = byteBuffer.getInt();byte[] magic = new byte[magicLen];byteBuffer.get(magic);int hashLen = byteBuffer.getInt();publicKeyFingerprint = new byte[hashLen];byteBuffer.get(publicKeyFingerprint);int signedContentLen = byteBuffer.getInt();signedContent = new byte[signedContentLen];byteBuffer.get(signedContent);XContentBuilder contentBuilder = XContentFactory.contentBuilder(XContentType.JSON);license.toXContent(contentBuilder, new ToXContent.MapParams(Collections.singletonMap(License.LICENSE_SPEC_VIEW_MODE, "true")));Signature rsa = Signature.getInstance("SHA512withRSA");rsa.initVerify(publicKey);BytesRefIterator iterator = BytesReference.bytes(contentBuilder).iterator();BytesRef ref;while ((ref = iterator.next()) != null) {rsa.update(ref.bytes, ref.offset, ref.length);}return rsa.verify(signedContent);} catch (IOException | NoSuchAlgorithmException | SignatureException | InvalidKeyException e) {throw new IllegalStateException(e);} finally {if (signedContent != null) {Arrays.fill(signedContent, (byte) 0);}}*/return true;}private static final PublicKey PUBLIC_KEY;static {try (InputStream is = LicenseVerifier.class.getResourceAsStream("/public.key")) {ByteArrayOutputStream out = new ByteArrayOutputStream();Streams.copy(is, out);PUBLIC_KEY = CryptUtils.readPublicKey(out.toByteArray());} catch (IOException e) {throw new AssertionError("key file is part of the source and must deserialize correctly", e);}}public static boolean verifyLicense(final License license) {//return verifyLicense(license, PUBLIC_KEY);return true;}
}
然后修改XPackBuild.java
/** Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one* or more contributor license agreements. Licensed under the Elastic License* 2.0; you may not use this file except in compliance with the Elastic License* 2.0.*/
package org.elasticsearch.xpack.core;import org.elasticsearch.core.PathUtils;
import org.elasticsearch.core.SuppressForbidden;import java.io.IOException;
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.jar.JarInputStream;
import java.util.jar.Manifest;/*** Information about the built version of x-pack that is running.*/
public class XPackBuild {public static final XPackBuild CURRENT;static {final String shortHash;final String date;Path path = getElasticsearchCodebase();/*if (path.toString().endsWith(".jar")) {try (JarInputStream jar = new JarInputStream(Files.newInputStream(path))) {Manifest manifest = jar.getManifest();shortHash = manifest.getMainAttributes().getValue("Change");date = manifest.getMainAttributes().getValue("Build-Date");} catch (IOException e) {throw new RuntimeException(e);}} else {// not running from a jar (unit tests, IDE)shortHash = "Unknown";date = "Unknown";}*/shortHash = "Unknown";date = "Unknown";CURRENT = new XPackBuild(shortHash, date);}/*** Returns path to xpack