一 说明
Emqx是mqtt-broker中的一种,其中很大的一个特色是支持共享分组订阅,它的部署方式有很多,其中Docker-compose方式也是很常用的一种方式。
二 部署
编写loaded_plugins文件,用于替换插件启用配置(启用emqx_auth_mysql插件)1
2
3
4
5
6
7
8{emqx_management, true}.
{emqx_recon, true}.
{emqx_retainer, true}.
{emqx_dashboard, true}.
{emqx_telemetry, true}.
{emqx_rule_engine, true}.
{emqx_bridge_mqtt, false}.
{emqx_auth_mysql, true}.
编写docker-compose.yml文件如下(以下是两个emqx节点都放在同一台机器,真实情况下会分开不同机器部署):1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66version: '3'
services:
emqx1:
image: emqx/emqx:4.3.10
environment:
- "EMQX_NAME=emqx"
- "EMQX_HOST=node1.emqx.io"
- "EMQX_CLUSTER__DISCOVERY=static"
- "EMQX_CLUSTER__STATIC__SEEDS=emqx@node1.emqx.io, emqx@node2.emqx.io"
- "EMQX_ALLOW_ANONYMOUS=false"
- "EMQX_ACL_NOMATCH=deny"
- "EMQX_BROKER__SHARED_SUBSCRIPTION_STRATEGY=hash_clientid"
- "EMQX_BROKER__SHARED_DISPATCH_ACK_ENABLED=true"
- "EMQX_ZONE__EXTERNAL__IDLE_TIMEOUT=60s"
- "EMQX_AUTH__MYSQL__SERVER=172.21.241.87:3306"
- "EMQX_AUTH__MYSQL__POOL=8"
- "EMQX_AUTH__MYSQL__USERNAME=root"
- "EMQX_AUTH__MYSQL__PASSWORD=123456"
- "EMQX_AUTH__MYSQL__DATABASE=db_iot"
- "EMQX_AUTH__MYSQL__QUERY_TIMEOUT=5s"
- "EMQX_AUTH__MYSQL__PASSWORD_HASH=sha256"
- "EMQX_AUTH__MYSQL__AUTH_QUERY=select password from iot_mqtt_user where username = '%u' and del_flag = 0 limit 1"
- "EMQX_AUTH__MYSQL__SUPER_QUERY=SELECT is_superuser from iot_mqtt_user where username = '%u' and del_flag = 0"
- "EMQX_AUTH__MYSQL__ACL_QUERY=select 0 as allow, null as ipaddr, '%u' as username, null as clientid, 3 as access, '/#' as topic union select 1 as allow, null as ipaddr, username, null as clientid, access, topic from iot_mqtt_acl WHERE username = '%u' and del_flag = 0"
volumes:
- ./loaded_plugins:/opt/emqx/data/loaded_plugins:z
ports:
- 1883:1883
networks:
emqx-bridge:
aliases:
- node1.emqx.io
emqx2:
image: emqx/emqx:4.3.10
environment:
- "EMQX_NAME=emqx"
- "EMQX_HOST=node2.emqx.io"
- "EMQX_CLUSTER__DISCOVERY=static"
- "EMQX_CLUSTER__STATIC__SEEDS=emqx@node1.emqx.io, emqx@node2.emqx.io"
- "EMQX_ALLOW_ANONYMOUS=false"
- "EMQX_ACL_NOMATCH=deny"
- "EMQX_BROKER__SHARED_SUBSCRIPTION_STRATEGY=hash_clientid"
- "EMQX_BROKER__SHARED_DISPATCH_ACK_ENABLED=true"
- "EMQX_ZONE__EXTERNAL__IDLE_TIMEOUT=60s"
- "EMQX_AUTH__MYSQL__SERVER=172.21.241.87:3306"
- "EMQX_AUTH__MYSQL__POOL=8"
- "EMQX_AUTH__MYSQL__USERNAME=root"
- "EMQX_AUTH__MYSQL__PASSWORD=123456"
- "EMQX_AUTH__MYSQL__DATABASE=db_iot"
- "EMQX_AUTH__MYSQL__QUERY_TIMEOUT=5s"
- "EMQX_AUTH__MYSQL__PASSWORD_HASH=sha256"
- "EMQX_AUTH__MYSQL__AUTH_QUERY=select password from iot_mqtt_user where username = '%u' and del_flag = 0 limit 1"
