Docker-compose方式部署单机-EMQX集群
前提
1.docker和docker-compose环境需要部署
2.需要准备mysql做外置数据库(如不需要认证,可忽略)
总体目录如下:
[root@localhost emqx]# tree
├── docker-compose.yaml
├── emqx1
│ ├── data
│ └── log
├── emqx2
│ ├── data
│ └── log
├── loaded_plugins
├── nginx
└── nginx.conf
安装部署
1.在服务器上创建emqx挂载目录
# 在服务器上创建emqx挂载目录
mkdir -p /data/docker/emqx/emqx{1,2}/{data,log}
# 修改挂载目录权限
chown -R 1000:1000 /data/docker/emqx/
chmod -R 755 /data/docker/emqx/
2.编写loaded_plugins文件
在/data/docker/emqx创建loaded_plugins文件,用于替换插件启用配置(启用emqx_auth_mysql插件)如果不需要外置数据库可忽略
vi loaded_plugins
{emqx_management, true}.
{emqx_recon, true}.
{emqx_retainer, true}.
{emqx_dashboard, true}.
{emqx_telemetry, true}.
{emqx_rule_engine, true}.
{emqx_bridge_mqtt, false}.
{emqx_auth_mysql, true}.
官方介绍:https://www.emqx.io/docs/zh/v4.4/getting-started/directory.html#data-%E7%9B%AE%E5%BD%95
3.准备nginx.conf文件
在/data/docker/emqx准备nginx.conf文件,内容如下:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 4096;
}
stream{
# emqx tcp
upstream emqxTcp {
zone tcp_servers 64k;
hash $remote_addr;
server emqx-emqx1-1:1883 max_fails=3 fail_timeout=30s;
server emqx-emqx2-1:1883 max_fails=3 fail_timeout=30s;
}
# emqx tcp server
server {
listen 1883;
proxy_pass emqxTcp;
proxy_buffer_size 4k;
}
# emqx-web tcp
upstream emqxWebTcp {
zone tcp_servers 64k;
hash $remote_addr;
server emqx-emqx1-1:8083 max_fails=3 fail_timeout=30s;
server emqx-emqx2-1:8083 max_fails=3 fail_timeout=30s;
}
# emqx-web tcp server
server {
listen 8083;
proxy_pass emqxWebTcp;
proxy_buffer_size 4k;
}
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format xinsec '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'
'$connection $upstream_addr '
'upstream_response_time $upstream_response_time request_time $request_time ';
access_log /var/log/nginx/access.log main;
##cache##
client_body_buffer_size 512k;
proxy_connect_timeout 600 ;
proxy_read_timeout 18000;
proxy_send_timeout 18000;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
client_max_body_size 200m;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
upstream emqxWeb {
server emqx-emqx1-1:18083;
server emqx-emqx2-1:18083;
}
server {
listen 18083;
server_name _;
location / {
proxy_pass http://emqxWeb;
index index.html index.htm;
}
}
}
4.mysql数据库准备工作
1.创建数据库:mqtt
2.创建两张表:
#认证/超级用户表
CREATE TABLE `mqtt_user` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`username` varchar(100) DEFAULT NULL,
`password` varchar(100) DEFAULT NULL,
`salt` varchar(35) DEFAULT NULL,
`is_superuser` tinyint(1) DEFAULT 0,
`created` datetime DEFAULT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `mqtt_username` (`username`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
-- 客户端信息 emqx/public
INSERT INTO `mqtt_user` ( `username`, `password`, `salt`, `is_superuser`)
VALUES
('emqx', 'efa1f375d76194fa51a3556a97e641e61685f914d446979da50a551a4333ffd7', NULL, 0);
#ACL 规则表
CREATE TABLE `mqtt_acl` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`allow` int(1) DEFAULT 1 COMMENT '0: deny, 1: allow',
`ipaddr` varchar(60) DEFAULT NULL COMMENT 'IpAddress',
`username` varchar(100) DEFAULT NULL COMMENT 'Username',
`clientid` varchar(100) DEFAULT NULL COMMENT 'ClientId',
`access` int(2) NOT NULL COMMENT '1: subscribe, 2: publish, 3: pubsub',
`topic` varchar(100) NOT NULL DEFAULT '' COMMENT 'Topic Filter',
PRIMARY KEY (`id`),
INDEX (ipaddr),
INDEX (username),
INDEX (clientid)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
官方参考:https://www.emqx.io/docs/zh/v4.4/advanced/acl-mysql.html#mysql-%E8%BF%9E%E6%8E%A5%E4%BF%A1%E6%81%AF
5.编写docker-compose.yml文件如下
以下是两个emqx节点都放在同一台机器,真实情况下会分开不同机器部署为好...