codebase path*/@SuppressForbidden(reason = "looks up path of xpack.jar directly")static Path getElasticsearchCodebase() {URL url = XPackBuild.class.getProtectionDomain().getCodeSource().getLocation();try {return PathUtils.get(url.toURI());} catch (URISyntaxException bogus) {throw new RuntimeException(bogus);}}private String shortHash;private String date;XPackBuild(String shortHash, String date) {this.shortHash = shortHash;this.date = date;}public String shortHash() {return shortHash;}public String date() {return date;}
}
编译java文件
- 编译环境:Ubuntu
- Java版本:Openjdk17
- Elasticsearch版本:8.0.1
安装Elasticsearch
安装Elasitcsearch为了提供编译需要的jar包。
- 下载并安装PGP Key
$ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo gpg --dearmor -o /usr/share/keyrings/elasticsearch-keyring.gpg
- 安装Elasticsearch Debain Package
apt-get update && sudo apt-get install elasticsearch
安装java环境
- 安装
openjdk17
$ apt install openjdk-17-jdk
- 测试是否安装成功
$ java --version
openjdk 17.0.1 2021-10-19
OpenJDK Runtime Environment (build 17.0.1+12-Ubuntu-120.04)
OpenJDK 64-Bit Server VM (build 17.0.1+12-Ubuntu-120.04, mixed mode, sharing)
将java源码编译为class文件
javac -cp "/usr/share/elasticsearch/lib/elasticsearch-8.0.1.jar:/usr/share/elasticsearch/lib/lucene-core-9.0.0.jar:/usr/share/elasticsearch/modules/x-pack-core/x-pack-core-8.0.1.jar:/usr/share/elasticsearch/lib/elasticsearch-x-content-8.0.1.jar:/usr/share/elasticsearch/lib/elasticsearch-core-8.0.1.jar" /root/LicenseVerifier.java
javac -cp "/usr/share/elasticsearch/lib/elasticsearch-8.0.1.jar:/usr/share/elasticsearch/lib/lucene-core-9.0.0.jar:/usr/share/elasticsearch/modules/x-pack-core/x-pack-core-8.0.1.jar:/usr/share/elasticsearch/lib/elasticsearch-x-content-8.0.1.jar:/usr/share/elasticsearch/lib/elasticsearch-core-8.0.1.jar" /root/XPackBuild.java
我们会得到LicenseVerifier.class
和XPackBuild.class
两个编译好的class文件
修改x-pack-core
文件位置:
/usr/share/elasticsearch/modules/x-pack-core/x-pack-core-8.0.1.jar
- 把
x-pack-core-8.0.1.jar
复制到任意位置,然后解包:
$ jar -xvf x-pack-core-8.0.1.jar
- 删除当前文件夹下的
x-pack-core-8.0.1.jar
- 覆盖破解好的文件:
LicenseVerifier.class
路径在/org/elasticsearch/license/LicenseVerifier.class
XPackBuild.class
路径在/org/elasticsearch/xpack/core/XPackBuild.class
- 重新打包
x-pack-core-8.0.1.jar
$ jar cvf x-pack-core-8.0.1.jar *
- 把破解好的文件覆盖到
/usr/share/elasticsearch/modules/x-pack-core/x-pack-core-8.0.1.jar
就完成破解。
制作Docker镜像
- 启动elasticsearch
$ docker run -d -p 9200:9200 --name=elasticsearch -e xpack.security.enabled=false -e discovery.type=single-node elasticsearch:8.0.1
- 用修改的
x-pack-core-8.0.1.jar
替换镜像内的原版
$ docker cp .\x-pack-core-8.0.1.jar elasticsearch:/usr/share/elasticsearch/modules/x-pack-core
- 修改镜像内文件的权限
首先以root
用户进入容器
$ docker exec -it -u root elasticsearch /bin/bash
然后修改x-pack-core-8.0.1.jar
的权限
$ cd /usr/share/elasticsearch/modules/x-pack-core
