Shulou(Shulou.com)06/02 Report--

This article mainly introduces how to use Docker to build MQTT server, the article is very detailed, has a certain reference value, interested friends must read it!

1. Pull the image

Docker pull registry.cn-hangzhou.aliyuncs.com/synbop/emqttd:2.3.6

two。 Run Mirror

-name name

-p 18083 server startup port

-p 1882 TCP port

-p 8083 WS port

-p 8084 WSS port

-p 8883 SSL port

-d specify the container

Docker run-- name emq-p 18083 registry.cn-hangzhou.aliyuncs.com/synbop/emqttd:2.3.6 1883-p 1883 registry.cn-hangzhou.aliyuncs.com/synbop/emqttd:2.3.6 1883-p 8084 4 registry.cn-hangzhou.aliyuncs.com/synbop/emqttd:2.3.6

3. Go to the emq service page

   enters the machine IP:18083 in the browser to enter the emqtt page.

   's initial account admin, password public

4. Configure emq (for V3.1.0)

   configures permissions for emq users. Emq also supports a variety of database authentication, including mongo, redis, pgsql and so on. If you are interested, you can study it on your own.

# enter the container, do not enter docker exec-it emq / bin/sh with / bin/bash

1. First, turn off anonymous authentication (default is on, anyone can log in)

# Editing configuration file vi / opt/emqttd/etc/emq.conf# changes allow anonymous True-> falseallow_anonymous = false

two。 To create a mysql table of users and permissions, you can either pull a mysql container or create it directly in mysql in your ubuntu

CREATE DATABASE emq charset utf8;use eqm;CREATE TABLE mqtt_user (id int (11) unsigned NOT NULL AUTO_INCREMENT, username varchar DEFAULT NULL, password varchar (100) DEFAULT NULL, salt varchar (20) DEFAULT NULL, is_superuser tinyint (1) DEFAULT 0, created datetime DEFAULT NULL, PRIMARY KEY (id), UNIQUE KEY mqtt_username (username)) ENGINE=MyISAM DEFAULT CHARSET=utf8 CREATE TABLE mqtt_acl (id int (11) unsigned NOT NULL AUTO_INCREMENT, allow int (1) DEFAULT NULL COMMENT'0: deny, 1: allow', ipaddr varchar (60) DEFAULT NULL COMMENT 'IpAddress', username varchar' DEFAULT NULL COMMENT 'Username', clientid varchar (100) DEFAULT NULL COMMENT' ClientId', access int (2) NOT NULL COMMENT'1: subscribe, 2: publish, 3: pubsub', topic varchar (100) NOT NULL DEFAULT 'COMMENT' Topic Filter', PRIMARY KEY (id) ENGINE=InnoDB DEFAULT CHARSET=utf8

3. Insert ACL rules-ACL rules

    tips:! Do not directly follow the example below, first check the ACL rules and then configure them according to your own situation.

INSERT INTO `username` (`id`, `allow`, `ipaddr`, `username`, `clientid`, `access`, `topic`) VALUES (1) VALUES (1), (2) VALUES (1), (2) (2) (2), (3) (3) (3), (3) (5), (5), (5), (1), (5), (1), (6, 1, 1, 1, 1, 5, 1, 1, 1, 5, 1, 1, 5, 1, and 1), (6, 1, 1, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 6, 1, 5, 1, 5, 1, 5, 1, 5, 1, 6, 5, 1, 5, 1, 5, 1, 5, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 1, 6, 6, 1, 6, 1, 5, 1, 6, 1, 5, 1, 5, 1, 5, 1, 1, 5, and 1). NULL,'dashboard',NULL,1,'$SYS/#')

4. Insert the user, from which the Client to subscribe and publish must be verified by the user (please convert the sha256 value by yourself)

# you can configure Super Admin (Super Admin will have subscription and push permissions for all topic in defiance of ACL rules) insert into mqtt_user (`username`, `password`) values ('admin',' 03ac674216f3e15c761ee1a5e255f067953623c8b388b4459e13f978d7c846f4'); update mqtt_user set is_superuser=1 where id= Super Admin ID; ps: note that if auth.mysql.password_hash (default is sha256) is sha256, the encrypted value needs to be passed manually when new users are added, and there is no need to encrypt plain.

5. Modify the mysql configuration file for emq

Vi / opt/emqttd/etc/plugins/emq_auth_mysql.confauth.mysql.server = your mysql-IP:3306 auth.mysql.username = root auth.mysql.password = xxxxxxxx auth.mysql.database = emq

6. Restart emq

/ opt/emqttd/bin/ emqx stop/opt/emqttd/bin/ emqx start/opt/emqttd/bin/emqttd_ctl plugins load emq_auth_mysql # enable the mysql authentication plug-in

ACL rule

The    rule table field description:

Allow: prohibit (0), allow (1)

Ipaddr: setting IP addr

Username: the user name of the connecting client. If the value here is set to $all, the rule applies to all users.

Clientid: the Client ID that connects to the client

Access: allowed operations: subscribe (1), publish (2), subscribe to publication (3)

Topic: controlled topic, which can use wildcards, and placeholders can be added to the topic to match the client information, for example, the theme will be replaced with the Client ID of the current client when the topic matches.

% u: user name

% c:Client ID

   example

-- all users cannot subscribe to system topics INSERT INTO mqtt_acl (allow, ipaddr, username, clientid, access, topic) VALUES (0, NULL,'$all', NULL, 1,'$SYS/#');-- allow clients on 10.59.1.100 to subscribe to system topics INSERT INTO mqtt_acl (allow, ipaddr, username, clientid, access, topic) VALUES (1, '10.59.1.100, NULL, NULL, 1,' $SYS/#') -- prohibit clients from subscribing to / smarthome/+/temperature topics INSERT INTO mqtt_acl (allow, ipaddr, username, clientid, access, topic) VALUES (0, NULL, 1,'/ smarthome/+/temperature');-- allowing clients to subscribe to / smarthome/$ {clientid} / temperature topics INSERT INTO mqtt_acl (allow, ipaddr, username, clientid, access, topic) VALUES (1, NULL, 1,'/ smarthome/%c/temperature') The above is all the contents of the article "how to use Docker to build a MQTT server". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.