- "EMQX_AUTH__MYSQL__SUPER_QUERY=SELECT is_superuser from iot_mqtt_user where username = '%u' and del_flag = 0"
- "EMQX_AUTH__MYSQL__ACL_QUERY=select 0 as allow, null as ipaddr, '%u' as username, null as clientid, 3 as access, '/#' as topic union select 1 as allow, null as ipaddr, username, null as clientid, access, topic from iot_mqtt_acl WHERE username = '%u' and del_flag = 0"
volumes:
- ./loaded_plugins:/opt/emqx/data/loaded_plugins:z
networks:
emqx-bridge:
aliases:
- node2.emqx.io
networks:
emqx-bridge:
driver: bridge
其中依赖的两张表的表结构如下:1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26CREATE TABLE `iot_mqtt_acl` (
`id` int NOT NULL AUTO_INCREMENT COMMENT '主键',
`username` varchar(64) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL COMMENT 'mqtt用户名',
`topic` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL COMMENT 'Topic Filter',
`access` int DEFAULT NULL COMMENT '访问权限 1: subscribe, 2: publish, 3: pubsub',
`create_time` datetime DEFAULT NULL COMMENT '创建日期',
`del_flag` int DEFAULT '0' COMMENT '是否删除 0未删除 1删除',
PRIMARY KEY (`id`) USING BTREE,
KEY `idx_username` (`username`) USING BTREE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 ROW_FORMAT=DYNAMIC COMMENT='mqtt的ACL规则表';
CREATE TABLE `iot_mqtt_user` (
`id` int NOT NULL AUTO_INCREMENT COMMENT '主键',
`username` varchar(64) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL COMMENT 'mqtt用户名',
`password` varchar(64) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL COMMENT 'mqtt加密的密码',
`login_pwd` varchar(64) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL COMMENT 'mqtt明文的密码',
`is_superuser` tinyint(1) DEFAULT NULL COMMENT '是否超级用户(1-是,0-否)',
`create_by` varchar(32) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL COMMENT '创建人',
`create_time` datetime DEFAULT NULL COMMENT '创建日期',
`update_by` varchar(32) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL COMMENT '更新人',
`update_time` datetime DEFAULT NULL COMMENT '更新日期',
`del_flag` int DEFAULT '0' COMMENT '是否删除 0未删除 1删除',
PRIMARY KEY (`id`) USING BTREE,
KEY `idx_username` (`username`) USING BTREE,
KEY `idx_sn` (`sn`) USING BTREE
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 ROW_FORMAT=DYNAMIC COMMENT='mqtt用户表';
启动1
docker-compose up -d
查看启动情况1
2
3
4# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
135de8d75b8d emqx/emqx:4.3.10 "/usr/bin/docker-e..." 10 days ago Up 10 days 4369-4370/tcp, 5369/tcp, 6369-6370/tcp, 8081/tcp, 8083-8084/tcp, 8883/tcp, 11883/tcp, 0.0.0.0:1883->1883/tcp, 18083/tcp emqx_emqx1_1
7a11a8b3d82b emqx/emqx:4.3.10 "/usr/bin/docker-e..." 10 days ago Up 10 days 1883/tcp, 4369-4370/tcp, 5369/tcp, 6369-6370/tcp, 8081/tcp, 8083-8084/tcp, 8883/tcp, 11883/tcp, 18083/tcp emqx_emqx2_1