$ chmod -R 444 x-pack-core-8.0.1.jar
$ chown -R root x-pack-core-8.0.1.jar
$ chgrp -R root x-pack-core-8.0.1.jar
$ exit
- 重启容器
$ docker restart elasticsearch
- 生成镜像
$ docker commit elasticsearch elasticsearch:8.0.1C
使用elasticsearch:8.0.1C
这个镜像再导入证书就可以直接激活白金权限了
6. 导出/导入镜像
# 导出镜像为tar文件
$ docker save -o elastic.tar elasticsearch:8.0.1C
# 导入tar镜像
$ docker load -i elastic.tar
激活白金授权
申请Basic License
到这个网址申请授权,我们会得到一个license.json
。文件内容大概是下面这个样子
{"license": {"uid": "13370dd7-23e4-4470-ad2a-ccacb620f60a","type": "basic","issue_date_in_millis": 1563235200000,"expiry_date_in_millis": 2207746200000,"max_nodes": 10000,"issued_to": "netpro","issuer": "Web Form","signature": "AAAAAwAAAA3uiNJR7B8rdgnwFZItAAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQCyhef7hVFMq4orIbwULz0c1dX+Ng4sva5RTmWxKYLnJAyXmMRLp2Pvk9YE5G9JoI4gaSB4mIUtVyPzNGJpHLQCPS/kQ8y0B+mc0aXbBKZgbDTqE6p9E+kk1j8myN9GU+JR8QnYd8GiP4ziBUc2zOyx4hskiGE++Kx1KbD4862GbZwLCo9pIIHoxnpt44OytDB9lb7rYr2JBwc07flaR8ndkHlOL7AhuV2OMwDNw978l4OK/O4qxdthxc/XVo6l03IkVoy17coeJ9Oi4YIpOBXrIAYRgjPa68SvnnM8Ykb0KvNvJ7Y8GJ7x+l2q5qMu8QrBeJQ6U0fH/2ATgUy9EiwA","start_date_in_millis": 1563235200000}
}
### 修改授权类型和过期时间
我们需要修改license.json
的以下内容:
- 修改
type
为platinum
- 修改
expiry_date_in_millis
为2524579200999
(过期时间为2050年)
导入授权
这里我们直接用别人修改好的授权文件license.json
{"license": {"uid": "13370dd7-23e4-4470-ad2a-ccacb620f60a","type": "platinum","issue_date_in_millis": 1563235200000,"expiry_date_in_millis": 3207746200000,"max_nodes": 10000,"issued_to": "bibi","issuer": "Web Form","signature": "AAAAAwAAAA3uiNJR7B8rdgnwFZItAAABmC9ZN0hjZDBGYnVyRXpCOW5Bb3FjZDAxOWpSbTVoMVZwUzRxVk1PSmkxaktJRVl5MUYvUWh3bHZVUTllbXNPbzBUemtnbWpBbmlWRmRZb25KNFlBR2x0TXc2K2p1Y1VtMG1UQU9TRGZVSGRwaEJGUjE3bXd3LzRqZ05iLzRteWFNekdxRGpIYlFwYkJiNUs0U1hTVlJKNVlXekMrSlVUdFIvV0FNeWdOYnlESDc3MWhlY3hSQmdKSjJ2ZTcvYlBFOHhPQlV3ZHdDQ0tHcG5uOElCaDJ4K1hob29xSG85N0kvTWV3THhlQk9NL01VMFRjNDZpZEVXeUtUMXIyMlIveFpJUkk2WUdveEZaME9XWitGUi9WNTZVQW1FMG1DenhZU0ZmeXlZakVEMjZFT2NvOWxpZGlqVmlHNC8rWVVUYzMwRGVySHpIdURzKzFiRDl4TmM1TUp2VTBOUlJZUlAyV0ZVL2kvVk10L0NsbXNFYVZwT3NSU082dFNNa2prQ0ZsclZ4NTltbU1CVE5lR09Bck93V2J1Y3c9PQAAAQCyhef7hVFMq4orIbwULz0c1dX+Ng4sva5RTmWxKYLnJAyXmMRLp2Pvk9YE5G9JoI4gaSB4mIUtVyPzNGJpHLQCPS/kQ8y0B+mc0aXbBKZgbDTqE6p9E+kk1j8myN9GU+JR8QnYd8GiP4ziBUc2zOyx4hskiGE++Kx1KbD4862GbZwLCo9pIIHoxnpt44OytDB9lb7rYr2JBwc07flaR8ndkHlOL7AhuV2OMwDNw978l4OK/O4qxdthxc/XVo6l03IkVoy17coeJ9Oi4YIpOBXrIAYRgjPa68SvnnM8Ykb0KvNvJ7Y8GJ7x+l2q5qMu8QrBeJQ6U0fH/2ATgUy9EiwA","start_date_in_millis": 1563235200000}
}
导入授权:
curl -XPUT -u elastic 'http://192.168.0.106:9200/_license' -H "Content-Type: application/json" -d @license.json
在kibana
里能看到授权成功
解锁x-pack 8.x白金限制相关推荐
- Windows XP Service Pack 3 修复程序列表
编号文章标题类别274261 (http://support.microsoft.com/kb/274261/)超级终端缓冲区历史可能出现损坏修复297694 (http://support.micr ...
