Docker-compose方式部署单机-EMQX集群 – 记忆角落

Docker-compose方式部署单机-EMQX集群

/ 0评 / 2

Docker-compose方式部署单机-EMQX集群

前提

1.dockerdocker-compose环境需要部署

2.需要准备mysql做外置数据库(如不需要认证,可忽略)

总体目录如下:

[root@localhost emqx]# tree
├── docker-compose.yaml
├── emqx1
│   ├── data
│   └── log
├── emqx2
│   ├── data
│   └── log
├── loaded_plugins
├── nginx
└── nginx.conf

安装部署

1.在服务器上创建emqx挂载目录

# 在服务器上创建emqx挂载目录
mkdir -p /data/docker/emqx/emqx{1,2}/{data,log}
# 修改挂载目录权限
chown -R 1000:1000 /data/docker/emqx/
chmod -R 755 /data/docker/emqx/

2.编写loaded_plugins文件

/data/docker/emqx创建loaded_plugins文件,用于替换插件启用配置(启用emqx_auth_mysql插件)如果不需要外置数据库可忽略

vi loaded_plugins

{emqx_management, true}.
{emqx_recon, true}.
{emqx_retainer, true}.
{emqx_dashboard, true}.
{emqx_telemetry, true}.
{emqx_rule_engine, true}.
{emqx_bridge_mqtt, false}.
{emqx_auth_mysql, true}.

官方介绍:https://www.emqx.io/docs/zh/v4.4/getting-started/directory.html#data-%E7%9B%AE%E5%BD%95

3.准备nginx.conf文件

/data/docker/emqx准备nginx.conf文件,内容如下:

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 4096;
}

stream{
    # emqx tcp
    upstream emqxTcp {
        zone tcp_servers 64k;
        hash $remote_addr;
        server emqx-emqx1-1:1883 max_fails=3 fail_timeout=30s;
        server emqx-emqx2-1:1883 max_fails=3 fail_timeout=30s;
    }

    # emqx tcp server
    server {
        listen 1883;
        proxy_pass emqxTcp;
        proxy_buffer_size 4k;
    }

    # emqx-web tcp
    upstream emqxWebTcp {
        zone tcp_servers 64k;
        hash $remote_addr;
        server emqx-emqx1-1:8083 max_fails=3 fail_timeout=30s;
        server emqx-emqx2-1:8083 max_fails=3 fail_timeout=30s;
    }

    # emqx-web tcp server
    server {
        listen 8083;
        proxy_pass emqxWebTcp;
        proxy_buffer_size 4k;
    }
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    log_format xinsec '$remote_addr - $remote_user [$time_local] "$request" '
        '$status $body_bytes_sent "$http_referer" '
        '"$http_user_agent" "$http_x_forwarded_for"'
        '$connection $upstream_addr '
        'upstream_response_time $upstream_response_time request_time $request_time ';


    access_log  /var/log/nginx/access.log  main;

    ##cache##
    client_body_buffer_size 512k;
    proxy_connect_timeout 600 ;
    proxy_read_timeout 18000;
    proxy_send_timeout 18000;
    proxy_buffer_size 16k;
    proxy_buffers 4 64k;
    proxy_busy_buffers_size 128k;
    proxy_temp_file_write_size 128k;

    client_max_body_size 200m;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;



    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    upstream emqxWeb {
        server emqx-emqx1-1:18083;
        server emqx-emqx2-1:18083;
    }
    server {
        listen    18083;
        server_name   _;
        location / {
            proxy_pass    http://emqxWeb;
            index    index.html    index.htm;
        }
    }
}

4.mysql数据库准备工作

1.创建数据库:mqtt

2.创建两张表:

#认证/超级用户表
CREATE TABLE `mqtt_user` (
  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
  `username` varchar(100) DEFAULT NULL,
  `password` varchar(100) DEFAULT NULL,
  `salt` varchar(35) DEFAULT NULL,
  `is_superuser` tinyint(1) DEFAULT 0,
  `created` datetime DEFAULT NULL,
  PRIMARY KEY (`id`),
  UNIQUE KEY `mqtt_username` (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

-- 客户端信息 emqx/public
INSERT INTO `mqtt_user` ( `username`, `password`, `salt`, `is_superuser`)
VALUES
    ('emqx', 'efa1f375d76194fa51a3556a97e641e61685f914d446979da50a551a4333ffd7', NULL, 0);

