安装及测试EMQ X
EMQ X R3.0 (Erlang/Enterprise/Elastic MQTT Broker) 是基于 Erlang/OTP 语言平台开发,支持大规模连接和分布式集群,发布订阅模式的开源 MQTT 消息服务器。
MQTT是一个由IBM主导开发的物联网传输协议,它被设计用于轻量级的发布/订阅式消息传输,旨在为低带宽和不稳定的网络环境中的物联网设备提供可靠的网络服务。它的核心设计思想是开源、可靠、轻巧、简单,具有以下主要的几项特性:
1.非常小的通信开销(最小的消息大小为 2 字节);
2.支持各种流行编程语言(包括C,Java,Ruby,Python 等等)且易于使用的客户端;
3.支持发布 / 预定模型,简化应用程序的开发;
4.提供三种不同消息传递等级,让消息能按需到达目的地,适应在不稳定工作的网络传输需求。
官方网址:https://www.emqx.io/
1. 二进制包安装
1.1. Ubuntu
download: https://www.emqx.io/downloads/broker?osType=Linux
#example bin url: https://www.emqx.io/downloads/broker/v4.0.5/emqx-ubuntu16.04-v4.0.5.zip
unzip emqx-ubuntu16.04-v4.0.5.zip && cd emqx
# start emqx
./bin/emqx start
# Check the running status
./bin/emqx_ctl status
# stop emqx
./bin/emqx stop
MQTT can connect it though port 1883
web console: http://127.0.0.1:18083,default username: admin,password:public
1.2. CentOS
yum install https://www.emqx.io/downloads/broker/v4.0.5/emqx-centos7-v4.0.5.x86_64.rpm
# start emqx
systemctl start emqx
# start emqx when reboot/power-on
systemctl enable emqx
2.源码编译安装
install Erlang
install rebar3: A sophisticated build-tool for Erlang projects that follows OTP principles
#Get the source code
$ git clone -b v3.2.0 https://github.com/emqx/emqx-rel.git
#Set environment variables
$ export EMQX_DEPS_DEFAULT_VSN=v3.2.0
#Compile
$ cd emqx-rel && make
#Start EMQ X
$ cd _build/emqx/rel/emqx
$ ./bin/emqx start
emqx v3.2.0 is started successfully!
$ ./bin/emqx_ctl status
Node 'emqx@127.0.0.1' is started
emqx 3.2.0 is running
3.EMQX消息服务器默认配置
-
TCP端口包括:
1883 MQTT protocol port 8883 MQTT/SSL port 8083 MQTT/WebSocket port 8080 HTTP API port 18083 Dashboard Management Console Port
-
使用 mosquitto_sub/pub客户端命令行来订阅和发布消息:
//订阅消息并在后台监听 mosquitto_sub -h 127.0.0.1 -p 1883 -t topic1 -q 2 & //发布消息 mosquitto_pub -h 127.0.0.1 -p 1883 -t topic1 -q 1 -m ‘Hello, MQTT!’
-
后台管理web端口
端口18083登录web进入管理端入口,默认用户: admin,密码:public。左侧管理边栏可以对EMQX设置,其中plugins可以管理插件,具体内容自行查看https://developer.emqx.io/docs/emq/v3/cn/plugins.html;可以用./bin/emqx_ctl plugins load 插件名字安装插件。
4.emqx提供了三种消息发布服务质量
Quality of Service等级是发送与接收端的一种关于保证交付信息的协议。一共有3 个QoS 等级:
-
"至多一次0",消息发布完全依赖底层TCP/IP 网络,会发生消息丢失或者重复,这一级别可用于如下情况,环境,传感器数据,丢失一次度记录无所谓,因为不久之后会有第二次发送;
-
"至少一次1",确保消息到达,但消息重复可能发生;
-
“只有一次2",确保消息到达一次,这一级别可用于如下情况,在计费系统中,消息重复或者丢失导致不正确的结果。
5.EMQ离线消息
-
保留消息 MQTT客户端向服务器发布(PUBLISH)消息时,可以设置保留消息(Retained Message)标志。保留消息(Retained Message)会驻留在消息服务器,后来的订阅者订阅主题时仍可以接收该消息。 例如mosquitto命令行发布一条保留消息到主题’a/b/c’: mosquitto_pub -r -q 1 -t a/b/c -m 'hello' 之后连接上来的MQTT客户端订阅主题’a/b/c’时候,仍可收到该消息: $ mosquitto_sub -t a/b/c -q 1 hello 保留消息(Retained Message)有两种清除方式: 客户端向有保留消息的主题发布一个空消息: mosquitto_pub -r -q 1 -t a/b/c -m '' 消息服务器设置保留消息的超期时间。
-
cleanSession 清理回话 MQTT客户端向服务器发起CONNECT请求时,可以通过’Clean Session’标志设置会话。 ‘Clean Session’设置为0,表示创建一个持久会话,在客户端断开连接时,会话仍然保持并保存离线消息,直到会话超时注销。 ‘Clean Session’设置为1,表示创建一个新的临时会话,在客户端断开时,会话自动销毁。
6.测试Username
cd /home/x/work/emqx-rel/_build/emqx/rel/emqx
add a user
./bin/emqx_ctl users add ElonMusk password
vim ./etc/emqx.conf
allow_anonymous = false
enable plugins
./bin/emqx_ctl plugins list
./bin/emqx_ctl plugins load emqx_auth_username
restart emqx
./bin/emqx restart
./bin/emqx --help
Usage: emqx {start|start_boot |ertspath|foreground|stop|restart|reboot|pid|ping|console|console_clean|console_boot |attach|remote_console|upgrade|escript|rpc|rpcterms|eval}