- USB HID转蓝牙鼠键宏指纹解锁
USB-HID-BLER 将有线鼠标键盘游戏手柄等USB HID转换为蓝牙设备,附带鼠键宏和指纹解锁功能. 硬件开源地址 前作 主要功能 使用esp32-c3的GPIO模拟USB HOST,识别低速 ...
- [解锁新姿势] 回想起被 `if-else` 支配的恐惧,我们要打倒 if - else
前言 [解锁新姿势] 兄dei,你代码需要优化了 在之前文章说到,简单 if-else,可以使用 卫语句 进行优化.但是在实际开发中,往往不是简单 if-else 结构,我们通常会不经意间写下如下代码 ...
- 模仿滴滴单车解锁的时候,从0%到90%的欺骗加载动画效果
/**欺骗加载动画效果-*/var text = '已解锁{value}%';var interval;var __fakeLoading = function (callback, time, pe ...
- 风格化手绘纹理包 CGTrader – Stylized Mix Vol. 41 – Hand Painted Texture Pack
风格化手绘纹理包 CGTrader – Stylized Mix Vol. 41 – Hand Painted Texture Pack CGTrader–风格化混合第41卷–手绘纹理包 大小解压后: ...
- [UWP小白日记-10]程序启动屏(ios解锁既视感)
[UWP小白日记-10]程序启动屏(ios解锁既视感) 原文:[UWP小白日记-10]程序启动屏(ios解锁既视感) 讲一下 微软爸爸的开发者大会2016又暴了个表达式动画和Windows.UI.Co ...
- #pragma pack(n) 的作用
在C语言中,结构是一种复合数据类型,其构成元素既可以是基本数据类型(如int.long.float等)的变量,也可以是一些复合数据类型(如数组.结构.联合等)的数据单元.在结构中,编译器为结构的每个成 ...
- 动力电池检测电压c语言编程,动力电池PACK EOL测试系统
2020年10月以来,新能源汽车接连发生起火.爆炸事故,将其安全问题推向舆论的风口浪尖.安全需求作为人类一种低级别的.最本质的需求,没有安全作为前提,行业的发展将是空中楼阁.说到安全第一时间想到的就是 ...
- iOS8.0 之后指纹解锁
iOS 8.0 SDK 开放了调用指纹识别的API,但是仅限于支持5s 以后的机型 使用的话,很简单,要导入系统的库 #import <LocalAuthentication/LocalAuth ...
最新文章
- android 自定义paint,Android中自定义常用的三个对象解析(Paint,Color,Canvas)
- 在RelativeLayout中对控件的显示隐藏操作问题
- JAVA进阶day08泛型
- 将iOS默认上下文坐标系改变为Quartz通常坐标系
- ASP.NET生成静态页面方法大全(1)
- Atitit.单向sso 单点登录的设计与实现
- 7-1 宿舍谁最高? (20 分)
- 软考 java程序设计,软考程序员考点Java语言程序设计之数组
- java实现url编码与中文的互相转换
- c语言 习题错题知识点(1) (关键字 合法数据类型 逗号运算符)
- 程序员真实从零开始实操 赚钱渠道之一CPS
- Intelligent Designer
- apicloud加java,【APICloud】App开发中加入系统分享功能案例源码分享
- Omnigraffle Pro 注册码/许可证
- 学习笔记-如何设计离线跑批系统
- 2021年安全员-A证考试题库及安全员-A证报名考试
- AnyLogic第二讲行人仿真空间逻辑讲解
- 自己的发展安排 2023年 -- 2024年
- mtrace内存泄漏工具的使用方法
- 重磅!中国新型类脑计算芯片首登《自然》封面
热门文章
- 本科计算机专业sci好写吗,保研经验:本科发表4篇SCI,横扫北大、清华、中科大、中科院、浙大17个OFFER!...
- 虚拟机——KSM Kernel Samepage Merging
- React 基础----1
- GNU LGPL协议
- std::thread与pthread
- ansj词典加载及简洁分词过程
- windows命令行连接远程服务器MongoDB
- 惊闻|万盈:玩一元斗地主 引争执出人命 派出所介入调查
- php实现播放直播_php和腾讯直播的实现代码
- php添加学生信息,PHP开发 学生管理系统之添加信息PHP页面