#ACL 规则表
CREATE TABLE `mqtt_acl` (
  `id` int(11) unsigned NOT NULL AUTO_INCREMENT,
  `allow` int(1) DEFAULT 1 COMMENT '0: deny, 1: allow',
  `ipaddr` varchar(60) DEFAULT NULL COMMENT 'IpAddress',
  `username` varchar(100) DEFAULT NULL COMMENT 'Username',
  `clientid` varchar(100) DEFAULT NULL COMMENT 'ClientId',
  `access` int(2) NOT NULL COMMENT '1: subscribe, 2: publish, 3: pubsub',
  `topic` varchar(100) NOT NULL DEFAULT '' COMMENT 'Topic Filter',
  PRIMARY KEY (`id`),
  INDEX (ipaddr),
  INDEX (username),
  INDEX (clientid)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

官方参考:https://www.emqx.io/docs/zh/v4.4/advanced/acl-mysql.html#mysql-%E8%BF%9E%E6%8E%A5%E4%BF%A1%E6%81%AF

5.编写docker-compose.yml文件如下

以下是两个emqx节点都放在同一台机器,真实情况下会分开不同机器部署为好...

version: '3'

services:
  emqx1:
    image: emqx/emqx:4.4.3
    restart: always
    environment:
      - "EMQX_ALLOW_ANONYMOUS=false"
      - "EMQX_NAME=emqx"
      - "EMQX_HOST=node1.emqx.io"
      - "EMQX_CLUSTER__DISCOVERY=static"
      - "EMQX_CLUSTER__STATIC__SEEDS=emqx@node1.emqx.io,emqx@node2.emqx.io"
      - "EMQX_AUTH__MYSQL__SERVER=10.80.210.122:3306"
      - "EMQX_AUTH__MYSQL__POOL=8"
      - "EMQX_AUTH__MYSQL__USERNAME=xinsec"
      - "EMQX_AUTH__MYSQL__PASSWORD=DB.xinsec"
      - "EMQX_AUTH__MYSQL__DATABASE=mqtt"
      - "EMQX_AUTH__MYSQL__QUERY_TIMEOUT=5s"
      - "EMQX_AUTH__MYSQL__PASSWORD_HASH=sha256"
    volumes:
      - /etc/localtime:/etc/localtime
      - /data/docker/emqx/emqx1/log:/opt/emqx/log
      - /data/docker/emqx/emqx1/data:/opt/emqx/data
      - ./loaded_plugins:/opt/emqx/data/loaded_plugins:z
    healthcheck:
      test: ["CMD", "/opt/emqx/bin/emqx_ctl", "status"]
      interval: 5s
      timeout: 25s
      retries: 5
    networks:
      emqx-bridge:
        aliases:
          - node1.emqx.io

  emqx2:
    image: emqx/emqx:4.4.3
    restart: always
    environment:
      - "EMQX_ALLOW_ANONYMOUS=false"
      - "EMQX_NAME=emqx"
      - "EMQX_HOST=node2.emqx.io"
      - "EMQX_CLUSTER__DISCOVERY=static"
      - "EMQX_CLUSTER__STATIC__SEEDS=emqx@node1.emqx.io,emqx@node2.emqx.io"
      - "EMQX_AUTH__MYSQL__SERVER=10.80.210.122:3306"
      - "EMQX_AUTH__MYSQL__POOL=8"
      - "EMQX_AUTH__MYSQL__USERNAME=xinsec"
      - "EMQX_AUTH__MYSQL__PASSWORD=DB.xinsec"
      - "EMQX_AUTH__MYSQL__DATABASE=mqtt"
      - "EMQX_AUTH__MYSQL__QUERY_TIMEOUT=5s"
      - "EMQX_AUTH__MYSQL__PASSWORD_HASH=sha256"
    volumes:
      - /etc/localtime:/etc/localtime
      - /data/docker/emqx/emqx2/log:/opt/emqx/log
      - /data/docker/emqx/emqx2/data:/opt/emqx/data
      - ./loaded_plugins:/opt/emqx/data/loaded_plugins:z
    healthcheck:
      test: ["CMD", "/opt/emqx/bin/emqx_ctl", "status"]
      interval: 5s
      timeout: 25s
      retries: 5
    networks:
      emqx-bridge:
        aliases:
          - node2.emqx.io

  nginx:
    image: nginx:1.23.0-alpine
    restart: always
    ports:
      - 1883:1883
      - 8083:8083
      - 18083:18083
    volumes:
      - /etc/localtime:/etc/localtime
      - ./nginx.conf:/etc/nginx/nginx.conf
      - /data/docker/emqx/nginx:/var/log/nginx/
    networks:
      emqx-bridge:


networks:
  emqx-bridge:
    driver: bridge

启动测试

启动:docker-compose up -d

使用web-Dashboard 方式进行操作验证

访问服务:ip:18083,如:http://ip:18083/

默认账号密码:admin/public

发表评论

您的电子邮箱地址不会被公开。