# x-pack

# 查看 x-pack license 信息

curl -u elastic:Qc6lfkiGXYpUpeCpRwUy http://192.168.10.145:9200/_xpack/license
返回
  "license" : {
    "status" : "active",
    "uid" : "5b67e00a-fdc5-44cb-abf2-0ae058eb55c0",
    "type" : "platinum",
    "issue_date" : "2018-11-02T00:00:00.000Z",
    "issue_date_in_millis" : 1541116800000,
    "expiry_date" : "2068-06-24T06:50:00.000Z",
    "expiry_date_in_millis" : 3107746200000,
    "max_nodes" : 100,
    "issued_to" : "Lin Qin (my-company)",
    "issuer" : "Web Form",
    "start_date_in_millis" : 1541116800000
  }
}

# 破解 X-PACK

ES7 以上的版本不用破解了。

# x-pack认证

由于es6+版本集群认证要配置加密通信，查看官网文档

• 生成认证文件 elastic-certificates.p12

bin/elasticsearch-certutil ca

• 使用认证文件生成证书

  bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
  

• 添加刚才输入的密码,会在 config 文件夹下生成 elasticseaerch.keystore 文件

  bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
  bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password
  

  复制 elastic-certificates.p12 到 config 文件夹下

• 真正起作用的是 config 文件夹下的 elasticseaerch.keystore 文件

  拷贝 elastic-certificates.p12 和 elasticseaerch.keystore 到所有节点机器

• 导入license，可以申请

  $ curl -XPUT 'http://192.168.10.145:9200/_xpack/license?acknowledge=true&pretty' -H "Content-Type: application/json" -d @lin-qin-15837219-79c2-471c-b4c4-c69b4a151ec8-v5.json
    // 返回
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                   Dload  Upload   Total   Spent    Left  Speed
  100  1249  100    58  100  1191    411   8446 --:--:-- --:--:-- --:--:--  9992{
    "acknowledged" : true,
    "license_status" : "valid"
  }
  
  

• 修改es配置，重启。没配置上面认证无法恢复集群数据。

   es配置文件
   #xpack.license.self_generated.type: trial
  xpack.security.enabled: true
  xpack.ml.enabled: false
   #设置为trial（默认）以启用所有X-Pack功能,basic使用基础就可以了。: 
  # 添加如下2行,打开安全配置功能,文件目录默认是config文件夹: 
  xpack.security.transport.ssl.enabled: true
  xpack.security.transport.ssl.verification_mode: certificate
  xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
  xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
  

• 查看集群健康状态，等集群恢复后可以执行y生成密码，记住密码。等恢复数据再次执行。

  ./bin/elasticsearch-setup-passwords auto -v
  

• 修改客户端代码支持ssl即可。参考

# x-pack 生成密码

F:\elasticsearch-6.3.0\bin>elasticsearch-setup-passwords auto
Initiating the setup of passwords for reserved users elastic,kibana,logstash_system,beats_system.
The passwords will be randomly generated and printed to the console.
Please confirm that you would like to continue [y/N]y

Changed password for user kibana
PASSWORD kibana = yi3GEYpR8JKZh1gfIii2

Changed password for user logstash_system
PASSWORD logstash_system = 7XFm6hT5Ljf2Bm3GM79c

Changed password for user beats_system
PASSWORD beats_system = gpiuJUZuhKl6LAPEkz8L

Changed password for user elastic
PASSWORD elastic = Qc6lfkiGXYpUpeCpRwUy

# x-pack 修改密码

$ curl -H "Content-Type:application/json" -XPOST -u elastic 'http://http://192.168.10.145:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "elastic" }'

# 去官网申请正式

https://license.elastic.co/registration 官网地址

1. 邮箱认真写，用来接收json文件的
2. country写china,其它都可以随便写
3. 点击申请后邮箱马上会收到一个邮件
4. 修改 json 文件
   • “type”:“basic” 替换为 “type”:"platinum" # 基础版变更为铂金版
   • expiry_date_in_millis”:1561420799999 替换为 “expiry_date_in_millis”:3107746200000# 1年变为50年
   • 好好保存，修改后的文件可以重复使用到其它 ES 服务器