mosquitto_sub -h 127.0.0.1 -p 1883 -d -t topic -q 2 -u ElonMusk -P password
mosquitto_pub -h 127.0.0.1 -p 1883 -d -t topic -q 2 -m "Hello, Username!" -u ElonMusk -P password
7.测试TLS
mosquitto_sub -h 127.0.0.1 -p 8883 -d -t topic -q 2 -u ElonMusk -P password --psk 1234 --psk-identity client1
mosquitto_pub -h 127.0.0.1 -p 8883 -d -t topic -q 2 -m "Hello TLS" -u Sender -P password --psk 1234 --psk-identity client1
8.认证
authetication is provided by a seriers of authentication plugins
supports authentication by username, password, ClientID or anonymous
anonymous is default
Multiple auth plug-ins can be started at the same time. The plug-in that starts first checks first.
Username Auth -> ClientID Auth -> Anonymous Auth
Modify etc/emqx.conf
enable anonymous authentication:
allow_anonymous = true
Access Control List:
acl_nomatch = allow
acl_file = etc/acl.conf
etc/acl.conf
%% Aallows 'dashboard' users to subscribe to '$SYS/#'
{allow, {user, "dashboard"}, subscribe, ["$SYS/#"]}.
%% Allows local user to publish and subscribe to all topics
{allow, {ipaddr, "127.0.0.1"}, pubsub, ["$SYS/#", "#"]}.
%% Deny all the users to subscribe to '$SYS/#' and '#' topics except local users
{deny, all, subscribe, ["$SYS/#", {eq, "#"}]}.
%% Allows any situation other than the above rules
{allow, all}.
The authentication plugins provided by EMQ X include:
plugins description
emqx_auth_clientid ClientId authentication plugin
emqx_auth_username username and password authentication plugin
emqx_auth_jwt JWT authentication plugin
emqx_auth_ldap LDAP authentication plugin
emqx_auth_http HTTP authentication plugin
emqx_auth_mysql MySQ Lauthentication plugin
emqx_auth_pgsql Postgre authentication plugin
emqx_auth_redis Redis authentication plugin
emqx_auth_mongo MongoDB authentication plugin
9. 网桥
RPC bridge
MQTT bridge
configure:
etc/plugins/emqx_bridge_mqtt.conf
10. HTTP发布API接口
through which an application server or web server can publish MQTT messages
11. MQTT网络socket链接
web browsers or applications can connect directly to the broker via WebSocket
12. 配置
File Description
etc/emqx.conf EMQ X 3.0 Configuration File
etc/acl.conf The default ACL File
etc/plugins/*.conf Config Files of Plugins
Configuration file processing flow during EMQ X start-up::
---------------------- 3.0/schema/*.schema ------------------- | etc/emqx.conf | ----------------- \ | / | data/app.config | + | --> mergeconf --> | data/app.conf | --> cuttlefish generate --> | etc/plugins/*.conf | ----------------- | data/vm.args |
---|
EMQ X Node Connection Method:
## Specify the Erlang Distributed Communication Protocol: inet_tcp | inet6_tcp | inet_tls
node.proto_dist = inet_tcp
Files for storing SSL/TLS options when Erlang distributed using TLS:
node.ssl_dist_optfile = etc/ssl_dist.conf
MQTT/SSL Listener - 8883
SSL listening port:
listener.ssl.external = 8883
Path of the file containing the user’s private key:
listener.ssl.external.keyfile = etc/certs/key.pem
Path of the file containing the user certificate:
listener.ssl.external.certfile = etc/certs/cert.pem
Path of the file containing the CA certificate:
## listener.ssl.external.cacertfile = etc/certs/cacert.pem