version: '3'
services:
emqx1:
image: emqx/emqx:4.4.3
restart: always
environment:
- "EMQX_ALLOW_ANONYMOUS=false"
- "EMQX_NAME=emqx"
- "EMQX_HOST=node1.emqx.io"
- "EMQX_CLUSTER__DISCOVERY=static"
- "EMQX_CLUSTER__STATIC__SEEDS=emqx@node1.emqx.io,emqx@node2.emqx.io"
- "EMQX_AUTH__MYSQL__SERVER=10.80.210.122:3306"
- "EMQX_AUTH__MYSQL__POOL=8"
- "EMQX_AUTH__MYSQL__USERNAME=xinsec"
- "EMQX_AUTH__MYSQL__PASSWORD=DB.xinsec"
- "EMQX_AUTH__MYSQL__DATABASE=mqtt"
- "EMQX_AUTH__MYSQL__QUERY_TIMEOUT=5s"
- "EMQX_AUTH__MYSQL__PASSWORD_HASH=sha256"
volumes:
- /etc/localtime:/etc/localtime
- /data/docker/emqx/emqx1/log:/opt/emqx/log
- /data/docker/emqx/emqx1/data:/opt/emqx/data
- ./loaded_plugins:/opt/emqx/data/loaded_plugins:z
healthcheck:
test: ["CMD", "/opt/emqx/bin/emqx_ctl", "status"]
interval: 5s
timeout: 25s
retries: 5
networks:
emqx-bridge:
aliases:
- node1.emqx.io
emqx2:
image: emqx/emqx:4.4.3
restart: always
environment:
- "EMQX_ALLOW_ANONYMOUS=false"
- "EMQX_NAME=emqx"
- "EMQX_HOST=node2.emqx.io"
- "EMQX_CLUSTER__DISCOVERY=static"
- "EMQX_CLUSTER__STATIC__SEEDS=emqx@node1.emqx.io,emqx@node2.emqx.io"
- "EMQX_AUTH__MYSQL__SERVER=10.80.210.122:3306"
- "EMQX_AUTH__MYSQL__POOL=8"
- "EMQX_AUTH__MYSQL__USERNAME=xinsec"
- "EMQX_AUTH__MYSQL__PASSWORD=DB.xinsec"
- "EMQX_AUTH__MYSQL__DATABASE=mqtt"
- "EMQX_AUTH__MYSQL__QUERY_TIMEOUT=5s"
- "EMQX_AUTH__MYSQL__PASSWORD_HASH=sha256"
volumes:
- /etc/localtime:/etc/localtime
- /data/docker/emqx/emqx2/log:/opt/emqx/log
- /data/docker/emqx/emqx2/data:/opt/emqx/data
- ./loaded_plugins:/opt/emqx/data/loaded_plugins:z
healthcheck:
test: ["CMD", "/opt/emqx/bin/emqx_ctl", "status"]
interval: 5s
timeout: 25s
retries: 5
networks:
emqx-bridge:
aliases:
- node2.emqx.io
nginx:
image: nginx:1.23.0-alpine
restart: always
ports:
- 1883:1883
- 8083:8083
- 18083:18083
volumes:
- /etc/localtime:/etc/localtime
- ./nginx.conf:/etc/nginx/nginx.conf
- /data/docker/emqx/nginx:/var/log/nginx/
networks:
emqx-bridge:
networks:
emqx-bridge:
driver: bridge
启动测试
启动:docker-compose up -d
使用web-Dashboard 方式进行操作验证
访问服务:ip:18083,如:http://ip:18083/
默认账号密码:admin/public