【漏洞修复】ES漏洞-ES集群小版本升级及对应kibana升级方案_cve-2023-46673

一、快速下载对应版本

https://artifacts.elastic.co/downloads/kibana/kibana-7.17.26-linux-x86_64.tar.gz
https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-7.17.26-linux-x86_64.tar.gz

二、ES升级步骤

1、查看es集群节点信息

curl http://localhost:9200/_cat/nodes?pretty
curl http://localhost:9200/_cluster/health

2、禁用副本分配

curl -X PUT \"localhost:9200/_cluster/settings?pretty\" -H \'Content-Type: application/json\' -d\' { \"persistent\": { \"cluster.routing.allocation.enable\": \"primaries\"  }}\'

3、停止不必要的建立索引操作和使用异步刷新。

curl -X POST \"localhost:9200/_flush/synced?pretty\"

4、es版本升级

ps -ef | grep elasticsearch
kill -9 

cp -r /app/elasticsearch-7.2.0/data /app/elasticsearch-7.17.26/
cp -r /app/elasticsearch-7.2.0/config/elasticsearch.yml /app/elasticsearch-7.17.26/config/
cp -r /app/elasticsearch-7.2.0/config/jvm.options /app/elasticsearch-7.17.26/config/
cp -r /app/elasticsearch-7.2.0/logs  /app/elasticsearch-7.17.26/
cp -r /app/elasticsearch-7.2.0-data  /app/elasticsearch-7.17.26-data
cp -r /app/elasticsearch-7.2.0-logs  /app/elasticsearch-7.17.26-logs

/app/elasticsearch-7.17.26/bin/elasticsearch -d

5、重新启用分片分配

curl -X PUT \"localhost:9200/_cluster/settings?pretty\" -H \'Content-Type: application/json\' -d\' { \"persistent\": {  \"cluster.routing.allocation.enable\": null  }}\'

6、等待节点恢复

查看进度
curl -X GET \"localhost:9200/_cat/health?v=true&pretty\"
各个分片的恢复状态
curl -X GET \"localhost:9200/_cat/recovery?pretty\" 
查看版本
curl -X GET \"localhost:9200/_cat/nodes?h=ip,name,version&v=true&pretty\"

7、最终结果

curl http://localhost:9200/_cat/nodes?pretty

三、kibana升级步骤

1、版本升级

ps -ef | grep kibana
kill -9 

cp /app/kibana-7.17.26-linux-x86_64/cfg/kibana.yml  /app/kibana-7.17.26-linux-x86_64/cfg/kibana.yml  

mkdir /app/kibana-7.17.26-linux-x86_64/logs

nohup /app/kibana-7.17.26-linux-x86_64/bin/kibana 1> /app/kibana-7.17.26-linux-x86_64/logs/start.log 2> /app/kibana-7.17.26-linux-x86_64/logs/start.err &

2、手动分片（如果节点异常）

curl -X POST \"http://localhost:9200/_cluster/reroute\" -H \'Content-Type: application/json\' -d \'{\"commands\":[{\"allocate_empty_primary\":{\"index\":\".kibana_task_manager_7.17.26_001\",\"shard\":0,\"node\":\"es7_node_03\",\"accept_data_loss\":true}}]}\'
【es7_node_03为分配节点名称】